Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/78697d-b54e-4d7b-a8e0-7c6252c5f45d/1/fXrxi3mJleFLOBNhoGu2aEm36Fo.mft
File:                     fXrxi3mJleFLOBNhoGu2aEm36Fo.mft (raw, json)
Hash identifier:          0NdGEiBdTwD6fRtvqfvI3TH3PESb7K/FuCmPJ3M4/bw=
Subject key identifier:   E1:19:15:6D:17:C5:CB:D6:96:2E:EF:B2:78:CD:FF:47:9A:8B:72:58
Authority key identifier: 7D:7A:F1:8B:79:89:95:E1:4B:38:13:61:A0:6B:B6:68:49:B7:E8:5A
Certificate issuer:       /CN=7d7af18b798995e14b381361a06bb66849b7e85a
Certificate serial:       019A725C4952D0B773AD0E66F61041436B19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fXrxi3mJleFLOBNhoGu2aEm36Fo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/78697d-b54e-4d7b-a8e0-7c6252c5f45d/1/fXrxi3mJleFLOBNhoGu2aEm36Fo.mft
Manifest number:          084A
Signing time:             Tue 11 Nov 2025 10:00:41 +0000
Manifest this update:     Tue 11 Nov 2025 10:00:41 +0000
Manifest next update:     Wed 12 Nov 2025 10:00:41 +0000
Files and hashes:         1: fXrxi3mJleFLOBNhoGu2aEm36Fo.crl (hash: 0lreOpAamT/7g3eyL9b4EOJTR0Lt0ZDdgUz8QAFehJw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ba/78697d-b54e-4d7b-a8e0-7c6252c5f45d/1/fXrxi3mJleFLOBNhoGu2aEm36Fo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ba/78697d-b54e-4d7b-a8e0-7c6252c5f45d/1/fXrxi3mJleFLOBNhoGu2aEm36Fo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fXrxi3mJleFLOBNhoGu2aEm36Fo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:49:52:d0:b7:73:ad:0e:66:f6:10:41:43:6b:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7d7af18b798995e14b381361a06bb66849b7e85a
        Validity
            Not Before: Nov 11 10:00:41 2025 GMT
            Not After : Nov 12 10:00:41 2025 GMT
        Subject: CN=e119156d17c5cbd6962eefb278cdff479a8b7258
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:49:70:f9:fd:0a:44:0c:ab:3a:3b:39:c3:9b:
                    21:51:3a:21:f1:9c:0a:09:71:43:fc:e9:67:81:61:
                    15:42:17:5a:77:ac:38:67:c5:7f:b2:41:32:74:52:
                    c6:39:6d:55:83:0e:63:df:b6:5f:26:c6:e9:50:75:
                    ba:17:a5:ca:84:82:b9:cf:76:31:a0:18:a5:f4:71:
                    1b:39:f1:c1:98:60:08:a4:db:67:2d:a0:48:21:c4:
                    2e:7a:de:16:f2:8f:d8:2e:27:a7:a0:47:a5:e7:46:
                    93:23:0e:60:10:17:39:aa:12:43:e1:4d:71:07:9c:
                    02:ff:3a:42:e4:d4:a6:a5:55:c5:ac:c3:5a:77:a7:
                    ee:20:13:b7:23:32:b6:e1:d5:48:d7:72:54:b5:20:
                    9a:4a:83:f6:99:32:68:21:ae:f7:95:e9:4c:07:94:
                    08:fb:07:d3:9e:cd:cd:dc:11:e0:47:5d:c2:e9:60:
                    a3:4b:a2:6e:17:11:d3:bc:75:42:e9:dc:b3:f7:d1:
                    2a:79:88:3a:ca:1d:af:96:7a:b8:49:4f:4f:a3:72:
                    d9:2e:cf:47:ea:02:fa:29:1c:bb:8b:cf:2a:f6:09:
                    1f:b1:4d:9c:1f:a3:cf:b0:49:52:d0:3e:e2:c6:52:
                    5f:b6:99:fc:76:6b:af:dc:c8:e4:20:50:a0:0a:0f:
                    97:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:19:15:6D:17:C5:CB:D6:96:2E:EF:B2:78:CD:FF:47:9A:8B:72:58
            X509v3 Authority Key Identifier:
                keyid:7D:7A:F1:8B:79:89:95:E1:4B:38:13:61:A0:6B:B6:68:49:B7:E8:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fXrxi3mJleFLOBNhoGu2aEm36Fo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/78697d-b54e-4d7b-a8e0-7c6252c5f45d/1/fXrxi3mJleFLOBNhoGu2aEm36Fo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/78697d-b54e-4d7b-a8e0-7c6252c5f45d/1/fXrxi3mJleFLOBNhoGu2aEm36Fo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:b4:42:e5:f8:d2:b9:fd:e2:05:d2:5d:f3:fc:00:01:ac:db:
         0b:7b:f7:ad:b7:f3:9d:a4:6b:8a:aa:02:c5:b3:50:57:39:5b:
         09:e5:74:be:60:2c:51:bf:1b:d4:de:b5:11:74:c4:0f:f8:c5:
         3b:62:16:54:f9:1d:7a:c6:10:12:fd:69:38:ed:48:7d:56:e1:
         b4:fe:88:8d:f7:51:aa:e7:19:14:14:b7:77:05:07:63:e3:91:
         12:bf:7d:f7:42:3f:43:71:e1:df:83:2a:57:2f:87:5a:29:26:
         93:55:01:39:5c:b7:ce:8b:f3:5c:64:0d:81:66:f1:39:f8:78:
         c4:19:19:b1:35:b4:41:9e:e5:b0:0a:3c:3b:ec:8f:23:ea:82:
         cb:fe:77:80:96:ab:1d:c6:fd:33:7e:99:cd:7f:29:e3:39:1a:
         0a:e6:28:21:71:06:f0:61:4a:9b:26:43:d6:22:14:95:d9:6b:
         c1:88:04:95:4e:22:c5:22:73:56:91:f7:be:19:3c:6a:f6:3f:
         51:ff:26:6e:2a:3d:d9:8e:e8:2b:fb:93:37:ed:8a:64:e6:16:
         90:dc:2a:ee:b2:4f:31:8d:ea:dd:4c:5b:4d:6b:f0:5d:2f:52:
         3a:e0:86:8e:21:19:d0:80:43:b8:7d:5b:21:ee:b7:ad:67:40:
         e4:ba:55:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXElS0LdzrQ5m9hBBQ2sZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkN2FmMThiNzk4OTk1ZTE0YjM4MTM2MWEwNmJiNjY4NDli
N2U4NWEwHhcNMjUxMTExMTAwMDQxWhcNMjUxMTEyMTAwMDQxWjAzMTEwLwYDVQQD
EyhlMTE5MTU2ZDE3YzVjYmQ2OTYyZWVmYjI3OGNkZmY0NzlhOGI3MjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzklw+f0KRAyrOjs5w5shUToh8ZwK
CXFD/OlngWEVQhdad6w4Z8V/skEydFLGOW1Vgw5j37ZfJsbpUHW6F6XKhIK5z3Yx
oBil9HEbOfHBmGAIpNtnLaBIIcQuet4W8o/YLienoEel50aTIw5gEBc5qhJD4U1x
B5wC/zpC5NSmpVXFrMNad6fuIBO3IzK24dVI13JUtSCaSoP2mTJoIa73lelMB5QI
+wfTns3N3BHgR13C6WCjS6JuFxHTvHVC6dyz99EqeYg6yh2vlnq4SU9Po3LZLs9H
6gL6KRy7i88q9gkfsU2cH6PPsElS0D7ixlJftpn8dmuv3MjkIFCgCg+XzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOEZFW0XxcvWli7vsnjN/0eai3JYMB8GA1UdIwQY
MBaAFH168Yt5iZXhSzgTYaBrtmhJt+haMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlhyeGkzbUpsZUZMT0JOaG9HdTJhRW0zNkZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS83ODY5N2QtYjU0ZS00ZDdiLWE4ZTAt
N2M2MjUyYzVmNDVkLzEvZlhyeGkzbUpsZUZMT0JOaG9HdTJhRW0zNkZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS83ODY5N2QtYjU0ZS00ZDdiLWE4ZTAtN2M2MjUyYzVmNDVk
LzEvZlhyeGkzbUpsZUZMT0JOaG9HdTJhRW0zNkZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlLRC5fjS
uf3iBdJd8/wAAazbC3v3rbfznaRriqoCxbNQVzlbCeV0vmAsUb8b1N61EXTED/jF
O2IWVPkdesYQEv1pOO1IfVbhtP6IjfdRqucZFBS3dwUHY+OREr9990I/Q3Hh34Mq
Vy+HWikmk1UBOVy3zovzXGQNgWbxOfh4xBkZsTW0QZ7lsAo8O+yPI+qCy/53gJar
Hcb9M36ZzX8p4zkaCuYoIXEG8GFKmyZD1iIUldlrwYgElU4ixSJzVpH3vhk8avY/
Uf8mbio92Y7oK/uTN+2KZOYWkNwq7rJPMY3q3UxbTWvwXS9SOuCGjiEZ0IBDuH1b
Ie63rWdA5LpVVQ==
-----END CERTIFICATE-----