Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/fc0d21-7f14-44ab-995c-e0bae8bae674/1/dCnR70knCBDhAgzqhhmGQjORMaA.mft
File:                     dCnR70knCBDhAgzqhhmGQjORMaA.mft (raw, json)
Hash identifier:          QsxPjnn4O/rSsSnmotatn3InPl2yJFl0DtZ98mXhaII=
Subject key identifier:   F1:49:99:0B:36:50:76:F9:7E:F2:DF:E8:09:C9:68:34:AB:3D:5F:CC
Authority key identifier: 74:29:D1:EF:49:27:08:10:E1:02:0C:EA:86:19:86:42:33:91:31:A0
Certificate issuer:       /CN=7429d1ef49270810e1020cea86198642339131a0
Certificate serial:       019A71B8AC7E8B76F71252366624C4894279
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dCnR70knCBDhAgzqhhmGQjORMaA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/fc0d21-7f14-44ab-995c-e0bae8bae674/1/dCnR70knCBDhAgzqhhmGQjORMaA.mft
Manifest number:          0BEB
Signing time:             Tue 11 Nov 2025 07:01:59 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:59 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:59 +0000
Files and hashes:         1: dCnR70knCBDhAgzqhhmGQjORMaA.crl (hash: 58ve8GwlQV0KWukMWUmOxgb85aSl83sifuKEGnCS1SM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/fc0d21-7f14-44ab-995c-e0bae8bae674/1/dCnR70knCBDhAgzqhhmGQjORMaA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/fc0d21-7f14-44ab-995c-e0bae8bae674/1/dCnR70knCBDhAgzqhhmGQjORMaA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dCnR70knCBDhAgzqhhmGQjORMaA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:ac:7e:8b:76:f7:12:52:36:66:24:c4:89:42:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7429d1ef49270810e1020cea86198642339131a0
        Validity
            Not Before: Nov 11 07:01:59 2025 GMT
            Not After : Nov 12 07:01:59 2025 GMT
        Subject: CN=f149990b365076f97ef2dfe809c96834ab3d5fcc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:43:af:78:c3:43:e9:5e:eb:45:17:57:0b:2d:
                    d1:0d:d7:de:12:ef:0b:31:4e:45:9a:70:a8:55:da:
                    e4:c0:31:25:6f:0b:dc:e3:85:2e:4d:96:fa:ab:16:
                    19:99:f8:f7:e5:b7:a0:f1:06:2c:9e:a1:b6:a6:d5:
                    96:a9:db:30:54:3e:19:d4:04:5b:1a:87:95:38:2b:
                    d5:7e:58:05:f0:2d:e3:8c:c2:d8:54:91:85:cf:85:
                    09:fb:0a:81:ac:17:90:25:56:26:1c:8c:17:cc:94:
                    34:80:61:00:92:ce:6b:e2:d1:3b:34:7f:e8:4a:e4:
                    00:19:4e:31:8f:b3:7a:f6:85:3e:d3:55:63:df:ba:
                    b1:e6:ab:27:44:58:db:0c:80:28:3a:3a:02:cf:b2:
                    dc:b0:37:bd:18:17:4f:1b:5b:cf:d2:2b:2c:51:c9:
                    ea:8c:30:63:dc:95:b4:74:ae:52:3b:d7:0f:0b:86:
                    41:49:f5:84:4a:e8:8d:d1:52:c0:69:68:08:72:bd:
                    ea:b5:79:1a:31:da:8d:9c:26:55:6a:9a:43:58:51:
                    4c:3a:bd:c4:27:54:f3:0a:84:39:05:5d:8b:e9:8b:
                    21:93:7a:51:a6:e4:11:9b:16:7c:d8:6f:3b:a6:6c:
                    81:51:47:e1:89:69:cb:b6:d3:17:d2:7f:b2:12:e0:
                    09:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:49:99:0B:36:50:76:F9:7E:F2:DF:E8:09:C9:68:34:AB:3D:5F:CC
            X509v3 Authority Key Identifier:
                keyid:74:29:D1:EF:49:27:08:10:E1:02:0C:EA:86:19:86:42:33:91:31:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dCnR70knCBDhAgzqhhmGQjORMaA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/fc0d21-7f14-44ab-995c-e0bae8bae674/1/dCnR70knCBDhAgzqhhmGQjORMaA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/fc0d21-7f14-44ab-995c-e0bae8bae674/1/dCnR70knCBDhAgzqhhmGQjORMaA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:f7:a1:1b:5e:c1:3a:93:55:dd:99:37:8b:01:5a:11:86:d7:
         40:01:b5:76:0c:7a:e9:2d:e4:83:38:6a:cf:11:2f:03:89:cc:
         da:55:e2:db:7f:18:dc:e6:89:87:32:cf:9d:46:03:23:a1:88:
         54:aa:43:93:30:92:bd:87:d9:5f:e6:e1:5b:dd:de:63:e6:a2:
         da:2e:11:1c:40:d6:90:02:4d:2e:3e:1d:05:61:80:b4:62:84:
         69:25:12:44:c9:5c:92:b7:3f:7e:6b:be:fe:46:a9:46:77:61:
         f7:05:d5:1d:9e:8c:7d:d9:e9:b5:34:28:1a:0e:d3:40:fb:89:
         3e:49:3f:52:62:0c:f8:bc:8e:56:45:e8:53:2a:45:78:0c:0d:
         fd:55:18:fc:80:2b:aa:b2:d7:30:81:6e:16:31:1c:23:89:c8:
         11:88:01:14:49:3d:94:98:38:ec:f0:27:2d:7c:58:11:5f:34:
         95:f6:49:f9:c8:7a:3f:a4:9c:50:7f:1b:0f:3e:52:d3:c9:f1:
         fc:81:f2:68:e0:28:a7:fd:1b:72:81:bd:8d:fd:43:81:46:d8:
         9d:a3:e4:05:dd:1b:68:a5:2b:78:17:63:de:ec:a0:8a:5e:d3:
         50:60:33:0f:e6:21:20:8f:11:29:01:19:6c:12:76:97:83:a8:
         10:7f:2e:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuKx+i3b3ElI2ZiTEiUJ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MjlkMWVmNDkyNzA4MTBlMTAyMGNlYTg2MTk4NjQyMzM5
MTMxYTAwHhcNMjUxMTExMDcwMTU5WhcNMjUxMTEyMDcwMTU5WjAzMTEwLwYDVQQD
EyhmMTQ5OTkwYjM2NTA3NmY5N2VmMmRmZTgwOWM5NjgzNGFiM2Q1ZmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA10OveMND6V7rRRdXCy3RDdfeEu8L
MU5FmnCoVdrkwDElbwvc44UuTZb6qxYZmfj35beg8QYsnqG2ptWWqdswVD4Z1ARb
GoeVOCvVflgF8C3jjMLYVJGFz4UJ+wqBrBeQJVYmHIwXzJQ0gGEAks5r4tE7NH/o
SuQAGU4xj7N69oU+01Vj37qx5qsnRFjbDIAoOjoCz7LcsDe9GBdPG1vP0issUcnq
jDBj3JW0dK5SO9cPC4ZBSfWESuiN0VLAaWgIcr3qtXkaMdqNnCZVappDWFFMOr3E
J1TzCoQ5BV2L6Yshk3pRpuQRmxZ82G87pmyBUUfhiWnLttMX0n+yEuAJDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPFJmQs2UHb5fvLf6AnJaDSrPV/MMB8GA1UdIwQY
MBaAFHQp0e9JJwgQ4QIM6oYZhkIzkTGgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZENuUjcwa25DQkRoQWd6cWhobUdRak9STWFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9mYzBkMjEtN2YxNC00NGFiLTk5NWMt
ZTBiYWU4YmFlNjc0LzEvZENuUjcwa25DQkRoQWd6cWhobUdRak9STWFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9mYzBkMjEtN2YxNC00NGFiLTk5NWMtZTBiYWU4YmFlNjc0
LzEvZENuUjcwa25DQkRoQWd6cWhobUdRak9STWFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcfehG17B
OpNV3Zk3iwFaEYbXQAG1dgx66S3kgzhqzxEvA4nM2lXi238Y3OaJhzLPnUYDI6GI
VKpDkzCSvYfZX+bhW93eY+ai2i4RHEDWkAJNLj4dBWGAtGKEaSUSRMlckrc/fmu+
/kapRndh9wXVHZ6MfdnptTQoGg7TQPuJPkk/UmIM+LyOVkXoUypFeAwN/VUY/IAr
qrLXMIFuFjEcI4nIEYgBFEk9lJg47PAnLXxYEV80lfZJ+ch6P6ScUH8bDz5S08nx
/IHyaOAop/0bcoG9jf1DgUbYnaPkBd0baKUreBdj3uygil7TUGAzD+YhII8RKQEZ
bBJ2l4OoEH8uAg==
-----END CERTIFICATE-----