Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.mft
File:                     ScKchYIxItOsfH9IBdWyQocNLeI.mft (raw, json)
Hash identifier:          3o71GB0xYndKJ3wBm6dVbrkzQ8RAAJNiLOsS9g3JzUE=
Subject key identifier:   20:C8:BB:EA:AE:1F:5F:A3:3D:B6:4F:11:44:DC:7D:14:38:E3:9C:C4
Authority key identifier: 49:C2:9C:85:82:31:22:D3:AC:7C:7F:48:05:D5:B2:42:87:0D:2D:E2
Certificate issuer:       /CN=49c29c85823122d3ac7c7f4805d5b242870d2de2
Certificate serial:       019A71809C69B493A9E50AAA33155DDA2C85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ScKchYIxItOsfH9IBdWyQocNLeI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.mft
Manifest number:          14B4
Signing time:             Tue 11 Nov 2025 06:00:45 +0000
Manifest this update:     Tue 11 Nov 2025 06:00:45 +0000
Manifest next update:     Wed 12 Nov 2025 06:00:45 +0000
Files and hashes:         1: ScKchYIxItOsfH9IBdWyQocNLeI.crl (hash: y5ZLgqni7AyDDiqGpvzQ5H63gfII/ngGv+t1/RVGy94=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ScKchYIxItOsfH9IBdWyQocNLeI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 06:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:80:9c:69:b4:93:a9:e5:0a:aa:33:15:5d:da:2c:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49c29c85823122d3ac7c7f4805d5b242870d2de2
        Validity
            Not Before: Nov 11 06:00:45 2025 GMT
            Not After : Nov 12 06:00:45 2025 GMT
        Subject: CN=20c8bbeaae1f5fa33db64f1144dc7d1438e39cc4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:7e:bf:04:3a:5f:d7:29:15:87:64:e1:8b:42:
                    f1:a5:c1:a1:db:ff:61:ac:88:97:03:75:4b:6b:63:
                    1e:83:76:91:f5:48:22:ef:84:4d:d5:51:58:d2:32:
                    2e:e1:b3:d6:77:5e:cd:c5:7b:d0:d6:31:9e:e5:2c:
                    22:54:c4:bf:c5:1e:b8:a9:65:49:50:c1:1a:eb:12:
                    74:1a:b6:15:88:ca:92:05:5d:78:3c:2f:d2:48:e0:
                    bb:b1:bb:a4:21:ab:7f:7c:0a:f3:88:ed:20:7f:74:
                    d1:d0:1c:67:8d:ce:fd:df:ea:48:fb:43:5c:34:e7:
                    4b:4f:b3:77:6e:ef:0b:a4:44:37:d4:1c:b2:0d:0d:
                    0d:95:ce:09:9e:de:28:52:c8:80:c9:89:41:af:ec:
                    ec:0e:0a:b6:7f:2e:8a:da:58:1b:06:51:fc:27:67:
                    0f:32:74:cf:fa:d4:47:e4:a8:c1:e9:bd:69:94:35:
                    1d:b5:96:62:75:0a:56:05:28:8b:1d:7e:5e:19:76:
                    a0:99:20:9a:34:f3:10:b8:75:08:1b:06:85:33:50:
                    f6:9d:8f:4a:c7:9b:c7:4b:59:13:08:f5:59:03:20:
                    fd:72:a4:8c:ce:9f:fd:94:3c:da:f4:92:52:96:a6:
                    56:70:ac:8e:37:8d:f7:12:c3:31:bf:d9:78:49:53:
                    bf:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:C8:BB:EA:AE:1F:5F:A3:3D:B6:4F:11:44:DC:7D:14:38:E3:9C:C4
            X509v3 Authority Key Identifier:
                keyid:49:C2:9C:85:82:31:22:D3:AC:7C:7F:48:05:D5:B2:42:87:0D:2D:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ScKchYIxItOsfH9IBdWyQocNLeI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:59:a6:50:b0:ff:ba:30:10:de:e2:64:d3:06:13:33:28:d3:
         09:11:25:ea:84:d3:7b:7e:1a:56:35:35:ab:4b:96:f3:c9:f0:
         e8:35:36:93:c3:88:70:ce:0c:a8:d7:06:ed:b8:64:3f:d1:bc:
         18:f2:3b:42:e0:1a:c9:9f:ed:07:b6:d7:11:ee:f0:95:bc:ac:
         24:d3:53:c5:40:c3:50:b9:aa:ce:4e:a9:af:0f:d2:2c:53:07:
         a1:29:38:cc:1f:fa:b6:e8:48:29:13:2b:38:d5:e3:73:64:89:
         dc:3e:63:20:0e:e8:c8:24:a2:12:e2:22:29:25:bd:d2:3e:9b:
         b1:84:98:93:46:b6:7b:e2:25:ed:91:87:5a:6c:af:4c:a4:5e:
         c6:88:18:38:a2:f0:fa:67:c5:d1:e5:33:fc:6b:21:34:ce:00:
         a1:5d:42:2a:63:c9:72:60:cf:a7:98:50:7d:ea:eb:24:b1:4c:
         f3:73:b9:8e:05:9d:d3:68:54:61:d6:57:ee:78:4e:86:5a:90:
         f0:23:3b:b4:b5:a0:ec:44:3d:ba:53:18:ad:52:0e:44:8f:72:
         f4:49:25:a1:e3:f7:5a:94:70:1b:ce:7c:be:3d:a5:07:22:7a:
         42:71:5c:34:b8:f9:08:46:6c:5d:5e:77:54:97:18:ca:9b:30:
         bc:b0:f7:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxgJxptJOp5QqqMxVd2iyFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5YzI5Yzg1ODIzMTIyZDNhYzdjN2Y0ODA1ZDViMjQyODcw
ZDJkZTIwHhcNMjUxMTExMDYwMDQ1WhcNMjUxMTEyMDYwMDQ1WjAzMTEwLwYDVQQD
EygyMGM4YmJlYWFlMWY1ZmEzM2RiNjRmMTE0NGRjN2QxNDM4ZTM5Y2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiH6/BDpf1ykVh2Thi0LxpcGh2/9h
rIiXA3VLa2Meg3aR9Ugi74RN1VFY0jIu4bPWd17NxXvQ1jGe5SwiVMS/xR64qWVJ
UMEa6xJ0GrYViMqSBV14PC/SSOC7sbukIat/fArziO0gf3TR0Bxnjc793+pI+0Nc
NOdLT7N3bu8LpEQ31ByyDQ0Nlc4Jnt4oUsiAyYlBr+zsDgq2fy6K2lgbBlH8J2cP
MnTP+tRH5KjB6b1plDUdtZZidQpWBSiLHX5eGXagmSCaNPMQuHUIGwaFM1D2nY9K
x5vHS1kTCPVZAyD9cqSMzp/9lDza9JJSlqZWcKyON433EsMxv9l4SVO/2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCDIu+quH1+jPbZPEUTcfRQ445zEMB8GA1UdIwQY
MBaAFEnCnIWCMSLTrHx/SAXVskKHDS3iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2NLY2hZSXhJdE9zZkg5SUJkV3lRb2NOTGVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hNTdhNjMtYTZiNC00MTY1LTllNWUt
OWMyZDA0NGRkNGFmLzEvU2NLY2hZSXhJdE9zZkg5SUJkV3lRb2NOTGVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hNTdhNjMtYTZiNC00MTY1LTllNWUtOWMyZDA0NGRkNGFm
LzEvU2NLY2hZSXhJdE9zZkg5SUJkV3lRb2NOTGVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdFmmULD/
ujAQ3uJk0wYTMyjTCREl6oTTe34aVjU1q0uW88nw6DU2k8OIcM4MqNcG7bhkP9G8
GPI7QuAayZ/tB7bXEe7wlbysJNNTxUDDULmqzk6prw/SLFMHoSk4zB/6tuhIKRMr
ONXjc2SJ3D5jIA7oyCSiEuIiKSW90j6bsYSYk0a2e+Il7ZGHWmyvTKRexogYOKLw
+mfF0eUz/GshNM4AoV1CKmPJcmDPp5hQferrJLFM83O5jgWd02hUYdZX7nhOhlqQ
8CM7tLWg7EQ9ulMYrVIORI9y9EkloeP3WpRwG858vj2lByJ6QnFcNLj5CEZsXV53
VJcYypswvLD3jA==
-----END CERTIFICATE-----