Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.mft
File:                     cfxj7vZnTya1A6gwpd-pU9L_qr4.mft (raw, json)
Hash identifier:          oXuEZ6N8xdt8zSPHIbYf/7hi99m9CeZvKMSDwyIBTZY=
Subject key identifier:   D1:E1:F3:70:12:8E:B7:AD:1A:16:B6:71:FD:C0:8F:EA:81:59:1E:39
Authority key identifier: 71:FC:63:EE:F6:67:4F:26:B5:03:A8:30:A5:DF:A9:53:D2:FF:AA:BE
Certificate issuer:       /CN=71fc63eef6674f26b503a830a5dfa953d2ffaabe
Certificate serial:       019A71EE6F4FFC274DD4BD4518C8295160B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cfxj7vZnTya1A6gwpd-pU9L_qr4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.mft
Manifest number:          1587
Signing time:             Tue 11 Nov 2025 08:00:42 +0000
Manifest this update:     Tue 11 Nov 2025 08:00:42 +0000
Manifest next update:     Wed 12 Nov 2025 08:00:42 +0000
Files and hashes:         1: cfxj7vZnTya1A6gwpd-pU9L_qr4.crl (hash: tOfdQvw/LXoUqJ7bh3uVFGovClcRLsesDsjSvd91y7E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cfxj7vZnTya1A6gwpd-pU9L_qr4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 08:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:ee:6f:4f:fc:27:4d:d4:bd:45:18:c8:29:51:60:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71fc63eef6674f26b503a830a5dfa953d2ffaabe
        Validity
            Not Before: Nov 11 08:00:42 2025 GMT
            Not After : Nov 12 08:00:42 2025 GMT
        Subject: CN=d1e1f370128eb7ad1a16b671fdc08fea81591e39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:3c:9f:3d:6f:65:c4:ed:8e:8a:b3:d3:44:42:
                    1d:f4:5c:48:4e:24:d1:49:18:5f:9a:11:4f:91:67:
                    06:b9:bb:33:92:b0:ea:22:cd:78:f3:08:e5:05:9f:
                    31:7c:cf:b4:97:bd:15:e7:a5:cc:d7:31:43:46:9e:
                    b1:a7:87:82:bf:a5:87:66:6b:3f:e3:42:94:01:e8:
                    02:71:d5:8b:a6:67:78:4d:86:0e:6c:2b:a0:c8:b4:
                    f2:63:ff:ac:1c:03:61:00:33:c7:a8:53:51:e4:1e:
                    a1:d6:cb:36:6d:b3:f1:67:ae:ec:0f:08:6e:df:e9:
                    d8:a0:67:f6:72:4f:bd:13:71:5c:d5:d8:ee:59:c7:
                    4f:f1:fa:37:ae:89:1b:98:e4:25:01:b3:04:1e:73:
                    a0:01:56:c9:5f:12:66:17:99:5d:38:dd:fe:03:1d:
                    2e:f4:6e:5f:a2:c3:a4:70:66:a0:04:4f:e3:3c:85:
                    2a:aa:71:80:aa:ea:ca:ac:fb:3e:03:7b:0b:cc:8a:
                    5e:ea:83:2b:f0:7a:ba:1a:8f:cd:3d:39:3e:52:7a:
                    d4:3c:d7:f0:68:0d:9b:37:b5:b1:3f:bf:2a:90:19:
                    cb:ee:b7:92:0b:dc:28:93:a4:d6:88:17:1c:44:1f:
                    2c:65:81:2f:3b:40:77:5a:22:99:28:e8:36:d3:c3:
                    28:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:E1:F3:70:12:8E:B7:AD:1A:16:B6:71:FD:C0:8F:EA:81:59:1E:39
            X509v3 Authority Key Identifier:
                keyid:71:FC:63:EE:F6:67:4F:26:B5:03:A8:30:A5:DF:A9:53:D2:FF:AA:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cfxj7vZnTya1A6gwpd-pU9L_qr4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:1d:6a:5f:94:7c:48:3e:e4:9e:11:9f:41:82:32:df:85:bf:
         a5:01:10:3c:6c:39:56:b3:5f:d7:93:48:0c:30:bc:1b:11:7b:
         09:1e:62:95:8d:9e:de:c2:a2:61:3a:a1:60:65:60:9d:1f:f9:
         86:64:a3:2b:91:c0:d2:14:c9:3a:68:9d:63:d7:a0:a0:8b:eb:
         2e:41:38:25:ce:a5:c1:85:4d:9f:17:7d:33:18:0f:e1:90:04:
         2c:a6:e0:b5:9a:71:fa:dd:d2:4b:40:86:5c:38:18:43:5f:95:
         72:7d:17:d4:6a:a8:05:95:1c:38:44:c7:6f:6a:f0:03:ec:3e:
         80:57:83:db:de:f6:b0:d7:99:fd:b0:11:b7:19:14:a6:0f:a2:
         38:8b:f3:f1:39:ff:31:40:b7:b4:74:4f:98:dd:22:d2:92:e4:
         2a:14:30:5a:a0:a3:b7:86:a1:5e:c4:36:c6:46:6b:ff:69:ea:
         73:3f:c5:8f:19:ee:1f:0f:d6:f8:62:1a:fa:47:63:e0:fd:07:
         53:c8:01:06:49:81:77:f7:c0:3b:3f:65:64:f6:83:02:dd:e6:
         b8:e6:74:63:78:9b:71:7c:ca:7a:00:34:ba:f1:ae:f9:38:9c:
         f9:3f:76:6e:96:b6:2d:86:8d:9f:fd:28:9f:ab:55:06:52:ba:
         b8:ce:25:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7m9P/CdN1L1FGMgpUWC0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxZmM2M2VlZjY2NzRmMjZiNTAzYTgzMGE1ZGZhOTUzZDJm
ZmFhYmUwHhcNMjUxMTExMDgwMDQyWhcNMjUxMTEyMDgwMDQyWjAzMTEwLwYDVQQD
EyhkMWUxZjM3MDEyOGViN2FkMWExNmI2NzFmZGMwOGZlYTgxNTkxZTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzyfPW9lxO2OirPTREId9FxITiTR
SRhfmhFPkWcGubszkrDqIs148wjlBZ8xfM+0l70V56XM1zFDRp6xp4eCv6WHZms/
40KUAegCcdWLpmd4TYYObCugyLTyY/+sHANhADPHqFNR5B6h1ss2bbPxZ67sDwhu
3+nYoGf2ck+9E3Fc1djuWcdP8fo3rokbmOQlAbMEHnOgAVbJXxJmF5ldON3+Ax0u
9G5fosOkcGagBE/jPIUqqnGAqurKrPs+A3sLzIpe6oMr8Hq6Go/NPTk+UnrUPNfw
aA2bN7WxP78qkBnL7reSC9wok6TWiBccRB8sZYEvO0B3WiKZKOg208MoOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNHh83ASjretGha2cf3Aj+qBWR45MB8GA1UdIwQY
MBaAFHH8Y+72Z08mtQOoMKXfqVPS/6q+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2Z4ajd2Wm5UeWExQTZnd3BkLXBVOUxfcXI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9mODAxMGUtNmEzZi00ZmYwLTk1ZTct
ZDQxODI0OGU1NzI4LzEvY2Z4ajd2Wm5UeWExQTZnd3BkLXBVOUxfcXI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9mODAxMGUtNmEzZi00ZmYwLTk1ZTctZDQxODI0OGU1NzI4
LzEvY2Z4ajd2Wm5UeWExQTZnd3BkLXBVOUxfcXI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASx1qX5R8
SD7knhGfQYIy34W/pQEQPGw5VrNf15NIDDC8GxF7CR5ilY2e3sKiYTqhYGVgnR/5
hmSjK5HA0hTJOmidY9egoIvrLkE4Jc6lwYVNnxd9MxgP4ZAELKbgtZpx+t3SS0CG
XDgYQ1+Vcn0X1GqoBZUcOETHb2rwA+w+gFeD2972sNeZ/bARtxkUpg+iOIvz8Tn/
MUC3tHRPmN0i0pLkKhQwWqCjt4ahXsQ2xkZr/2nqcz/FjxnuHw/W+GIa+kdj4P0H
U8gBBkmBd/fAOz9lZPaDAt3muOZ0Y3ibcXzKegA0uvGu+Tic+T92bpa2LYaNn/0o
n6tVBlK6uM4lHQ==
-----END CERTIFICATE-----