Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/6efd9c-64c3-42b6-92fd-ab7881b0df2b/1/INaBg9YBj1BMXm-uIo4bNQxvD-8.mft
File:                     INaBg9YBj1BMXm-uIo4bNQxvD-8.mft (raw, json)
Hash identifier:          dTc7+0Mc1fZTjEBi/pEOlkAeH2gfGCXZacXqcGqcecY=
Subject key identifier:   C8:0F:5E:46:89:1B:FA:8C:EF:8E:B3:6E:84:D0:19:DC:59:52:EE:8A
Authority key identifier: 20:D6:81:83:D6:01:8F:50:4C:5E:6F:AE:22:8E:1B:35:0C:6F:0F:EF
Certificate issuer:       /CN=20d68183d6018f504c5e6fae228e1b350c6f0fef
Certificate serial:       019A70DC6A5700D2A27293C5840CC1E7A550
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/INaBg9YBj1BMXm-uIo4bNQxvD-8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/6efd9c-64c3-42b6-92fd-ab7881b0df2b/1/INaBg9YBj1BMXm-uIo4bNQxvD-8.mft
Manifest number:          0512
Signing time:             Tue 11 Nov 2025 03:01:24 +0000
Manifest this update:     Tue 11 Nov 2025 03:01:24 +0000
Manifest next update:     Wed 12 Nov 2025 03:01:24 +0000
Files and hashes:         1: INaBg9YBj1BMXm-uIo4bNQxvD-8.crl (hash: ndcs5lylLYKvEqMtBeKJD5ClHxwIKsefYbWEx901XVY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e0/6efd9c-64c3-42b6-92fd-ab7881b0df2b/1/INaBg9YBj1BMXm-uIo4bNQxvD-8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e0/6efd9c-64c3-42b6-92fd-ab7881b0df2b/1/INaBg9YBj1BMXm-uIo4bNQxvD-8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/INaBg9YBj1BMXm-uIo4bNQxvD-8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 03:01:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:dc:6a:57:00:d2:a2:72:93:c5:84:0c:c1:e7:a5:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20d68183d6018f504c5e6fae228e1b350c6f0fef
        Validity
            Not Before: Nov 11 03:01:24 2025 GMT
            Not After : Nov 12 03:01:24 2025 GMT
        Subject: CN=c80f5e46891bfa8cef8eb36e84d019dc5952ee8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:2e:f9:f5:80:70:91:59:3f:7b:32:7a:b9:8a:
                    aa:07:1b:c5:e9:b6:3e:e8:ba:63:e8:c5:34:5e:a4:
                    6f:a6:27:08:d2:7c:71:ed:11:27:a6:e8:3d:12:fc:
                    bf:72:d4:45:72:22:41:2f:d1:73:1f:0c:4b:3b:e8:
                    c9:78:d5:5e:b5:97:80:4e:00:83:54:53:0b:ad:65:
                    2e:f7:07:6a:0a:7d:18:6f:5e:92:8f:56:b3:27:da:
                    93:26:f3:44:06:6b:1e:26:ce:55:50:7a:be:1f:d9:
                    6d:e5:71:ed:6a:24:de:68:84:41:05:5c:44:bf:bc:
                    b8:d7:3c:e2:9f:79:7a:44:e6:cf:cf:7c:ed:a4:75:
                    a3:28:05:67:98:7f:a4:20:87:dc:56:f4:17:a3:08:
                    2e:58:7f:f6:8d:22:5f:9f:ba:71:9d:f0:6e:cb:09:
                    e3:4c:85:89:99:a5:4f:8f:ec:e8:a7:f2:ee:b5:55:
                    c7:19:e2:64:e2:3f:d4:e1:9d:e0:cb:ae:f5:58:be:
                    a6:8c:3a:cd:40:11:93:2e:ce:82:51:f6:1c:4e:97:
                    41:03:d6:38:e7:d6:8f:78:75:1f:19:d3:6a:79:5c:
                    f3:b4:59:bd:b2:9a:3d:fc:89:c4:c0:85:d2:d0:12:
                    90:54:d2:fb:c3:0e:ae:34:79:ce:5a:f9:a9:38:4c:
                    f1:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:0F:5E:46:89:1B:FA:8C:EF:8E:B3:6E:84:D0:19:DC:59:52:EE:8A
            X509v3 Authority Key Identifier:
                keyid:20:D6:81:83:D6:01:8F:50:4C:5E:6F:AE:22:8E:1B:35:0C:6F:0F:EF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/INaBg9YBj1BMXm-uIo4bNQxvD-8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/6efd9c-64c3-42b6-92fd-ab7881b0df2b/1/INaBg9YBj1BMXm-uIo4bNQxvD-8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/6efd9c-64c3-42b6-92fd-ab7881b0df2b/1/INaBg9YBj1BMXm-uIo4bNQxvD-8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:41:a1:a7:79:ad:9a:ad:3d:e2:c3:0c:6c:4e:32:85:9d:51:
         39:fa:f7:ca:bf:7b:d1:99:f4:80:9f:03:d5:9b:fd:76:6f:09:
         ae:90:dd:65:6d:2c:ed:49:68:82:38:8f:ee:ea:c8:6b:83:ee:
         17:75:bf:6f:7e:7f:72:52:65:57:ea:dd:cd:ac:2d:50:0c:18:
         f1:4f:36:c4:96:15:f4:bd:39:9f:23:4a:f4:22:59:55:6a:90:
         68:9e:28:06:d5:62:4f:00:9f:94:01:49:81:be:ac:72:d0:0d:
         08:0c:d9:81:56:db:46:e2:21:e8:57:77:28:b8:e3:66:39:68:
         e6:80:8f:d2:15:f7:92:3d:3e:c0:8d:46:46:9c:6e:b0:68:d4:
         17:20:5b:89:ad:44:58:ac:38:cd:76:a8:ae:0e:08:87:db:19:
         e3:54:0f:89:74:26:66:04:03:fd:47:ae:ac:bd:b8:a0:4b:e3:
         8c:e3:ba:16:b3:3f:9b:49:6c:55:c4:78:b1:c1:cf:ff:a0:2f:
         18:49:d9:4b:00:d4:1e:00:1f:87:c2:89:05:fa:5e:7d:9a:0f:
         fe:cb:76:2e:89:27:0a:f0:c0:ca:cb:5e:4b:0f:dd:44:60:68:
         84:90:59:64:b9:4e:10:2e:d1:52:03:21:91:2b:0c:1d:03:af:
         a9:1f:91:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3GpXANKicpPFhAzB56VQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZDY4MTgzZDYwMThmNTA0YzVlNmZhZTIyOGUxYjM1MGM2
ZjBmZWYwHhcNMjUxMTExMDMwMTI0WhcNMjUxMTEyMDMwMTI0WjAzMTEwLwYDVQQD
EyhjODBmNWU0Njg5MWJmYThjZWY4ZWIzNmU4NGQwMTlkYzU5NTJlZThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhy759YBwkVk/ezJ6uYqqBxvF6bY+
6Lpj6MU0XqRvpicI0nxx7REnpug9Evy/ctRFciJBL9FzHwxLO+jJeNVetZeATgCD
VFMLrWUu9wdqCn0Yb16Sj1azJ9qTJvNEBmseJs5VUHq+H9lt5XHtaiTeaIRBBVxE
v7y41zzin3l6RObPz3ztpHWjKAVnmH+kIIfcVvQXowguWH/2jSJfn7pxnfBuywnj
TIWJmaVPj+zop/LutVXHGeJk4j/U4Z3gy671WL6mjDrNQBGTLs6CUfYcTpdBA9Y4
59aPeHUfGdNqeVzztFm9spo9/InEwIXS0BKQVNL7ww6uNHnOWvmpOEzxLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMgPXkaJG/qM746zboTQGdxZUu6KMB8GA1UdIwQY
MBaAFCDWgYPWAY9QTF5vriKOGzUMbw/vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU5hQmc5WUJqMUJNWG0tdUlvNGJOUXh2RC04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC82ZWZkOWMtNjRjMy00MmI2LTkyZmQt
YWI3ODgxYjBkZjJiLzEvSU5hQmc5WUJqMUJNWG0tdUlvNGJOUXh2RC04Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC82ZWZkOWMtNjRjMy00MmI2LTkyZmQtYWI3ODgxYjBkZjJi
LzEvSU5hQmc5WUJqMUJNWG0tdUlvNGJOUXh2RC04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe0Ghp3mt
mq094sMMbE4yhZ1ROfr3yr970Zn0gJ8D1Zv9dm8JrpDdZW0s7UlogjiP7urIa4Pu
F3W/b35/clJlV+rdzawtUAwY8U82xJYV9L05nyNK9CJZVWqQaJ4oBtViTwCflAFJ
gb6sctANCAzZgVbbRuIh6Fd3KLjjZjlo5oCP0hX3kj0+wI1GRpxusGjUFyBbia1E
WKw4zXaorg4Ih9sZ41QPiXQmZgQD/UeurL24oEvjjOO6FrM/m0lsVcR4scHP/6Av
GEnZSwDUHgAfh8KJBfpefZoP/st2LoknCvDAysteSw/dRGBohJBZZLlOEC7RUgMh
kSsMHQOvqR+RsQ==
-----END CERTIFICATE-----