Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/cc3b6e-b749-45f1-a868-25e21c9e7de9/1/4N8zRFExdiUqLLaQvPcF1kmBEfU.mft
File:                     4N8zRFExdiUqLLaQvPcF1kmBEfU.mft (raw, json)
Hash identifier:          ZDi49l7nlN7C4QkOjdHApXiEeDc+VdUrMIWws2Z3Hgc=
Subject key identifier:   00:B5:66:D4:DA:81:16:14:A8:0A:FC:58:E3:A9:94:5A:03:DC:E4:9F
Authority key identifier: E0:DF:33:44:51:31:76:25:2A:2C:B6:90:BC:F7:05:D6:49:81:11:F5
Certificate issuer:       /CN=e0df3344513176252a2cb690bcf705d6498111f5
Certificate serial:       019A7112BD081D961C3CC67DE8AAC80A5376
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4N8zRFExdiUqLLaQvPcF1kmBEfU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/cc3b6e-b749-45f1-a868-25e21c9e7de9/1/4N8zRFExdiUqLLaQvPcF1kmBEfU.mft
Manifest number:          0A39
Signing time:             Tue 11 Nov 2025 04:00:44 +0000
Manifest this update:     Tue 11 Nov 2025 04:00:44 +0000
Manifest next update:     Wed 12 Nov 2025 04:00:44 +0000
Files and hashes:         1: 4N8zRFExdiUqLLaQvPcF1kmBEfU.crl (hash: 5oH40kNI4gUyMjjl5UilyRfvmqbrNPK7StJmMY5ftBM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/cc3b6e-b749-45f1-a868-25e21c9e7de9/1/4N8zRFExdiUqLLaQvPcF1kmBEfU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/cc3b6e-b749-45f1-a868-25e21c9e7de9/1/4N8zRFExdiUqLLaQvPcF1kmBEfU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4N8zRFExdiUqLLaQvPcF1kmBEfU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:12:bd:08:1d:96:1c:3c:c6:7d:e8:aa:c8:0a:53:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0df3344513176252a2cb690bcf705d6498111f5
        Validity
            Not Before: Nov 11 04:00:44 2025 GMT
            Not After : Nov 12 04:00:44 2025 GMT
        Subject: CN=00b566d4da811614a80afc58e3a9945a03dce49f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:d0:87:64:76:a2:a4:78:1d:1e:20:df:8d:7b:
                    cc:44:85:63:c0:bd:3e:2d:19:9b:2f:b1:11:14:ef:
                    d4:28:2d:c9:83:c5:14:8d:66:2e:3a:2c:6c:9f:32:
                    95:ac:66:c4:f5:0e:bc:0d:4c:11:6f:16:34:44:2c:
                    bc:0b:d4:01:79:dd:ea:7f:7f:73:5b:9c:f5:5a:a5:
                    20:fd:11:a8:02:e8:0d:d0:89:3b:e5:16:97:35:50:
                    a7:ba:1f:47:e5:c1:57:76:bb:77:ce:97:7d:b5:6d:
                    ef:09:ec:f5:0e:ed:e0:77:c5:86:85:86:98:98:92:
                    12:c3:00:75:58:30:f7:1c:5d:74:29:67:ee:1d:84:
                    09:7f:e8:e7:c6:62:0a:ff:4f:16:b5:24:ac:7a:73:
                    f1:6c:a3:e9:34:e1:d0:03:80:ac:9d:30:66:72:48:
                    0e:e4:b3:7c:a4:55:f4:38:71:68:71:e9:a7:55:c1:
                    a8:ca:d7:88:14:b6:6f:66:7d:e4:75:9c:1d:35:02:
                    9e:e0:77:e3:f9:77:5e:2b:b2:7f:9f:fd:6c:71:b0:
                    ba:fe:75:fe:b8:0a:dc:1f:0a:69:e7:9c:d7:22:4d:
                    04:be:20:ae:7f:39:e0:6f:3f:35:96:f0:80:97:13:
                    16:80:c9:24:19:29:20:39:3e:e9:39:cf:3e:d6:96:
                    7a:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:B5:66:D4:DA:81:16:14:A8:0A:FC:58:E3:A9:94:5A:03:DC:E4:9F
            X509v3 Authority Key Identifier:
                keyid:E0:DF:33:44:51:31:76:25:2A:2C:B6:90:BC:F7:05:D6:49:81:11:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4N8zRFExdiUqLLaQvPcF1kmBEfU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/cc3b6e-b749-45f1-a868-25e21c9e7de9/1/4N8zRFExdiUqLLaQvPcF1kmBEfU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/cc3b6e-b749-45f1-a868-25e21c9e7de9/1/4N8zRFExdiUqLLaQvPcF1kmBEfU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:67:f8:20:be:1e:a3:23:32:0e:a7:f4:8c:59:b0:ad:bd:7f:
         67:2f:4e:ce:d8:da:50:e1:9b:33:b1:d7:78:f7:24:c6:ea:5e:
         f3:4c:81:62:5d:ec:d4:32:04:a5:b8:80:fd:70:f4:68:91:a8:
         21:9a:eb:83:1d:9d:4a:7d:d9:81:8f:b3:7d:8f:ed:3f:3d:36:
         c7:61:60:3b:3e:94:af:91:8d:77:47:89:10:58:e1:ac:83:9a:
         d3:64:31:25:36:90:14:80:8b:07:cb:92:0e:91:43:24:55:72:
         42:04:e8:6a:59:bd:b3:9d:be:88:b6:95:9f:d6:4c:46:83:52:
         21:c4:60:1b:70:d6:26:cd:e0:fd:84:15:1d:27:15:c4:ac:43:
         72:44:9f:69:78:ab:b7:06:0f:26:e0:d3:99:8a:61:bc:51:b3:
         a5:75:be:7c:4a:5a:cb:4d:3e:20:0b:b2:6d:99:90:8e:d7:d3:
         bd:46:36:36:f8:a6:1e:63:00:bd:8c:99:30:e1:3d:3b:f3:2e:
         d4:40:49:32:0b:f8:33:c9:11:15:4a:e2:3c:03:75:b1:8f:84:
         bf:61:e6:3e:ec:e8:93:cf:aa:35:35:92:ea:88:c4:a9:cd:43:
         8b:39:96:5e:76:e6:0b:f6:4a:6b:76:f8:4e:99:ef:18:00:9c:
         f3:56:e9:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEr0IHZYcPMZ96KrIClN2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwZGYzMzQ0NTEzMTc2MjUyYTJjYjY5MGJjZjcwNWQ2NDk4
MTExZjUwHhcNMjUxMTExMDQwMDQ0WhcNMjUxMTEyMDQwMDQ0WjAzMTEwLwYDVQQD
EygwMGI1NjZkNGRhODExNjE0YTgwYWZjNThlM2E5OTQ1YTAzZGNlNDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtCHZHaipHgdHiDfjXvMRIVjwL0+
LRmbL7ERFO/UKC3Jg8UUjWYuOixsnzKVrGbE9Q68DUwRbxY0RCy8C9QBed3qf39z
W5z1WqUg/RGoAugN0Ik75RaXNVCnuh9H5cFXdrt3zpd9tW3vCez1Du3gd8WGhYaY
mJISwwB1WDD3HF10KWfuHYQJf+jnxmIK/08WtSSsenPxbKPpNOHQA4CsnTBmckgO
5LN8pFX0OHFocemnVcGoyteIFLZvZn3kdZwdNQKe4Hfj+XdeK7J/n/1scbC6/nX+
uArcHwpp55zXIk0EviCufzngbz81lvCAlxMWgMkkGSkgOT7pOc8+1pZ6cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAC1ZtTagRYUqAr8WOOplFoD3OSfMB8GA1UdIwQY
MBaAFODfM0RRMXYlKiy2kLz3BdZJgRH1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE44elJGRXhkaVVxTExhUXZQY0Yxa21CRWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9jYzNiNmUtYjc0OS00NWYxLWE4Njgt
MjVlMjFjOWU3ZGU5LzEvNE44elJGRXhkaVVxTExhUXZQY0Yxa21CRWZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9jYzNiNmUtYjc0OS00NWYxLWE4NjgtMjVlMjFjOWU3ZGU5
LzEvNE44elJGRXhkaVVxTExhUXZQY0Yxa21CRWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABmf4IL4e
oyMyDqf0jFmwrb1/Zy9OztjaUOGbM7HXePckxupe80yBYl3s1DIEpbiA/XD0aJGo
IZrrgx2dSn3ZgY+zfY/tPz02x2FgOz6Ur5GNd0eJEFjhrIOa02QxJTaQFICLB8uS
DpFDJFVyQgToalm9s52+iLaVn9ZMRoNSIcRgG3DWJs3g/YQVHScVxKxDckSfaXir
twYPJuDTmYphvFGzpXW+fEpay00+IAuybZmQjtfTvUY2NvimHmMAvYyZMOE9O/Mu
1EBJMgv4M8kRFUriPAN1sY+Ev2HmPuzok8+qNTWS6ojEqc1DizmWXnbmC/ZKa3b4
TpnvGACc81bpQQ==
-----END CERTIFICATE-----