Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft
File:                     pr640lzi1AsMuuWcEeKSvTcXDfo.mft (raw, json)
Hash identifier:          s1kjUe3Copv+zSPM2IVl6IuCyeb87QImWc4rIwbnyTw=
Subject key identifier:   B1:C3:B8:B5:3F:33:08:AC:02:86:05:83:8D:69:67:20:30:3D:AD:9B
Authority key identifier: A6:BE:B8:D2:5C:E2:D4:0B:0C:BA:E5:9C:11:E2:92:BD:37:17:0D:FA
Certificate issuer:       /CN=a6beb8d25ce2d40b0cbae59c11e292bd37170dfa
Certificate serial:       019A7293E0862E78EA3175063065447D89E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pr640lzi1AsMuuWcEeKSvTcXDfo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft
Manifest number:          1117
Signing time:             Tue 11 Nov 2025 11:01:25 +0000
Manifest this update:     Tue 11 Nov 2025 11:01:25 +0000
Manifest next update:     Wed 12 Nov 2025 11:01:25 +0000
Files and hashes:         1: pr640lzi1AsMuuWcEeKSvTcXDfo.crl (hash: u8dhR/pfLr3lSQZeBYCEfRMdy6ag+XYMkCuAOpNHjqE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pr640lzi1AsMuuWcEeKSvTcXDfo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:e0:86:2e:78:ea:31:75:06:30:65:44:7d:89:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a6beb8d25ce2d40b0cbae59c11e292bd37170dfa
        Validity
            Not Before: Nov 11 11:01:25 2025 GMT
            Not After : Nov 12 11:01:25 2025 GMT
        Subject: CN=b1c3b8b53f3308ac028605838d696720303dad9b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:b4:55:1a:a0:3b:0e:3e:7f:d7:1a:9d:8e:df:
                    e8:bb:0f:b5:80:89:26:fe:1e:dc:c9:c6:6e:e6:89:
                    0b:2a:7d:51:60:3e:09:1e:2d:7c:34:3a:d0:af:79:
                    9c:03:c8:01:20:2d:22:e0:da:ca:56:34:5a:28:85:
                    6a:3f:25:69:23:8d:18:93:d2:11:5f:db:36:b1:64:
                    f1:6b:18:4d:f2:dd:83:26:1a:44:12:d0:13:22:11:
                    8e:43:19:27:8b:58:d4:f7:72:f7:4e:3e:a0:6c:ca:
                    d1:74:3a:42:a9:c3:6e:e9:75:1f:10:69:03:e8:3f:
                    16:3e:b6:94:43:04:5c:12:2c:80:20:2d:a7:57:a6:
                    07:a3:8a:32:0d:bd:75:18:2b:41:0d:eb:20:33:43:
                    0b:b6:23:a5:52:1a:ec:5a:ff:7b:74:00:ca:32:fe:
                    4f:56:e7:62:e6:cc:06:f4:bb:dc:f9:9a:bd:c6:b2:
                    8d:46:12:5f:a0:8c:8a:90:4a:1d:fc:b2:53:94:e3:
                    bb:0e:0e:09:be:7c:d6:d7:eb:a0:80:d0:54:1e:62:
                    67:ec:3c:5c:f5:bb:bc:28:74:b3:a2:3f:c6:4c:f0:
                    6f:fb:7d:2e:d2:6b:13:b9:94:04:a4:49:96:0f:95:
                    f5:a1:72:c3:d5:66:70:62:73:40:99:0b:49:ed:0b:
                    0f:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:C3:B8:B5:3F:33:08:AC:02:86:05:83:8D:69:67:20:30:3D:AD:9B
            X509v3 Authority Key Identifier:
                keyid:A6:BE:B8:D2:5C:E2:D4:0B:0C:BA:E5:9C:11:E2:92:BD:37:17:0D:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pr640lzi1AsMuuWcEeKSvTcXDfo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:e3:6a:c9:78:28:46:34:6d:76:d0:6f:1f:2c:f8:c3:3c:79:
         de:80:e7:44:19:3a:1a:59:6f:38:44:e4:0d:4e:d4:23:5a:90:
         a2:62:64:2e:7c:0c:9b:12:7f:f9:2d:73:cf:97:c5:c0:8e:ab:
         23:39:f0:3d:f0:d1:62:f7:c8:40:08:97:91:dc:a3:ce:98:13:
         54:40:26:58:11:67:5f:dc:5a:40:34:65:f1:37:57:d7:58:ec:
         fd:08:4c:5a:85:28:29:e6:ca:66:cc:8c:00:26:02:89:c8:fe:
         e2:99:a8:c5:70:64:76:90:8d:a8:73:fa:fe:fa:ca:71:87:12:
         45:43:01:9d:f7:e0:70:59:d1:ec:c1:d3:03:2c:a0:c2:03:de:
         d6:dc:a7:6d:c6:06:79:08:8c:3d:d1:11:a9:16:df:d9:72:19:
         b1:14:67:65:69:01:d6:7d:80:21:7e:b5:bf:18:f3:0a:c7:97:
         25:d7:2b:56:13:0a:dd:d6:5f:44:c2:93:7a:9b:d4:6c:b8:9d:
         14:8d:46:00:02:aa:d9:d7:19:a5:ff:c6:e3:04:1d:91:5b:4d:
         a8:14:1b:1b:d8:69:2c:5b:50:3a:4c:a8:82:14:3d:16:ef:a2:
         46:10:0e:3b:22:17:eb:87:26:7a:9a:6e:d9:1d:45:43:24:70:
         da:3c:14:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk+CGLnjqMXUGMGVEfYnjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2YmViOGQyNWNlMmQ0MGIwY2JhZTU5YzExZTI5MmJkMzcx
NzBkZmEwHhcNMjUxMTExMTEwMTI1WhcNMjUxMTEyMTEwMTI1WjAzMTEwLwYDVQQD
EyhiMWMzYjhiNTNmMzMwOGFjMDI4NjA1ODM4ZDY5NjcyMDMwM2RhZDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLRVGqA7Dj5/1xqdjt/ouw+1gIkm
/h7cycZu5okLKn1RYD4JHi18NDrQr3mcA8gBIC0i4NrKVjRaKIVqPyVpI40Yk9IR
X9s2sWTxaxhN8t2DJhpEEtATIhGOQxkni1jU93L3Tj6gbMrRdDpCqcNu6XUfEGkD
6D8WPraUQwRcEiyAIC2nV6YHo4oyDb11GCtBDesgM0MLtiOlUhrsWv97dADKMv5P
Vudi5swG9Lvc+Zq9xrKNRhJfoIyKkEod/LJTlOO7Dg4JvnzW1+uggNBUHmJn7Dxc
9bu8KHSzoj/GTPBv+30u0msTuZQEpEmWD5X1oXLD1WZwYnNAmQtJ7QsP0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLHDuLU/MwisAoYFg41pZyAwPa2bMB8GA1UdIwQY
MBaAFKa+uNJc4tQLDLrlnBHikr03Fw36MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHI2NDBsemkxQXNNdXVXY0VlS1N2VGNYRGZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS81NDI0ZDktNTM0OC00ZjZmLTkzOTAt
NDVhNDBhMjFiOGQzLzEvcHI2NDBsemkxQXNNdXVXY0VlS1N2VGNYRGZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS81NDI0ZDktNTM0OC00ZjZmLTkzOTAtNDVhNDBhMjFiOGQz
LzEvcHI2NDBsemkxQXNNdXVXY0VlS1N2VGNYRGZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYuNqyXgo
RjRtdtBvHyz4wzx53oDnRBk6GllvOETkDU7UI1qQomJkLnwMmxJ/+S1zz5fFwI6r
IznwPfDRYvfIQAiXkdyjzpgTVEAmWBFnX9xaQDRl8TdX11js/QhMWoUoKebKZsyM
ACYCicj+4pmoxXBkdpCNqHP6/vrKcYcSRUMBnffgcFnR7MHTAyygwgPe1tynbcYG
eQiMPdERqRbf2XIZsRRnZWkB1n2AIX61vxjzCseXJdcrVhMK3dZfRMKTepvUbLid
FI1GAAKq2dcZpf/G4wQdkVtNqBQbG9hpLFtQOkyoghQ9Fu+iRhAOOyIX64cmeppu
2R1FQyRw2jwUeA==
-----END CERTIFICATE-----