Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.mft
File:                     FLklHG89i7aaegPOrN0q58LIzjc.mft (raw, json)
Hash identifier:          xvoyE/i9SnyVmTtNXR5omelcoBg5aQSmEbztZRn4h88=
Subject key identifier:   41:AC:A3:B7:9B:7B:33:50:DD:7F:82:A0:C5:78:69:CB:73:0E:A7:FB
Authority key identifier: 14:B9:25:1C:6F:3D:8B:B6:9A:7A:03:CE:AC:DD:2A:E7:C2:C8:CE:37
Certificate issuer:       /CN=14b9251c6f3d8bb69a7a03ceacdd2ae7c2c8ce37
Certificate serial:       019A71B8BEC6B1B96053608C76242FF4D254
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FLklHG89i7aaegPOrN0q58LIzjc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.mft
Manifest number:          0289
Signing time:             Tue 11 Nov 2025 07:02:04 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:04 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:04 +0000
Files and hashes:         1: FLklHG89i7aaegPOrN0q58LIzjc.crl (hash: IWJfuBfTo3x0kLJ0GqvDaKbdQiC8qhHn1GVN6u6qqpQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FLklHG89i7aaegPOrN0q58LIzjc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:be:c6:b1:b9:60:53:60:8c:76:24:2f:f4:d2:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14b9251c6f3d8bb69a7a03ceacdd2ae7c2c8ce37
        Validity
            Not Before: Nov 11 07:02:04 2025 GMT
            Not After : Nov 12 07:02:04 2025 GMT
        Subject: CN=41aca3b79b7b3350dd7f82a0c57869cb730ea7fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:e5:4c:1a:52:82:cf:35:e8:fa:6f:40:2b:64:
                    71:a1:81:f1:1c:3f:c8:5e:f8:c7:ef:a4:34:a1:58:
                    65:82:30:64:d6:90:68:04:a5:b8:81:e9:82:be:46:
                    62:12:cf:5d:f2:58:b1:ad:85:9d:97:e2:51:02:94:
                    6b:fa:29:68:65:6b:0f:bf:2a:de:41:a7:53:fa:31:
                    87:c7:b2:dc:c4:9a:51:3f:15:c7:d9:e9:51:50:f0:
                    7e:61:d7:7c:2d:c0:50:41:94:cf:03:82:29:b3:d9:
                    9b:aa:cb:9f:13:b6:7e:e3:b2:b6:ab:4b:d5:94:c2:
                    7a:3b:1d:62:10:7b:e3:c0:19:7d:4b:3c:02:cf:54:
                    cc:c7:d0:86:4a:bc:34:a0:e4:57:ba:92:b5:1f:2c:
                    68:7f:84:32:17:98:e6:84:d1:3d:a5:a0:57:bb:ff:
                    b7:75:f4:cb:43:72:9e:98:97:15:fa:bc:a0:58:5e:
                    ff:9b:ce:42:e2:a8:75:c0:63:9a:64:54:94:c5:af:
                    d8:3c:00:c0:6f:2d:41:4b:60:3e:3d:88:6b:58:be:
                    28:b2:c5:fe:34:cf:5d:c5:34:9d:03:ec:d3:7b:fe:
                    68:99:69:1b:e1:99:40:35:78:a0:70:70:ce:dd:86:
                    e6:bc:19:be:b0:89:28:af:15:c4:df:b5:e5:71:50:
                    a7:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:AC:A3:B7:9B:7B:33:50:DD:7F:82:A0:C5:78:69:CB:73:0E:A7:FB
            X509v3 Authority Key Identifier:
                keyid:14:B9:25:1C:6F:3D:8B:B6:9A:7A:03:CE:AC:DD:2A:E7:C2:C8:CE:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FLklHG89i7aaegPOrN0q58LIzjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:db:10:b3:3a:84:e3:dc:44:fb:90:cc:39:d0:7b:34:e8:97:
         98:a1:63:b1:fc:c2:d1:22:6c:dd:8c:68:23:54:7f:0e:db:16:
         f3:3f:13:4a:0b:9f:92:81:b1:17:00:98:ec:85:99:43:ff:93:
         76:06:b0:a0:e1:2b:89:97:44:92:36:3f:58:5c:50:18:e0:2e:
         cb:57:9d:00:d6:29:40:be:aa:5a:58:78:d7:64:59:28:e8:66:
         94:5f:92:f2:b0:d5:0f:fe:d8:a5:cb:00:d6:b5:d3:aa:c6:f0:
         0e:97:8d:ef:13:15:b8:92:1b:f2:b6:b1:4a:e9:76:7c:57:e3:
         c4:bc:8d:e3:2f:7e:ed:4b:77:c1:20:d9:5f:2a:6e:4b:9d:58:
         5f:fd:f0:36:41:57:23:cc:cb:33:14:21:7d:04:a3:b4:4c:dd:
         f1:1e:4b:8d:93:02:c9:4f:5d:94:e1:4d:50:4a:8a:5c:95:4e:
         21:be:6b:05:b4:bf:22:28:ea:e5:c1:6c:c4:28:d8:a0:7b:e5:
         03:65:0f:01:c7:27:b8:72:a7:54:1d:88:96:05:37:a5:09:5d:
         f1:bb:c0:80:45:0e:47:22:5e:f7:7c:fb:3c:9f:a8:20:9f:35:
         3a:81:b6:78:e7:94:49:33:d1:ee:84:97:e1:b2:1d:3d:6c:19:
         29:c8:6d:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuL7GsblgU2CMdiQv9NJUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YjkyNTFjNmYzZDhiYjY5YTdhMDNjZWFjZGQyYWU3YzJj
OGNlMzcwHhcNMjUxMTExMDcwMjA0WhcNMjUxMTEyMDcwMjA0WjAzMTEwLwYDVQQD
Eyg0MWFjYTNiNzliN2IzMzUwZGQ3ZjgyYTBjNTc4NjljYjczMGVhN2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+VMGlKCzzXo+m9AK2RxoYHxHD/I
XvjH76Q0oVhlgjBk1pBoBKW4gemCvkZiEs9d8lixrYWdl+JRApRr+iloZWsPvyre
QadT+jGHx7LcxJpRPxXH2elRUPB+Ydd8LcBQQZTPA4Ips9mbqsufE7Z+47K2q0vV
lMJ6Ox1iEHvjwBl9SzwCz1TMx9CGSrw0oORXupK1Hyxof4QyF5jmhNE9paBXu/+3
dfTLQ3KemJcV+rygWF7/m85C4qh1wGOaZFSUxa/YPADAby1BS2A+PYhrWL4ossX+
NM9dxTSdA+zTe/5omWkb4ZlANXigcHDO3YbmvBm+sIkorxXE37XlcVCnfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEGso7ebezNQ3X+CoMV4actzDqf7MB8GA1UdIwQY
MBaAFBS5JRxvPYu2mnoDzqzdKufCyM43MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkxrbEhHODlpN2FhZWdQT3JOMHE1OExJempjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9iMzBkNjYtOGZiMC00ZTlkLTk4ZWMt
YzJkOGE1OWIwMGQzLzEvRkxrbEhHODlpN2FhZWdQT3JOMHE1OExJempjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9iMzBkNjYtOGZiMC00ZTlkLTk4ZWMtYzJkOGE1OWIwMGQz
LzEvRkxrbEhHODlpN2FhZWdQT3JOMHE1OExJempjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASNsQszqE
49xE+5DMOdB7NOiXmKFjsfzC0SJs3YxoI1R/DtsW8z8TSgufkoGxFwCY7IWZQ/+T
dgawoOEriZdEkjY/WFxQGOAuy1edANYpQL6qWlh412RZKOhmlF+S8rDVD/7YpcsA
1rXTqsbwDpeN7xMVuJIb8raxSul2fFfjxLyN4y9+7Ut3wSDZXypuS51YX/3wNkFX
I8zLMxQhfQSjtEzd8R5LjZMCyU9dlOFNUEqKXJVOIb5rBbS/Iijq5cFsxCjYoHvl
A2UPAccnuHKnVB2IlgU3pQld8bvAgEUORyJe93z7PJ+oIJ81OoG2eOeUSTPR7oSX
4bIdPWwZKchtAw==
-----END CERTIFICATE-----