Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/332f0a-57d1-40d0-a86b-77213f991db9/1/67YrcxkGEIQRy1VV2BvcOj_cbbg.mft
File:                     67YrcxkGEIQRy1VV2BvcOj_cbbg.mft (raw, json)
Hash identifier:          JAFGYx+EDJNY+P4y9Fz9ltCfpgUU261873XzItMPQGI=
Subject key identifier:   D3:F3:29:97:5A:8D:A2:93:52:EC:E4:AD:98:E1:20:A3:C1:FF:2B:3A
Authority key identifier: EB:B6:2B:73:19:06:10:84:11:CB:55:55:D8:1B:DC:3A:3F:DC:6D:B8
Certificate issuer:       /CN=ebb62b731906108411cb5555d81bdc3a3fdc6db8
Certificate serial:       019A7293F015B68B7DB24A705AB5F48B3BC3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/67YrcxkGEIQRy1VV2BvcOj_cbbg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/332f0a-57d1-40d0-a86b-77213f991db9/1/67YrcxkGEIQRy1VV2BvcOj_cbbg.mft
Manifest number:          01CC
Signing time:             Tue 11 Nov 2025 11:01:29 +0000
Manifest this update:     Tue 11 Nov 2025 11:01:29 +0000
Manifest next update:     Wed 12 Nov 2025 11:01:29 +0000
Files and hashes:         1: 67YrcxkGEIQRy1VV2BvcOj_cbbg.crl (hash: J2VpX3h4ckrGj9kixD/167MS4RH/n9VCbpUC2DEmxAw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/332f0a-57d1-40d0-a86b-77213f991db9/1/67YrcxkGEIQRy1VV2BvcOj_cbbg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/332f0a-57d1-40d0-a86b-77213f991db9/1/67YrcxkGEIQRy1VV2BvcOj_cbbg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/67YrcxkGEIQRy1VV2BvcOj_cbbg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:f0:15:b6:8b:7d:b2:4a:70:5a:b5:f4:8b:3b:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ebb62b731906108411cb5555d81bdc3a3fdc6db8
        Validity
            Not Before: Nov 11 11:01:29 2025 GMT
            Not After : Nov 12 11:01:29 2025 GMT
        Subject: CN=d3f329975a8da29352ece4ad98e120a3c1ff2b3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:89:f5:8a:de:33:80:d0:79:20:57:96:ef:f6:
                    f1:f2:8a:c2:a2:c3:3b:3e:57:e8:6f:d7:ea:55:ab:
                    0d:c8:0f:a8:ba:dc:40:81:3a:82:80:ac:5b:31:6e:
                    9b:51:bb:6b:71:f4:49:ad:02:f3:a7:f5:f8:fd:50:
                    cd:76:81:73:58:35:99:8f:32:8d:8d:1f:32:e2:fe:
                    4a:77:8c:a7:dd:70:86:20:ba:f9:92:92:45:69:02:
                    db:bf:38:45:5b:3e:ed:ec:f9:d6:7c:cb:bf:d8:e7:
                    88:3c:38:73:19:79:a6:51:fa:6b:cd:72:9f:a5:3d:
                    f7:12:4d:e0:25:92:fd:04:d1:76:f4:e0:7c:9f:39:
                    7a:22:74:ad:4e:c2:4c:d1:d1:25:1b:d6:71:4f:d9:
                    53:8f:cc:65:48:da:6c:59:75:c5:a6:5a:76:26:6f:
                    44:58:59:9b:f1:1b:67:18:5b:c8:72:ff:f5:bc:fd:
                    5b:aa:28:26:c5:93:23:62:c4:07:46:88:4e:98:79:
                    de:c5:9c:fb:43:21:aa:cd:c2:4d:59:8f:e8:70:0d:
                    fb:de:f4:30:a1:ca:83:3b:42:4e:6d:37:a9:51:15:
                    6f:c6:3c:ac:75:a0:9d:85:34:25:32:82:b8:c7:42:
                    eb:18:06:a8:e1:f9:c3:63:67:d7:9e:dc:12:26:33:
                    1d:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:F3:29:97:5A:8D:A2:93:52:EC:E4:AD:98:E1:20:A3:C1:FF:2B:3A
            X509v3 Authority Key Identifier:
                keyid:EB:B6:2B:73:19:06:10:84:11:CB:55:55:D8:1B:DC:3A:3F:DC:6D:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/67YrcxkGEIQRy1VV2BvcOj_cbbg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/332f0a-57d1-40d0-a86b-77213f991db9/1/67YrcxkGEIQRy1VV2BvcOj_cbbg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/332f0a-57d1-40d0-a86b-77213f991db9/1/67YrcxkGEIQRy1VV2BvcOj_cbbg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:1c:7a:7c:8e:c8:9b:e2:9c:ac:65:20:90:09:a4:6b:41:d9:
         31:de:51:2a:16:d4:ed:7d:dc:dd:7b:89:9e:01:19:51:0a:75:
         1a:9b:4b:a9:c8:e0:0a:18:3b:11:bd:35:2f:dd:f4:1d:44:bb:
         99:91:43:0f:0d:f2:35:86:53:7d:2c:ad:98:4a:52:1d:96:c9:
         5a:0c:ec:9c:b7:f6:94:8b:d7:e6:32:42:6d:84:02:3c:a9:7a:
         13:97:c1:e3:55:c7:ef:c4:4e:54:09:1f:5d:28:13:58:bd:01:
         f8:94:20:c2:db:aa:d1:c7:65:34:82:bd:b6:14:2f:cc:99:0f:
         78:70:2f:32:a9:5f:d2:f7:12:3f:83:f0:bc:0c:9e:e6:d8:6c:
         54:e5:55:9b:f6:86:0c:79:b8:4b:7a:c3:db:78:d8:b8:e9:27:
         49:aa:1e:81:cd:2c:99:1f:b9:84:31:1d:f7:1a:01:76:67:fb:
         96:9f:16:1c:34:ee:62:ba:16:6c:c5:71:e1:d9:aa:cf:5a:27:
         57:d9:af:71:1f:f2:e0:3c:01:77:1b:60:3b:e9:c9:1d:6e:82:
         2b:03:18:87:9a:62:58:17:b8:97:25:f0:0b:b7:53:29:cd:09:
         bf:84:b9:39:a9:f4:40:b1:0d:a5:a0:51:66:67:ce:9e:a4:30:
         04:c7:48:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk/AVtot9skpwWrX0izvDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViYjYyYjczMTkwNjEwODQxMWNiNTU1NWQ4MWJkYzNhM2Zk
YzZkYjgwHhcNMjUxMTExMTEwMTI5WhcNMjUxMTEyMTEwMTI5WjAzMTEwLwYDVQQD
EyhkM2YzMjk5NzVhOGRhMjkzNTJlY2U0YWQ5OGUxMjBhM2MxZmYyYjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAson1it4zgNB5IFeW7/bx8orCosM7
Plfob9fqVasNyA+outxAgTqCgKxbMW6bUbtrcfRJrQLzp/X4/VDNdoFzWDWZjzKN
jR8y4v5Kd4yn3XCGILr5kpJFaQLbvzhFWz7t7PnWfMu/2OeIPDhzGXmmUfprzXKf
pT33Ek3gJZL9BNF29OB8nzl6InStTsJM0dElG9ZxT9lTj8xlSNpsWXXFplp2Jm9E
WFmb8RtnGFvIcv/1vP1bqigmxZMjYsQHRohOmHnexZz7QyGqzcJNWY/ocA373vQw
ocqDO0JObTepURVvxjysdaCdhTQlMoK4x0LrGAao4fnDY2fXntwSJjMdbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNPzKZdajaKTUuzkrZjhIKPB/ys6MB8GA1UdIwQY
MBaAFOu2K3MZBhCEEctVVdgb3Do/3G24MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjdZcmN4a0dFSVFSeTFWVjJCdmNPal9jYmJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS8zMzJmMGEtNTdkMS00MGQwLWE4NmIt
NzcyMTNmOTkxZGI5LzEvNjdZcmN4a0dFSVFSeTFWVjJCdmNPal9jYmJnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS8zMzJmMGEtNTdkMS00MGQwLWE4NmItNzcyMTNmOTkxZGI5
LzEvNjdZcmN4a0dFSVFSeTFWVjJCdmNPal9jYmJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlBx6fI7I
m+KcrGUgkAmka0HZMd5RKhbU7X3c3XuJngEZUQp1GptLqcjgChg7Eb01L930HUS7
mZFDDw3yNYZTfSytmEpSHZbJWgzsnLf2lIvX5jJCbYQCPKl6E5fB41XH78ROVAkf
XSgTWL0B+JQgwtuq0cdlNIK9thQvzJkPeHAvMqlf0vcSP4PwvAye5thsVOVVm/aG
DHm4S3rD23jYuOknSaoegc0smR+5hDEd9xoBdmf7lp8WHDTuYroWbMVx4dmqz1on
V9mvcR/y4DwBdxtgO+nJHW6CKwMYh5piWBe4lyXwC7dTKc0Jv4S5Oan0QLENpaBR
ZmfOnqQwBMdINA==
-----END CERTIFICATE-----