Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/a4a2cd-5dbf-4029-a8a1-d7f21fc1350e/1/FhfQr-q78zmwbbKDxLjgJ6BKvK4.mft
File:                     FhfQr-q78zmwbbKDxLjgJ6BKvK4.mft (raw, json)
Hash identifier:          X76GIy9ejIrWTFLTc5rmoKYiojdXhKZ24KN4rNDZZfo=
Subject key identifier:   1D:66:02:C6:0A:F0:64:49:26:A2:E1:B6:47:26:12:6E:09:AA:46:7A
Authority key identifier: 16:17:D0:AF:EA:BB:F3:39:B0:6D:B2:83:C4:B8:E0:27:A0:4A:BC:AE
Certificate issuer:       /CN=1617d0afeabbf339b06db283c4b8e027a04abcae
Certificate serial:       019A70A571292FFEB7AD34F2B87A8845BBE9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FhfQr-q78zmwbbKDxLjgJ6BKvK4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/a4a2cd-5dbf-4029-a8a1-d7f21fc1350e/1/FhfQr-q78zmwbbKDxLjgJ6BKvK4.mft
Manifest number:          04CD
Signing time:             Tue 11 Nov 2025 02:01:21 +0000
Manifest this update:     Tue 11 Nov 2025 02:01:21 +0000
Manifest next update:     Wed 12 Nov 2025 02:01:21 +0000
Files and hashes:         1: FhfQr-q78zmwbbKDxLjgJ6BKvK4.crl (hash: K/QPqUignw0dgeLIyQP8aV6BDjd8wg6qHsqovuPaDTw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/a4a2cd-5dbf-4029-a8a1-d7f21fc1350e/1/FhfQr-q78zmwbbKDxLjgJ6BKvK4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/a4a2cd-5dbf-4029-a8a1-d7f21fc1350e/1/FhfQr-q78zmwbbKDxLjgJ6BKvK4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FhfQr-q78zmwbbKDxLjgJ6BKvK4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 02:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:a5:71:29:2f:fe:b7:ad:34:f2:b8:7a:88:45:bb:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1617d0afeabbf339b06db283c4b8e027a04abcae
        Validity
            Not Before: Nov 11 02:01:21 2025 GMT
            Not After : Nov 12 02:01:21 2025 GMT
        Subject: CN=1d6602c60af0644926a2e1b64726126e09aa467a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:50:c8:31:c0:29:10:e4:33:9c:bb:de:97:ab:
                    5d:1e:de:a3:d5:e5:3e:78:f5:db:c1:6c:0d:1c:50:
                    9f:49:50:98:24:80:c1:2c:e6:06:eb:87:3a:5a:b5:
                    67:0e:c5:86:84:eb:da:48:d1:f6:e5:cc:43:8e:72:
                    da:d0:ac:41:dd:4e:43:bd:eb:a8:58:5b:e5:73:20:
                    29:bc:60:2d:fe:36:95:05:3b:b9:d6:bd:08:a0:5e:
                    4d:78:c3:45:0e:49:c1:79:c8:45:f7:8a:ce:16:b7:
                    87:f6:a6:c7:90:9f:05:f4:82:47:f2:da:41:f4:d2:
                    5c:a2:38:71:6e:c5:69:2f:9e:95:21:a3:95:28:f3:
                    2b:eb:5b:af:5d:c6:84:77:c9:77:86:2c:cf:e7:36:
                    1f:46:d3:cf:b9:52:8f:72:07:21:76:b3:3e:72:70:
                    03:a5:71:8b:9b:dd:d4:c3:76:06:89:bc:3d:e7:39:
                    87:ec:25:ba:ba:20:d4:fe:63:0b:3c:29:8f:54:2e:
                    b8:f8:cb:3e:9d:1e:c2:42:34:23:6f:ef:10:0f:24:
                    9a:26:05:47:27:c8:25:00:96:1a:24:27:d6:35:3f:
                    aa:42:a8:1a:da:4b:3b:a8:4b:32:4c:8f:38:da:f4:
                    ee:cf:b7:8b:2b:eb:5d:41:b2:75:82:5a:7f:e2:28:
                    98:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:66:02:C6:0A:F0:64:49:26:A2:E1:B6:47:26:12:6E:09:AA:46:7A
            X509v3 Authority Key Identifier:
                keyid:16:17:D0:AF:EA:BB:F3:39:B0:6D:B2:83:C4:B8:E0:27:A0:4A:BC:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FhfQr-q78zmwbbKDxLjgJ6BKvK4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/a4a2cd-5dbf-4029-a8a1-d7f21fc1350e/1/FhfQr-q78zmwbbKDxLjgJ6BKvK4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/a4a2cd-5dbf-4029-a8a1-d7f21fc1350e/1/FhfQr-q78zmwbbKDxLjgJ6BKvK4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:f7:ee:3d:b9:7d:2f:f9:fe:76:e5:43:5b:a7:f1:de:3a:7d:
         c7:54:e6:dc:33:3c:cf:b2:9d:c1:a8:62:39:cc:5b:69:34:b0:
         50:40:65:4a:f1:42:76:60:df:04:ea:82:39:67:10:35:9c:98:
         cc:d3:39:c1:0f:da:9e:d4:0d:b7:b4:08:60:9c:ae:72:e3:04:
         d6:d2:2d:88:63:ca:77:00:91:f9:b4:86:9f:b4:20:8d:c1:ac:
         e2:d9:7f:16:6a:67:87:eb:17:d1:fc:55:05:9e:81:75:08:33:
         30:74:9e:66:e4:ca:d7:8c:5e:ae:e5:e9:06:0a:f8:82:e9:e2:
         14:b8:5c:6a:8d:df:c2:58:06:09:75:17:01:36:c3:5f:15:a6:
         c9:01:1b:52:0f:81:df:66:56:53:23:87:22:35:6d:c9:f1:af:
         99:1e:32:15:66:12:24:f2:3c:3f:f0:77:a2:48:af:27:05:1a:
         56:95:4c:9f:2d:02:64:e9:97:17:9f:6f:bf:03:e2:49:d4:52:
         40:0c:55:80:92:ae:48:a9:22:79:95:0e:17:ad:f5:48:19:2c:
         9e:f7:1d:60:db:c1:b9:1c:2e:c5:4b:16:6f:6e:be:82:a8:d9:
         47:fe:26:8a:d0:3e:20:a2:10:86:8b:f9:c2:16:37:01:c0:af:
         c9:82:3c:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpXEpL/63rTTyuHqIRbvpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MTdkMGFmZWFiYmYzMzliMDZkYjI4M2M0YjhlMDI3YTA0
YWJjYWUwHhcNMjUxMTExMDIwMTIxWhcNMjUxMTEyMDIwMTIxWjAzMTEwLwYDVQQD
EygxZDY2MDJjNjBhZjA2NDQ5MjZhMmUxYjY0NzI2MTI2ZTA5YWE0NjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVDIMcApEOQznLvel6tdHt6j1eU+
ePXbwWwNHFCfSVCYJIDBLOYG64c6WrVnDsWGhOvaSNH25cxDjnLa0KxB3U5Dveuo
WFvlcyApvGAt/jaVBTu51r0IoF5NeMNFDknBechF94rOFreH9qbHkJ8F9IJH8tpB
9NJcojhxbsVpL56VIaOVKPMr61uvXcaEd8l3hizP5zYfRtPPuVKPcgchdrM+cnAD
pXGLm93Uw3YGibw95zmH7CW6uiDU/mMLPCmPVC64+Ms+nR7CQjQjb+8QDySaJgVH
J8glAJYaJCfWNT+qQqga2ks7qEsyTI842vTuz7eLK+tdQbJ1glp/4iiY8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB1mAsYK8GRJJqLhtkcmEm4JqkZ6MB8GA1UdIwQY
MBaAFBYX0K/qu/M5sG2yg8S44CegSryuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmhmUXItcTc4em13YmJLRHhMamdKNkJLdks0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9hNGEyY2QtNWRiZi00MDI5LWE4YTEt
ZDdmMjFmYzEzNTBlLzEvRmhmUXItcTc4em13YmJLRHhMamdKNkJLdks0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9hNGEyY2QtNWRiZi00MDI5LWE4YTEtZDdmMjFmYzEzNTBl
LzEvRmhmUXItcTc4em13YmJLRHhMamdKNkJLdks0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABvfuPbl9
L/n+duVDW6fx3jp9x1Tm3DM8z7KdwahiOcxbaTSwUEBlSvFCdmDfBOqCOWcQNZyY
zNM5wQ/antQNt7QIYJyucuME1tItiGPKdwCR+bSGn7QgjcGs4tl/Fmpnh+sX0fxV
BZ6BdQgzMHSeZuTK14xeruXpBgr4guniFLhcao3fwlgGCXUXATbDXxWmyQEbUg+B
32ZWUyOHIjVtyfGvmR4yFWYSJPI8P/B3okivJwUaVpVMny0CZOmXF59vvwPiSdRS
QAxVgJKuSKkieZUOF631SBksnvcdYNvBuRwuxUsWb26+gqjZR/4mitA+IKIQhov5
whY3AcCvyYI8yQ==
-----END CERTIFICATE-----