Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft
File:                     itMkK15lo9DZHGsZ60CRlZskMUg.mft (raw, json)
Hash identifier:          TIq0iC0MfDJ9nRQoo54bOwjBVVYcwy3jsV2+wEGuRgA=
Subject key identifier:   6F:2D:5C:8D:49:F1:30:7B:B6:A5:18:5E:0B:FA:BC:E6:89:FA:BC:8D
Authority key identifier: 8A:D3:24:2B:5E:65:A3:D0:D9:1C:6B:19:EB:40:91:95:9B:24:31:48
Certificate issuer:       /CN=8ad3242b5e65a3d0d91c6b19eb4091959b243148
Certificate serial:       019A71B82EA8F4E4BC92A8F3619A385AF565
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/itMkK15lo9DZHGsZ60CRlZskMUg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft
Manifest number:          042B
Signing time:             Tue 11 Nov 2025 07:01:27 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:27 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:27 +0000
Files and hashes:         1: itMkK15lo9DZHGsZ60CRlZskMUg.crl (hash: Q9csenfsnxBWIaFKtCJaXuE7lxlwo3RFr7jEP8XPmmw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/itMkK15lo9DZHGsZ60CRlZskMUg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:2e:a8:f4:e4:bc:92:a8:f3:61:9a:38:5a:f5:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ad3242b5e65a3d0d91c6b19eb4091959b243148
        Validity
            Not Before: Nov 11 07:01:27 2025 GMT
            Not After : Nov 12 07:01:27 2025 GMT
        Subject: CN=6f2d5c8d49f1307bb6a5185e0bfabce689fabc8d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:73:66:95:7d:59:2d:7e:cd:f0:90:fe:91:aa:
                    6e:3c:9e:93:b6:3a:dc:cb:f9:b9:af:31:8a:4b:0c:
                    88:84:2e:d4:57:dd:50:f5:f5:34:de:b8:93:47:b9:
                    c6:0a:49:29:2b:84:69:ad:00:be:aa:75:df:5f:c8:
                    2e:0d:ba:99:97:de:49:1b:c7:05:85:ee:30:0c:46:
                    da:21:b3:88:65:e8:eb:2a:2d:18:85:8e:cb:11:ec:
                    f8:d0:b5:5d:fa:4a:c3:5e:3b:3a:38:b5:5d:13:b2:
                    c9:7a:74:b2:3d:13:cd:e8:92:ff:68:01:f8:b9:24:
                    fa:c0:42:e3:e0:01:77:95:8c:3f:03:fa:e8:68:fb:
                    28:27:cf:ab:ec:1e:a8:6a:e7:7c:fa:6b:d7:15:49:
                    83:11:38:39:d0:b8:0a:12:a6:41:3f:14:f6:91:9f:
                    1e:e1:08:ba:2c:6b:79:5d:18:b1:94:3f:04:80:b2:
                    66:dc:fd:5e:60:94:60:23:37:29:51:9b:1f:0b:99:
                    dc:3c:f0:81:ee:64:1e:54:ee:fe:3d:23:a0:12:c7:
                    7b:ae:1b:ad:9e:43:f5:22:17:c5:bd:40:75:b4:db:
                    a4:a0:ff:2e:fc:60:a5:32:37:43:ec:d3:02:bb:dc:
                    96:72:af:63:5a:2f:38:c7:08:d9:b8:d7:6e:25:65:
                    69:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:2D:5C:8D:49:F1:30:7B:B6:A5:18:5E:0B:FA:BC:E6:89:FA:BC:8D
            X509v3 Authority Key Identifier:
                keyid:8A:D3:24:2B:5E:65:A3:D0:D9:1C:6B:19:EB:40:91:95:9B:24:31:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itMkK15lo9DZHGsZ60CRlZskMUg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:49:a7:0a:af:c7:99:cd:28:ad:89:f3:be:a0:f6:4a:7c:3b:
         3d:ba:24:aa:8b:d8:f7:9c:d2:14:91:58:ca:fc:a8:e6:7a:63:
         0c:53:84:53:90:f5:d7:88:64:a3:1d:e8:fc:85:f1:18:9f:4b:
         e4:78:d9:40:0b:7f:a7:68:70:d1:fd:00:92:5e:df:2b:8c:c2:
         08:92:3b:8b:43:d5:bc:15:84:fc:74:a3:74:5d:99:17:08:6c:
         9f:37:e7:f3:e6:08:ff:ad:ac:27:80:35:25:c9:a3:a4:f7:97:
         c1:1c:a9:17:da:3c:d9:cf:33:50:dd:53:06:8e:0b:f4:ad:15:
         55:ad:a5:46:dc:e4:87:a3:ea:fa:e3:2e:22:da:a4:db:19:16:
         25:3a:f1:e1:13:a3:4d:06:b5:fb:fc:26:65:ec:e9:81:7a:4a:
         e0:f7:f2:f2:6c:c9:df:f8:cf:d7:f0:05:d5:e2:94:f2:04:9c:
         18:49:6f:dd:e4:68:78:ef:ef:aa:4a:d4:08:5e:22:e1:60:3b:
         8a:9a:a0:a3:54:47:55:8f:a6:6c:9b:38:07:f4:a7:70:40:34:
         85:f9:7b:0d:68:28:c8:6b:7c:09:04:b7:d4:bf:04:96:77:f4:
         7c:6f:35:d6:83:cc:63:d8:5c:e2:14:fc:14:e5:ff:7e:0c:8d:
         a0:76:09:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuC6o9OS8kqjzYZo4WvVlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDMyNDJiNWU2NWEzZDBkOTFjNmIxOWViNDA5MTk1OWIy
NDMxNDgwHhcNMjUxMTExMDcwMTI3WhcNMjUxMTEyMDcwMTI3WjAzMTEwLwYDVQQD
Eyg2ZjJkNWM4ZDQ5ZjEzMDdiYjZhNTE4NWUwYmZhYmNlNjg5ZmFiYzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXNmlX1ZLX7N8JD+kapuPJ6Ttjrc
y/m5rzGKSwyIhC7UV91Q9fU03riTR7nGCkkpK4RprQC+qnXfX8guDbqZl95JG8cF
he4wDEbaIbOIZejrKi0YhY7LEez40LVd+krDXjs6OLVdE7LJenSyPRPN6JL/aAH4
uST6wELj4AF3lYw/A/roaPsoJ8+r7B6oaud8+mvXFUmDETg50LgKEqZBPxT2kZ8e
4Qi6LGt5XRixlD8EgLJm3P1eYJRgIzcpUZsfC5ncPPCB7mQeVO7+PSOgEsd7rhut
nkP1IhfFvUB1tNukoP8u/GClMjdD7NMCu9yWcq9jWi84xwjZuNduJWVp4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG8tXI1J8TB7tqUYXgv6vOaJ+ryNMB8GA1UdIwQY
MBaAFIrTJCteZaPQ2RxrGetAkZWbJDFIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRNa0sxNWxvOURaSEdzWjYwQ1JsWnNrTVVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9kN2RlMTAtNWRjMC00ZDg5LTlhNjgt
ZjcwNGIxZjUzYWNlLzEvaXRNa0sxNWxvOURaSEdzWjYwQ1JsWnNrTVVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9kN2RlMTAtNWRjMC00ZDg5LTlhNjgtZjcwNGIxZjUzYWNl
LzEvaXRNa0sxNWxvOURaSEdzWjYwQ1JsWnNrTVVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZEmnCq/H
mc0orYnzvqD2Snw7PbokqovY95zSFJFYyvyo5npjDFOEU5D114hkox3o/IXxGJ9L
5HjZQAt/p2hw0f0Akl7fK4zCCJI7i0PVvBWE/HSjdF2ZFwhsnzfn8+YI/62sJ4A1
JcmjpPeXwRypF9o82c8zUN1TBo4L9K0VVa2lRtzkh6Pq+uMuItqk2xkWJTrx4ROj
TQa1+/wmZezpgXpK4Pfy8mzJ3/jP1/AF1eKU8gScGElv3eRoeO/vqkrUCF4i4WA7
ipqgo1RHVY+mbJs4B/SncEA0hfl7DWgoyGt8CQS31L8Elnf0fG811oPMY9hc4hT8
FOX/fgyNoHYJDg==
-----END CERTIFICATE-----