Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft
File:                     iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft (raw, json)
Hash identifier:          4OAx92Sb9St/XuJGeAFbMYm40qK+qMUT6E2nS6E2CWM=
Subject key identifier:   98:2C:73:66:1F:46:9D:89:3F:5D:97:C0:3C:86:04:D1:54:E8:72:A8
Authority key identifier: 89:36:DF:4A:C2:F4:67:EA:66:C1:19:7A:86:29:D3:F6:4B:B5:63:F0
Certificate issuer:       /CN=8936df4ac2f467ea66c1197a8629d3f64bb563f0
Certificate serial:       019A71B77B137F947C59FFE624A91B10B8CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft
Manifest number:          1364
Signing time:             Tue 11 Nov 2025 07:00:41 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:41 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:41 +0000
Files and hashes:         1: iTbfSsL0Z-pmwRl6hinT9ku1Y_A.crl (hash: yyjP4zE0l2N28z+ccs3E+oXjnnpIZJ3BPiQ2B/O53T8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:7b:13:7f:94:7c:59:ff:e6:24:a9:1b:10:b8:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8936df4ac2f467ea66c1197a8629d3f64bb563f0
        Validity
            Not Before: Nov 11 07:00:41 2025 GMT
            Not After : Nov 12 07:00:41 2025 GMT
        Subject: CN=982c73661f469d893f5d97c03c8604d154e872a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:aa:3a:f4:d6:29:19:2e:6d:2a:0f:bd:b8:98:
                    de:ab:fa:47:8a:1f:ad:64:3f:c6:86:4c:fd:6e:e7:
                    ae:86:48:11:c0:28:39:3c:dc:5c:ba:dc:64:01:81:
                    5e:2f:5e:0a:a7:89:56:48:a4:80:68:a6:46:8c:69:
                    bc:bc:7a:1f:ed:1d:23:79:8a:f5:c9:73:a1:8f:50:
                    cf:cb:ca:13:e4:ec:e6:59:28:7b:af:89:c3:98:e1:
                    02:21:51:d1:ad:75:4f:72:08:fc:e1:33:7d:ed:fa:
                    87:d4:1b:3e:36:04:67:b3:f1:48:64:ee:02:a3:81:
                    ea:a9:26:44:4f:bd:58:9d:f2:f3:95:40:1e:eb:2c:
                    9c:7f:2f:05:31:9d:9e:e3:3b:86:8f:e0:04:db:cc:
                    3c:6c:2c:5c:36:d5:d2:c1:6a:90:47:55:eb:eb:a0:
                    6e:14:bf:2a:9e:8a:d2:83:09:6e:64:e7:67:43:e8:
                    c6:4e:43:5c:00:47:10:82:df:8c:84:a0:55:49:a3:
                    2a:68:7a:a2:a2:b1:01:88:89:00:30:8c:f6:a8:c5:
                    2a:48:11:e1:42:eb:ed:e5:f9:60:e3:13:af:79:45:
                    4c:51:b6:2c:8a:c2:d1:a7:9f:24:fc:6a:1e:58:bb:
                    06:a2:61:4f:72:c7:5b:45:41:19:88:b8:49:05:be:
                    b5:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:2C:73:66:1F:46:9D:89:3F:5D:97:C0:3C:86:04:D1:54:E8:72:A8
            X509v3 Authority Key Identifier:
                keyid:89:36:DF:4A:C2:F4:67:EA:66:C1:19:7A:86:29:D3:F6:4B:B5:63:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:2d:95:41:a9:2b:66:c6:a2:14:38:83:fe:d9:f2:79:56:db:
         66:13:fe:1a:1c:2d:45:9b:fb:40:54:aa:e2:b3:33:b5:66:0e:
         51:5a:1f:14:92:82:61:b8:c3:d4:a0:e2:d2:d1:b5:af:2a:53:
         ce:92:ff:f3:77:cc:43:b4:ad:bc:ad:e5:32:bc:62:17:89:87:
         5f:e4:63:4f:bb:7e:23:d4:b3:37:5d:4a:92:d7:6d:fd:53:fa:
         e2:9c:da:54:c6:f3:84:11:4a:74:1d:7b:d9:4f:43:21:c8:70:
         85:d8:85:b3:50:f6:c1:86:38:65:7f:a4:d2:7a:ad:28:34:ac:
         a7:c2:0e:c5:3f:4a:92:e7:5f:b5:ce:e3:d1:91:fa:48:ba:fd:
         37:bf:25:8a:7f:da:5d:bb:9d:b0:e8:b1:cc:cd:e0:ec:32:da:
         49:40:c4:14:52:73:f1:08:8b:19:d1:d7:e6:e2:ec:0a:22:26:
         42:f3:96:00:a0:16:60:ce:1e:b9:07:bd:5a:5d:aa:cc:08:df:
         61:61:b1:86:c1:31:5b:30:59:45:dd:49:d4:21:da:24:ac:d6:
         41:7c:a1:88:84:77:9e:e8:be:26:0b:0d:c7:3f:cf:70:a1:8c:
         b9:01:84:fe:2d:ac:e4:64:70:14:b0:c0:d3:54:ea:9b:aa:72:
         35:5b:48:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt3sTf5R8Wf/mJKkbELjLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MzZkZjRhYzJmNDY3ZWE2NmMxMTk3YTg2MjlkM2Y2NGJi
NTYzZjAwHhcNMjUxMTExMDcwMDQxWhcNMjUxMTEyMDcwMDQxWjAzMTEwLwYDVQQD
Eyg5ODJjNzM2NjFmNDY5ZDg5M2Y1ZDk3YzAzYzg2MDRkMTU0ZTg3MmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyao69NYpGS5tKg+9uJjeq/pHih+t
ZD/Ghkz9bueuhkgRwCg5PNxcutxkAYFeL14Kp4lWSKSAaKZGjGm8vHof7R0jeYr1
yXOhj1DPy8oT5OzmWSh7r4nDmOECIVHRrXVPcgj84TN97fqH1Bs+NgRns/FIZO4C
o4HqqSZET71YnfLzlUAe6yycfy8FMZ2e4zuGj+AE28w8bCxcNtXSwWqQR1Xr66Bu
FL8qnorSgwluZOdnQ+jGTkNcAEcQgt+MhKBVSaMqaHqiorEBiIkAMIz2qMUqSBHh
Quvt5flg4xOveUVMUbYsisLRp58k/GoeWLsGomFPcsdbRUEZiLhJBb61hwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJgsc2YfRp2JP12XwDyGBNFU6HKoMB8GA1UdIwQY
MBaAFIk230rC9GfqZsEZeoYp0/ZLtWPwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVRiZlNzTDBaLXBtd1JsNmhpblQ5a3UxWV9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi83ODk1ZjgtYWMzMS00Nzk4LTg0MDQt
NGUyNzhkZDQ4YTNmLzEvaVRiZlNzTDBaLXBtd1JsNmhpblQ5a3UxWV9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi83ODk1ZjgtYWMzMS00Nzk4LTg0MDQtNGUyNzhkZDQ4YTNm
LzEvaVRiZlNzTDBaLXBtd1JsNmhpblQ5a3UxWV9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoS2VQakr
ZsaiFDiD/tnyeVbbZhP+GhwtRZv7QFSq4rMztWYOUVofFJKCYbjD1KDi0tG1rypT
zpL/83fMQ7StvK3lMrxiF4mHX+RjT7t+I9SzN11Kktdt/VP64pzaVMbzhBFKdB17
2U9DIchwhdiFs1D2wYY4ZX+k0nqtKDSsp8IOxT9Kkudftc7j0ZH6SLr9N78lin/a
XbudsOixzM3g7DLaSUDEFFJz8QiLGdHX5uLsCiImQvOWAKAWYM4euQe9Wl2qzAjf
YWGxhsExWzBZRd1J1CHaJKzWQXyhiIR3nui+JgsNxz/PcKGMuQGE/i2s5GRwFLDA
01Tqm6pyNVtI9g==
-----END CERTIFICATE-----