Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/ab6a7b-65ab-4977-9937-ea9b6bb2e39c/1/iY7BAjeR9tQ_l5fgUtE1S-v_xzI.mft
File:                     iY7BAjeR9tQ_l5fgUtE1S-v_xzI.mft (raw, json)
Hash identifier:          +mHgCR0A7kQOiHo+8+FpCrrPjspZXdvn9ndoTh3SJFA=
Subject key identifier:   4A:E7:64:29:A1:3C:4B:0F:F7:C2:AD:36:93:B6:59:24:09:E0:B9:88
Authority key identifier: 89:8E:C1:02:37:91:F6:D4:3F:97:97:E0:52:D1:35:4B:EB:FF:C7:32
Certificate issuer:       /CN=898ec1023791f6d43f9797e052d1354bebffc732
Certificate serial:       019A711311ABE0C51DB866CB7C8FF67A45A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iY7BAjeR9tQ_l5fgUtE1S-v_xzI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/ab6a7b-65ab-4977-9937-ea9b6bb2e39c/1/iY7BAjeR9tQ_l5fgUtE1S-v_xzI.mft
Manifest number:          6E
Signing time:             Tue 11 Nov 2025 04:01:06 +0000
Manifest this update:     Tue 11 Nov 2025 04:01:06 +0000
Manifest next update:     Wed 12 Nov 2025 04:01:06 +0000
Files and hashes:         1: iY7BAjeR9tQ_l5fgUtE1S-v_xzI.crl (hash: 3gNMCvJpKVaAbyBIRLxonuDsQYCmmgfSvYVTBsPIrLQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/ab6a7b-65ab-4977-9937-ea9b6bb2e39c/1/iY7BAjeR9tQ_l5fgUtE1S-v_xzI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/ab6a7b-65ab-4977-9937-ea9b6bb2e39c/1/iY7BAjeR9tQ_l5fgUtE1S-v_xzI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iY7BAjeR9tQ_l5fgUtE1S-v_xzI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:13:11:ab:e0:c5:1d:b8:66:cb:7c:8f:f6:7a:45:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=898ec1023791f6d43f9797e052d1354bebffc732
        Validity
            Not Before: Nov 11 04:01:06 2025 GMT
            Not After : Nov 12 04:01:06 2025 GMT
        Subject: CN=4ae76429a13c4b0ff7c2ad3693b6592409e0b988
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:c5:3b:f8:9d:a0:94:ea:0a:74:10:3c:c7:98:
                    f2:a4:d7:e5:f1:ab:5e:47:1c:d0:13:84:94:d0:4a:
                    42:ed:b6:59:ed:8d:18:4f:77:42:6d:6e:2a:e8:32:
                    55:d8:fe:0b:a2:7f:51:10:b6:70:6c:43:86:9f:9d:
                    b5:3a:e1:d7:ca:63:56:ca:f5:1c:12:4f:22:f4:f8:
                    a5:20:09:48:0e:13:e5:ad:64:38:af:68:77:3e:9c:
                    9f:82:37:4d:6e:f6:2b:2f:71:7a:85:42:f7:f0:c0:
                    31:1b:d4:e9:3b:06:47:b1:d9:84:f1:e6:0e:93:07:
                    7a:26:59:cb:53:3f:c1:9c:4a:b8:7d:45:b8:ec:c9:
                    c4:e6:42:c1:9d:5c:fc:8d:ab:5e:58:1d:a5:68:f2:
                    81:8d:ae:3d:f0:9a:97:12:43:36:72:5b:45:58:4b:
                    21:0f:3f:f2:e9:44:ef:bd:f4:ff:51:89:33:45:48:
                    4e:32:22:f6:f3:2c:b4:6b:63:67:b3:13:53:9b:0d:
                    ee:37:30:83:11:57:34:44:32:5e:74:15:6c:b2:6a:
                    95:b7:5d:93:3f:0c:d3:47:ac:05:73:32:aa:20:91:
                    f6:2f:a2:41:95:c8:41:dd:29:b1:08:73:2c:8f:45:
                    df:cc:35:2d:72:03:92:3a:68:49:d3:61:de:fb:6a:
                    b2:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:E7:64:29:A1:3C:4B:0F:F7:C2:AD:36:93:B6:59:24:09:E0:B9:88
            X509v3 Authority Key Identifier:
                keyid:89:8E:C1:02:37:91:F6:D4:3F:97:97:E0:52:D1:35:4B:EB:FF:C7:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iY7BAjeR9tQ_l5fgUtE1S-v_xzI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/ab6a7b-65ab-4977-9937-ea9b6bb2e39c/1/iY7BAjeR9tQ_l5fgUtE1S-v_xzI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/ab6a7b-65ab-4977-9937-ea9b6bb2e39c/1/iY7BAjeR9tQ_l5fgUtE1S-v_xzI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:8d:91:15:c4:5e:b2:7f:d4:d3:bc:22:a9:1e:3c:4b:be:5a:
         f5:32:d4:7b:7c:30:5a:3e:d0:61:da:8b:f3:93:79:2a:bb:53:
         e7:ec:7d:f0:04:80:d5:b3:17:b8:6b:2d:10:62:02:f8:ac:ce:
         4d:8a:a8:72:72:2d:3a:ad:22:52:ca:9e:15:16:ed:d6:45:98:
         20:88:cc:34:d6:a8:b3:d2:8a:d3:1d:0d:2a:d5:55:ff:94:c3:
         5d:49:e2:6b:3e:1a:6b:e5:ef:02:33:d3:e1:3f:8e:7a:24:2a:
         e1:f4:7e:56:33:fd:fa:c7:37:bb:73:7c:0b:52:ea:81:69:11:
         ce:b0:9a:7f:0b:b3:e2:86:19:4f:4d:35:6d:28:4e:bc:61:45:
         cb:dd:6d:15:6b:e1:f7:85:ff:e8:0e:90:df:95:2e:3e:86:09:
         46:03:48:c4:1c:7c:9c:cd:dc:fa:a3:6a:41:24:7a:56:25:bd:
         f8:d7:db:b0:1f:17:9c:26:b7:b2:c2:5e:84:d2:9e:8d:2b:84:
         4f:7a:e9:be:8e:1e:dc:07:c7:58:3e:17:30:d8:59:68:aa:3f:
         48:1f:31:ad:49:61:ac:04:b4:2c:cf:fb:64:2d:39:d7:8b:db:
         e0:29:1d:49:42:4f:65:85:b3:c7:c4:c3:07:39:b5:f0:1c:2f:
         97:8e:07:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxExGr4MUduGbLfI/2ekWmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5OGVjMTAyMzc5MWY2ZDQzZjk3OTdlMDUyZDEzNTRiZWJm
ZmM3MzIwHhcNMjUxMTExMDQwMTA2WhcNMjUxMTEyMDQwMTA2WjAzMTEwLwYDVQQD
Eyg0YWU3NjQyOWExM2M0YjBmZjdjMmFkMzY5M2I2NTkyNDA5ZTBiOTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8U7+J2glOoKdBA8x5jypNfl8ate
RxzQE4SU0EpC7bZZ7Y0YT3dCbW4q6DJV2P4Lon9RELZwbEOGn521OuHXymNWyvUc
Ek8i9PilIAlIDhPlrWQ4r2h3PpyfgjdNbvYrL3F6hUL38MAxG9TpOwZHsdmE8eYO
kwd6JlnLUz/BnEq4fUW47MnE5kLBnVz8jateWB2laPKBja498JqXEkM2cltFWEsh
Dz/y6UTvvfT/UYkzRUhOMiL28yy0a2NnsxNTmw3uNzCDEVc0RDJedBVssmqVt12T
PwzTR6wFczKqIJH2L6JBlchB3SmxCHMsj0XfzDUtcgOSOmhJ02He+2qyOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFErnZCmhPEsP98KtNpO2WSQJ4LmIMB8GA1UdIwQY
MBaAFImOwQI3kfbUP5eX4FLRNUvr/8cyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVk3QkFqZVI5dFFfbDVmZ1V0RTFTLXZfeHpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9hYjZhN2ItNjVhYi00OTc3LTk5Mzct
ZWE5YjZiYjJlMzljLzEvaVk3QkFqZVI5dFFfbDVmZ1V0RTFTLXZfeHpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9hYjZhN2ItNjVhYi00OTc3LTk5MzctZWE5YjZiYjJlMzlj
LzEvaVk3QkFqZVI5dFFfbDVmZ1V0RTFTLXZfeHpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX42RFcRe
sn/U07wiqR48S75a9TLUe3wwWj7QYdqL85N5KrtT5+x98ASA1bMXuGstEGIC+KzO
TYqocnItOq0iUsqeFRbt1kWYIIjMNNaos9KK0x0NKtVV/5TDXUniaz4aa+XvAjPT
4T+OeiQq4fR+VjP9+sc3u3N8C1LqgWkRzrCafwuz4oYZT001bShOvGFFy91tFWvh
94X/6A6Q35UuPoYJRgNIxBx8nM3c+qNqQSR6ViW9+NfbsB8XnCa3ssJehNKejSuE
T3rpvo4e3AfHWD4XMNhZaKo/SB8xrUlhrAS0LM/7ZC0514vb4CkdSUJPZYWzx8TD
Bzm18Bwvl44HSQ==
-----END CERTIFICATE-----