Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft
File:                     s1IytLD6jIPU_4wSROhk67yt1os.mft (raw, json)
Hash identifier:          ruZuxMe6qUPwMqMSwd6XKJzcwsSw8kAbtRBUZWU9fYs=
Subject key identifier:   2B:FC:31:AC:4E:31:27:2D:E3:1B:66:2C:CE:26:83:5C:A1:24:21:D6
Authority key identifier: B3:52:32:B4:B0:FA:8C:83:D4:FF:8C:12:44:E8:64:EB:BC:AD:D6:8B
Certificate issuer:       /CN=b35232b4b0fa8c83d4ff8c1244e864ebbcadd68b
Certificate serial:       019A71B8B2F5BE04445AF0ED49BC16871A43
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s1IytLD6jIPU_4wSROhk67yt1os.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft
Manifest number:          1196
Signing time:             Tue 11 Nov 2025 07:02:01 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:01 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:01 +0000
Files and hashes:         1: s1IytLD6jIPU_4wSROhk67yt1os.crl (hash: FeOZbvc9RPk3kiJlzrwm4hz0OxM0SQENmakJQy1HyM4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s1IytLD6jIPU_4wSROhk67yt1os.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:b2:f5:be:04:44:5a:f0:ed:49:bc:16:87:1a:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b35232b4b0fa8c83d4ff8c1244e864ebbcadd68b
        Validity
            Not Before: Nov 11 07:02:01 2025 GMT
            Not After : Nov 12 07:02:01 2025 GMT
        Subject: CN=2bfc31ac4e31272de31b662cce26835ca12421d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:b3:e8:96:d9:33:ee:37:53:cd:ea:61:3b:fb:
                    41:9f:c0:ce:0d:25:41:18:c9:78:3c:86:f2:d5:ba:
                    e3:45:98:22:d2:ea:15:d5:1c:b0:8d:02:9d:dc:b3:
                    f2:a2:f3:d6:f4:b1:d4:84:82:a9:5f:f0:69:4b:c0:
                    b1:e4:39:f2:4d:66:bf:ff:71:c3:2b:07:1d:51:4b:
                    a4:ea:38:4d:22:65:7f:07:c9:30:ea:fb:f5:3e:61:
                    6b:14:f5:6c:11:46:62:10:63:63:63:20:fd:cf:56:
                    c1:bd:ba:ec:6d:32:e0:fd:6d:94:6d:a3:42:f8:9e:
                    38:14:94:68:e3:31:8f:60:65:0e:9b:6a:0e:6e:c8:
                    e5:02:88:be:8a:34:0f:f0:97:59:d2:f7:b6:1e:1a:
                    fd:0c:51:0a:bb:0d:be:6d:c3:39:fe:49:99:5a:a7:
                    61:ce:07:61:54:6b:cd:69:88:ab:a7:5a:0d:15:5d:
                    ef:f2:2f:53:16:e1:aa:ea:e2:65:84:9a:c6:12:c2:
                    7d:0f:4a:51:cb:16:91:8a:44:af:48:22:b5:98:fc:
                    82:2b:d4:8a:0a:2c:ce:0d:f1:77:bb:b9:c9:a3:19:
                    4f:17:90:e9:90:72:38:bf:18:38:69:01:ff:17:f5:
                    68:58:6d:76:25:eb:24:18:50:2f:4a:d5:45:75:43:
                    2b:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:FC:31:AC:4E:31:27:2D:E3:1B:66:2C:CE:26:83:5C:A1:24:21:D6
            X509v3 Authority Key Identifier:
                keyid:B3:52:32:B4:B0:FA:8C:83:D4:FF:8C:12:44:E8:64:EB:BC:AD:D6:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s1IytLD6jIPU_4wSROhk67yt1os.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c6:f9:a2:b3:2e:ad:ed:a8:de:ec:9e:1e:3f:81:79:86:72:be:
         1a:02:e4:0a:16:9b:95:b9:19:b9:1e:d5:59:ea:51:8e:3b:3a:
         5a:e9:32:f6:b3:fd:48:26:ee:ad:23:9b:26:01:ef:81:c7:8f:
         24:22:0c:53:d9:ef:c1:31:5d:a2:7d:6f:57:ec:17:04:f1:d3:
         c8:7b:ca:22:c7:b9:6a:56:17:c4:1a:7c:14:09:33:7e:43:27:
         b9:91:0b:71:63:45:de:1c:a7:b8:a0:0c:07:a2:a6:ff:8e:08:
         26:03:54:da:58:40:d8:e8:c6:8b:b5:05:7a:39:88:a0:1b:84:
         71:4c:77:65:d5:3e:10:0a:43:fe:ab:92:92:bd:e7:18:59:0e:
         2a:df:74:ed:75:db:19:c4:5e:3e:77:bb:f7:b0:a1:6d:9a:a3:
         83:77:f5:70:41:3d:52:52:54:a6:29:7f:25:2e:0a:54:48:e9:
         36:6b:85:af:ed:53:22:04:f6:c7:d8:7c:df:2a:c7:a1:6d:b0:
         67:84:55:48:33:41:1f:37:db:52:07:46:7e:f3:2d:c3:40:73:
         64:39:25:6d:5c:ff:52:43:f5:fc:0a:a8:e8:77:85:91:f9:b0:
         f9:ca:35:5c:9d:b5:8d:17:92:e8:be:b8:41:8a:1d:5b:14:b4:
         85:9c:5c:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuLL1vgREWvDtSbwWhxpDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNTIzMmI0YjBmYThjODNkNGZmOGMxMjQ0ZTg2NGViYmNh
ZGQ2OGIwHhcNMjUxMTExMDcwMjAxWhcNMjUxMTEyMDcwMjAxWjAzMTEwLwYDVQQD
EygyYmZjMzFhYzRlMzEyNzJkZTMxYjY2MmNjZTI2ODM1Y2ExMjQyMWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrPoltkz7jdTzephO/tBn8DODSVB
GMl4PIby1brjRZgi0uoV1RywjQKd3LPyovPW9LHUhIKpX/BpS8Cx5DnyTWa//3HD
KwcdUUuk6jhNImV/B8kw6vv1PmFrFPVsEUZiEGNjYyD9z1bBvbrsbTLg/W2UbaNC
+J44FJRo4zGPYGUOm2oObsjlAoi+ijQP8JdZ0ve2Hhr9DFEKuw2+bcM5/kmZWqdh
zgdhVGvNaYirp1oNFV3v8i9TFuGq6uJlhJrGEsJ9D0pRyxaRikSvSCK1mPyCK9SK
CizODfF3u7nJoxlPF5DpkHI4vxg4aQH/F/VoWG12JeskGFAvStVFdUMr+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCv8MaxOMSct4xtmLM4mg1yhJCHWMB8GA1UdIwQY
MBaAFLNSMrSw+oyD1P+MEkToZOu8rdaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczFJeXRMRDZqSVBVXzR3U1JPaGs2N3l0MW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iZDlmZDgtYTM0Ni00NTllLTgzOGEt
YjkxMjJlNTIxMDU4LzEvczFJeXRMRDZqSVBVXzR3U1JPaGs2N3l0MW9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iZDlmZDgtYTM0Ni00NTllLTgzOGEtYjkxMjJlNTIxMDU4
LzEvczFJeXRMRDZqSVBVXzR3U1JPaGs2N3l0MW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxvmisy6t
7aje7J4eP4F5hnK+GgLkChablbkZuR7VWepRjjs6Wuky9rP9SCburSObJgHvgceP
JCIMU9nvwTFdon1vV+wXBPHTyHvKIse5alYXxBp8FAkzfkMnuZELcWNF3hynuKAM
B6Km/44IJgNU2lhA2OjGi7UFejmIoBuEcUx3ZdU+EApD/quSkr3nGFkOKt907XXb
GcRePne797ChbZqjg3f1cEE9UlJUpil/JS4KVEjpNmuFr+1TIgT2x9h83yrHoW2w
Z4RVSDNBHzfbUgdGfvMtw0BzZDklbVz/UkP1/Aqo6HeFkfmw+co1XJ21jReS6L64
QYodWxS0hZxcZw==
-----END CERTIFICATE-----