Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft
File:                     r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft (raw, json)
Hash identifier:          HG3zcL5vDx7dOAQ8KIagI3wIaBB0pWjivaORhsOequ0=
Subject key identifier:   D2:F4:DF:E0:BA:10:C2:33:33:7E:2A:10:1C:2A:7E:B1:0B:62:B7:BB
Authority key identifier: AF:82:A0:97:A2:8A:6B:6A:69:9D:8D:6A:BE:4D:CB:95:BB:19:83:30
Certificate issuer:       /CN=af82a097a28a6b6a699d8d6abe4dcb95bb198330
Certificate serial:       019A71B8A37B86ADBB3A339B2ECFE94B6123
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft
Manifest number:          0FB4
Signing time:             Tue 11 Nov 2025 07:01:57 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:57 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:57 +0000
Files and hashes:         1: r4Kgl6KKa2ppnY1qvk3LlbsZgzA.crl (hash: Yiawa6C92RBs37xu+VK2mPYCYBfjqa/65VIz5H5Mc3k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:a3:7b:86:ad:bb:3a:33:9b:2e:cf:e9:4b:61:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af82a097a28a6b6a699d8d6abe4dcb95bb198330
        Validity
            Not Before: Nov 11 07:01:57 2025 GMT
            Not After : Nov 12 07:01:57 2025 GMT
        Subject: CN=d2f4dfe0ba10c233337e2a101c2a7eb10b62b7bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:94:40:ae:da:23:c1:64:c0:58:db:93:6c:a6:
                    df:22:f7:b7:38:33:14:ee:6b:d2:ce:3b:c8:96:b8:
                    4d:91:15:c1:ce:63:b0:6e:dd:89:22:f6:17:7d:27:
                    f5:c1:a4:5c:e4:e3:70:33:63:97:af:ae:33:87:46:
                    48:60:23:62:e2:c5:33:29:09:bb:98:5f:2c:52:c7:
                    e6:b5:dc:9a:8f:5f:1f:69:c7:22:d4:c5:79:31:bf:
                    01:c4:b8:96:90:12:0d:b8:45:2c:ce:12:93:06:4f:
                    68:0b:b7:20:ec:04:7b:fe:67:6e:a8:d1:22:fd:27:
                    0d:16:17:ff:67:dd:1a:72:15:d6:23:26:93:b5:8e:
                    df:20:cc:d7:d1:fc:48:cf:f5:3b:1c:8c:1f:f4:1b:
                    7c:cf:65:77:45:e1:8e:46:10:72:3a:ab:af:53:d5:
                    35:41:c0:a5:36:6c:a8:67:4e:0e:40:03:ae:7a:dd:
                    e3:fb:b7:8d:4f:30:4c:22:6f:73:d4:8e:12:14:be:
                    9d:8c:4b:9a:bc:30:39:4c:ec:b2:bd:5c:77:80:ec:
                    5f:e4:1c:a1:fd:8c:95:94:99:9b:15:49:ca:a1:fb:
                    b5:99:b5:9c:92:c5:c1:d6:af:c6:81:2a:db:d0:27:
                    69:c3:b4:75:16:8a:2e:b2:da:49:4f:7f:1b:67:3c:
                    b3:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:F4:DF:E0:BA:10:C2:33:33:7E:2A:10:1C:2A:7E:B1:0B:62:B7:BB
            X509v3 Authority Key Identifier:
                keyid:AF:82:A0:97:A2:8A:6B:6A:69:9D:8D:6A:BE:4D:CB:95:BB:19:83:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:89:67:9d:dd:ef:49:56:68:27:72:f0:4a:d3:82:8b:2a:b5:
         53:ff:e6:a9:ea:1f:33:c2:ca:b8:2c:c6:74:22:47:ab:c3:ca:
         25:57:78:7e:22:83:10:a2:4d:eb:73:e3:83:68:61:16:18:2a:
         73:7a:53:aa:58:70:0b:b1:d3:75:b9:11:e1:2c:38:79:2d:5a:
         8a:58:9f:e0:57:26:cf:b8:6c:d4:cd:ce:0a:a1:de:76:8d:6b:
         20:26:ca:03:d9:bb:78:06:96:c0:4c:98:9a:ac:6f:d0:f0:c2:
         42:aa:c8:94:38:2b:23:17:ac:a9:58:bd:eb:0d:d5:fe:8f:17:
         91:5e:f0:db:b7:2e:09:9a:8f:11:1b:ac:13:c7:4f:04:1f:79:
         98:94:78:63:a8:6d:14:3d:53:49:60:fc:62:d8:22:e1:a6:fc:
         51:15:47:73:0a:7a:c7:f6:29:e1:20:6e:8e:94:9f:a5:83:f7:
         af:8b:30:85:5a:99:fc:c7:91:19:99:67:c6:fa:5b:86:ff:fa:
         b9:b0:4e:d1:c6:fd:37:4b:ec:a5:1f:e5:bc:71:01:0b:89:5a:
         2a:5a:bc:f7:80:0b:d0:a5:26:05:41:b6:b9:45:9c:65:68:8d:
         e9:07:d0:b1:bc:0f:9c:2d:04:15:03:2f:fb:cc:c9:22:93:cd:
         5c:9a:59:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuKN7hq27OjObLs/pS2EjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODJhMDk3YTI4YTZiNmE2OTlkOGQ2YWJlNGRjYjk1YmIx
OTgzMzAwHhcNMjUxMTExMDcwMTU3WhcNMjUxMTEyMDcwMTU3WjAzMTEwLwYDVQQD
EyhkMmY0ZGZlMGJhMTBjMjMzMzM3ZTJhMTAxYzJhN2ViMTBiNjJiN2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpRArtojwWTAWNuTbKbfIve3ODMU
7mvSzjvIlrhNkRXBzmOwbt2JIvYXfSf1waRc5ONwM2OXr64zh0ZIYCNi4sUzKQm7
mF8sUsfmtdyaj18facci1MV5Mb8BxLiWkBINuEUszhKTBk9oC7cg7AR7/mduqNEi
/ScNFhf/Z90achXWIyaTtY7fIMzX0fxIz/U7HIwf9Bt8z2V3ReGORhByOquvU9U1
QcClNmyoZ04OQAOuet3j+7eNTzBMIm9z1I4SFL6djEuavDA5TOyyvVx3gOxf5Byh
/YyVlJmbFUnKofu1mbWcksXB1q/GgSrb0Cdpw7R1FooustpJT38bZzyzuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNL03+C6EMIzM34qEBwqfrELYre7MB8GA1UdIwQY
MBaAFK+CoJeiimtqaZ2Nar5Ny5W7GYMwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRLZ2w2S0thMnBwblkxcXZrM0xsYnNaZ3pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi83NWM1N2ItMjc4Ni00N2I5LTk4MWMt
ZmFhOGI3MThiNmNiLzEvcjRLZ2w2S0thMnBwblkxcXZrM0xsYnNaZ3pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi83NWM1N2ItMjc4Ni00N2I5LTk4MWMtZmFhOGI3MThiNmNi
LzEvcjRLZ2w2S0thMnBwblkxcXZrM0xsYnNaZ3pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfIlnnd3v
SVZoJ3LwStOCiyq1U//mqeofM8LKuCzGdCJHq8PKJVd4fiKDEKJN63Pjg2hhFhgq
c3pTqlhwC7HTdbkR4Sw4eS1ailif4Fcmz7hs1M3OCqHedo1rICbKA9m7eAaWwEyY
mqxv0PDCQqrIlDgrIxesqVi96w3V/o8XkV7w27cuCZqPERusE8dPBB95mJR4Y6ht
FD1TSWD8Ytgi4ab8URVHcwp6x/Yp4SBujpSfpYP3r4swhVqZ/MeRGZlnxvpbhv/6
ubBO0cb9N0vspR/lvHEBC4laKlq894AL0KUmBUG2uUWcZWiN6QfQsbwPnC0EFQMv
+8zJIpPNXJpZxg==
-----END CERTIFICATE-----