Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.mft
File:                     idSzdf1Mr9XfusQG3SWmHSLdNso.mft (raw, json)
Hash identifier:          NGPCWxGlmdgf4q7qF+aYabCDSzgLZde55632KBmkNB8=
Subject key identifier:   A5:04:CF:FE:F3:C3:36:01:47:37:DE:12:C3:CB:08:0E:10:09:05:4B
Authority key identifier: 89:D4:B3:75:FD:4C:AF:D5:DF:BA:C4:06:DD:25:A6:1D:22:DD:36:CA
Certificate issuer:       /CN=89d4b375fd4cafd5dfbac406dd25a61d22dd36ca
Certificate serial:       019A71B7EE354A5EB3A24DFB1714BB3A3429
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/idSzdf1Mr9XfusQG3SWmHSLdNso.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.mft
Manifest number:          129C
Signing time:             Tue 11 Nov 2025 07:01:10 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:10 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:10 +0000
Files and hashes:         1: idSzdf1Mr9XfusQG3SWmHSLdNso.crl (hash: CSP0FQG1QHWPyRtfaDFGk0tlOYDBEhtNyZKz3FGCCFA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/idSzdf1Mr9XfusQG3SWmHSLdNso.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:ee:35:4a:5e:b3:a2:4d:fb:17:14:bb:3a:34:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89d4b375fd4cafd5dfbac406dd25a61d22dd36ca
        Validity
            Not Before: Nov 11 07:01:10 2025 GMT
            Not After : Nov 12 07:01:10 2025 GMT
        Subject: CN=a504cffef3c336014737de12c3cb080e1009054b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:d2:a6:ee:3b:e3:90:ab:26:c3:b9:01:93:dc:
                    b4:a0:41:a3:f3:9e:9d:08:27:29:9b:e1:e9:00:42:
                    31:bf:a0:1a:b2:9c:78:da:52:e3:08:6e:56:68:18:
                    3a:4b:df:fa:76:b7:a7:63:24:b1:72:69:9c:db:e3:
                    8f:ce:47:4b:43:59:3d:ee:4c:70:bc:1b:3c:94:5c:
                    5e:83:c5:ad:6d:ef:6e:d3:46:0d:4e:75:6d:fb:fc:
                    67:d2:75:a6:29:8d:66:21:c5:c7:d0:8e:dd:1e:11:
                    40:7a:4e:41:52:12:36:c0:20:07:ee:ef:59:b1:a8:
                    84:eb:de:56:94:6a:be:74:a2:39:7b:d9:30:88:5a:
                    54:f6:e0:bc:56:11:81:34:bf:7d:92:a0:96:3a:9f:
                    1e:3f:e9:94:56:43:9b:c5:d2:8d:fd:d9:3a:40:04:
                    3c:99:b1:b9:2e:bc:ee:e4:81:40:f3:6c:e8:66:42:
                    e4:3f:a3:fa:4b:ce:fe:72:fe:bd:53:36:37:51:7f:
                    f7:51:eb:8f:a1:a7:98:a4:72:45:d4:6f:ef:b0:fc:
                    4e:32:8f:fc:e9:0d:e4:62:53:08:90:60:ba:ea:9a:
                    24:05:24:0f:06:ff:07:01:5a:af:fb:64:4b:25:de:
                    e7:79:4b:43:7f:ea:4e:a6:3c:7c:fd:a8:82:a4:2e:
                    c8:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:04:CF:FE:F3:C3:36:01:47:37:DE:12:C3:CB:08:0E:10:09:05:4B
            X509v3 Authority Key Identifier:
                keyid:89:D4:B3:75:FD:4C:AF:D5:DF:BA:C4:06:DD:25:A6:1D:22:DD:36:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/idSzdf1Mr9XfusQG3SWmHSLdNso.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:dd:87:76:de:1b:fc:9f:f2:3e:45:f8:6e:eb:86:cc:44:c0:
         13:be:88:06:e5:9d:f5:af:8e:4c:a7:ed:7b:87:45:18:ad:45:
         c1:e3:79:e3:a9:4d:c5:50:8e:74:0b:41:60:da:d6:98:d1:eb:
         5f:0f:c1:80:0e:19:27:5b:7d:83:ee:c3:98:9b:83:cf:94:ba:
         a3:a2:02:eb:8c:78:51:b7:87:76:d6:88:00:08:e5:09:de:21:
         a4:18:b0:ec:9d:fb:f6:f9:69:0a:9b:a9:12:e1:bc:e4:5b:01:
         da:03:f1:3b:e6:9b:67:5d:28:06:37:ea:ea:85:be:de:71:60:
         52:0a:3c:60:1c:bf:f2:c6:d3:10:b3:69:84:31:19:36:68:b6:
         c5:2c:9a:e5:2c:6b:0e:58:76:38:77:f4:42:f2:2b:23:11:89:
         7d:48:51:4f:22:96:c1:1e:5d:89:52:71:51:a3:36:e5:0a:f6:
         e2:f2:b9:cf:fd:11:9e:03:aa:4a:45:2d:30:a0:79:8b:94:01:
         d1:90:30:de:d1:b2:0a:ba:f3:d6:13:bb:ab:a2:db:6f:23:6d:
         d6:bd:0e:54:be:da:bf:b9:64:c3:78:82:c0:b4:b8:e6:82:53:
         9b:41:c3:51:56:91:8c:8b:20:9e:3b:e9:77:ac:52:91:ca:14:
         52:c1:d5:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt+41Sl6zok37FxS7OjQpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ZDRiMzc1ZmQ0Y2FmZDVkZmJhYzQwNmRkMjVhNjFkMjJk
ZDM2Y2EwHhcNMjUxMTExMDcwMTEwWhcNMjUxMTEyMDcwMTEwWjAzMTEwLwYDVQQD
EyhhNTA0Y2ZmZWYzYzMzNjAxNDczN2RlMTJjM2NiMDgwZTEwMDkwNTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9Km7jvjkKsmw7kBk9y0oEGj856d
CCcpm+HpAEIxv6Aaspx42lLjCG5WaBg6S9/6drenYySxcmmc2+OPzkdLQ1k97kxw
vBs8lFxeg8Wtbe9u00YNTnVt+/xn0nWmKY1mIcXH0I7dHhFAek5BUhI2wCAH7u9Z
saiE695WlGq+dKI5e9kwiFpU9uC8VhGBNL99kqCWOp8eP+mUVkObxdKN/dk6QAQ8
mbG5Lrzu5IFA82zoZkLkP6P6S87+cv69UzY3UX/3UeuPoaeYpHJF1G/vsPxOMo/8
6Q3kYlMIkGC66pokBSQPBv8HAVqv+2RLJd7neUtDf+pOpjx8/aiCpC7IpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKUEz/7zwzYBRzfeEsPLCA4QCQVLMB8GA1UdIwQY
MBaAFInUs3X9TK/V37rEBt0lph0i3TbKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWRTemRmMU1yOVhmdXNRRzNTV21IU0xkTnNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9iY2FkOGQtOGU1NS00YTgxLWIzOTMt
Mjc0MjUxMjUyMDc3LzEvaWRTemRmMU1yOVhmdXNRRzNTV21IU0xkTnNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9iY2FkOGQtOGU1NS00YTgxLWIzOTMtMjc0MjUxMjUyMDc3
LzEvaWRTemRmMU1yOVhmdXNRRzNTV21IU0xkTnNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA92Hdt4b
/J/yPkX4buuGzETAE76IBuWd9a+OTKfte4dFGK1FweN546lNxVCOdAtBYNrWmNHr
Xw/BgA4ZJ1t9g+7DmJuDz5S6o6IC64x4UbeHdtaIAAjlCd4hpBiw7J379vlpCpup
EuG85FsB2gPxO+abZ10oBjfq6oW+3nFgUgo8YBy/8sbTELNphDEZNmi2xSya5Sxr
Dlh2OHf0QvIrIxGJfUhRTyKWwR5diVJxUaM25Qr24vK5z/0RngOqSkUtMKB5i5QB
0ZAw3tGyCrrz1hO7q6LbbyNt1r0OVL7av7lkw3iCwLS45oJTm0HDUVaRjIsgnjvp
d6xSkcoUUsHVCQ==
-----END CERTIFICATE-----