Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/cb88ae-f020-44d9-b462-da6199b82f11/1/v7yKhmj1D9r0lPUoosqv0Ct8Ma0.mft
File:                     v7yKhmj1D9r0lPUoosqv0Ct8Ma0.mft (raw, json)
Hash identifier:          LFejx7iVRrH+Vbvgp7vjYR7RucdwXyTiIbGSB1/IqHc=
Subject key identifier:   96:3F:61:4A:65:67:DB:B4:C9:43:96:3F:C9:DD:D7:E9:A8:EE:6B:80
Authority key identifier: BF:BC:8A:86:68:F5:0F:DA:F4:94:F5:28:A2:CA:AF:D0:2B:7C:31:AD
Certificate issuer:       /CN=bfbc8a8668f50fdaf494f528a2caafd02b7c31ad
Certificate serial:       019A70A5619129FE724007EE07B4A6C16523
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v7yKhmj1D9r0lPUoosqv0Ct8Ma0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/cb88ae-f020-44d9-b462-da6199b82f11/1/v7yKhmj1D9r0lPUoosqv0Ct8Ma0.mft
Manifest number:          03E7
Signing time:             Tue 11 Nov 2025 02:01:17 +0000
Manifest this update:     Tue 11 Nov 2025 02:01:17 +0000
Manifest next update:     Wed 12 Nov 2025 02:01:17 +0000
Files and hashes:         1: v7yKhmj1D9r0lPUoosqv0Ct8Ma0.crl (hash: i1AyyagMse/WX/nC7ZW3htEIF3xtXCb6Agv7fQ+TIvc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/cb88ae-f020-44d9-b462-da6199b82f11/1/v7yKhmj1D9r0lPUoosqv0Ct8Ma0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/cb88ae-f020-44d9-b462-da6199b82f11/1/v7yKhmj1D9r0lPUoosqv0Ct8Ma0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/v7yKhmj1D9r0lPUoosqv0Ct8Ma0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 02:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:a5:61:91:29:fe:72:40:07:ee:07:b4:a6:c1:65:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbc8a8668f50fdaf494f528a2caafd02b7c31ad
        Validity
            Not Before: Nov 11 02:01:17 2025 GMT
            Not After : Nov 12 02:01:17 2025 GMT
        Subject: CN=963f614a6567dbb4c943963fc9ddd7e9a8ee6b80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:e5:70:fd:55:4f:10:10:bc:6b:4f:16:74:9d:
                    44:e2:a2:19:4b:b3:6f:0b:8c:ef:1f:e1:15:d9:64:
                    28:82:83:b0:c1:bc:ae:dc:c7:e7:12:92:a7:89:44:
                    e2:6d:c4:bc:3a:af:80:ad:bd:6d:d0:53:8d:11:52:
                    72:d3:0b:ad:cf:23:5c:ef:37:4c:38:3f:a0:a0:7e:
                    05:6c:20:dd:4a:64:8d:58:d1:a7:59:c0:a0:a0:af:
                    df:52:4e:fa:41:58:72:b3:ad:b2:2c:cc:7b:86:03:
                    17:27:c3:8d:67:8a:44:e1:b9:54:bc:8c:21:34:8e:
                    04:7d:4d:9b:25:34:ef:dc:22:d8:a3:ef:e3:a2:64:
                    fd:37:d8:c7:6a:d0:23:88:34:1d:fb:96:ab:e3:99:
                    0d:9a:34:07:07:6e:d3:7b:30:db:43:86:4e:a1:7f:
                    6e:bd:01:08:55:03:d2:d3:3e:c6:db:68:98:9a:e6:
                    a3:b8:5b:da:f8:26:bf:22:5a:21:df:7a:b7:8f:14:
                    cf:c4:b5:ac:dd:b1:fe:8f:6e:65:7a:ff:ab:ce:31:
                    e5:63:4a:9e:fb:c5:2b:19:52:8f:7c:48:9a:d9:8b:
                    7e:27:6d:e9:11:93:56:3d:64:58:c7:51:30:90:e0:
                    ef:d0:0a:79:e2:c6:33:de:b1:01:9a:65:fb:5f:b2:
                    dd:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:3F:61:4A:65:67:DB:B4:C9:43:96:3F:C9:DD:D7:E9:A8:EE:6B:80
            X509v3 Authority Key Identifier:
                keyid:BF:BC:8A:86:68:F5:0F:DA:F4:94:F5:28:A2:CA:AF:D0:2B:7C:31:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v7yKhmj1D9r0lPUoosqv0Ct8Ma0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/cb88ae-f020-44d9-b462-da6199b82f11/1/v7yKhmj1D9r0lPUoosqv0Ct8Ma0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/cb88ae-f020-44d9-b462-da6199b82f11/1/v7yKhmj1D9r0lPUoosqv0Ct8Ma0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:41:0e:c0:b0:12:6e:46:d5:38:d9:ab:0b:99:92:65:65:54:
         12:15:9d:94:c2:f1:3e:2a:5b:3f:99:c8:8c:59:92:59:70:ce:
         77:45:a4:37:a3:12:73:bb:21:22:57:f4:4e:a7:34:cd:bb:bb:
         24:15:f3:e0:1a:87:ca:3c:3a:00:eb:5c:5e:0d:8c:d5:69:1c:
         55:6f:94:28:f0:93:79:20:3f:eb:b9:67:97:48:a0:ca:6d:bf:
         22:e1:5a:72:c8:da:54:3d:b1:70:b9:72:13:a9:79:1f:64:1c:
         be:1c:50:49:63:77:3b:6b:ba:f9:84:9e:3e:ce:29:26:f7:72:
         0d:f9:db:6b:9f:24:83:fb:4d:26:9f:6a:0c:d5:fd:aa:b1:59:
         ac:3d:13:b4:a0:32:15:58:26:76:87:58:0d:69:f5:44:ab:94:
         a8:32:a2:d4:ec:07:cd:01:67:32:6f:f4:77:3a:2c:ce:37:65:
         1a:b6:b4:05:38:9a:43:12:18:45:9e:12:b7:70:ac:e5:5f:87:
         33:be:95:92:94:35:ec:cc:c7:31:79:a4:19:7a:c9:b3:23:b9:
         b7:d4:6b:f1:7b:15:4a:6e:31:83:64:73:d5:3a:26:39:21:68:
         61:08:41:8b:ca:fc:e1:26:25:c2:20:32:40:52:ce:1c:fe:e6:
         6e:33:d2:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpWGRKf5yQAfuB7SmwWUjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYmM4YTg2NjhmNTBmZGFmNDk0ZjUyOGEyY2FhZmQwMmI3
YzMxYWQwHhcNMjUxMTExMDIwMTE3WhcNMjUxMTEyMDIwMTE3WjAzMTEwLwYDVQQD
Eyg5NjNmNjE0YTY1NjdkYmI0Yzk0Mzk2M2ZjOWRkZDdlOWE4ZWU2YjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuVw/VVPEBC8a08WdJ1E4qIZS7Nv
C4zvH+EV2WQogoOwwbyu3MfnEpKniUTibcS8Oq+Arb1t0FONEVJy0wutzyNc7zdM
OD+goH4FbCDdSmSNWNGnWcCgoK/fUk76QVhys62yLMx7hgMXJ8ONZ4pE4blUvIwh
NI4EfU2bJTTv3CLYo+/jomT9N9jHatAjiDQd+5ar45kNmjQHB27TezDbQ4ZOoX9u
vQEIVQPS0z7G22iYmuajuFva+Ca/Iloh33q3jxTPxLWs3bH+j25lev+rzjHlY0qe
+8UrGVKPfEia2Yt+J23pEZNWPWRYx1EwkODv0Ap54sYz3rEBmmX7X7LdPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJY/YUplZ9u0yUOWP8nd1+mo7muAMB8GA1UdIwQY
MBaAFL+8ioZo9Q/a9JT1KKLKr9ArfDGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjd5S2htajFEOXIwbFBVb29zcXYwQ3Q4TWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9jYjg4YWUtZjAyMC00NGQ5LWI0NjIt
ZGE2MTk5YjgyZjExLzEvdjd5S2htajFEOXIwbFBVb29zcXYwQ3Q4TWEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9jYjg4YWUtZjAyMC00NGQ5LWI0NjItZGE2MTk5YjgyZjEx
LzEvdjd5S2htajFEOXIwbFBVb29zcXYwQ3Q4TWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB0EOwLAS
bkbVONmrC5mSZWVUEhWdlMLxPipbP5nIjFmSWXDOd0WkN6MSc7shIlf0Tqc0zbu7
JBXz4BqHyjw6AOtcXg2M1WkcVW+UKPCTeSA/67lnl0igym2/IuFacsjaVD2xcLly
E6l5H2QcvhxQSWN3O2u6+YSePs4pJvdyDfnba58kg/tNJp9qDNX9qrFZrD0TtKAy
FVgmdodYDWn1RKuUqDKi1OwHzQFnMm/0dzoszjdlGra0BTiaQxIYRZ4St3Cs5V+H
M76VkpQ17MzHMXmkGXrJsyO5t9Rr8XsVSm4xg2Rz1TomOSFoYQhBi8r84SYlwiAy
QFLOHP7mbjPSSQ==
-----END CERTIFICATE-----