Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.mft
File:                     uH9ej-619ec7CXtmZX7tjbl0pA4.mft (raw, json)
Hash identifier:          Qte/vmqgjxCBVNkOtghyfZCJtayHlj1Uj3kuzMu6e64=
Subject key identifier:   FC:05:E4:CE:46:90:82:CB:BC:B8:9B:31:69:3B:F7:60:13:68:55:AD
Authority key identifier: B8:7F:5E:8F:EE:B5:F5:E7:3B:09:7B:66:65:7E:ED:8D:B9:74:A4:0E
Certificate issuer:       /CN=b87f5e8feeb5f5e73b097b66657eed8db974a40e
Certificate serial:       019A71B8BF66439911C3479ABB0897B90568
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uH9ej-619ec7CXtmZX7tjbl0pA4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.mft
Manifest number:          0EFC
Signing time:             Tue 11 Nov 2025 07:02:04 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:04 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:04 +0000
Files and hashes:         1: uH9ej-619ec7CXtmZX7tjbl0pA4.crl (hash: XpyHXVh4sr5R4vukcQyJe+9S/IgMCg4Z2Zj7d8ozIaE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uH9ej-619ec7CXtmZX7tjbl0pA4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:bf:66:43:99:11:c3:47:9a:bb:08:97:b9:05:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b87f5e8feeb5f5e73b097b66657eed8db974a40e
        Validity
            Not Before: Nov 11 07:02:04 2025 GMT
            Not After : Nov 12 07:02:04 2025 GMT
        Subject: CN=fc05e4ce469082cbbcb89b31693bf760136855ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:da:9d:40:dd:86:da:a4:8a:fd:c1:7a:6f:eb:
                    24:bb:c4:1a:a0:ee:fa:db:27:83:6e:e4:d5:72:1a:
                    11:5a:6f:3d:b4:c0:6a:c8:e4:48:27:14:18:88:20:
                    5c:1a:ea:5a:02:e8:98:48:ff:24:30:d0:67:7f:02:
                    81:5d:5c:16:54:94:25:3f:51:4d:35:dd:21:16:02:
                    4c:5c:d5:14:f1:04:75:0e:da:47:dc:83:54:2b:c1:
                    a6:91:f3:6e:54:a8:88:ad:d4:33:35:31:1b:11:51:
                    36:a1:2b:da:f3:c5:78:b7:50:d3:ca:93:11:0f:05:
                    a8:ba:37:ec:4c:79:d5:4e:e2:ee:ce:d2:00:10:83:
                    15:b3:e7:2b:7e:fe:18:ad:64:12:dd:e0:41:53:21:
                    90:d6:d3:22:78:11:65:40:53:13:50:31:14:d8:e0:
                    5e:b0:f4:ab:e3:16:dd:69:a0:21:b0:8f:c5:76:7a:
                    4e:6e:ff:f1:06:11:89:86:e1:de:ac:e9:36:5a:41:
                    22:cc:30:1c:84:eb:c9:b8:6b:ed:a1:12:e7:94:9a:
                    28:3b:bd:76:19:64:3f:5a:3c:a0:2a:f3:54:3d:92:
                    3c:1b:fc:e8:81:71:5e:be:26:0e:5b:b9:d9:b6:f3:
                    50:a6:cc:21:ec:8d:ae:b7:42:df:36:7d:f7:65:b5:
                    93:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:05:E4:CE:46:90:82:CB:BC:B8:9B:31:69:3B:F7:60:13:68:55:AD
            X509v3 Authority Key Identifier:
                keyid:B8:7F:5E:8F:EE:B5:F5:E7:3B:09:7B:66:65:7E:ED:8D:B9:74:A4:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uH9ej-619ec7CXtmZX7tjbl0pA4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:b3:21:85:07:22:35:3c:a8:b2:d7:47:86:27:ed:e8:a6:34:
         cf:9f:b2:f8:28:72:da:dd:d0:9d:bc:13:59:bf:0c:af:e6:55:
         70:32:6f:7f:40:8c:1c:28:dd:c8:27:c9:10:37:6b:c3:51:70:
         1f:3a:61:23:73:01:b9:2e:7b:ef:ef:26:3d:d1:6a:6d:86:6f:
         50:bf:26:5f:cf:1d:6c:d0:c2:22:2e:0a:a2:8f:55:5c:0a:df:
         4b:c0:3f:b3:b6:71:94:a4:f0:b3:8f:6c:22:58:e2:64:1d:e0:
         f0:3d:d6:a6:f3:de:ba:f8:49:6d:d9:6e:c5:88:33:13:20:b5:
         3e:3a:9e:f0:bd:55:05:bc:64:aa:35:43:a6:18:d0:f8:6c:5e:
         07:cc:6d:f8:0c:93:3f:9a:60:d1:cf:d6:54:98:14:cf:ab:bf:
         4e:13:c9:41:04:6b:bb:46:c5:47:b2:d4:6b:7c:46:11:fc:82:
         08:14:c0:8e:ca:ea:21:e2:61:87:61:a5:75:4f:d5:a0:c7:a4:
         3e:cc:85:0f:f0:28:d5:92:bc:55:27:69:2f:b1:b9:67:6b:d6:
         cd:37:2b:56:75:f1:70:69:0d:df:66:d6:d0:a7:ee:25:c7:2d:
         22:2f:a9:63:a8:9a:a3:f0:95:b4:b2:1e:47:57:72:6d:4b:b4:
         45:df:39:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuL9mQ5kRw0eauwiXuQVoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4N2Y1ZThmZWViNWY1ZTczYjA5N2I2NjY1N2VlZDhkYjk3
NGE0MGUwHhcNMjUxMTExMDcwMjA0WhcNMjUxMTEyMDcwMjA0WjAzMTEwLwYDVQQD
EyhmYzA1ZTRjZTQ2OTA4MmNiYmNiODliMzE2OTNiZjc2MDEzNjg1NWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNqdQN2G2qSK/cF6b+sku8QaoO76
2yeDbuTVchoRWm89tMBqyORIJxQYiCBcGupaAuiYSP8kMNBnfwKBXVwWVJQlP1FN
Nd0hFgJMXNUU8QR1DtpH3INUK8GmkfNuVKiIrdQzNTEbEVE2oSva88V4t1DTypMR
DwWoujfsTHnVTuLuztIAEIMVs+crfv4YrWQS3eBBUyGQ1tMieBFlQFMTUDEU2OBe
sPSr4xbdaaAhsI/FdnpObv/xBhGJhuHerOk2WkEizDAchOvJuGvtoRLnlJooO712
GWQ/WjygKvNUPZI8G/zogXFeviYOW7nZtvNQpswh7I2ut0LfNn33ZbWTwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPwF5M5GkILLvLibMWk792ATaFWtMB8GA1UdIwQY
MBaAFLh/Xo/utfXnOwl7ZmV+7Y25dKQOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUg5ZWotNjE5ZWM3Q1h0bVpYN3RqYmwwcEE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9mZmMwMGQtMzMxNi00Mjg2LTg5MzIt
Y2M2MGE1ZmRlZWIyLzEvdUg5ZWotNjE5ZWM3Q1h0bVpYN3RqYmwwcEE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9mZmMwMGQtMzMxNi00Mjg2LTg5MzItY2M2MGE1ZmRlZWIy
LzEvdUg5ZWotNjE5ZWM3Q1h0bVpYN3RqYmwwcEE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAirMhhQci
NTyostdHhift6KY0z5+y+Chy2t3QnbwTWb8Mr+ZVcDJvf0CMHCjdyCfJEDdrw1Fw
HzphI3MBuS577+8mPdFqbYZvUL8mX88dbNDCIi4Koo9VXArfS8A/s7ZxlKTws49s
IljiZB3g8D3WpvPeuvhJbdluxYgzEyC1Pjqe8L1VBbxkqjVDphjQ+GxeB8xt+AyT
P5pg0c/WVJgUz6u/ThPJQQRru0bFR7LUa3xGEfyCCBTAjsrqIeJhh2GldU/VoMek
PsyFD/Ao1ZK8VSdpL7G5Z2vWzTcrVnXxcGkN32bW0KfuJcctIi+pY6iao/CVtLIe
R1dybUu0Rd85CQ==
-----END CERTIFICATE-----