Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/018fe7-e86a-466c-b710-fed55e6e52ef/1/i7AWzMBcV2V0az92QtBD6BEgNwU.mft
File:                     i7AWzMBcV2V0az92QtBD6BEgNwU.mft (raw, json)
Hash identifier:          nlga34uSoihIHB4LPY4SsgCQmFcu5epuYcS2xIkdVg4=
Subject key identifier:   43:D8:F3:0E:3E:8C:00:A4:95:72:04:C8:95:FD:E3:41:A0:78:06:8A
Authority key identifier: 8B:B0:16:CC:C0:5C:57:65:74:6B:3F:76:42:D0:43:E8:11:20:37:05
Certificate issuer:       /CN=8bb016ccc05c5765746b3f7642d043e811203705
Certificate serial:       019A71EE9AA7C6F93DD1FCFDB6D5D2D78FF2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i7AWzMBcV2V0az92QtBD6BEgNwU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/018fe7-e86a-466c-b710-fed55e6e52ef/1/i7AWzMBcV2V0az92QtBD6BEgNwU.mft
Manifest number:          0209
Signing time:             Tue 11 Nov 2025 08:00:53 +0000
Manifest this update:     Tue 11 Nov 2025 08:00:53 +0000
Manifest next update:     Wed 12 Nov 2025 08:00:53 +0000
Files and hashes:         1: i7AWzMBcV2V0az92QtBD6BEgNwU.crl (hash: AihhPjt4Ma/IqB8Cm0OXvsd4/H0Ivv7E0Kcss1kwZ3U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/018fe7-e86a-466c-b710-fed55e6e52ef/1/i7AWzMBcV2V0az92QtBD6BEgNwU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/018fe7-e86a-466c-b710-fed55e6e52ef/1/i7AWzMBcV2V0az92QtBD6BEgNwU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/i7AWzMBcV2V0az92QtBD6BEgNwU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 08:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:ee:9a:a7:c6:f9:3d:d1:fc:fd:b6:d5:d2:d7:8f:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bb016ccc05c5765746b3f7642d043e811203705
        Validity
            Not Before: Nov 11 08:00:53 2025 GMT
            Not After : Nov 12 08:00:53 2025 GMT
        Subject: CN=43d8f30e3e8c00a4957204c895fde341a078068a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:88:05:71:05:c9:e9:7f:37:41:f0:35:9c:c4:
                    ba:00:a8:c9:85:22:52:34:55:8c:82:db:1e:fd:c5:
                    3b:0e:a0:7e:19:54:7e:9e:40:bf:a8:96:a7:d9:59:
                    9a:03:8e:44:51:0e:d7:56:8e:a7:c0:06:73:e2:83:
                    86:d5:f5:c3:5e:ce:d1:ea:63:9d:c1:97:d3:93:12:
                    8c:0b:43:b3:fe:e6:79:14:11:28:74:64:fe:ce:e3:
                    0f:5f:99:08:ac:eb:6c:41:43:44:5a:70:1e:df:b5:
                    ff:11:27:d5:a7:31:90:8f:96:7b:db:1b:04:95:bc:
                    81:7e:f5:1d:48:a0:f4:6d:a2:d4:71:7e:d4:dc:bb:
                    da:1d:dd:d6:e2:c7:75:b2:40:1e:92:25:8b:60:33:
                    5a:c8:e6:b0:f4:c5:e4:d2:f3:cf:92:87:f8:42:83:
                    df:77:52:f4:a6:fe:27:14:dd:ee:a5:00:32:29:22:
                    7f:e3:df:24:88:01:9b:fe:db:0b:5e:7a:69:62:aa:
                    99:6e:8c:a1:9d:2b:a9:85:e9:88:ce:5d:f2:ca:76:
                    a5:05:e1:22:58:36:ce:f5:d5:1b:cc:17:96:0b:19:
                    e3:3b:54:2d:5a:b7:11:b4:9c:00:73:9d:25:ac:3c:
                    60:ec:61:04:ad:58:5c:e6:fa:7b:24:b5:24:d5:9f:
                    3f:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:D8:F3:0E:3E:8C:00:A4:95:72:04:C8:95:FD:E3:41:A0:78:06:8A
            X509v3 Authority Key Identifier:
                keyid:8B:B0:16:CC:C0:5C:57:65:74:6B:3F:76:42:D0:43:E8:11:20:37:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i7AWzMBcV2V0az92QtBD6BEgNwU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/018fe7-e86a-466c-b710-fed55e6e52ef/1/i7AWzMBcV2V0az92QtBD6BEgNwU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/018fe7-e86a-466c-b710-fed55e6e52ef/1/i7AWzMBcV2V0az92QtBD6BEgNwU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:4f:26:4b:02:5d:80:33:74:e4:a4:24:cb:27:1f:4d:25:8d:
         aa:db:e0:68:8c:80:c1:dd:a6:1e:90:eb:65:24:3c:e6:05:ed:
         ce:a3:26:23:14:16:44:f4:e7:27:37:37:6c:d9:88:c8:4e:59:
         66:58:44:d2:e4:ad:46:27:fb:47:54:4b:e6:6d:b7:ab:ea:54:
         b6:a6:a3:71:14:bd:60:a0:ff:13:b2:fb:c0:93:06:5a:80:22:
         57:d0:4d:9b:74:39:a5:22:7a:1a:7d:8c:0c:a6:c7:47:7d:2e:
         28:3e:4f:94:db:4c:17:8c:98:3e:f5:b4:d7:39:c8:1a:82:72:
         1a:be:0a:fb:e2:79:ae:ef:72:f2:75:a0:20:1a:20:cb:d8:60:
         88:ba:a9:ca:e5:78:8b:ac:a4:65:9c:c1:62:01:f5:1a:5a:13:
         a4:98:9a:e1:fe:69:cf:c7:b1:3e:af:e1:f1:a0:54:a6:eb:f2:
         f0:35:f6:cb:e9:e9:94:41:24:03:57:24:7c:ed:b7:6d:2a:71:
         03:dc:54:14:9f:3a:35:89:36:08:1d:77:ce:08:56:0a:ed:f9:
         82:3b:65:74:9d:a9:57:36:ea:20:aa:4c:02:ba:34:ae:73:c4:
         d4:eb:40:8d:c6:1b:d2:82:67:fa:23:90:de:aa:4e:51:7e:1a:
         65:cc:fb:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7pqnxvk90fz9ttXS14/yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYjAxNmNjYzA1YzU3NjU3NDZiM2Y3NjQyZDA0M2U4MTEy
MDM3MDUwHhcNMjUxMTExMDgwMDUzWhcNMjUxMTEyMDgwMDUzWjAzMTEwLwYDVQQD
Eyg0M2Q4ZjMwZTNlOGMwMGE0OTU3MjA0Yzg5NWZkZTM0MWEwNzgwNjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIgFcQXJ6X83QfA1nMS6AKjJhSJS
NFWMgtse/cU7DqB+GVR+nkC/qJan2VmaA45EUQ7XVo6nwAZz4oOG1fXDXs7R6mOd
wZfTkxKMC0Oz/uZ5FBEodGT+zuMPX5kIrOtsQUNEWnAe37X/ESfVpzGQj5Z72xsE
lbyBfvUdSKD0baLUcX7U3LvaHd3W4sd1skAekiWLYDNayOaw9MXk0vPPkof4QoPf
d1L0pv4nFN3upQAyKSJ/498kiAGb/tsLXnppYqqZboyhnSuphemIzl3yynalBeEi
WDbO9dUbzBeWCxnjO1QtWrcRtJwAc50lrDxg7GEErVhc5vp7JLUk1Z8/zQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEPY8w4+jACklXIEyJX940GgeAaKMB8GA1UdIwQY
MBaAFIuwFszAXFdldGs/dkLQQ+gRIDcFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTdBV3pNQmNWMlYwYXo5MlF0QkQ2QkVnTndVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8wMThmZTctZTg2YS00NjZjLWI3MTAt
ZmVkNTVlNmU1MmVmLzEvaTdBV3pNQmNWMlYwYXo5MlF0QkQ2QkVnTndVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy8wMThmZTctZTg2YS00NjZjLWI3MTAtZmVkNTVlNmU1MmVm
LzEvaTdBV3pNQmNWMlYwYXo5MlF0QkQ2QkVnTndVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJE8mSwJd
gDN05KQkyycfTSWNqtvgaIyAwd2mHpDrZSQ85gXtzqMmIxQWRPTnJzc3bNmIyE5Z
ZlhE0uStRif7R1RL5m23q+pUtqajcRS9YKD/E7L7wJMGWoAiV9BNm3Q5pSJ6Gn2M
DKbHR30uKD5PlNtMF4yYPvW01znIGoJyGr4K++J5ru9y8nWgIBogy9hgiLqpyuV4
i6ykZZzBYgH1GloTpJia4f5pz8exPq/h8aBUpuvy8DX2y+nplEEkA1ckfO23bSpx
A9xUFJ86NYk2CB13zghWCu35gjtldJ2pVzbqIKpMAro0rnPE1OtAjcYb0oJn+iOQ
3qpOUX4aZcz7Mg==
-----END CERTIFICATE-----