Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.mft
File:                     ELZc9vpeH8roz4TJcB44vftjqrM.mft (raw, json)
Hash identifier:          sBUJHY4YfJoyXhoX15+2/n7O9mdZTsuY40Cm40+GlzQ=
Subject key identifier:   C3:83:6A:24:95:EA:8C:DD:4C:C3:74:58:D8:67:E0:7D:7C:B9:24:5D
Authority key identifier: 10:B6:5C:F6:FA:5E:1F:CA:E8:CF:84:C9:70:1E:38:BD:FB:63:AA:B3
Certificate issuer:       /CN=10b65cf6fa5e1fcae8cf84c9701e38bdfb63aab3
Certificate serial:       019A730176C9E969E8E3631D9AC2CB9B6523
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ELZc9vpeH8roz4TJcB44vftjqrM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.mft
Manifest number:          0FCC
Signing time:             Tue 11 Nov 2025 13:01:07 +0000
Manifest this update:     Tue 11 Nov 2025 13:01:07 +0000
Manifest next update:     Wed 12 Nov 2025 13:01:07 +0000
Files and hashes:         1: ELZc9vpeH8roz4TJcB44vftjqrM.crl (hash: eSFF/pOzlbGvmM2Ay0/ZxCRsWBBSCSGRePlQRvjJRpY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ELZc9vpeH8roz4TJcB44vftjqrM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:01:76:c9:e9:69:e8:e3:63:1d:9a:c2:cb:9b:65:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=10b65cf6fa5e1fcae8cf84c9701e38bdfb63aab3
        Validity
            Not Before: Nov 11 13:01:07 2025 GMT
            Not After : Nov 12 13:01:07 2025 GMT
        Subject: CN=c3836a2495ea8cdd4cc37458d867e07d7cb9245d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:1d:31:ec:c7:03:2c:02:93:79:46:0a:62:61:
                    fe:82:91:7e:7d:0e:92:67:4a:b3:a5:3b:78:6d:c6:
                    d2:82:30:9a:29:6b:bb:a3:07:b2:4b:5e:67:0b:86:
                    85:ea:b7:49:2d:76:a7:ec:ee:19:e6:a2:b3:72:50:
                    76:8b:42:34:a5:29:1a:2b:d8:fa:73:74:11:b4:35:
                    6a:00:18:83:d3:4e:95:af:bb:ba:03:09:74:99:4a:
                    34:9c:f1:e5:ba:e2:0a:18:76:2d:ab:5c:a2:9d:ab:
                    eb:62:b5:14:ce:7d:59:d5:18:92:59:0b:73:3a:95:
                    43:a5:31:ee:36:a8:05:dd:93:25:46:4e:9a:d8:22:
                    dc:c9:e0:17:9e:51:c0:2f:11:b9:fa:19:a7:71:5a:
                    4c:2a:22:e8:5c:60:7b:68:29:0f:96:17:45:b7:13:
                    ba:65:84:3c:ad:a7:15:a6:1c:da:12:03:1e:5e:00:
                    2f:50:f7:37:4a:b0:f9:14:3f:39:ca:b3:f8:c4:8f:
                    e5:e7:5a:2a:90:5d:ec:03:78:89:49:20:59:d0:9d:
                    52:96:cb:21:e4:f2:d7:92:83:b0:4b:b0:8e:93:d3:
                    b8:37:ef:c2:a2:22:be:bc:1b:d4:26:e9:f5:72:9a:
                    3e:a4:7f:cb:e1:d1:ce:39:5e:e3:a7:80:08:d7:58:
                    a6:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:83:6A:24:95:EA:8C:DD:4C:C3:74:58:D8:67:E0:7D:7C:B9:24:5D
            X509v3 Authority Key Identifier:
                keyid:10:B6:5C:F6:FA:5E:1F:CA:E8:CF:84:C9:70:1E:38:BD:FB:63:AA:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ELZc9vpeH8roz4TJcB44vftjqrM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:a9:c7:21:a5:83:44:9f:fd:e5:d6:22:06:12:29:e8:c3:dd:
         4f:36:e2:d4:d0:a7:42:ef:ee:ad:47:98:62:aa:ab:4f:b0:27:
         b9:79:9f:c6:8e:6c:f2:02:1f:69:99:28:c7:c8:c6:76:87:7d:
         61:b8:46:e0:a0:f4:48:7a:cb:1e:ed:9c:83:05:1f:f2:a1:19:
         a4:e1:5b:16:7d:8e:10:ca:e1:31:2f:6d:47:e6:7a:71:cd:18:
         45:bd:cc:90:a7:c4:ab:38:2c:07:f6:73:3d:42:2f:e5:ee:bd:
         97:a4:41:11:60:ce:15:ba:30:9b:d9:59:16:79:64:43:08:73:
         2b:d7:83:f0:6c:d6:de:76:d2:88:7d:aa:fa:90:39:b3:16:6d:
         f2:28:ef:d6:16:f5:19:24:96:34:b4:0d:16:ff:58:35:a0:ec:
         79:fa:b7:b2:8f:60:97:00:5c:6b:ee:6b:f7:75:13:09:95:6a:
         f7:ed:47:45:ac:05:ee:5d:f4:01:75:32:67:61:37:2e:8b:af:
         73:f1:b1:71:85:76:a0:b4:7e:f1:ec:0d:b5:d6:34:70:22:cf:
         b1:5a:9a:77:e2:87:22:73:e2:27:6b:0b:5e:0e:b5:12:a3:ec:
         67:f4:52:ad:ba:0f:16:51:02:d8:72:c3:d5:65:73:0e:a1:53:
         15:93:e7:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAXbJ6Wno42MdmsLLm2UjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwYjY1Y2Y2ZmE1ZTFmY2FlOGNmODRjOTcwMWUzOGJkZmI2
M2FhYjMwHhcNMjUxMTExMTMwMTA3WhcNMjUxMTEyMTMwMTA3WjAzMTEwLwYDVQQD
EyhjMzgzNmEyNDk1ZWE4Y2RkNGNjMzc0NThkODY3ZTA3ZDdjYjkyNDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlR0x7McDLAKTeUYKYmH+gpF+fQ6S
Z0qzpTt4bcbSgjCaKWu7oweyS15nC4aF6rdJLXan7O4Z5qKzclB2i0I0pSkaK9j6
c3QRtDVqABiD006Vr7u6Awl0mUo0nPHluuIKGHYtq1yinavrYrUUzn1Z1RiSWQtz
OpVDpTHuNqgF3ZMlRk6a2CLcyeAXnlHALxG5+hmncVpMKiLoXGB7aCkPlhdFtxO6
ZYQ8racVphzaEgMeXgAvUPc3SrD5FD85yrP4xI/l51oqkF3sA3iJSSBZ0J1Slssh
5PLXkoOwS7COk9O4N+/CoiK+vBvUJun1cpo+pH/L4dHOOV7jp4AI11imBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMODaiSV6ozdTMN0WNhn4H18uSRdMB8GA1UdIwQY
MBaAFBC2XPb6Xh/K6M+EyXAeOL37Y6qzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUxaYzl2cGVIOHJvejRUSmNCNDR2ZnRqcXJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS84MDkwYzItODE4MC00ZjNmLTgxNDIt
YTIzODU1ODcyYjg2LzEvRUxaYzl2cGVIOHJvejRUSmNCNDR2ZnRqcXJNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS84MDkwYzItODE4MC00ZjNmLTgxNDItYTIzODU1ODcyYjg2
LzEvRUxaYzl2cGVIOHJvejRUSmNCNDR2ZnRqcXJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX6nHIaWD
RJ/95dYiBhIp6MPdTzbi1NCnQu/urUeYYqqrT7AnuXmfxo5s8gIfaZkox8jGdod9
YbhG4KD0SHrLHu2cgwUf8qEZpOFbFn2OEMrhMS9tR+Z6cc0YRb3MkKfEqzgsB/Zz
PUIv5e69l6RBEWDOFbowm9lZFnlkQwhzK9eD8GzW3nbSiH2q+pA5sxZt8ijv1hb1
GSSWNLQNFv9YNaDsefq3so9glwBca+5r93UTCZVq9+1HRawF7l30AXUyZ2E3Louv
c/GxcYV2oLR+8ewNtdY0cCLPsVqad+KHInPiJ2sLXg61EqPsZ/RSrboPFlEC2HLD
1WVzDqFTFZPnEA==
-----END CERTIFICATE-----