Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/7f52d8-c2ca-4a7f-bd63-fba565238129/1/biYdnc3dmGfliSrRpNII32lTEXc.mft
File:                     biYdnc3dmGfliSrRpNII32lTEXc.mft (raw, json)
Hash identifier:          J6gVuORSuqb1iL8rlK1HUcvbds5/H+8RcU6ToTlR9XI=
Subject key identifier:   D3:B7:FE:58:EE:3B:6F:F2:02:69:4F:A4:CA:F9:81:35:EF:56:09:26
Authority key identifier: 6E:26:1D:9D:CD:DD:98:67:E5:89:2A:D1:A4:D2:08:DF:69:53:11:77
Certificate issuer:       /CN=6e261d9dcddd9867e5892ad1a4d208df69531177
Certificate serial:       019A71B78553AEBBE9AA0AD7BCA9D2FC9DF6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/biYdnc3dmGfliSrRpNII32lTEXc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/7f52d8-c2ca-4a7f-bd63-fba565238129/1/biYdnc3dmGfliSrRpNII32lTEXc.mft
Manifest number:          0F7B
Signing time:             Tue 11 Nov 2025 07:00:43 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:43 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:43 +0000
Files and hashes:         1: biYdnc3dmGfliSrRpNII32lTEXc.crl (hash: Efhajxck9nS45m/7C1JdWyMBkiO9pOOD5nIhdNRQe7Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/7f52d8-c2ca-4a7f-bd63-fba565238129/1/biYdnc3dmGfliSrRpNII32lTEXc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/7f52d8-c2ca-4a7f-bd63-fba565238129/1/biYdnc3dmGfliSrRpNII32lTEXc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/biYdnc3dmGfliSrRpNII32lTEXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:85:53:ae:bb:e9:aa:0a:d7:bc:a9:d2:fc:9d:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e261d9dcddd9867e5892ad1a4d208df69531177
        Validity
            Not Before: Nov 11 07:00:43 2025 GMT
            Not After : Nov 12 07:00:43 2025 GMT
        Subject: CN=d3b7fe58ee3b6ff202694fa4caf98135ef560926
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:f5:d1:b7:04:f4:8f:b9:a2:14:e3:c8:2f:4d:
                    f1:12:82:73:3a:42:33:e3:3d:04:fb:1f:93:a0:7e:
                    75:bc:23:81:57:f6:39:16:fa:99:62:45:f4:fc:83:
                    31:73:f9:d5:75:05:73:db:75:71:39:4f:fb:86:e3:
                    9d:53:27:5c:92:4a:81:80:7a:11:b1:f4:e2:00:b7:
                    71:9f:b3:c3:ae:2a:37:2b:53:12:25:3d:79:4a:3c:
                    02:73:3a:98:44:f5:4b:77:55:06:bc:b3:be:67:f9:
                    8a:11:c0:5f:d0:24:56:9a:31:68:4e:3d:2f:06:34:
                    9b:cb:eb:92:18:12:f0:2f:3c:34:c2:5f:c7:2f:38:
                    d5:f1:99:87:64:91:64:c6:d3:1e:83:d2:99:9f:ea:
                    dd:8d:ae:1d:d4:99:ef:2c:3a:0a:43:28:2e:af:1c:
                    fe:16:8e:8e:d1:72:a5:88:e0:fa:33:0c:98:af:41:
                    3f:d7:66:77:37:5e:e2:a3:94:07:ac:a2:9d:8c:be:
                    09:b2:f6:b3:0a:ea:4b:97:29:ad:b6:9e:3a:eb:d1:
                    93:7f:eb:b0:b8:77:9e:21:82:27:5e:79:ef:f8:94:
                    b6:4f:41:f7:68:8e:69:8f:fb:01:2a:23:d0:a7:8c:
                    5a:bd:21:cc:8d:51:2a:2f:49:00:16:04:e1:18:35:
                    19:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:B7:FE:58:EE:3B:6F:F2:02:69:4F:A4:CA:F9:81:35:EF:56:09:26
            X509v3 Authority Key Identifier:
                keyid:6E:26:1D:9D:CD:DD:98:67:E5:89:2A:D1:A4:D2:08:DF:69:53:11:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/biYdnc3dmGfliSrRpNII32lTEXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/7f52d8-c2ca-4a7f-bd63-fba565238129/1/biYdnc3dmGfliSrRpNII32lTEXc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/7f52d8-c2ca-4a7f-bd63-fba565238129/1/biYdnc3dmGfliSrRpNII32lTEXc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:97:48:fe:6d:b5:bf:ca:00:c2:3d:bb:94:64:cf:95:61:5c:
         25:e8:6d:2c:11:bf:cc:a5:d7:e2:97:36:7d:76:8b:25:75:e8:
         a8:2d:cd:73:6f:c2:40:71:dd:b2:a6:f8:95:68:d3:d2:50:f0:
         c5:93:ed:5c:b9:8e:94:16:fe:2f:c7:79:68:3c:82:e9:ff:06:
         83:5c:7d:85:59:f2:e0:38:17:96:d7:5f:22:38:21:fd:94:8e:
         68:4d:42:87:33:d7:17:dc:84:ec:06:2c:29:25:62:56:69:fa:
         e3:b0:77:89:80:c9:72:3b:45:79:85:02:90:fb:e5:48:31:5a:
         b2:98:58:5b:a5:38:20:f2:ef:3d:5a:a5:c0:fe:02:91:bc:ae:
         84:4c:a1:88:ba:e3:6c:d3:4d:e8:eb:cd:5f:69:ac:49:36:f6:
         93:f3:ae:50:53:2e:76:8d:cf:24:3b:79:ed:ea:1e:f1:7d:63:
         28:ae:ff:e0:8b:af:c3:04:c7:10:2d:c8:ef:00:98:48:47:63:
         19:15:3c:a1:28:8e:9b:e0:a7:47:63:ed:b2:61:0a:e0:52:00:
         83:e3:d3:8f:cf:6c:f1:85:3f:39:14:75:4c:81:29:bb:25:8a:
         cd:59:80:bc:18:66:86:f9:8c:1e:20:a9:a6:8f:e3:73:08:dc:
         0b:ae:eb:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt4VTrrvpqgrXvKnS/J32MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlMjYxZDlkY2RkZDk4NjdlNTg5MmFkMWE0ZDIwOGRmNjk1
MzExNzcwHhcNMjUxMTExMDcwMDQzWhcNMjUxMTEyMDcwMDQzWjAzMTEwLwYDVQQD
EyhkM2I3ZmU1OGVlM2I2ZmYyMDI2OTRmYTRjYWY5ODEzNWVmNTYwOTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/XRtwT0j7miFOPIL03xEoJzOkIz
4z0E+x+ToH51vCOBV/Y5FvqZYkX0/IMxc/nVdQVz23VxOU/7huOdUydckkqBgHoR
sfTiALdxn7PDrio3K1MSJT15SjwCczqYRPVLd1UGvLO+Z/mKEcBf0CRWmjFoTj0v
BjSby+uSGBLwLzw0wl/HLzjV8ZmHZJFkxtMeg9KZn+rdja4d1JnvLDoKQygurxz+
Fo6O0XKliOD6MwyYr0E/12Z3N17io5QHrKKdjL4JsvazCupLlymttp4669GTf+uw
uHeeIYInXnnv+JS2T0H3aI5pj/sBKiPQp4xavSHMjVEqL0kAFgThGDUZ/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNO3/ljuO2/yAmlPpMr5gTXvVgkmMB8GA1UdIwQY
MBaAFG4mHZ3N3Zhn5Ykq0aTSCN9pUxF3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmlZZG5jM2RtR2ZsaVNyUnBOSUkzMmxURVhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi83ZjUyZDgtYzJjYS00YTdmLWJkNjMt
ZmJhNTY1MjM4MTI5LzEvYmlZZG5jM2RtR2ZsaVNyUnBOSUkzMmxURVhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi83ZjUyZDgtYzJjYS00YTdmLWJkNjMtZmJhNTY1MjM4MTI5
LzEvYmlZZG5jM2RtR2ZsaVNyUnBOSUkzMmxURVhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP5dI/m21
v8oAwj27lGTPlWFcJehtLBG/zKXX4pc2fXaLJXXoqC3Nc2/CQHHdsqb4lWjT0lDw
xZPtXLmOlBb+L8d5aDyC6f8Gg1x9hVny4DgXltdfIjgh/ZSOaE1ChzPXF9yE7AYs
KSViVmn647B3iYDJcjtFeYUCkPvlSDFasphYW6U4IPLvPVqlwP4CkbyuhEyhiLrj
bNNN6OvNX2msSTb2k/OuUFMudo3PJDt57eoe8X1jKK7/4IuvwwTHEC3I7wCYSEdj
GRU8oSiOm+CnR2PtsmEK4FIAg+PTj89s8YU/ORR1TIEpuyWKzVmAvBhmhvmMHiCp
po/jcwjcC67rIA==
-----END CERTIFICATE-----