Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.mft
File:                     d7AlLypnrNQplw-mSmQXd29y2NY.mft (raw, json)
Hash identifier:          EDc6T+LcHTdNbsT7aqoECGkYrbARbshtAhKMm9M86rY=
Subject key identifier:   94:A2:23:5E:EC:2A:6A:14:66:D1:CB:57:DC:10:CF:6C:3F:24:AC:37
Authority key identifier: 77:B0:25:2F:2A:67:AC:D4:29:97:0F:A6:4A:64:17:77:6F:72:D8:D6
Certificate issuer:       /CN=77b0252f2a67acd429970fa64a6417776f72d8d6
Certificate serial:       019A706E7968BCBE7B8C278643B30FD3715B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d7AlLypnrNQplw-mSmQXd29y2NY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.mft
Manifest number:          05FA
Signing time:             Tue 11 Nov 2025 01:01:19 +0000
Manifest this update:     Tue 11 Nov 2025 01:01:19 +0000
Manifest next update:     Wed 12 Nov 2025 01:01:19 +0000
Files and hashes:         1: d7AlLypnrNQplw-mSmQXd29y2NY.crl (hash: QavQWw/gm0UcoVsBQcMxLCgdj4S8thciaCfP19C/pyw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d7AlLypnrNQplw-mSmQXd29y2NY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 01:01:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:6e:79:68:bc:be:7b:8c:27:86:43:b3:0f:d3:71:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77b0252f2a67acd429970fa64a6417776f72d8d6
        Validity
            Not Before: Nov 11 01:01:19 2025 GMT
            Not After : Nov 12 01:01:19 2025 GMT
        Subject: CN=94a2235eec2a6a1466d1cb57dc10cf6c3f24ac37
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:c2:b5:6a:02:0a:99:c9:58:8a:77:c3:83:15:
                    fd:9c:02:b8:ce:7b:9f:2d:34:c6:43:c1:84:0f:27:
                    9a:27:98:f2:53:d4:8d:e6:57:76:29:dc:1b:84:13:
                    22:d0:4a:ab:07:9a:1c:7a:8d:de:a5:7e:c6:58:6a:
                    65:ec:31:77:11:03:a8:b6:38:e0:d0:75:17:72:25:
                    af:33:47:ec:37:07:7d:21:c8:3d:36:4a:73:f6:6f:
                    12:d2:c1:f8:7b:d9:26:22:63:ef:b1:02:d9:71:20:
                    28:e8:1b:a1:99:58:3c:a4:94:70:41:ae:fd:a7:20:
                    09:cb:39:3e:04:7d:03:38:8c:d4:a1:26:e1:03:cb:
                    7f:4b:96:6c:cd:29:19:a9:c6:0b:57:54:c2:ae:30:
                    e4:2e:01:6f:90:eb:d9:7a:31:f4:66:ef:8c:09:10:
                    3a:57:74:26:22:0a:6d:ac:9a:36:18:18:b5:05:d4:
                    a5:59:10:2a:91:dc:5b:cd:9f:39:d9:bd:61:3d:46:
                    e9:12:fb:80:59:c0:5f:31:46:96:ef:cb:d3:3e:c0:
                    d0:93:c1:89:e5:48:50:d4:7a:d8:91:eb:15:62:12:
                    e0:43:a7:7b:cd:7f:e4:06:0f:76:85:fd:38:58:1c:
                    ac:35:3b:1e:03:cc:f4:73:68:df:ef:5a:6d:16:da:
                    09:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:A2:23:5E:EC:2A:6A:14:66:D1:CB:57:DC:10:CF:6C:3F:24:AC:37
            X509v3 Authority Key Identifier:
                keyid:77:B0:25:2F:2A:67:AC:D4:29:97:0F:A6:4A:64:17:77:6F:72:D8:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7AlLypnrNQplw-mSmQXd29y2NY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:ca:38:88:b9:24:c7:2e:7e:21:d5:33:b0:6f:6e:5c:7c:67:
         98:2f:03:19:63:f3:8b:c8:2a:1a:39:8c:b9:b4:4b:d3:bb:a2:
         c2:ea:e7:82:b5:97:99:0d:77:cb:ab:50:45:43:85:0b:94:70:
         cf:af:08:0d:83:48:e1:78:02:54:a4:b2:c3:a6:b9:09:e8:8c:
         cd:2c:13:4b:88:23:a8:a6:04:60:11:21:fb:d3:75:a7:9b:db:
         55:27:f6:23:39:6f:01:ca:60:43:1f:55:97:a2:a9:51:5f:5e:
         6c:31:94:9c:03:a4:8e:2d:6b:e6:31:73:48:ac:a4:2e:2c:de:
         94:b5:60:e3:0e:cd:db:b9:ca:ff:18:ba:6c:38:17:72:55:0d:
         8a:fe:51:0a:09:1f:6e:66:d7:92:19:45:30:84:56:fe:e7:f5:
         18:c4:e7:e6:98:d3:4e:da:b3:2a:0b:3a:da:64:6e:27:3a:65:
         a5:27:09:af:6f:9c:bf:bc:3c:1b:ea:09:1c:b8:51:2c:dc:3e:
         0c:d3:4d:49:50:57:0c:ba:e1:46:f8:3c:b8:25:e1:d2:d0:26:
         3c:06:49:1f:f5:2f:ba:b2:e0:f5:a1:c3:a5:16:04:9d:76:a0:
         e1:98:64:0e:8e:c0:00:dc:a8:f0:90:2e:47:d0:ae:48:81:40:
         77:ff:a5:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwbnlovL57jCeGQ7MP03FbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YjAyNTJmMmE2N2FjZDQyOTk3MGZhNjRhNjQxNzc3NmY3
MmQ4ZDYwHhcNMjUxMTExMDEwMTE5WhcNMjUxMTEyMDEwMTE5WjAzMTEwLwYDVQQD
Eyg5NGEyMjM1ZWVjMmE2YTE0NjZkMWNiNTdkYzEwY2Y2YzNmMjRhYzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusK1agIKmclYinfDgxX9nAK4znuf
LTTGQ8GEDyeaJ5jyU9SN5ld2KdwbhBMi0EqrB5oceo3epX7GWGpl7DF3EQOotjjg
0HUXciWvM0fsNwd9Icg9Nkpz9m8S0sH4e9kmImPvsQLZcSAo6BuhmVg8pJRwQa79
pyAJyzk+BH0DOIzUoSbhA8t/S5ZszSkZqcYLV1TCrjDkLgFvkOvZejH0Zu+MCRA6
V3QmIgptrJo2GBi1BdSlWRAqkdxbzZ852b1hPUbpEvuAWcBfMUaW78vTPsDQk8GJ
5UhQ1HrYkesVYhLgQ6d7zX/kBg92hf04WBysNTseA8z0c2jf71ptFtoJEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJSiI17sKmoUZtHLV9wQz2w/JKw3MB8GA1UdIwQY
MBaAFHewJS8qZ6zUKZcPpkpkF3dvctjWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDdBbEx5cG5yTlFwbHctbVNtUVhkMjl5Mk5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8yOTZlOTQtOTI5Ni00MmU1LWE0YjQt
OTk2YzUyOWVjOTg2LzEvZDdBbEx5cG5yTlFwbHctbVNtUVhkMjl5Mk5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8yOTZlOTQtOTI5Ni00MmU1LWE0YjQtOTk2YzUyOWVjOTg2
LzEvZDdBbEx5cG5yTlFwbHctbVNtUVhkMjl5Mk5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtco4iLkk
xy5+IdUzsG9uXHxnmC8DGWPzi8gqGjmMubRL07uiwurngrWXmQ13y6tQRUOFC5Rw
z68IDYNI4XgCVKSyw6a5CeiMzSwTS4gjqKYEYBEh+9N1p5vbVSf2IzlvAcpgQx9V
l6KpUV9ebDGUnAOkji1r5jFzSKykLizelLVg4w7N27nK/xi6bDgXclUNiv5RCgkf
bmbXkhlFMIRW/uf1GMTn5pjTTtqzKgs62mRuJzplpScJr2+cv7w8G+oJHLhRLNw+
DNNNSVBXDLrhRvg8uCXh0tAmPAZJH/UvurLg9aHDpRYEnXag4ZhkDo7AANyo8JAu
R9CuSIFAd/+lLg==
-----END CERTIFICATE-----