Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/df715b-79a6-44a9-ac97-adb314a5753c/1/e9g2worwknoDVYYlrt9v14ekkFw.mft
File:                     e9g2worwknoDVYYlrt9v14ekkFw.mft (raw, json)
Hash identifier:          VxvI16yvw8uZL//Z2TW2Y/EWZJna61IQUfkTASMKxW0=
Subject key identifier:   94:F9:E8:BF:39:41:1F:36:23:0C:0B:0B:1A:5E:D3:43:7C:AA:06:CF
Authority key identifier: 7B:D8:36:C2:8A:F0:92:7A:03:55:86:25:AE:DF:6F:D7:87:A4:90:5C
Certificate issuer:       /CN=7bd836c28af0927a03558625aedf6fd787a4905c
Certificate serial:       019A71B772D56655DC185AF8597B0E640C80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e9g2worwknoDVYYlrt9v14ekkFw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/df715b-79a6-44a9-ac97-adb314a5753c/1/e9g2worwknoDVYYlrt9v14ekkFw.mft
Manifest number:          1659
Signing time:             Tue 11 Nov 2025 07:00:39 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:39 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:39 +0000
Files and hashes:         1: e9g2worwknoDVYYlrt9v14ekkFw.crl (hash: OAvJRs9ualI9mft6UoxR8mFfHiKOEuI1BhA7d7sAOfw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c8/df715b-79a6-44a9-ac97-adb314a5753c/1/e9g2worwknoDVYYlrt9v14ekkFw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c8/df715b-79a6-44a9-ac97-adb314a5753c/1/e9g2worwknoDVYYlrt9v14ekkFw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/e9g2worwknoDVYYlrt9v14ekkFw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:72:d5:66:55:dc:18:5a:f8:59:7b:0e:64:0c:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7bd836c28af0927a03558625aedf6fd787a4905c
        Validity
            Not Before: Nov 11 07:00:39 2025 GMT
            Not After : Nov 12 07:00:39 2025 GMT
        Subject: CN=94f9e8bf39411f36230c0b0b1a5ed3437caa06cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:41:42:a0:6f:83:80:63:d1:03:bd:c6:eb:8f:
                    43:3e:d9:92:e2:d0:db:3e:7c:d3:25:0e:6a:25:3f:
                    45:a2:3b:95:28:73:88:ea:5f:b5:d5:60:48:2a:13:
                    e2:02:48:a3:a5:9f:f4:fb:94:e3:8c:8a:cd:6a:b2:
                    51:5a:5e:3a:41:d7:4a:97:cf:7b:96:fb:4d:47:6e:
                    c1:e3:52:56:6a:ee:7b:ad:0b:96:e1:9a:85:63:b0:
                    6e:47:19:3d:b4:88:39:d8:33:a6:e6:01:65:dd:c8:
                    d1:7b:1b:91:0a:f0:2f:ae:c8:82:ac:50:07:5f:76:
                    d3:5e:59:21:e7:fc:91:55:85:b7:9b:1d:fc:4e:5a:
                    9f:9e:09:74:02:3d:ad:45:92:68:0f:fa:de:e0:d9:
                    0a:1a:9a:13:2d:56:fb:1b:c2:ff:bd:93:ee:d4:91:
                    f3:b2:45:5a:77:5e:f1:5b:54:ea:fd:a6:f0:df:1d:
                    17:0b:c6:83:e1:ea:4c:34:32:09:2e:be:b7:bf:d7:
                    8b:43:46:fc:39:38:74:3c:ab:25:0e:eb:67:9c:ef:
                    75:a9:8c:95:5a:bd:78:fb:98:f9:25:5e:82:b6:92:
                    e1:af:0e:6b:99:22:a8:2b:c0:fc:d3:63:7a:9d:d2:
                    67:89:fb:fe:4e:db:00:34:8b:d1:7d:ac:5f:ac:69:
                    19:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:F9:E8:BF:39:41:1F:36:23:0C:0B:0B:1A:5E:D3:43:7C:AA:06:CF
            X509v3 Authority Key Identifier:
                keyid:7B:D8:36:C2:8A:F0:92:7A:03:55:86:25:AE:DF:6F:D7:87:A4:90:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9g2worwknoDVYYlrt9v14ekkFw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/df715b-79a6-44a9-ac97-adb314a5753c/1/e9g2worwknoDVYYlrt9v14ekkFw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/df715b-79a6-44a9-ac97-adb314a5753c/1/e9g2worwknoDVYYlrt9v14ekkFw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:7e:9b:4e:2a:b8:a8:b0:d0:95:43:91:5e:86:d3:1e:c6:12:
         3c:74:b3:4f:7d:d6:53:70:ad:4d:e2:33:59:5d:0f:4e:09:c4:
         ec:cb:3f:e9:0b:a9:bc:a9:2c:9a:f1:ac:b9:16:73:cf:9a:af:
         e2:ca:77:87:52:f1:27:0b:ea:8c:e4:9f:23:3c:d2:0e:9b:d2:
         13:ed:75:51:37:fe:98:14:54:dd:57:75:99:59:69:1f:fc:c6:
         e8:5b:73:48:60:90:79:8c:bd:41:8b:b8:55:09:47:b8:78:fd:
         7f:33:40:c1:70:7b:92:cf:87:1d:7c:cc:7b:b1:40:fa:a0:80:
         8f:2f:e8:8d:f3:38:5b:cc:75:bd:f4:db:87:fc:6c:53:c9:d3:
         54:75:97:f3:f8:60:cf:4c:a9:86:82:98:b7:6f:32:e5:c9:ee:
         c9:e0:54:7b:b7:02:f0:5f:fd:99:dd:1d:80:65:94:31:1c:7e:
         64:7e:d9:31:b8:3e:c3:34:c7:9f:ad:36:d3:4b:ab:03:b6:c2:
         bd:31:5f:64:78:ba:af:ff:76:7d:23:85:ee:f8:7b:15:0a:3b:
         fb:45:7b:06:fd:b8:fd:bf:22:5c:87:cc:9e:47:4f:2f:75:f1:
         1d:7f:fc:5e:49:af:f9:a7:96:8b:56:e4:c6:50:0b:50:28:11:
         37:04:d3:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt3LVZlXcGFr4WXsOZAyAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiZDgzNmMyOGFmMDkyN2EwMzU1ODYyNWFlZGY2ZmQ3ODdh
NDkwNWMwHhcNMjUxMTExMDcwMDM5WhcNMjUxMTEyMDcwMDM5WjAzMTEwLwYDVQQD
Eyg5NGY5ZThiZjM5NDExZjM2MjMwYzBiMGIxYTVlZDM0MzdjYWEwNmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkFCoG+DgGPRA73G649DPtmS4tDb
PnzTJQ5qJT9FojuVKHOI6l+11WBIKhPiAkijpZ/0+5TjjIrNarJRWl46QddKl897
lvtNR27B41JWau57rQuW4ZqFY7BuRxk9tIg52DOm5gFl3cjRexuRCvAvrsiCrFAH
X3bTXlkh5/yRVYW3mx38Tlqfngl0Aj2tRZJoD/re4NkKGpoTLVb7G8L/vZPu1JHz
skVad17xW1Tq/abw3x0XC8aD4epMNDIJLr63v9eLQ0b8OTh0PKslDutnnO91qYyV
Wr14+5j5JV6CtpLhrw5rmSKoK8D802N6ndJnifv+TtsANIvRfaxfrGkZJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJT56L85QR82IwwLCxpe00N8qgbPMB8GA1UdIwQY
MBaAFHvYNsKK8JJ6A1WGJa7fb9eHpJBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTlnMndvcndrbm9EVllZbHJ0OXYxNGVra0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9kZjcxNWItNzlhNi00NGE5LWFjOTct
YWRiMzE0YTU3NTNjLzEvZTlnMndvcndrbm9EVllZbHJ0OXYxNGVra0Z3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9kZjcxNWItNzlhNi00NGE5LWFjOTctYWRiMzE0YTU3NTNj
LzEvZTlnMndvcndrbm9EVllZbHJ0OXYxNGVra0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFn6bTiq4
qLDQlUORXobTHsYSPHSzT33WU3CtTeIzWV0PTgnE7Ms/6QupvKksmvGsuRZzz5qv
4sp3h1LxJwvqjOSfIzzSDpvSE+11UTf+mBRU3Vd1mVlpH/zG6FtzSGCQeYy9QYu4
VQlHuHj9fzNAwXB7ks+HHXzMe7FA+qCAjy/ojfM4W8x1vfTbh/xsU8nTVHWX8/hg
z0yphoKYt28y5cnuyeBUe7cC8F/9md0dgGWUMRx+ZH7ZMbg+wzTHn60200urA7bC
vTFfZHi6r/92fSOF7vh7FQo7+0V7Bv24/b8iXIfMnkdPL3XxHX/8Xkmv+aeWi1bk
xlALUCgRNwTTqQ==
-----END CERTIFICATE-----