Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft
File:                     9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft (raw, json)
Hash identifier:          ofapWVIxwxNpyxp0X8IMrD2xtOV8rpGYcHPJKQsPMNk=
Subject key identifier:   DC:35:59:72:6F:69:85:CB:11:0F:AE:0E:E6:00:42:C9:3F:9C:61:49
Authority key identifier: F6:56:FA:18:B1:19:C3:A4:9C:BB:CC:56:A6:04:57:43:9A:44:92:CE
Certificate issuer:       /CN=f656fa18b119c3a49cbbcc56a60457439a4492ce
Certificate serial:       019A7225E2B9AC2571F5A510CC69B914AA82
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9lb6GLEZw6Scu8xWpgRXQ5pEks4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft
Manifest number:          16AB
Signing time:             Tue 11 Nov 2025 09:01:16 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:16 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:16 +0000
Files and hashes:         1: 9lb6GLEZw6Scu8xWpgRXQ5pEks4.crl (hash: sI3zYVfEKG1FbT72acv1z8GdwWNnIBOoZ64fU3NwB6I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9lb6GLEZw6Scu8xWpgRXQ5pEks4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:e2:b9:ac:25:71:f5:a5:10:cc:69:b9:14:aa:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f656fa18b119c3a49cbbcc56a60457439a4492ce
        Validity
            Not Before: Nov 11 09:01:16 2025 GMT
            Not After : Nov 12 09:01:16 2025 GMT
        Subject: CN=dc3559726f6985cb110fae0ee60042c93f9c6149
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:ab:a1:7e:a4:2d:1d:43:a4:d8:aa:1d:a1:be:
                    2c:5f:58:08:45:86:0c:ac:83:66:66:ac:e8:8c:71:
                    b8:ad:14:c7:3a:33:fb:e0:32:a2:b6:b5:80:7c:85:
                    76:c8:3d:91:89:32:69:4c:88:03:d7:d4:42:45:af:
                    43:fa:12:f9:0d:c7:7f:2a:2b:97:64:5f:0f:5f:27:
                    0f:e5:38:cd:f1:74:6b:4a:96:a9:19:7d:3c:ba:b1:
                    f2:db:c3:3c:ef:2b:93:03:48:da:48:93:66:92:be:
                    ab:de:03:26:4f:0d:59:21:72:b1:cc:60:fd:bb:b3:
                    57:70:ac:77:87:f1:88:95:3f:5d:c7:5d:fb:75:dd:
                    32:47:2a:83:ce:d8:9e:5a:c8:5c:ea:3e:48:ea:b7:
                    60:03:20:af:a0:8e:91:54:ea:a1:a3:b7:63:11:41:
                    b3:b6:dc:ae:ab:3a:f3:6e:2f:6b:5e:d9:d1:2b:6c:
                    9e:66:4c:15:9f:90:0b:f1:83:b2:2f:1b:27:59:15:
                    25:ad:a3:ed:56:04:3f:06:26:3c:3f:bb:26:fa:5a:
                    e0:2a:95:b0:f1:de:64:2f:c2:48:13:45:cb:f7:4a:
                    be:3f:59:75:94:a8:84:a6:9a:5c:54:ca:e5:7b:af:
                    5d:b7:d9:3f:c8:ea:45:a9:f1:67:e2:dd:98:9a:3e:
                    5a:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:35:59:72:6F:69:85:CB:11:0F:AE:0E:E6:00:42:C9:3F:9C:61:49
            X509v3 Authority Key Identifier:
                keyid:F6:56:FA:18:B1:19:C3:A4:9C:BB:CC:56:A6:04:57:43:9A:44:92:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9lb6GLEZw6Scu8xWpgRXQ5pEks4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:28:7c:50:32:bc:6d:77:58:50:7c:12:58:a1:02:cd:a4:f2:
         8b:e8:63:0e:31:02:58:2d:52:99:cd:e8:85:28:c6:63:4f:0e:
         a1:62:ef:af:c2:73:33:f1:03:b0:7b:ef:00:9e:7e:33:ad:7c:
         72:53:f8:1b:08:44:b0:4b:d1:d8:51:39:44:69:72:2d:1d:15:
         43:72:c6:c1:08:06:fc:1c:0a:d8:6a:7c:a7:0c:02:34:4c:37:
         52:52:db:79:25:52:aa:38:64:ab:9a:19:d3:ce:65:1c:f9:0b:
         68:d6:5e:52:d7:fb:53:d6:da:b6:3a:01:6c:3c:e7:ba:84:a2:
         d0:c2:34:5e:4d:41:13:23:05:b1:e9:4a:0b:fc:1e:1d:cb:c6:
         03:39:4c:0d:7e:b7:75:89:4f:f5:18:3f:bf:0c:1b:94:21:14:
         35:1a:e6:d7:dc:be:f8:5e:ec:41:38:01:ee:2b:25:e0:ee:89:
         a8:52:9e:94:97:1f:60:71:96:68:4d:6f:9d:ec:c4:e8:44:9d:
         f6:34:a6:00:11:a4:64:6c:54:71:c1:ff:7e:99:91:2f:0d:6a:
         e7:83:47:3f:64:94:c9:9b:ac:04:74:b5:cf:75:87:4b:e0:99:
         9f:c5:99:a9:75:1d:b8:7d:b2:28:bc:4e:70:9d:c2:09:e8:d2:
         29:c3:1e:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJeK5rCVx9aUQzGm5FKqCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2NTZmYTE4YjExOWMzYTQ5Y2JiY2M1NmE2MDQ1NzQzOWE0
NDkyY2UwHhcNMjUxMTExMDkwMTE2WhcNMjUxMTEyMDkwMTE2WjAzMTEwLwYDVQQD
EyhkYzM1NTk3MjZmNjk4NWNiMTEwZmFlMGVlNjAwNDJjOTNmOWM2MTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKuhfqQtHUOk2Kodob4sX1gIRYYM
rINmZqzojHG4rRTHOjP74DKitrWAfIV2yD2RiTJpTIgD19RCRa9D+hL5Dcd/KiuX
ZF8PXycP5TjN8XRrSpapGX08urHy28M87yuTA0jaSJNmkr6r3gMmTw1ZIXKxzGD9
u7NXcKx3h/GIlT9dx137dd0yRyqDztieWshc6j5I6rdgAyCvoI6RVOqho7djEUGz
ttyuqzrzbi9rXtnRK2yeZkwVn5AL8YOyLxsnWRUlraPtVgQ/BiY8P7sm+lrgKpWw
8d5kL8JIE0XL90q+P1l1lKiEpppcVMrle69dt9k/yOpFqfFn4t2Ymj5a7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNw1WXJvaYXLEQ+uDuYAQsk/nGFJMB8GA1UdIwQY
MBaAFPZW+hixGcOknLvMVqYEV0OaRJLOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWxiNkdMRVp3NlNjdTh4V3BnUlhRNXBFa3M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9mMmQzYTItYjE0YS00MTFhLTg2Mjkt
YzkyMGYxNjQ2YzljLzEvOWxiNkdMRVp3NlNjdTh4V3BnUlhRNXBFa3M0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9mMmQzYTItYjE0YS00MTFhLTg2MjktYzkyMGYxNjQ2Yzlj
LzEvOWxiNkdMRVp3NlNjdTh4V3BnUlhRNXBFa3M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADyh8UDK8
bXdYUHwSWKECzaTyi+hjDjECWC1Smc3ohSjGY08OoWLvr8JzM/EDsHvvAJ5+M618
clP4GwhEsEvR2FE5RGlyLR0VQ3LGwQgG/BwK2Gp8pwwCNEw3UlLbeSVSqjhkq5oZ
085lHPkLaNZeUtf7U9batjoBbDznuoSi0MI0Xk1BEyMFselKC/weHcvGAzlMDX63
dYlP9Rg/vwwblCEUNRrm19y++F7sQTgB7isl4O6JqFKelJcfYHGWaE1vnezE6ESd
9jSmABGkZGxUccH/fpmRLw1q54NHP2SUyZusBHS1z3WHS+CZn8WZqXUduH2yKLxO
cJ3CCejSKcMePw==
-----END CERTIFICATE-----