Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.mft
File:                     gz8MJRPUNTtAzvg5F57r-HOCRcY.mft (raw, json)
Hash identifier:          mRuVj9puJSOctu8QHqmEapgYsRupdwtZINcrxw1xQMg=
Subject key identifier:   06:FB:A1:DD:3E:7B:D7:4B:3B:FD:A9:FA:C7:BE:7F:DF:EA:75:33:F5
Authority key identifier: 83:3F:0C:25:13:D4:35:3B:40:CE:F8:39:17:9E:EB:F8:73:82:45:C6
Certificate issuer:       /CN=833f0c2513d4353b40cef839179eebf8738245c6
Certificate serial:       019A71B794B44CE67D966D1EC17C30C7CE39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gz8MJRPUNTtAzvg5F57r-HOCRcY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.mft
Manifest number:          11F3
Signing time:             Tue 11 Nov 2025 07:00:47 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:47 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:47 +0000
Files and hashes:         1: gz8MJRPUNTtAzvg5F57r-HOCRcY.crl (hash: kbxhIR61CRFH9D2EozEk6jYp3cYOEh4BloU4f/03htk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gz8MJRPUNTtAzvg5F57r-HOCRcY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:94:b4:4c:e6:7d:96:6d:1e:c1:7c:30:c7:ce:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=833f0c2513d4353b40cef839179eebf8738245c6
        Validity
            Not Before: Nov 11 07:00:47 2025 GMT
            Not After : Nov 12 07:00:47 2025 GMT
        Subject: CN=06fba1dd3e7bd74b3bfda9fac7be7fdfea7533f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:37:44:36:5a:59:f6:42:cd:7f:cb:ea:c7:11:
                    32:d0:a3:5b:56:f9:e4:dc:d1:5a:1c:6c:41:fe:2a:
                    bd:35:17:17:a4:9f:0a:27:e5:0d:b5:76:c9:36:99:
                    e1:ba:68:2e:be:06:e8:59:20:e1:90:bc:6c:f1:ba:
                    e1:ac:bb:69:71:48:f5:5a:68:88:2d:9f:b4:b5:e3:
                    c2:ee:5c:d9:3d:68:59:81:53:c8:65:b4:85:98:9d:
                    43:bb:5f:a9:9f:dd:5a:db:e1:b4:d0:d8:98:bb:53:
                    6a:d0:ab:c4:fd:b6:1f:cd:95:e5:cc:d7:65:49:49:
                    05:1a:fb:39:a2:0d:7b:00:82:00:5a:ff:79:b3:42:
                    58:18:a5:c1:fd:db:e3:1b:d6:6a:52:78:ca:5c:89:
                    6b:07:fe:6e:3a:b4:cd:2a:c6:f3:40:ec:6e:09:01:
                    7b:c0:75:41:85:d5:00:05:05:41:63:66:33:b0:43:
                    12:42:74:fa:c7:52:f8:bf:45:4a:3c:3e:59:e2:9e:
                    6f:42:e1:b5:a1:05:16:97:77:3c:41:47:56:7e:8a:
                    51:b7:8c:ce:7e:31:83:53:ff:e7:dd:9d:77:4d:63:
                    25:ca:cd:9f:03:34:de:f5:a7:ec:b8:89:61:92:40:
                    56:cf:98:72:ad:12:3a:16:4c:6d:51:7e:52:d1:e0:
                    59:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:FB:A1:DD:3E:7B:D7:4B:3B:FD:A9:FA:C7:BE:7F:DF:EA:75:33:F5
            X509v3 Authority Key Identifier:
                keyid:83:3F:0C:25:13:D4:35:3B:40:CE:F8:39:17:9E:EB:F8:73:82:45:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz8MJRPUNTtAzvg5F57r-HOCRcY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:2e:c5:39:82:a5:0a:20:5a:b2:02:52:e3:39:f4:33:75:89:
         d4:49:d2:6d:4f:57:37:19:82:d7:82:a5:02:af:f2:ee:ee:fb:
         41:bd:9a:5e:98:b6:96:f9:53:4a:c7:75:75:90:e2:da:b2:58:
         2c:51:55:c9:12:73:ee:1d:37:00:4b:ac:26:a9:73:84:be:d9:
         16:a4:50:37:cc:51:39:f6:0c:38:9d:9e:aa:0a:18:91:1f:87:
         02:b4:bc:9e:26:6a:8e:0c:89:47:ac:95:f4:25:7a:9f:e2:6d:
         cc:d4:1c:47:f2:49:88:43:42:72:9d:ac:70:ab:b3:9f:da:2c:
         cb:41:ef:4c:78:f9:75:0d:ef:f8:ff:cc:dd:7a:9e:6f:ed:57:
         d0:5e:e5:b5:a4:de:bd:23:86:35:97:72:12:46:28:b4:3d:a3:
         1e:6f:ad:f9:51:f0:71:a3:2c:99:a6:80:b4:ab:cb:79:04:eb:
         c5:69:1f:2f:0d:f0:27:4c:d3:3d:14:84:00:36:0b:72:80:2c:
         d4:ef:52:25:48:0f:32:04:a3:14:3e:6d:d5:9d:60:ee:ff:6a:
         66:c7:02:7c:69:b2:14:e6:c0:a7:62:24:a7:ce:eb:29:4a:56:
         f7:ae:e5:a5:72:63:64:88:7e:9f:db:2e:e7:07:6d:8f:c9:46:
         e9:77:35:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt5S0TOZ9lm0ewXwwx845MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2YwYzI1MTNkNDM1M2I0MGNlZjgzOTE3OWVlYmY4NzM4
MjQ1YzYwHhcNMjUxMTExMDcwMDQ3WhcNMjUxMTEyMDcwMDQ3WjAzMTEwLwYDVQQD
EygwNmZiYTFkZDNlN2JkNzRiM2JmZGE5ZmFjN2JlN2ZkZmVhNzUzM2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8DdENlpZ9kLNf8vqxxEy0KNbVvnk
3NFaHGxB/iq9NRcXpJ8KJ+UNtXbJNpnhumguvgboWSDhkLxs8brhrLtpcUj1WmiI
LZ+0tePC7lzZPWhZgVPIZbSFmJ1Du1+pn91a2+G00NiYu1Nq0KvE/bYfzZXlzNdl
SUkFGvs5og17AIIAWv95s0JYGKXB/dvjG9ZqUnjKXIlrB/5uOrTNKsbzQOxuCQF7
wHVBhdUABQVBY2YzsEMSQnT6x1L4v0VKPD5Z4p5vQuG1oQUWl3c8QUdWfopRt4zO
fjGDU//n3Z13TWMlys2fAzTe9afsuIlhkkBWz5hyrRI6FkxtUX5S0eBZzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAb7od0+e9dLO/2p+se+f9/qdTP1MB8GA1UdIwQY
MBaAFIM/DCUT1DU7QM74ORee6/hzgkXGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o4TUpSUFVOVHRBenZnNUY1N3ItSE9DUmNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi85ZjJmYzgtOGYyYy00N2UwLTk3ZGEt
ZWQwN2VjZjJkYzM2LzEvZ3o4TUpSUFVOVHRBenZnNUY1N3ItSE9DUmNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi85ZjJmYzgtOGYyYy00N2UwLTk3ZGEtZWQwN2VjZjJkYzM2
LzEvZ3o4TUpSUFVOVHRBenZnNUY1N3ItSE9DUmNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEi7FOYKl
CiBasgJS4zn0M3WJ1EnSbU9XNxmC14KlAq/y7u77Qb2aXpi2lvlTSsd1dZDi2rJY
LFFVyRJz7h03AEusJqlzhL7ZFqRQN8xROfYMOJ2eqgoYkR+HArS8niZqjgyJR6yV
9CV6n+JtzNQcR/JJiENCcp2scKuzn9osy0HvTHj5dQ3v+P/M3Xqeb+1X0F7ltaTe
vSOGNZdyEkYotD2jHm+t+VHwcaMsmaaAtKvLeQTrxWkfLw3wJ0zTPRSEADYLcoAs
1O9SJUgPMgSjFD5t1Z1g7v9qZscCfGmyFObAp2Ikp87rKUpW967lpXJjZIh+n9su
5wdtj8lG6Xc1CA==
-----END CERTIFICATE-----