Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft
File:                     FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft (raw, json)
Hash identifier:          Mk5J1nLKy2JZKZyzlhmSAVCnLVopaHD/1O4vFHpmzBE=
Subject key identifier:   69:47:8C:19:8E:17:1E:87:85:E1:F3:A8:0F:6C:BD:54:E5:E3:5F:FE
Authority key identifier: 16:53:6F:C7:56:A5:86:4A:AA:2C:1E:77:BB:76:42:48:DA:BE:26:08
Certificate issuer:       /CN=16536fc756a5864aaa2c1e77bb764248dabe2608
Certificate serial:       019A7226199D9D4ACA8E4AF4E8AC9E80B3ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FlNvx1alhkqqLB53u3ZCSNq-Jgg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft
Manifest number:          0771
Signing time:             Tue 11 Nov 2025 09:01:30 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:30 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:30 +0000
Files and hashes:         1: FlNvx1alhkqqLB53u3ZCSNq-Jgg.crl (hash: KuAHrfnMpoapmHrrlcu2oCCSk4/UAiRP1s2E1Vd0p4w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FlNvx1alhkqqLB53u3ZCSNq-Jgg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:19:9d:9d:4a:ca:8e:4a:f4:e8:ac:9e:80:b3:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16536fc756a5864aaa2c1e77bb764248dabe2608
        Validity
            Not Before: Nov 11 09:01:30 2025 GMT
            Not After : Nov 12 09:01:30 2025 GMT
        Subject: CN=69478c198e171e8785e1f3a80f6cbd54e5e35ffe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:38:71:e8:e8:5f:cc:c1:7a:cb:e7:70:e7:0a:
                    bd:71:f6:9a:37:e3:c5:ad:43:7a:d3:93:f7:21:27:
                    ed:b9:78:f8:98:94:39:bf:5f:98:e2:47:22:47:d3:
                    86:2f:7a:65:0d:9e:2c:a7:f8:3b:85:df:37:08:2c:
                    0f:84:2a:cc:82:45:b9:d3:ba:30:34:03:47:ac:a1:
                    ac:2b:9d:aa:05:9a:3e:8a:e5:7f:c2:fd:39:68:87:
                    eb:d6:49:df:17:3d:be:96:bd:cb:49:47:92:8a:10:
                    4b:de:72:69:cd:72:b4:66:d5:7d:dd:b9:ce:24:56:
                    a3:16:c6:20:a4:0d:33:b1:ff:bd:08:17:b8:28:43:
                    f1:50:8a:f6:80:35:a8:5e:77:6c:71:53:fa:50:b7:
                    53:0c:b6:84:af:75:47:ed:3d:ff:9f:7f:70:b7:4b:
                    97:7f:31:34:d7:7a:a0:62:c0:52:d2:c7:40:27:b5:
                    de:4c:b6:82:33:18:ab:b0:31:8e:79:00:92:10:6f:
                    3b:1c:5d:08:36:ec:04:6d:f3:a2:cd:fd:c7:c6:6a:
                    93:37:32:9d:4a:4b:d9:c0:c6:f7:16:e1:39:ae:52:
                    3f:8d:68:c7:1c:be:ed:ab:e9:f7:fe:98:41:86:d2:
                    d9:90:23:e2:88:bb:cb:0e:44:03:98:0d:5f:b4:7f:
                    04:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:47:8C:19:8E:17:1E:87:85:E1:F3:A8:0F:6C:BD:54:E5:E3:5F:FE
            X509v3 Authority Key Identifier:
                keyid:16:53:6F:C7:56:A5:86:4A:AA:2C:1E:77:BB:76:42:48:DA:BE:26:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FlNvx1alhkqqLB53u3ZCSNq-Jgg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:27:eb:d1:85:6e:2c:0f:95:34:27:9f:a8:6d:d1:d6:98:8b:
         56:5c:4a:e3:a0:fc:bb:7c:83:13:a3:c8:e5:07:fb:76:62:04:
         3f:ae:8f:61:bd:bf:9e:f9:90:b6:e1:7c:59:bd:42:92:93:2c:
         f4:80:ee:7a:fe:c4:0b:d1:0b:93:c2:7a:01:00:22:f3:90:b8:
         27:8f:3a:01:75:8c:44:47:37:fd:8a:6e:97:54:f4:f0:69:d2:
         73:af:ee:d1:24:cc:c5:39:c0:7b:15:72:74:9f:b6:74:28:b9:
         08:d5:89:ef:ed:0a:15:7e:ff:93:d4:fe:9c:18:95:58:87:7d:
         5b:71:0b:2b:f9:40:93:8f:0b:0b:ee:90:39:ed:ee:7a:4e:05:
         ef:1d:1f:ba:69:eb:a0:f1:d9:74:38:b0:fb:7b:e2:97:27:c8:
         83:55:f2:0c:f2:a2:72:34:fd:44:63:2a:94:09:24:9b:99:cd:
         97:0d:70:e0:c1:be:a6:1a:f3:9e:ea:2e:39:28:4c:44:b0:5d:
         39:38:23:f0:06:e5:7c:88:95:26:6d:8c:25:5d:24:a0:c1:6c:
         cd:bf:a7:54:1d:f1:95:ca:99:e3:d5:41:a9:14:be:5f:0d:04:
         f5:0a:7c:28:4f:45:59:e0:c6:96:bf:bf:e2:8c:a7:77:5c:fe:
         13:6e:2a:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJhmdnUrKjkr06KyegLPtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NTM2ZmM3NTZhNTg2NGFhYTJjMWU3N2JiNzY0MjQ4ZGFi
ZTI2MDgwHhcNMjUxMTExMDkwMTMwWhcNMjUxMTEyMDkwMTMwWjAzMTEwLwYDVQQD
Eyg2OTQ3OGMxOThlMTcxZTg3ODVlMWYzYTgwZjZjYmQ1NGU1ZTM1ZmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmThx6OhfzMF6y+dw5wq9cfaaN+PF
rUN605P3ISftuXj4mJQ5v1+Y4kciR9OGL3plDZ4sp/g7hd83CCwPhCrMgkW507ow
NANHrKGsK52qBZo+iuV/wv05aIfr1knfFz2+lr3LSUeSihBL3nJpzXK0ZtV93bnO
JFajFsYgpA0zsf+9CBe4KEPxUIr2gDWoXndscVP6ULdTDLaEr3VH7T3/n39wt0uX
fzE013qgYsBS0sdAJ7XeTLaCMxirsDGOeQCSEG87HF0INuwEbfOizf3HxmqTNzKd
SkvZwMb3FuE5rlI/jWjHHL7tq+n3/phBhtLZkCPiiLvLDkQDmA1ftH8EJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGlHjBmOFx6HheHzqA9svVTl41/+MB8GA1UdIwQY
MBaAFBZTb8dWpYZKqiwed7t2QkjaviYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmxOdngxYWxoa3FxTEI1M3UzWkNTTnEtSmdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85YTRiNDUtZGFjMC00Yzc5LThlMTQt
N2YzZWI3NTQ2MTAyLzEvRmxOdngxYWxoa3FxTEI1M3UzWkNTTnEtSmdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS85YTRiNDUtZGFjMC00Yzc5LThlMTQtN2YzZWI3NTQ2MTAy
LzEvRmxOdngxYWxoa3FxTEI1M3UzWkNTTnEtSmdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYCfr0YVu
LA+VNCefqG3R1piLVlxK46D8u3yDE6PI5Qf7dmIEP66PYb2/nvmQtuF8Wb1CkpMs
9IDuev7EC9ELk8J6AQAi85C4J486AXWMREc3/Ypul1T08GnSc6/u0STMxTnAexVy
dJ+2dCi5CNWJ7+0KFX7/k9T+nBiVWId9W3ELK/lAk48LC+6QOe3uek4F7x0fumnr
oPHZdDiw+3vilyfIg1XyDPKicjT9RGMqlAkkm5nNlw1w4MG+phrznuouOShMRLBd
OTgj8AblfIiVJm2MJV0koMFszb+nVB3xlcqZ49VBqRS+Xw0E9Qp8KE9FWeDGlr+/
4oynd1z+E24qQA==
-----END CERTIFICATE-----