Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft
File:                     IYCTB4hvuv261Th2Eu_-dxOHowA.mft (raw, json)
Hash identifier:          jniZHXY2DMb6YM0aPCtwqzAZa3VVLjRJNtzytbBFBqI=
Subject key identifier:   8C:4A:4F:A1:03:12:97:15:96:39:E6:32:BF:ED:5F:0C:09:31:C4:4C
Authority key identifier: 21:80:93:07:88:6F:BA:FD:BA:D5:38:76:12:EF:FE:77:13:87:A3:00
Certificate issuer:       /CN=21809307886fbafdbad5387612effe771387a300
Certificate serial:       019A71B78C8881CCE0FB89454AE0382AFBE5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYCTB4hvuv261Th2Eu_-dxOHowA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft
Manifest number:          0863
Signing time:             Tue 11 Nov 2025 07:00:45 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:45 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:45 +0000
Files and hashes:         1: IYCTB4hvuv261Th2Eu_-dxOHowA.crl (hash: FyIGytTFttwuGq89BYJR6CJTq+DfBZJFt7YIh+jayyg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYCTB4hvuv261Th2Eu_-dxOHowA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:8c:88:81:cc:e0:fb:89:45:4a:e0:38:2a:fb:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21809307886fbafdbad5387612effe771387a300
        Validity
            Not Before: Nov 11 07:00:45 2025 GMT
            Not After : Nov 12 07:00:45 2025 GMT
        Subject: CN=8c4a4fa1031297159639e632bfed5f0c0931c44c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:60:4f:46:10:e9:04:20:a5:32:ea:f3:d3:2d:
                    e6:29:06:42:bd:04:57:02:08:e4:a5:19:45:82:f6:
                    a0:38:9f:dc:7b:94:31:12:45:e9:49:46:68:ad:15:
                    d0:e2:7b:85:4a:fd:88:f2:48:78:84:b0:b6:1a:78:
                    43:b4:3f:9a:f4:10:32:43:91:9f:a0:0c:ca:6e:9b:
                    e5:d6:81:e9:58:3b:e2:51:a4:e5:5b:e2:9f:c0:9d:
                    67:78:c4:81:3e:8e:62:ab:d3:26:67:f7:68:43:65:
                    94:f6:d8:d8:5c:91:cd:97:71:16:99:7a:97:c8:33:
                    15:e7:3d:d1:7c:ec:78:d2:ba:2f:22:5b:80:26:33:
                    fb:86:3b:38:09:f7:32:09:30:12:7b:08:35:5e:73:
                    70:7e:d8:3c:a6:19:8e:cd:0b:48:27:2f:34:b5:c7:
                    00:6e:61:38:6f:97:95:06:be:9f:90:96:96:36:51:
                    e9:c7:64:8a:41:d9:e0:a6:cb:d8:e0:97:7b:b1:28:
                    52:20:fd:29:11:cc:eb:01:2e:9e:63:9b:63:64:05:
                    ce:a5:aa:14:ae:a2:35:9a:c8:ce:41:4e:08:9c:4c:
                    11:37:8d:3e:b3:3d:9d:1c:47:89:a7:4a:71:d8:ec:
                    c7:78:14:80:61:6c:f8:4c:62:fd:3a:96:0e:fb:79:
                    19:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:4A:4F:A1:03:12:97:15:96:39:E6:32:BF:ED:5F:0C:09:31:C4:4C
            X509v3 Authority Key Identifier:
                keyid:21:80:93:07:88:6F:BA:FD:BA:D5:38:76:12:EF:FE:77:13:87:A3:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYCTB4hvuv261Th2Eu_-dxOHowA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:80:51:92:58:25:ac:7a:2e:7f:b6:e6:c7:a0:49:9a:13:cc:
         3d:1b:62:90:84:9d:64:c2:97:5c:34:db:99:b5:77:47:c6:00:
         06:42:4e:cc:e9:ea:60:86:6a:5e:69:b3:08:5f:f3:5f:e2:16:
         78:af:6c:34:e5:8c:b7:36:eb:eb:b3:c3:ce:01:29:ad:32:53:
         a1:c7:a3:ef:7b:d8:10:d2:5e:be:bf:97:fb:e0:ad:e9:0e:d0:
         54:f3:c9:d6:bb:f5:27:a7:41:a8:55:e8:d3:8f:29:d7:7b:8b:
         75:cb:34:f4:ce:a2:15:98:22:ff:f1:0d:2c:4c:8e:46:96:be:
         16:02:b8:bb:5b:66:59:e5:f4:ad:d5:ba:42:8f:85:9d:ba:52:
         a2:2f:53:bd:57:91:45:e8:66:48:e6:da:81:ca:54:68:37:c6:
         fd:d6:80:7c:dd:55:9b:43:1e:65:7e:b8:11:bf:b1:42:ea:d6:
         1b:d0:d7:ad:0a:30:9f:4c:9c:2c:db:0f:9c:55:9b:5c:55:8b:
         1c:8b:4d:a3:db:a4:59:fc:e6:be:a7:56:bb:38:ff:28:df:bf:
         1f:95:75:5a:b1:98:40:f7:d5:44:91:32:f4:7f:a0:b2:53:7f:
         cb:49:2c:b5:66:a0:17:87:76:59:5e:0d:ca:88:44:06:39:0c:
         9a:a0:a9:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt4yIgczg+4lFSuA4KvvlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxODA5MzA3ODg2ZmJhZmRiYWQ1Mzg3NjEyZWZmZTc3MTM4
N2EzMDAwHhcNMjUxMTExMDcwMDQ1WhcNMjUxMTEyMDcwMDQ1WjAzMTEwLwYDVQQD
Eyg4YzRhNGZhMTAzMTI5NzE1OTYzOWU2MzJiZmVkNWYwYzA5MzFjNDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4mBPRhDpBCClMurz0y3mKQZCvQRX
AgjkpRlFgvagOJ/ce5QxEkXpSUZorRXQ4nuFSv2I8kh4hLC2GnhDtD+a9BAyQ5Gf
oAzKbpvl1oHpWDviUaTlW+KfwJ1neMSBPo5iq9MmZ/doQ2WU9tjYXJHNl3EWmXqX
yDMV5z3RfOx40rovIluAJjP7hjs4CfcyCTASewg1XnNwftg8phmOzQtIJy80tccA
bmE4b5eVBr6fkJaWNlHpx2SKQdngpsvY4Jd7sShSIP0pEczrAS6eY5tjZAXOpaoU
rqI1msjOQU4InEwRN40+sz2dHEeJp0px2OzHeBSAYWz4TGL9OpYO+3kZBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIxKT6EDEpcVljnmMr/tXwwJMcRMMB8GA1UdIwQY
MBaAFCGAkweIb7r9utU4dhLv/ncTh6MAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVlDVEI0aHZ1djI2MVRoMkV1Xy1keE9Ib3dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9hN2NiYWEtYmI5ZC00N2Y1LTkyMmQt
ZjcwOGRhZDBlZWNhLzEvSVlDVEI0aHZ1djI2MVRoMkV1Xy1keE9Ib3dBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9hN2NiYWEtYmI5ZC00N2Y1LTkyMmQtZjcwOGRhZDBlZWNh
LzEvSVlDVEI0aHZ1djI2MVRoMkV1Xy1keE9Ib3dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQYBRklgl
rHouf7bmx6BJmhPMPRtikISdZMKXXDTbmbV3R8YABkJOzOnqYIZqXmmzCF/zX+IW
eK9sNOWMtzbr67PDzgEprTJTocej73vYENJevr+X++Ct6Q7QVPPJ1rv1J6dBqFXo
048p13uLdcs09M6iFZgi//ENLEyORpa+FgK4u1tmWeX0rdW6Qo+FnbpSoi9TvVeR
RehmSObagcpUaDfG/daAfN1Vm0MeZX64Eb+xQurWG9DXrQown0ycLNsPnFWbXFWL
HItNo9ukWfzmvqdWuzj/KN+/H5V1WrGYQPfVRJEy9H+gslN/y0kstWagF4d2WV4N
yohEBjkMmqCpkQ==
-----END CERTIFICATE-----