Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/aaaf99-b1c5-4bb5-8928-b5bc74caa402/1/jcKX7xhZyjN1lwa9xu55Jc-lFB0.mft
File:                     jcKX7xhZyjN1lwa9xu55Jc-lFB0.mft (raw, json)
Hash identifier:          Q9DuHdfNTz7EUgvk8cp7A/oXjYFfUQ4dc/wOZKBWHvI=
Subject key identifier:   2E:D9:E5:A6:CA:3C:A2:A3:EC:02:AA:81:28:DF:EB:E7:20:ED:42:23
Authority key identifier: 8D:C2:97:EF:18:59:CA:33:75:97:06:BD:C6:EE:79:25:CF:A5:14:1D
Certificate issuer:       /CN=8dc297ef1859ca33759706bdc6ee7925cfa5141d
Certificate serial:       019A71B90815828D260F0C9FDD2DFCDB745F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jcKX7xhZyjN1lwa9xu55Jc-lFB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/aaaf99-b1c5-4bb5-8928-b5bc74caa402/1/jcKX7xhZyjN1lwa9xu55Jc-lFB0.mft
Manifest number:          0EFC
Signing time:             Tue 11 Nov 2025 07:02:22 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:22 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:22 +0000
Files and hashes:         1: jcKX7xhZyjN1lwa9xu55Jc-lFB0.crl (hash: /tSx9ig2p11ONvXIRrmfTVDTbEanAL3O3fVUa3VGwQ0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/aaaf99-b1c5-4bb5-8928-b5bc74caa402/1/jcKX7xhZyjN1lwa9xu55Jc-lFB0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/aaaf99-b1c5-4bb5-8928-b5bc74caa402/1/jcKX7xhZyjN1lwa9xu55Jc-lFB0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jcKX7xhZyjN1lwa9xu55Jc-lFB0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:08:15:82:8d:26:0f:0c:9f:dd:2d:fc:db:74:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8dc297ef1859ca33759706bdc6ee7925cfa5141d
        Validity
            Not Before: Nov 11 07:02:22 2025 GMT
            Not After : Nov 12 07:02:22 2025 GMT
        Subject: CN=2ed9e5a6ca3ca2a3ec02aa8128dfebe720ed4223
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:9b:03:43:ab:4a:52:f8:e5:fb:62:cd:86:6b:
                    ad:7c:b6:09:79:a4:19:66:96:2b:6f:0c:7b:81:90:
                    ef:61:01:47:b8:90:5f:08:be:77:39:bf:f1:28:a2:
                    1b:81:a6:2f:93:8a:76:7d:8b:db:a8:48:dc:8f:36:
                    ed:a0:e5:f8:30:2e:1e:8d:c0:d8:4a:77:ba:77:96:
                    f0:3b:98:aa:0a:8d:d5:e7:ad:c9:a3:88:e8:a2:1c:
                    b8:8b:df:28:ff:b8:76:4c:42:4b:a0:35:30:b5:ec:
                    4f:49:cd:7d:88:58:90:23:77:2d:a9:01:29:c3:d1:
                    4e:8a:90:20:78:02:a1:39:fe:52:f9:d1:81:7c:0e:
                    41:f0:7c:aa:dd:60:ca:d2:78:91:7b:b5:35:35:dd:
                    93:95:dd:a1:47:b4:97:d0:34:74:82:f7:d8:df:99:
                    e8:a3:ba:98:16:f1:ab:5b:74:2b:de:d5:ab:a0:2b:
                    cc:83:b7:05:11:c4:28:07:45:40:b4:a5:74:24:0d:
                    62:41:17:83:d6:53:1e:8f:b5:4d:f4:59:d7:4d:37:
                    db:43:cf:eb:7c:fe:6e:34:b7:18:71:8a:e3:fd:42:
                    f9:39:15:ba:0e:66:0a:f8:b8:70:fb:39:cc:d3:cf:
                    e8:15:22:28:6e:a3:37:27:f9:6e:b4:c7:2f:f1:0b:
                    b0:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:D9:E5:A6:CA:3C:A2:A3:EC:02:AA:81:28:DF:EB:E7:20:ED:42:23
            X509v3 Authority Key Identifier:
                keyid:8D:C2:97:EF:18:59:CA:33:75:97:06:BD:C6:EE:79:25:CF:A5:14:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jcKX7xhZyjN1lwa9xu55Jc-lFB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/aaaf99-b1c5-4bb5-8928-b5bc74caa402/1/jcKX7xhZyjN1lwa9xu55Jc-lFB0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/aaaf99-b1c5-4bb5-8928-b5bc74caa402/1/jcKX7xhZyjN1lwa9xu55Jc-lFB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:6f:3a:58:f1:94:0b:58:e4:f4:5b:75:24:92:34:4e:0a:21:
         5f:f0:a1:54:1b:c1:0b:58:7b:8b:51:c6:20:f8:0c:90:f3:8c:
         56:a0:5f:7b:50:cf:a3:94:6d:74:69:e8:f0:ea:a3:a8:26:7d:
         d2:df:65:25:53:8c:dc:1d:a4:a5:51:3f:5a:78:3e:81:dd:e1:
         55:19:cb:9a:91:c2:4e:ff:51:dd:93:9c:0e:e9:c3:5c:51:30:
         c3:d5:5a:49:ad:39:4a:c4:c0:30:94:cc:61:a8:b6:ab:5c:98:
         0f:34:e3:6f:66:a2:03:c1:c3:28:d4:78:ba:d9:89:3c:80:c8:
         7a:06:ae:04:6e:f4:0b:a2:50:d4:05:72:78:bf:3a:3b:fa:2e:
         9e:e8:2b:0e:25:54:5a:5a:a1:ec:f8:c1:94:45:ea:34:86:e7:
         56:db:04:66:c1:91:01:10:23:da:ae:16:00:74:12:f6:a9:33:
         f0:99:0a:f7:e0:ec:ed:3c:f7:d8:3a:73:cd:b6:77:60:6e:ce:
         27:27:9f:19:74:45:35:f8:72:28:13:ba:8a:5e:a9:ea:ca:b5:
         4d:0b:35:01:31:db:17:38:85:b9:9a:90:20:f3:e5:26:3a:2a:
         cb:97:32:23:1e:bd:d3:05:dd:55:2c:ae:70:58:12:15:ee:cc:
         0d:02:86:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuQgVgo0mDwyf3S3823RfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYzI5N2VmMTg1OWNhMzM3NTk3MDZiZGM2ZWU3OTI1Y2Zh
NTE0MWQwHhcNMjUxMTExMDcwMjIyWhcNMjUxMTEyMDcwMjIyWjAzMTEwLwYDVQQD
EygyZWQ5ZTVhNmNhM2NhMmEzZWMwMmFhODEyOGRmZWJlNzIwZWQ0MjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5sDQ6tKUvjl+2LNhmutfLYJeaQZ
ZpYrbwx7gZDvYQFHuJBfCL53Ob/xKKIbgaYvk4p2fYvbqEjcjzbtoOX4MC4ejcDY
Sne6d5bwO5iqCo3V563Jo4joohy4i98o/7h2TEJLoDUwtexPSc19iFiQI3ctqQEp
w9FOipAgeAKhOf5S+dGBfA5B8Hyq3WDK0niRe7U1Nd2Tld2hR7SX0DR0gvfY35no
o7qYFvGrW3Qr3tWroCvMg7cFEcQoB0VAtKV0JA1iQReD1lMej7VN9FnXTTfbQ8/r
fP5uNLcYcYrj/UL5ORW6DmYK+Lhw+znM08/oFSIobqM3J/lutMcv8Quw7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC7Z5abKPKKj7AKqgSjf6+cg7UIjMB8GA1UdIwQY
MBaAFI3Cl+8YWcozdZcGvcbueSXPpRQdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamNLWDd4aFp5ak4xbHdhOXh1NTVKYy1sRkIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9hYWFmOTktYjFjNS00YmI1LTg5Mjgt
YjViYzc0Y2FhNDAyLzEvamNLWDd4aFp5ak4xbHdhOXh1NTVKYy1sRkIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9hYWFmOTktYjFjNS00YmI1LTg5MjgtYjViYzc0Y2FhNDAy
LzEvamNLWDd4aFp5ak4xbHdhOXh1NTVKYy1sRkIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqm86WPGU
C1jk9Ft1JJI0TgohX/ChVBvBC1h7i1HGIPgMkPOMVqBfe1DPo5RtdGno8OqjqCZ9
0t9lJVOM3B2kpVE/Wng+gd3hVRnLmpHCTv9R3ZOcDunDXFEww9VaSa05SsTAMJTM
Yai2q1yYDzTjb2aiA8HDKNR4utmJPIDIegauBG70C6JQ1AVyeL86O/ounugrDiVU
Wlqh7PjBlEXqNIbnVtsEZsGRARAj2q4WAHQS9qkz8JkK9+Ds7Tz32DpzzbZ3YG7O
JyefGXRFNfhyKBO6il6p6sq1TQs1ATHbFziFuZqQIPPlJjoqy5cyIx690wXdVSyu
cFgSFe7MDQKGmg==
-----END CERTIFICATE-----