Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/e83399-0a14-42ac-9fd6-41306c27d6f0/1/jFfcx-UvWLNCtwyD2qIaEGrFkpE.mft
File:                     jFfcx-UvWLNCtwyD2qIaEGrFkpE.mft (raw, json)
Hash identifier:          8PsGNV+2bAt6dc92rD1JLd+ZX0j4PysfSjDRsHO5DGY=
Subject key identifier:   37:2E:52:A3:C1:DA:7F:D4:B9:4E:29:C1:70:1D:92:62:61:20:2B:ED
Authority key identifier: 8C:57:DC:C7:E5:2F:58:B3:42:B7:0C:83:DA:A2:1A:10:6A:C5:92:91
Certificate issuer:       /CN=8c57dcc7e52f58b342b70c83daa21a106ac59291
Certificate serial:       019A71B8040BC3F9F3D6DCFF06AC6D9DBAE4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jFfcx-UvWLNCtwyD2qIaEGrFkpE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/e83399-0a14-42ac-9fd6-41306c27d6f0/1/jFfcx-UvWLNCtwyD2qIaEGrFkpE.mft
Manifest number:          0939
Signing time:             Tue 11 Nov 2025 07:01:16 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:16 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:16 +0000
Files and hashes:         1: jFfcx-UvWLNCtwyD2qIaEGrFkpE.crl (hash: O8/+GSRf71O+34fGnmccw8T5123t1psx0P7NmkqwG1U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/e83399-0a14-42ac-9fd6-41306c27d6f0/1/jFfcx-UvWLNCtwyD2qIaEGrFkpE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/e83399-0a14-42ac-9fd6-41306c27d6f0/1/jFfcx-UvWLNCtwyD2qIaEGrFkpE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jFfcx-UvWLNCtwyD2qIaEGrFkpE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:04:0b:c3:f9:f3:d6:dc:ff:06:ac:6d:9d:ba:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c57dcc7e52f58b342b70c83daa21a106ac59291
        Validity
            Not Before: Nov 11 07:01:16 2025 GMT
            Not After : Nov 12 07:01:16 2025 GMT
        Subject: CN=372e52a3c1da7fd4b94e29c1701d926261202bed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:e5:4e:42:85:40:69:2b:b5:dc:91:f1:f2:1f:
                    6b:23:5c:c4:b0:42:85:12:e6:d5:b8:8c:08:06:ed:
                    1a:4a:77:b8:1c:f9:17:67:76:a6:6d:4f:ec:dd:dd:
                    2b:ac:bf:38:f0:4d:8d:15:b8:47:0b:00:58:46:86:
                    de:53:23:69:d8:9e:db:cb:cb:e2:ac:de:50:bb:35:
                    fc:23:13:d0:e4:0b:de:ea:80:fa:ab:27:0a:0c:51:
                    5d:c3:07:5a:5c:5a:cc:53:e6:02:60:f0:7e:d1:6d:
                    55:1d:ba:ba:69:2b:42:c8:76:5c:69:9f:5a:e0:f3:
                    e7:65:25:96:d1:2c:9c:97:9c:e1:6b:ee:02:18:70:
                    d1:5e:20:67:60:aa:5e:16:a5:d8:5f:20:9d:24:3b:
                    34:60:23:5d:8f:ac:18:76:f3:59:65:b9:44:7e:b3:
                    d7:49:93:07:73:c8:ae:c2:e6:c4:88:3d:ab:46:65:
                    8d:3b:da:52:65:1d:1a:74:7e:e6:93:d7:51:e7:88:
                    cf:1f:54:99:22:5d:3a:c2:7f:da:2c:1d:f4:92:53:
                    e4:9b:74:2c:ba:2a:07:8a:74:53:64:32:d2:4a:c2:
                    77:cd:de:9f:f5:e8:c2:75:b5:96:95:88:49:ef:79:
                    be:3f:bc:ff:a1:88:6a:1e:cf:e6:7d:6a:31:25:56:
                    fb:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:2E:52:A3:C1:DA:7F:D4:B9:4E:29:C1:70:1D:92:62:61:20:2B:ED
            X509v3 Authority Key Identifier:
                keyid:8C:57:DC:C7:E5:2F:58:B3:42:B7:0C:83:DA:A2:1A:10:6A:C5:92:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jFfcx-UvWLNCtwyD2qIaEGrFkpE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/e83399-0a14-42ac-9fd6-41306c27d6f0/1/jFfcx-UvWLNCtwyD2qIaEGrFkpE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/e83399-0a14-42ac-9fd6-41306c27d6f0/1/jFfcx-UvWLNCtwyD2qIaEGrFkpE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:4e:0f:9d:66:31:d4:4a:c2:86:0e:fa:f5:d3:50:7a:d0:2a:
         32:d8:94:63:b3:60:32:e6:32:cb:2d:b7:b2:16:0f:71:8d:45:
         77:f7:40:e9:1d:87:d2:0b:bc:ca:3a:64:c8:23:a4:de:35:f9:
         61:7b:d4:09:6f:3a:af:59:22:3f:35:80:1e:56:2f:cc:5e:6f:
         ac:28:9f:c3:4c:83:ca:bc:d7:1e:be:47:ce:25:5e:5c:22:18:
         84:0c:00:2f:27:66:78:b2:80:dc:40:5c:98:30:86:07:81:ac:
         94:17:c8:3c:f1:27:df:9e:ea:9b:fa:46:f7:7c:e1:97:df:de:
         03:fc:2b:39:a8:21:6d:67:ad:6c:6d:42:73:15:6d:89:6f:01:
         a4:ba:1d:0c:b6:33:da:00:4c:f6:6e:17:9d:a2:d9:69:28:ed:
         d9:77:31:dc:21:ee:d1:f3:6c:ba:dd:a5:a1:30:71:14:d5:35:
         bd:1e:25:cc:98:21:ad:22:f3:14:5f:22:fd:93:60:b0:8f:23:
         4e:a1:28:27:f2:47:31:ff:6a:2d:d6:1f:82:93:17:2b:c2:90:
         7a:01:4e:1d:63:8e:e0:c5:86:78:df:ad:1c:2e:48:60:30:8d:
         64:9b:7c:5e:e3:d6:d9:0d:2a:94:f3:2a:ad:82:e6:6e:1f:a0:
         a1:1b:c6:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuAQLw/nz1tz/BqxtnbrkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjNTdkY2M3ZTUyZjU4YjM0MmI3MGM4M2RhYTIxYTEwNmFj
NTkyOTEwHhcNMjUxMTExMDcwMTE2WhcNMjUxMTEyMDcwMTE2WjAzMTEwLwYDVQQD
EygzNzJlNTJhM2MxZGE3ZmQ0Yjk0ZTI5YzE3MDFkOTI2MjYxMjAyYmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5+VOQoVAaSu13JHx8h9rI1zEsEKF
EubVuIwIBu0aSne4HPkXZ3ambU/s3d0rrL848E2NFbhHCwBYRobeUyNp2J7by8vi
rN5QuzX8IxPQ5Ave6oD6qycKDFFdwwdaXFrMU+YCYPB+0W1VHbq6aStCyHZcaZ9a
4PPnZSWW0Sycl5zha+4CGHDRXiBnYKpeFqXYXyCdJDs0YCNdj6wYdvNZZblEfrPX
SZMHc8iuwubEiD2rRmWNO9pSZR0adH7mk9dR54jPH1SZIl06wn/aLB30klPkm3Qs
uioHinRTZDLSSsJ3zd6f9ejCdbWWlYhJ73m+P7z/oYhqHs/mfWoxJVb7SwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDcuUqPB2n/UuU4pwXAdkmJhICvtMB8GA1UdIwQY
MBaAFIxX3MflL1izQrcMg9qiGhBqxZKRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakZmY3gtVXZXTE5DdHd5RDJxSWFFR3JGa3BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lODMzOTktMGExNC00MmFjLTlmZDYt
NDEzMDZjMjdkNmYwLzEvakZmY3gtVXZXTE5DdHd5RDJxSWFFR3JGa3BFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lODMzOTktMGExNC00MmFjLTlmZDYtNDEzMDZjMjdkNmYw
LzEvakZmY3gtVXZXTE5DdHd5RDJxSWFFR3JGa3BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXE4PnWYx
1ErChg769dNQetAqMtiUY7NgMuYyyy23shYPcY1Fd/dA6R2H0gu8yjpkyCOk3jX5
YXvUCW86r1kiPzWAHlYvzF5vrCifw0yDyrzXHr5HziVeXCIYhAwALydmeLKA3EBc
mDCGB4GslBfIPPEn357qm/pG93zhl9/eA/wrOaghbWetbG1CcxVtiW8BpLodDLYz
2gBM9m4XnaLZaSjt2Xcx3CHu0fNsut2loTBxFNU1vR4lzJghrSLzFF8i/ZNgsI8j
TqEoJ/JHMf9qLdYfgpMXK8KQegFOHWOO4MWGeN+tHC5IYDCNZJt8XuPW2Q0qlPMq
rYLmbh+goRvGtw==
-----END CERTIFICATE-----