Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/916742-51f9-4eb4-a195-29fd80ba4bf1/1/u8v1S15m1hoXV2yMc2vyZy47mho.mft
File:                     u8v1S15m1hoXV2yMc2vyZy47mho.mft (raw, json)
Hash identifier:          OXURO1WMt3TrjcPgc683B3GVoFhgENni3XONy1xkkCg=
Subject key identifier:   A8:CF:98:4E:82:0D:E6:74:C4:17:77:58:B0:AF:96:F2:E6:D9:BF:67
Authority key identifier: BB:CB:F5:4B:5E:66:D6:1A:17:57:6C:8C:73:6B:F2:67:2E:3B:9A:1A
Certificate issuer:       /CN=bbcbf54b5e66d61a17576c8c736bf2672e3b9a1a
Certificate serial:       019A729377AFBE2B13F8E4F98C8227B6B09D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u8v1S15m1hoXV2yMc2vyZy47mho.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/916742-51f9-4eb4-a195-29fd80ba4bf1/1/u8v1S15m1hoXV2yMc2vyZy47mho.mft
Manifest number:          0881
Signing time:             Tue 11 Nov 2025 11:00:58 +0000
Manifest this update:     Tue 11 Nov 2025 11:00:58 +0000
Manifest next update:     Wed 12 Nov 2025 11:00:58 +0000
Files and hashes:         1: u8v1S15m1hoXV2yMc2vyZy47mho.crl (hash: Ww+f7OUT7tSFVKYls7t5SlGNiuJoIZ6e88fN52yRWKQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c8/916742-51f9-4eb4-a195-29fd80ba4bf1/1/u8v1S15m1hoXV2yMc2vyZy47mho.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c8/916742-51f9-4eb4-a195-29fd80ba4bf1/1/u8v1S15m1hoXV2yMc2vyZy47mho.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/u8v1S15m1hoXV2yMc2vyZy47mho.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:77:af:be:2b:13:f8:e4:f9:8c:82:27:b6:b0:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bbcbf54b5e66d61a17576c8c736bf2672e3b9a1a
        Validity
            Not Before: Nov 11 11:00:58 2025 GMT
            Not After : Nov 12 11:00:58 2025 GMT
        Subject: CN=a8cf984e820de674c4177758b0af96f2e6d9bf67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:54:93:7e:0b:66:4c:92:88:2d:72:bd:c5:ff:
                    51:d5:17:03:e6:b2:3b:8c:fc:12:2c:f0:78:b4:da:
                    a1:62:b2:52:4f:d3:ac:50:04:45:82:89:6e:68:9c:
                    48:f1:4d:ab:fc:5c:94:a2:12:25:61:94:d6:04:e2:
                    18:6a:2c:78:69:b4:86:73:e4:83:10:d4:be:7e:1c:
                    ab:d8:19:79:e3:38:f0:31:91:f2:f3:11:3d:ec:7e:
                    3a:61:55:55:2e:55:7e:d5:f9:78:2e:8c:70:fc:96:
                    ff:bc:25:97:db:65:c8:44:20:50:7a:96:e7:48:37:
                    15:fa:8d:0f:9e:37:13:41:fe:8c:35:5e:f2:a5:9e:
                    06:06:11:c7:9c:9d:6b:2a:ed:d2:dc:c3:fb:46:06:
                    29:e0:a4:f9:79:2e:78:0f:d6:0d:ce:44:e7:8e:8f:
                    af:a7:8a:f4:8a:4f:d2:a7:b6:e1:20:0c:9a:52:f3:
                    87:6d:0d:f0:15:29:11:83:a0:1d:a3:8c:7f:38:2f:
                    f6:c1:05:18:ae:8d:84:25:3e:f5:24:6b:05:99:31:
                    7f:9a:b5:b3:43:4e:03:e2:0d:98:e2:88:01:f2:55:
                    d5:de:6c:f7:89:8d:b0:02:42:8e:01:11:52:e8:df:
                    13:8d:d4:38:a5:d1:56:81:a1:bb:1d:a0:b0:20:7e:
                    4c:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:CF:98:4E:82:0D:E6:74:C4:17:77:58:B0:AF:96:F2:E6:D9:BF:67
            X509v3 Authority Key Identifier:
                keyid:BB:CB:F5:4B:5E:66:D6:1A:17:57:6C:8C:73:6B:F2:67:2E:3B:9A:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u8v1S15m1hoXV2yMc2vyZy47mho.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/916742-51f9-4eb4-a195-29fd80ba4bf1/1/u8v1S15m1hoXV2yMc2vyZy47mho.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/916742-51f9-4eb4-a195-29fd80ba4bf1/1/u8v1S15m1hoXV2yMc2vyZy47mho.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:94:84:c5:0c:05:79:a3:44:6f:91:80:b4:34:6e:46:10:9e:
         9d:5e:9e:71:c0:66:44:ec:17:20:21:1d:d2:04:ac:07:27:4c:
         04:b9:f9:d4:8d:50:5f:a5:8a:e9:8b:64:4c:ae:38:1b:71:c1:
         77:f4:80:45:0a:7c:2d:f9:a3:29:c7:de:65:e3:83:fa:90:b7:
         83:ab:b3:05:19:b0:8e:3a:b5:a6:70:09:77:42:b7:1b:17:5b:
         bd:a9:2f:4e:a6:48:de:0c:c9:5a:0a:22:43:a6:41:6c:f9:98:
         c9:5f:6f:bd:a3:8e:97:92:6f:b5:7b:f5:76:68:fe:88:bf:65:
         62:e9:55:a6:d0:7e:56:75:dc:5a:75:43:ab:3a:dd:bd:66:7a:
         f2:3a:5e:9d:d6:d3:6b:57:85:9c:a7:10:86:e4:c7:db:40:29:
         12:b2:75:73:0e:f6:e0:72:7b:52:11:7f:85:e8:62:67:81:d6:
         05:2f:0a:3e:8f:48:d4:a9:f9:a7:b7:66:45:ca:f5:95:53:d8:
         c2:eb:8c:e8:4d:07:ba:96:bf:bc:35:19:83:3e:ff:ae:55:80:
         4c:84:e9:8b:ae:6c:e7:a7:8a:5f:ff:c9:b5:90:97:9f:29:8a:
         a5:90:e7:7f:23:2e:7a:f1:cb:b1:b7:c2:d3:89:e8:69:ef:87:
         1f:11:3a:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk3evvisT+OT5jIIntrCdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiY2JmNTRiNWU2NmQ2MWExNzU3NmM4YzczNmJmMjY3MmUz
YjlhMWEwHhcNMjUxMTExMTEwMDU4WhcNMjUxMTEyMTEwMDU4WjAzMTEwLwYDVQQD
EyhhOGNmOTg0ZTgyMGRlNjc0YzQxNzc3NThiMGFmOTZmMmU2ZDliZjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1STfgtmTJKILXK9xf9R1RcD5rI7
jPwSLPB4tNqhYrJST9OsUARFgoluaJxI8U2r/FyUohIlYZTWBOIYaix4abSGc+SD
ENS+fhyr2Bl54zjwMZHy8xE97H46YVVVLlV+1fl4Loxw/Jb/vCWX22XIRCBQepbn
SDcV+o0PnjcTQf6MNV7ypZ4GBhHHnJ1rKu3S3MP7RgYp4KT5eS54D9YNzkTnjo+v
p4r0ik/Sp7bhIAyaUvOHbQ3wFSkRg6Ado4x/OC/2wQUYro2EJT71JGsFmTF/mrWz
Q04D4g2Y4ogB8lXV3mz3iY2wAkKOARFS6N8TjdQ4pdFWgaG7HaCwIH5MUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKjPmE6CDeZ0xBd3WLCvlvLm2b9nMB8GA1UdIwQY
MBaAFLvL9UteZtYaF1dsjHNr8mcuO5oaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTh2MVMxNW0xaG9YVjJ5TWMydnlaeTQ3bWhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC85MTY3NDItNTFmOS00ZWI0LWExOTUt
MjlmZDgwYmE0YmYxLzEvdTh2MVMxNW0xaG9YVjJ5TWMydnlaeTQ3bWhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC85MTY3NDItNTFmOS00ZWI0LWExOTUtMjlmZDgwYmE0YmYx
LzEvdTh2MVMxNW0xaG9YVjJ5TWMydnlaeTQ3bWhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFJSExQwF
eaNEb5GAtDRuRhCenV6eccBmROwXICEd0gSsBydMBLn51I1QX6WK6YtkTK44G3HB
d/SARQp8LfmjKcfeZeOD+pC3g6uzBRmwjjq1pnAJd0K3GxdbvakvTqZI3gzJWgoi
Q6ZBbPmYyV9vvaOOl5JvtXv1dmj+iL9lYulVptB+VnXcWnVDqzrdvWZ68jpendbT
a1eFnKcQhuTH20ApErJ1cw724HJ7UhF/hehiZ4HWBS8KPo9I1Kn5p7dmRcr1lVPY
wuuM6E0Hupa/vDUZgz7/rlWATITpi65s56eKX//JtZCXnymKpZDnfyMuevHLsbfC
04noae+HHxE6nw==
-----END CERTIFICATE-----