Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/dc09cf-770c-4172-a6ee-b61384ff0ec2/1/tQ7fyW0rYXiGiVMxQpaeZVZlEqo.mft
File:                     tQ7fyW0rYXiGiVMxQpaeZVZlEqo.mft (raw, json)
Hash identifier:          6ltCr78g2gTFDRuQA6GAeA6hAlfXBOAJVH6/e01JAhE=
Subject key identifier:   1B:92:C3:BD:BA:60:AF:92:B6:89:C3:01:C5:3E:FE:CF:F1:8C:D3:62
Authority key identifier: B5:0E:DF:C9:6D:2B:61:78:86:89:53:31:42:96:9E:65:56:65:12:AA
Certificate issuer:       /CN=b50edfc96d2b61788689533142969e65566512aa
Certificate serial:       019A7293906701F5D6C09881E78335E78AB4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tQ7fyW0rYXiGiVMxQpaeZVZlEqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/dc09cf-770c-4172-a6ee-b61384ff0ec2/1/tQ7fyW0rYXiGiVMxQpaeZVZlEqo.mft
Manifest number:          16A0
Signing time:             Tue 11 Nov 2025 11:01:04 +0000
Manifest this update:     Tue 11 Nov 2025 11:01:04 +0000
Manifest next update:     Wed 12 Nov 2025 11:01:04 +0000
Files and hashes:         1: tQ7fyW0rYXiGiVMxQpaeZVZlEqo.crl (hash: JdVGgyqVUo83K34pgyELXYve9EfgCntApbU7u4X8iWY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/dc09cf-770c-4172-a6ee-b61384ff0ec2/1/tQ7fyW0rYXiGiVMxQpaeZVZlEqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/dc09cf-770c-4172-a6ee-b61384ff0ec2/1/tQ7fyW0rYXiGiVMxQpaeZVZlEqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tQ7fyW0rYXiGiVMxQpaeZVZlEqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:90:67:01:f5:d6:c0:98:81:e7:83:35:e7:8a:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b50edfc96d2b61788689533142969e65566512aa
        Validity
            Not Before: Nov 11 11:01:04 2025 GMT
            Not After : Nov 12 11:01:04 2025 GMT
        Subject: CN=1b92c3bdba60af92b689c301c53efecff18cd362
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:77:6b:4a:0c:57:52:73:43:ba:2b:d4:59:c8:
                    1c:62:6c:e7:e3:41:e0:e9:27:d0:b3:ef:e7:36:90:
                    fa:91:4d:11:a8:56:0b:4f:14:5f:08:a9:38:5f:c5:
                    0c:8b:bf:2f:1c:bb:d2:7a:2b:50:65:0d:1c:73:3b:
                    1d:a5:7b:51:3f:f1:9e:99:3e:ec:c3:8f:7e:0a:d7:
                    73:58:96:9b:46:21:f8:2e:e0:7c:1f:fc:6a:f7:36:
                    5e:f6:fa:e5:eb:6a:b2:d3:dc:c8:7d:05:ad:7a:d0:
                    d6:28:c0:7c:3b:9c:5d:ce:ad:1f:45:5d:b8:c0:7b:
                    e2:59:a4:9a:9d:80:50:8c:d6:67:b6:3b:17:cf:e9:
                    80:62:e5:64:ee:0a:69:66:28:3a:6f:54:69:18:fd:
                    84:2c:83:32:9b:34:fa:48:70:32:ff:1a:3c:a1:9b:
                    20:cc:03:49:70:61:f6:96:13:45:a7:e2:bf:d8:7f:
                    66:fe:12:66:95:44:c5:e3:6f:56:16:fc:0f:26:c9:
                    d4:c8:c6:66:e6:91:7e:9f:a9:2c:28:1e:8d:79:8d:
                    e9:eb:2a:9a:13:88:d6:f3:79:c1:ee:0b:0c:8f:b9:
                    fe:cf:44:30:a0:08:bd:47:48:cf:56:c8:5e:b8:5a:
                    02:a4:8f:38:ae:9f:28:47:b1:a4:c1:33:a9:43:38:
                    f4:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:92:C3:BD:BA:60:AF:92:B6:89:C3:01:C5:3E:FE:CF:F1:8C:D3:62
            X509v3 Authority Key Identifier:
                keyid:B5:0E:DF:C9:6D:2B:61:78:86:89:53:31:42:96:9E:65:56:65:12:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tQ7fyW0rYXiGiVMxQpaeZVZlEqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/dc09cf-770c-4172-a6ee-b61384ff0ec2/1/tQ7fyW0rYXiGiVMxQpaeZVZlEqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/dc09cf-770c-4172-a6ee-b61384ff0ec2/1/tQ7fyW0rYXiGiVMxQpaeZVZlEqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:6c:51:63:b4:96:94:12:4a:4e:74:bf:2e:24:4e:f8:a1:fd:
         eb:22:fd:79:b0:98:37:cb:02:49:10:cf:a4:3e:57:a0:c2:8d:
         4c:63:d9:c8:33:c3:89:46:88:f6:1a:56:44:f3:ec:d7:17:66:
         c6:14:95:d1:32:0e:4a:71:c9:69:8d:2d:8f:24:7d:42:dd:07:
         42:9f:63:52:b7:51:b3:42:f4:f4:c4:3a:3a:25:5e:29:33:47:
         e1:3b:33:eb:be:0d:2e:b6:de:f0:79:77:12:e8:2c:a8:73:2d:
         57:20:af:4e:31:ec:f2:3b:91:eb:3c:0a:3c:b9:fa:7f:7a:72:
         95:14:24:7d:4e:12:68:28:05:3c:5a:61:ed:22:91:ca:ee:c9:
         1a:dc:c9:24:49:fc:ad:08:5e:99:76:13:74:6d:08:c4:ed:91:
         ef:d6:72:6a:2c:0d:08:5b:44:8e:16:a2:cd:29:01:0c:15:6d:
         a0:8f:7a:09:01:9a:06:f3:51:7b:25:96:da:f6:9c:c5:d3:1e:
         32:04:18:44:c5:e2:16:99:8e:b5:17:4f:5d:70:ee:30:9a:24:
         6c:3a:5d:f4:13:cc:38:98:58:86:33:9b:a3:a9:f2:33:31:75:
         fd:4b:cd:b0:29:4d:3b:7b:a2:4c:c1:95:05:f4:b6:70:6d:d0:
         28:85:1a:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk5BnAfXWwJiB54M154q0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MGVkZmM5NmQyYjYxNzg4Njg5NTMzMTQyOTY5ZTY1NTY2
NTEyYWEwHhcNMjUxMTExMTEwMTA0WhcNMjUxMTEyMTEwMTA0WjAzMTEwLwYDVQQD
EygxYjkyYzNiZGJhNjBhZjkyYjY4OWMzMDFjNTNlZmVjZmYxOGNkMzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXdrSgxXUnNDuivUWcgcYmzn40Hg
6SfQs+/nNpD6kU0RqFYLTxRfCKk4X8UMi78vHLvSeitQZQ0cczsdpXtRP/GemT7s
w49+CtdzWJabRiH4LuB8H/xq9zZe9vrl62qy09zIfQWtetDWKMB8O5xdzq0fRV24
wHviWaSanYBQjNZntjsXz+mAYuVk7gppZig6b1RpGP2ELIMymzT6SHAy/xo8oZsg
zANJcGH2lhNFp+K/2H9m/hJmlUTF429WFvwPJsnUyMZm5pF+n6ksKB6NeY3p6yqa
E4jW83nB7gsMj7n+z0QwoAi9R0jPVsheuFoCpI84rp8oR7GkwTOpQzj0eQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBuSw726YK+StonDAcU+/s/xjNNiMB8GA1UdIwQY
MBaAFLUO38ltK2F4holTMUKWnmVWZRKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFE3ZnlXMHJZWGlHaVZNeFFwYWVaVlpsRXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9kYzA5Y2YtNzcwYy00MTcyLWE2ZWUt
YjYxMzg0ZmYwZWMyLzEvdFE3ZnlXMHJZWGlHaVZNeFFwYWVaVlpsRXFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9kYzA5Y2YtNzcwYy00MTcyLWE2ZWUtYjYxMzg0ZmYwZWMy
LzEvdFE3ZnlXMHJZWGlHaVZNeFFwYWVaVlpsRXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhGxRY7SW
lBJKTnS/LiRO+KH96yL9ebCYN8sCSRDPpD5XoMKNTGPZyDPDiUaI9hpWRPPs1xdm
xhSV0TIOSnHJaY0tjyR9Qt0HQp9jUrdRs0L09MQ6OiVeKTNH4Tsz674NLrbe8Hl3
EugsqHMtVyCvTjHs8juR6zwKPLn6f3pylRQkfU4SaCgFPFph7SKRyu7JGtzJJEn8
rQhemXYTdG0IxO2R79ZyaiwNCFtEjhaizSkBDBVtoI96CQGaBvNReyWW2vacxdMe
MgQYRMXiFpmOtRdPXXDuMJokbDpd9BPMOJhYhjObo6nyMzF1/UvNsClNO3uiTMGV
BfS2cG3QKIUaqw==
-----END CERTIFICATE-----