Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
File:                     pxTGIdV85C4lCT7OhXvbh146zqo.mft (raw, json)
Hash identifier:          XEFs+M7kf0e7TNoHnL0MzNI6oJLuvsNxSzIGcTRVDHU=
Subject key identifier:   73:3B:EF:A7:48:A6:A5:D0:D2:26:17:EC:63:7B:F0:A4:DF:53:27:4A
Authority key identifier: A7:14:C6:21:D5:7C:E4:2E:25:09:3E:CE:85:7B:DB:87:5E:3A:CE:AA
Certificate issuer:       /CN=a714c621d57ce42e25093ece857bdb875e3aceaa
Certificate serial:       019A706E3C79DB0A0D4E2D3FD904F6A6C0B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
Manifest number:          03EB
Signing time:             Tue 11 Nov 2025 01:01:03 +0000
Manifest this update:     Tue 11 Nov 2025 01:01:03 +0000
Manifest next update:     Wed 12 Nov 2025 01:01:03 +0000
Files and hashes:         1: pxTGIdV85C4lCT7OhXvbh146zqo.crl (hash: FqVUUG69mouJycTdYbNYC2tGF/2qURVRYWc0IRg6wFc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 01:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:6e:3c:79:db:0a:0d:4e:2d:3f:d9:04:f6:a6:c0:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a714c621d57ce42e25093ece857bdb875e3aceaa
        Validity
            Not Before: Nov 11 01:01:03 2025 GMT
            Not After : Nov 12 01:01:03 2025 GMT
        Subject: CN=733befa748a6a5d0d22617ec637bf0a4df53274a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:84:f2:72:d9:6b:b1:d3:f8:b5:2e:c4:71:e2:
                    e1:2c:25:8f:31:e2:0a:0a:bd:0c:00:6a:69:de:37:
                    03:fe:6a:bc:7a:3c:fd:c5:e9:85:e8:e2:27:21:7e:
                    9e:38:f8:93:b9:05:71:b0:6b:32:29:72:45:eb:d9:
                    f1:30:79:46:3e:62:eb:ec:a0:f1:0d:4f:dd:e7:4b:
                    c6:3e:5e:5b:46:8e:c8:b5:7d:d6:61:1c:14:2c:00:
                    e1:f6:04:db:4d:09:fb:56:dc:f7:48:8c:f9:83:77:
                    53:7d:c4:9b:2d:ce:a6:5d:da:ad:12:fa:6d:32:e3:
                    c1:fe:54:6d:f9:26:c1:9b:c4:83:81:35:2a:c0:a7:
                    ae:60:06:80:6e:1e:f5:10:f2:e2:55:4d:49:4b:ea:
                    2d:88:d1:81:3e:94:52:1f:98:38:7a:21:f6:bc:be:
                    e9:08:9f:21:d7:a6:8b:b2:99:96:18:00:17:35:b8:
                    2d:cd:87:3e:4a:6d:1f:63:76:6e:7f:a9:02:17:48:
                    1b:71:5e:c6:2b:f4:8b:c1:9d:cd:6a:76:91:92:5e:
                    44:fd:30:2e:cd:7b:88:a6:ea:2f:ef:90:0c:cb:5b:
                    9b:cd:e2:74:a7:df:6d:8f:36:4a:60:ec:82:a6:f6:
                    2c:84:6b:c4:43:ac:46:35:62:64:04:75:4e:fe:67:
                    53:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:3B:EF:A7:48:A6:A5:D0:D2:26:17:EC:63:7B:F0:A4:DF:53:27:4A
            X509v3 Authority Key Identifier:
                keyid:A7:14:C6:21:D5:7C:E4:2E:25:09:3E:CE:85:7B:DB:87:5E:3A:CE:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:fc:b8:c6:37:02:39:85:66:ce:9b:e6:3e:18:57:32:ad:f1:
         48:a3:ff:c4:bf:e7:1a:d5:75:71:8d:fc:ba:f4:9a:99:5b:ef:
         f9:af:1d:e5:bb:a4:51:b8:fd:fc:e1:d6:ae:d1:75:a2:76:e3:
         b4:fc:5c:4b:d7:b7:f9:96:b7:fa:60:03:8b:5e:19:a6:14:ef:
         55:72:c3:c4:f2:f7:fe:ee:ac:aa:70:5d:0f:cc:9f:46:4f:8e:
         24:b4:19:4a:d2:92:d7:b8:b4:98:75:89:c9:99:56:df:b6:d3:
         ae:b3:ba:01:8b:ce:62:89:74:c4:4c:3a:d4:c2:2b:5b:bd:0c:
         40:32:20:3e:87:0d:91:b6:43:39:f4:96:7b:d2:8e:06:62:51:
         e7:ef:de:f7:57:64:32:ce:67:50:30:da:ad:a9:ea:40:ef:8c:
         cd:94:3f:4a:73:44:a4:9b:df:27:1d:48:f6:06:82:26:a7:70:
         3d:5f:9f:35:ce:76:22:72:8d:8d:21:60:4a:24:e7:ee:31:1e:
         0b:26:60:95:b0:4d:fd:eb:95:22:0e:4d:5e:48:82:53:28:fe:
         3d:4b:92:cd:7e:ba:28:5a:cc:d8:3a:2d:4e:54:6f:86:ad:4b:
         30:7f:93:c1:ab:58:b9:34:04:6a:8a:48:a7:98:8d:25:0a:66:
         3c:5c:22:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwbjx52woNTi0/2QT2psC3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MTRjNjIxZDU3Y2U0MmUyNTA5M2VjZTg1N2JkYjg3NWUz
YWNlYWEwHhcNMjUxMTExMDEwMTAzWhcNMjUxMTEyMDEwMTAzWjAzMTEwLwYDVQQD
Eyg3MzNiZWZhNzQ4YTZhNWQwZDIyNjE3ZWM2MzdiZjBhNGRmNTMyNzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4TyctlrsdP4tS7EceLhLCWPMeIK
Cr0MAGpp3jcD/mq8ejz9xemF6OInIX6eOPiTuQVxsGsyKXJF69nxMHlGPmLr7KDx
DU/d50vGPl5bRo7ItX3WYRwULADh9gTbTQn7Vtz3SIz5g3dTfcSbLc6mXdqtEvpt
MuPB/lRt+SbBm8SDgTUqwKeuYAaAbh71EPLiVU1JS+otiNGBPpRSH5g4eiH2vL7p
CJ8h16aLspmWGAAXNbgtzYc+Sm0fY3Zuf6kCF0gbcV7GK/SLwZ3NanaRkl5E/TAu
zXuIpuov75AMy1ubzeJ0p99tjzZKYOyCpvYshGvEQ6xGNWJkBHVO/mdT7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHM776dIpqXQ0iYX7GN78KTfUydKMB8GA1UdIwQY
MBaAFKcUxiHVfOQuJQk+zoV724deOs6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8wZDI4MTktN2M0Mi00YTlhLThjOGIt
MTgwNTVkMmM0NGJlLzEvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8wZDI4MTktN2M0Mi00YTlhLThjOGItMTgwNTVkMmM0NGJl
LzEvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa/y4xjcC
OYVmzpvmPhhXMq3xSKP/xL/nGtV1cY38uvSamVvv+a8d5bukUbj9/OHWrtF1onbj
tPxcS9e3+Za3+mADi14ZphTvVXLDxPL3/u6sqnBdD8yfRk+OJLQZStKS17i0mHWJ
yZlW37bTrrO6AYvOYol0xEw61MIrW70MQDIgPocNkbZDOfSWe9KOBmJR5+/e91dk
Ms5nUDDaranqQO+MzZQ/SnNEpJvfJx1I9gaCJqdwPV+fNc52InKNjSFgSiTn7jEe
CyZglbBN/euVIg5NXkiCUyj+PUuSzX66KFrM2DotTlRvhq1LMH+TwatYuTQEaopI
p5iNJQpmPFwiEA==
-----END CERTIFICATE-----