Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
File:                     RXHLqFoCMKnLR6vrWzue1NUxz54.mft (raw, json)
Hash identifier:          RYRp9vFdvqA7hILAVeDDZZR6txwwkO8FYSXRfZ3zAL8=
Subject key identifier:   E7:FC:5F:3B:31:1F:4C:7A:90:26:66:EA:2A:0B:3F:B8:1C:C4:42:FF
Authority key identifier: 45:71:CB:A8:5A:02:30:A9:CB:47:AB:EB:5B:3B:9E:D4:D5:31:CF:9E
Certificate issuer:       /CN=4571cba85a0230a9cb47abeb5b3b9ed4d531cf9e
Certificate serial:       019A725CD041F19C3C7D9100F547A03A6481
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
Manifest number:          04C9
Signing time:             Tue 11 Nov 2025 10:01:16 +0000
Manifest this update:     Tue 11 Nov 2025 10:01:16 +0000
Manifest next update:     Wed 12 Nov 2025 10:01:16 +0000
Files and hashes:         1: RXHLqFoCMKnLR6vrWzue1NUxz54.crl (hash: 7/mafX0skFoW+PkGH21e3Mulz2yBpE16Ixf8aw+pTzc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:d0:41:f1:9c:3c:7d:91:00:f5:47:a0:3a:64:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4571cba85a0230a9cb47abeb5b3b9ed4d531cf9e
        Validity
            Not Before: Nov 11 10:01:16 2025 GMT
            Not After : Nov 12 10:01:16 2025 GMT
        Subject: CN=e7fc5f3b311f4c7a902666ea2a0b3fb81cc442ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:06:e4:88:81:6d:3f:65:07:07:ad:2c:70:6e:
                    d4:53:f6:8a:48:d1:c6:1e:e2:b6:83:9b:8f:8a:01:
                    02:bf:92:ed:f5:6a:a9:16:7a:ae:7a:be:6e:e3:6c:
                    2c:29:96:08:64:fd:5e:d5:71:91:3e:df:a1:bc:fc:
                    ef:18:05:c5:b0:b1:c3:0c:e8:5d:bb:2c:9f:40:fc:
                    92:9e:e0:6b:9f:7c:82:88:d2:18:2f:12:f3:47:ea:
                    af:7a:f6:ef:eb:01:2e:c0:f6:f3:c9:91:33:ca:9b:
                    77:83:ca:c6:9d:9c:58:1f:1b:c4:48:3e:5a:70:13:
                    0f:c9:ac:82:f4:b3:67:7e:61:37:6a:74:be:2c:48:
                    0a:85:10:13:55:c7:ff:04:0b:c2:e5:8b:8e:d1:74:
                    d2:c2:a4:79:4f:8b:8a:16:40:6d:3e:5a:e9:43:c3:
                    76:c8:4e:ba:30:73:28:6f:ad:bc:d0:e5:be:f1:69:
                    3c:ed:53:4c:8b:d7:5d:25:c4:97:9e:ab:71:ce:68:
                    33:df:2b:99:b8:94:1d:58:6e:6a:cf:2f:71:63:b4:
                    51:bc:46:7b:1f:10:80:da:d3:09:d3:49:a7:93:75:
                    8c:39:ba:b2:20:e1:b3:54:91:a5:45:de:90:07:47:
                    c3:55:98:2d:07:f4:03:13:17:f8:ac:ef:ee:07:35:
                    f2:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:FC:5F:3B:31:1F:4C:7A:90:26:66:EA:2A:0B:3F:B8:1C:C4:42:FF
            X509v3 Authority Key Identifier:
                keyid:45:71:CB:A8:5A:02:30:A9:CB:47:AB:EB:5B:3B:9E:D4:D5:31:CF:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:31:b7:f0:78:7f:6f:e4:f7:dd:f9:c0:6c:a4:1b:d3:b0:9b:
         48:d5:5e:b2:71:b0:81:df:c1:5c:fd:1c:19:46:50:f9:a3:4c:
         24:cd:0d:04:b2:9d:4b:73:3c:80:40:36:7a:67:13:6b:c6:66:
         04:d0:ed:5f:bf:1d:07:41:e5:73:82:18:12:ab:e9:91:f7:ca:
         9e:2d:6b:d0:5e:9b:48:b7:63:7d:08:c7:91:60:aa:bc:11:97:
         95:37:f2:ab:4b:42:99:8a:fa:87:40:12:63:57:d9:a3:aa:d4:
         ab:0f:23:6b:e6:82:7c:7a:0a:27:34:b1:10:9a:f2:c5:07:72:
         d6:2b:ee:24:8f:73:b5:44:46:0f:da:ec:13:51:00:02:2f:c1:
         6f:c1:19:31:69:39:ac:d1:e0:d3:a0:9b:af:f5:dc:44:77:b9:
         da:d0:35:98:12:ee:86:6d:5b:95:09:d2:5f:4f:ac:26:8c:15:
         48:4b:00:25:f1:55:8b:9d:d9:aa:79:fb:54:f2:da:13:8a:52:
         a3:18:64:1b:bc:97:89:eb:c9:42:c2:06:8f:bd:b1:3c:6c:20:
         41:0e:2f:86:b1:14:8b:65:76:d8:94:7e:a1:a5:0f:eb:fd:db:
         28:46:3e:d0:a9:59:74:f5:ab:e4:b4:eb:28:19:0b:99:37:b8:
         3f:61:2b:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXNBB8Zw8fZEA9UegOmSBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NzFjYmE4NWEwMjMwYTljYjQ3YWJlYjViM2I5ZWQ0ZDUz
MWNmOWUwHhcNMjUxMTExMTAwMTE2WhcNMjUxMTEyMTAwMTE2WjAzMTEwLwYDVQQD
EyhlN2ZjNWYzYjMxMWY0YzdhOTAyNjY2ZWEyYTBiM2ZiODFjYzQ0MmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzwbkiIFtP2UHB60scG7UU/aKSNHG
HuK2g5uPigECv5Lt9WqpFnquer5u42wsKZYIZP1e1XGRPt+hvPzvGAXFsLHDDOhd
uyyfQPySnuBrn3yCiNIYLxLzR+qvevbv6wEuwPbzyZEzypt3g8rGnZxYHxvESD5a
cBMPyayC9LNnfmE3anS+LEgKhRATVcf/BAvC5YuO0XTSwqR5T4uKFkBtPlrpQ8N2
yE66MHMob6280OW+8Wk87VNMi9ddJcSXnqtxzmgz3yuZuJQdWG5qzy9xY7RRvEZ7
HxCA2tMJ00mnk3WMObqyIOGzVJGlRd6QB0fDVZgtB/QDExf4rO/uBzXyzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOf8XzsxH0x6kCZm6ioLP7gcxEL/MB8GA1UdIwQY
MBaAFEVxy6haAjCpy0er61s7ntTVMc+eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9hNjQwOTktMzQ1Zi00ZjFjLWE5MzAt
NzYwY2IzZWExNDE1LzEvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9hNjQwOTktMzQ1Zi00ZjFjLWE5MzAtNzYwY2IzZWExNDE1
LzEvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMTG38Hh/
b+T33fnAbKQb07CbSNVesnGwgd/BXP0cGUZQ+aNMJM0NBLKdS3M8gEA2emcTa8Zm
BNDtX78dB0Hlc4IYEqvpkffKni1r0F6bSLdjfQjHkWCqvBGXlTfyq0tCmYr6h0AS
Y1fZo6rUqw8ja+aCfHoKJzSxEJryxQdy1ivuJI9ztURGD9rsE1EAAi/Bb8EZMWk5
rNHg06Cbr/XcRHe52tA1mBLuhm1blQnSX0+sJowVSEsAJfFVi53Zqnn7VPLaE4pS
oxhkG7yXievJQsIGj72xPGwgQQ4vhrEUi2V22JR+oaUP6/3bKEY+0KlZdPWr5LTr
KBkLmTe4P2Erdg==
-----END CERTIFICATE-----