Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/de2b16-fa2b-4a11-95ab-dbeaf784817a/1/FMc1JZ_be4Pyd63xLQjMmLWmEAo.mft
File:                     FMc1JZ_be4Pyd63xLQjMmLWmEAo.mft (raw, json)
Hash identifier:          xer298th9R1NSryOYhIM9DqHoPKzYDOdwXGjzE+aV40=
Subject key identifier:   F0:D3:76:C7:B0:97:3E:55:C2:26:3C:80:EE:DD:F8:29:BA:1E:FD:E0
Authority key identifier: 14:C7:35:25:9F:DB:7B:83:F2:77:AD:F1:2D:08:CC:98:B5:A6:10:0A
Certificate issuer:       /CN=14c735259fdb7b83f277adf12d08cc98b5a6100a
Certificate serial:       019A71B8D470795F3215E8F5C98E65C4C4E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FMc1JZ_be4Pyd63xLQjMmLWmEAo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/de2b16-fa2b-4a11-95ab-dbeaf784817a/1/FMc1JZ_be4Pyd63xLQjMmLWmEAo.mft
Manifest number:          0A40
Signing time:             Tue 11 Nov 2025 07:02:09 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:09 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:09 +0000
Files and hashes:         1: FMc1JZ_be4Pyd63xLQjMmLWmEAo.crl (hash: ziPF+tkkB9aWVHziF0Xb4Z8Jyl+dvKfvzgtQZ7RPJd0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/de2b16-fa2b-4a11-95ab-dbeaf784817a/1/FMc1JZ_be4Pyd63xLQjMmLWmEAo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/de2b16-fa2b-4a11-95ab-dbeaf784817a/1/FMc1JZ_be4Pyd63xLQjMmLWmEAo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FMc1JZ_be4Pyd63xLQjMmLWmEAo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:d4:70:79:5f:32:15:e8:f5:c9:8e:65:c4:c4:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14c735259fdb7b83f277adf12d08cc98b5a6100a
        Validity
            Not Before: Nov 11 07:02:09 2025 GMT
            Not After : Nov 12 07:02:09 2025 GMT
        Subject: CN=f0d376c7b0973e55c2263c80eeddf829ba1efde0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:b6:a8:9e:3b:46:cb:66:3a:07:d8:fe:84:0c:
                    c8:82:9d:c1:87:43:c6:9e:1c:1b:11:c1:41:e4:47:
                    0b:b0:f3:b6:54:31:9a:44:8c:a8:32:cd:b9:1e:a1:
                    9a:40:eb:bb:43:06:a0:0e:da:cf:d3:f0:d2:bd:20:
                    f6:d8:e7:b5:60:ae:15:c3:c1:94:43:10:a0:57:e0:
                    07:a3:20:4a:0c:02:0b:b3:7d:6a:25:b6:53:75:cc:
                    2f:6e:39:57:bf:ee:1f:c6:3e:3b:16:71:75:69:c8:
                    c0:36:c4:ba:2a:f4:20:59:44:4e:3f:59:f0:66:e1:
                    27:d8:b3:d4:09:28:7a:24:85:8e:da:fb:67:5c:19:
                    c0:94:08:76:78:19:c2:6b:03:32:1f:dd:32:0b:ee:
                    80:c1:f9:20:06:99:40:f4:38:4d:06:a4:16:99:74:
                    83:5d:28:10:bc:7e:d4:13:41:cb:58:fb:3d:f6:45:
                    0a:2b:aa:f0:63:0e:f0:df:64:16:85:8b:bc:ff:6c:
                    4a:b8:47:76:1c:7f:20:14:18:9a:c1:9a:83:1d:4c:
                    e8:fe:6a:55:dc:4f:77:a9:6f:3c:7f:ec:2e:d6:3e:
                    90:8d:d1:26:c2:81:f5:dc:19:02:63:41:5b:b8:2f:
                    50:ba:4c:29:1d:cb:85:4c:fa:34:87:7d:1a:46:5f:
                    d7:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:D3:76:C7:B0:97:3E:55:C2:26:3C:80:EE:DD:F8:29:BA:1E:FD:E0
            X509v3 Authority Key Identifier:
                keyid:14:C7:35:25:9F:DB:7B:83:F2:77:AD:F1:2D:08:CC:98:B5:A6:10:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FMc1JZ_be4Pyd63xLQjMmLWmEAo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/de2b16-fa2b-4a11-95ab-dbeaf784817a/1/FMc1JZ_be4Pyd63xLQjMmLWmEAo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/de2b16-fa2b-4a11-95ab-dbeaf784817a/1/FMc1JZ_be4Pyd63xLQjMmLWmEAo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:36:d4:2e:da:0d:5f:da:1b:3a:b6:d0:41:77:4c:53:92:9c:
         be:98:28:2a:74:2b:20:d3:7b:5f:63:28:da:10:be:63:63:b3:
         fb:67:21:32:11:f2:56:a4:32:68:14:3a:17:6c:af:c7:2a:9e:
         3e:d9:23:3a:c1:99:a4:1a:e0:ee:af:75:d9:a6:e6:11:5f:42:
         74:e7:5c:7a:be:4c:5b:1b:45:3a:5d:51:16:02:24:d0:31:e9:
         27:04:06:f4:1c:af:01:19:15:be:fd:c3:a9:58:28:37:48:bc:
         c1:9b:e6:c5:02:7d:ed:be:a7:74:24:34:ab:eb:b2:95:30:b5:
         b9:51:1d:0a:63:f7:32:dc:47:14:6e:fc:e5:1b:29:4e:43:95:
         58:14:62:98:d8:c6:25:81:9e:09:f5:0d:2d:07:25:3c:cf:54:
         61:64:f8:22:57:d4:48:2c:c4:6b:73:aa:82:70:ae:75:5b:07:
         42:48:03:32:20:20:6d:a2:cd:a5:48:ae:27:85:a8:eb:87:0f:
         f2:6c:6b:94:26:de:f7:a3:1c:97:71:5b:25:d1:c6:42:da:c0:
         22:33:42:75:ff:b0:e1:06:1d:35:76:d8:aa:45:0d:66:94:d8:
         3c:69:d2:f4:41:85:30:41:f4:1f:64:6a:22:b5:94:99:6a:bb:
         bc:ef:6b:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuNRweV8yFej1yY5lxMTnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YzczNTI1OWZkYjdiODNmMjc3YWRmMTJkMDhjYzk4YjVh
NjEwMGEwHhcNMjUxMTExMDcwMjA5WhcNMjUxMTEyMDcwMjA5WjAzMTEwLwYDVQQD
EyhmMGQzNzZjN2IwOTczZTU1YzIyNjNjODBlZWRkZjgyOWJhMWVmZGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz7aonjtGy2Y6B9j+hAzIgp3Bh0PG
nhwbEcFB5EcLsPO2VDGaRIyoMs25HqGaQOu7QwagDtrP0/DSvSD22Oe1YK4Vw8GU
QxCgV+AHoyBKDAILs31qJbZTdcwvbjlXv+4fxj47FnF1acjANsS6KvQgWUROP1nw
ZuEn2LPUCSh6JIWO2vtnXBnAlAh2eBnCawMyH90yC+6AwfkgBplA9DhNBqQWmXSD
XSgQvH7UE0HLWPs99kUKK6rwYw7w32QWhYu8/2xKuEd2HH8gFBiawZqDHUzo/mpV
3E93qW88f+wu1j6QjdEmwoH13BkCY0FbuC9QukwpHcuFTPo0h30aRl/XXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPDTdsewlz5VwiY8gO7d+Cm6Hv3gMB8GA1UdIwQY
MBaAFBTHNSWf23uD8net8S0IzJi1phAKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRk1jMUpaX2JlNFB5ZDYzeExRak1tTFdtRUFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9kZTJiMTYtZmEyYi00YTExLTk1YWIt
ZGJlYWY3ODQ4MTdhLzEvRk1jMUpaX2JlNFB5ZDYzeExRak1tTFdtRUFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9kZTJiMTYtZmEyYi00YTExLTk1YWItZGJlYWY3ODQ4MTdh
LzEvRk1jMUpaX2JlNFB5ZDYzeExRak1tTFdtRUFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkTbULtoN
X9obOrbQQXdMU5KcvpgoKnQrINN7X2Mo2hC+Y2Oz+2chMhHyVqQyaBQ6F2yvxyqe
PtkjOsGZpBrg7q912abmEV9CdOdcer5MWxtFOl1RFgIk0DHpJwQG9ByvARkVvv3D
qVgoN0i8wZvmxQJ97b6ndCQ0q+uylTC1uVEdCmP3MtxHFG785RspTkOVWBRimNjG
JYGeCfUNLQclPM9UYWT4IlfUSCzEa3OqgnCudVsHQkgDMiAgbaLNpUiuJ4Wo64cP
8mxrlCbe96Mcl3FbJdHGQtrAIjNCdf+w4QYdNXbYqkUNZpTYPGnS9EGFMEH0H2Rq
IrWUmWq7vO9rOg==
-----END CERTIFICATE-----