Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/ff50ec-b12d-4798-89fa-22d1bcfa1eda/1/g76BmaF8rKps1S15QSNtpuVuG-o.mft
File:                     g76BmaF8rKps1S15QSNtpuVuG-o.mft (raw, json)
Hash identifier:          DwVuC6dQxGxAYd/735A+kcKHspNMlOZgqRXcEyLzED4=
Subject key identifier:   D0:5B:82:43:FF:E7:CF:13:B8:74:AC:9B:F2:55:82:08:1A:6B:86:CD
Authority key identifier: 83:BE:81:99:A1:7C:AC:AA:6C:D5:2D:79:41:23:6D:A6:E5:6E:1B:EA
Certificate issuer:       /CN=83be8199a17cacaa6cd52d7941236da6e56e1bea
Certificate serial:       019A71B8737BA0409BEEBC990129222E45A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g76BmaF8rKps1S15QSNtpuVuG-o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/ff50ec-b12d-4798-89fa-22d1bcfa1eda/1/g76BmaF8rKps1S15QSNtpuVuG-o.mft
Manifest number:          0AA3
Signing time:             Tue 11 Nov 2025 07:01:44 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:44 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:44 +0000
Files and hashes:         1: g76BmaF8rKps1S15QSNtpuVuG-o.crl (hash: 0gU/N8TWzs6bVGo3rvEEcLZeeijQbucXp5McyjOhhHY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/ff50ec-b12d-4798-89fa-22d1bcfa1eda/1/g76BmaF8rKps1S15QSNtpuVuG-o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/ff50ec-b12d-4798-89fa-22d1bcfa1eda/1/g76BmaF8rKps1S15QSNtpuVuG-o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/g76BmaF8rKps1S15QSNtpuVuG-o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:73:7b:a0:40:9b:ee:bc:99:01:29:22:2e:45:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=83be8199a17cacaa6cd52d7941236da6e56e1bea
        Validity
            Not Before: Nov 11 07:01:44 2025 GMT
            Not After : Nov 12 07:01:44 2025 GMT
        Subject: CN=d05b8243ffe7cf13b874ac9bf25582081a6b86cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:93:3f:28:aa:03:b1:31:28:92:1e:eb:32:1d:
                    96:22:c9:90:29:7f:9b:7f:ae:53:dc:de:b6:c1:fb:
                    36:be:9f:c2:2d:84:62:15:96:ca:c6:96:29:77:f2:
                    9c:cd:ab:83:11:45:d6:0f:83:50:47:39:3c:02:a0:
                    67:00:82:da:38:1c:83:93:b8:83:0f:50:3e:35:12:
                    4b:79:94:ef:cb:76:7f:6d:e9:a5:3c:f1:37:de:3c:
                    e0:61:b0:a3:24:d2:50:29:55:e4:b1:b5:44:4d:f5:
                    8f:7b:15:3a:cf:86:1b:50:85:73:a9:00:f0:44:63:
                    28:d2:74:2c:39:cd:8b:82:e9:44:5b:06:6f:92:0b:
                    71:ee:79:d4:3e:8e:61:03:5e:0b:d6:92:d2:f7:84:
                    25:ef:88:54:4c:c3:dd:e3:dd:ef:9c:e7:f4:9b:22:
                    26:bd:63:05:1e:a6:17:99:81:12:f4:de:f7:28:1a:
                    68:54:48:f6:72:d1:12:25:26:47:6f:f5:a4:ec:71:
                    48:d0:0a:94:d7:6e:43:a2:21:17:5a:b8:13:42:cc:
                    0e:08:10:ef:ae:7b:50:29:4c:b9:99:ff:fd:66:63:
                    29:e9:d6:e4:aa:b5:10:d9:51:32:94:51:e5:45:2a:
                    3a:a3:e9:db:a2:a5:ba:6b:fd:5a:5b:78:49:04:6e:
                    eb:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:5B:82:43:FF:E7:CF:13:B8:74:AC:9B:F2:55:82:08:1A:6B:86:CD
            X509v3 Authority Key Identifier:
                keyid:83:BE:81:99:A1:7C:AC:AA:6C:D5:2D:79:41:23:6D:A6:E5:6E:1B:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g76BmaF8rKps1S15QSNtpuVuG-o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ff50ec-b12d-4798-89fa-22d1bcfa1eda/1/g76BmaF8rKps1S15QSNtpuVuG-o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ff50ec-b12d-4798-89fa-22d1bcfa1eda/1/g76BmaF8rKps1S15QSNtpuVuG-o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:2c:ff:f0:1e:61:09:b0:27:de:ec:e5:86:e0:b5:08:b8:44:
         c8:a1:94:d3:0c:4a:6f:4a:aa:87:35:e9:e9:22:9e:9a:96:b7:
         a0:bf:d8:28:8b:09:22:f1:64:c6:65:69:1d:84:0d:a6:05:5b:
         55:e1:58:7c:1f:e6:50:ac:60:24:65:c4:00:3b:15:95:3b:32:
         ef:45:36:31:5c:96:97:5f:35:1b:3b:aa:0d:e7:18:8f:49:33:
         c0:61:46:26:8d:1f:b1:ae:b2:69:22:64:40:07:be:4b:70:11:
         f0:da:10:ab:52:3f:f6:d8:e7:76:12:89:26:2a:16:dc:ef:b0:
         8f:27:0a:46:1f:6e:4e:ad:1d:0a:7f:a2:dc:5a:20:24:15:8f:
         85:26:7a:e8:94:df:0d:7d:dd:60:45:73:01:46:7b:43:27:45:
         f4:5f:3d:98:31:45:00:9c:d5:f7:eb:60:0c:b4:4d:a9:c3:60:
         b5:c7:04:17:4f:3e:a4:51:3e:87:69:31:19:0e:ea:b9:cd:cf:
         90:fb:b7:4f:65:9b:fe:be:c8:3c:15:f1:1c:0d:fe:37:76:5d:
         41:13:bc:2b:fa:84:1d:3c:e9:34:24:69:34:76:3b:46:1b:19:
         f7:3e:ff:39:49:7f:27:0e:99:f3:87:32:5d:e4:76:00:a0:20:
         b8:7f:3a:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuHN7oECb7ryZASkiLkWjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzYmU4MTk5YTE3Y2FjYWE2Y2Q1MmQ3OTQxMjM2ZGE2ZTU2
ZTFiZWEwHhcNMjUxMTExMDcwMTQ0WhcNMjUxMTEyMDcwMTQ0WjAzMTEwLwYDVQQD
EyhkMDViODI0M2ZmZTdjZjEzYjg3NGFjOWJmMjU1ODIwODFhNmI4NmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJM/KKoDsTEokh7rMh2WIsmQKX+b
f65T3N62wfs2vp/CLYRiFZbKxpYpd/KczauDEUXWD4NQRzk8AqBnAILaOByDk7iD
D1A+NRJLeZTvy3Z/bemlPPE33jzgYbCjJNJQKVXksbVETfWPexU6z4YbUIVzqQDw
RGMo0nQsOc2LgulEWwZvkgtx7nnUPo5hA14L1pLS94Ql74hUTMPd493vnOf0myIm
vWMFHqYXmYES9N73KBpoVEj2ctESJSZHb/Wk7HFI0AqU125DoiEXWrgTQswOCBDv
rntQKUy5mf/9ZmMp6dbkqrUQ2VEylFHlRSo6o+nboqW6a/1aW3hJBG7rWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNBbgkP/588TuHSsm/JVgggaa4bNMB8GA1UdIwQY
MBaAFIO+gZmhfKyqbNUteUEjbablbhvqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzc2Qm1hRjhyS3BzMVMxNVFTTnRwdVZ1Ry1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9mZjUwZWMtYjEyZC00Nzk4LTg5ZmEt
MjJkMWJjZmExZWRhLzEvZzc2Qm1hRjhyS3BzMVMxNVFTTnRwdVZ1Ry1vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9mZjUwZWMtYjEyZC00Nzk4LTg5ZmEtMjJkMWJjZmExZWRh
LzEvZzc2Qm1hRjhyS3BzMVMxNVFTTnRwdVZ1Ry1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOSz/8B5h
CbAn3uzlhuC1CLhEyKGU0wxKb0qqhzXp6SKempa3oL/YKIsJIvFkxmVpHYQNpgVb
VeFYfB/mUKxgJGXEADsVlTsy70U2MVyWl181GzuqDecYj0kzwGFGJo0fsa6yaSJk
QAe+S3AR8NoQq1I/9tjndhKJJioW3O+wjycKRh9uTq0dCn+i3FogJBWPhSZ66JTf
DX3dYEVzAUZ7QydF9F89mDFFAJzV9+tgDLRNqcNgtccEF08+pFE+h2kxGQ7quc3P
kPu3T2Wb/r7IPBXxHA3+N3ZdQRO8K/qEHTzpNCRpNHY7RhsZ9z7/OUl/Jw6Z84cy
XeR2AKAguH86kA==
-----END CERTIFICATE-----