Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft
File:                     Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft (raw, json)
Hash identifier:          JV6RCgX4ED5tgMiXcdfcmBjDGLOPIY9h7sEyBYlDeuA=
Subject key identifier:   BD:2F:16:79:03:B3:42:CC:38:94:C4:F9:CC:19:BB:D9:A4:B8:EA:AF
Authority key identifier: 5D:FD:38:3E:16:8D:2E:C9:FB:C3:90:EA:8D:99:A4:BA:F7:EC:3B:5B
Certificate issuer:       /CN=5dfd383e168d2ec9fbc390ea8d99a4baf7ec3b5b
Certificate serial:       019A71B7EFB7C3CA6625A5F9EA41BBA49696
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xf04PhaNLsn7w5DqjZmkuvfsO1s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft
Manifest number:          01B8
Signing time:             Tue 11 Nov 2025 07:01:11 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:11 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:11 +0000
Files and hashes:         1: Xf04PhaNLsn7w5DqjZmkuvfsO1s.crl (hash: PO+Mdw3CBSPBtNB3lDndZfA2B3xNLXFVRYfwzpYIl8c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Xf04PhaNLsn7w5DqjZmkuvfsO1s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:ef:b7:c3:ca:66:25:a5:f9:ea:41:bb:a4:96:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5dfd383e168d2ec9fbc390ea8d99a4baf7ec3b5b
        Validity
            Not Before: Nov 11 07:01:11 2025 GMT
            Not After : Nov 12 07:01:11 2025 GMT
        Subject: CN=bd2f167903b342cc3894c4f9cc19bbd9a4b8eaaf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:ab:e4:21:ea:7d:30:eb:a7:95:6a:bb:6a:dd:
                    b5:5c:34:16:f8:0e:4c:80:ab:e3:ef:bf:4f:dd:56:
                    a8:69:99:0e:42:df:71:78:11:4f:7d:a1:74:0b:51:
                    ab:90:0c:09:1e:95:9b:44:14:f7:c2:f0:75:55:1c:
                    a0:08:7a:53:bc:9a:8b:ff:7c:a3:c6:d6:8c:fe:0d:
                    58:af:f0:2d:21:d4:36:23:d2:a3:bd:42:46:d3:3a:
                    5c:b0:6a:e5:6f:fc:86:bc:51:f9:3f:a3:a1:6e:05:
                    9c:c0:c5:fa:ec:5e:fb:dc:63:d6:38:29:60:00:dd:
                    de:88:3a:ea:ea:ce:b6:1f:21:df:c2:92:41:b4:44:
                    b3:58:1f:75:92:1a:f7:75:52:3f:3b:72:57:b2:56:
                    b9:f6:62:cb:79:a6:6c:bc:b5:e2:e9:cc:d2:93:c7:
                    e0:ab:82:bc:53:0d:83:41:03:f8:a2:1e:3c:2b:91:
                    58:8e:0a:ca:c3:78:89:49:e6:16:b8:43:cc:59:20:
                    cd:f6:36:8e:71:68:3a:11:7e:2e:9f:d3:37:3c:eb:
                    71:f3:f1:db:76:82:3c:30:cf:fa:9f:72:24:a2:97:
                    8b:66:99:84:e9:d0:f3:9e:d8:ef:19:ff:dc:27:87:
                    54:4a:53:31:0f:42:b9:a4:b6:0d:c7:06:8a:99:cd:
                    59:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:2F:16:79:03:B3:42:CC:38:94:C4:F9:CC:19:BB:D9:A4:B8:EA:AF
            X509v3 Authority Key Identifier:
                keyid:5D:FD:38:3E:16:8D:2E:C9:FB:C3:90:EA:8D:99:A4:BA:F7:EC:3B:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xf04PhaNLsn7w5DqjZmkuvfsO1s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:2c:1c:9a:f4:39:b3:e4:50:32:0b:82:84:63:3e:ab:ca:50:
         11:e2:a9:c6:d8:69:b6:d7:35:38:e8:2f:0a:1f:18:75:ac:ec:
         45:76:2b:fb:f9:84:51:ad:9a:9c:da:5d:0d:bc:67:e3:4f:e9:
         1b:d0:08:c7:ae:06:61:ad:21:6d:b6:f7:c5:d2:63:16:66:89:
         36:4b:03:39:98:db:b4:06:be:f8:86:f1:ab:e9:59:7b:a5:f8:
         ca:86:18:eb:67:1e:b5:4a:37:84:61:de:f0:72:ee:74:7e:c2:
         3d:b7:1d:da:fa:80:f7:c6:19:f8:22:f0:44:92:80:a2:f0:be:
         83:e7:f2:e3:4e:1b:16:f1:68:41:19:8f:92:23:93:e7:c9:c5:
         c7:b0:22:34:67:c7:02:ed:57:42:a0:2d:a6:c4:ab:37:1a:45:
         ca:6b:75:3a:91:1a:e9:a4:3e:7a:af:87:84:ff:80:5e:4d:ec:
         a8:a4:47:29:66:7d:6a:01:49:a4:d1:71:76:90:08:47:a4:97:
         9b:16:70:cc:28:4e:81:e9:60:75:09:60:52:2a:5e:ef:8f:0e:
         54:be:55:56:1e:89:d7:77:c8:e0:bf:5a:d4:aa:c9:04:bd:5a:
         9d:6c:c5:d5:61:11:60:00:bd:ec:ca:5d:b3:24:8f:77:9a:e3:
         bd:3b:66:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt++3w8pmJaX56kG7pJaWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZmQzODNlMTY4ZDJlYzlmYmMzOTBlYThkOTlhNGJhZjdl
YzNiNWIwHhcNMjUxMTExMDcwMTExWhcNMjUxMTEyMDcwMTExWjAzMTEwLwYDVQQD
EyhiZDJmMTY3OTAzYjM0MmNjMzg5NGM0ZjljYzE5YmJkOWE0YjhlYWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6vkIep9MOunlWq7at21XDQW+A5M
gKvj779P3VaoaZkOQt9xeBFPfaF0C1GrkAwJHpWbRBT3wvB1VRygCHpTvJqL/3yj
xtaM/g1Yr/AtIdQ2I9KjvUJG0zpcsGrlb/yGvFH5P6OhbgWcwMX67F773GPWOClg
AN3eiDrq6s62HyHfwpJBtESzWB91khr3dVI/O3JXsla59mLLeaZsvLXi6czSk8fg
q4K8Uw2DQQP4oh48K5FYjgrKw3iJSeYWuEPMWSDN9jaOcWg6EX4un9M3POtx8/Hb
doI8MM/6n3IkopeLZpmE6dDzntjvGf/cJ4dUSlMxD0K5pLYNxwaKmc1ZGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL0vFnkDs0LMOJTE+cwZu9mkuOqvMB8GA1UdIwQY
MBaAFF39OD4WjS7J+8OQ6o2ZpLr37DtbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGYwNFBoYU5Mc243dzVEcWpabWt1dmZzTzFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8zNDQwNGEtNDEzMi00ZTgzLThlNDYt
MzkwZTkzNWJlZGEzLzEvWGYwNFBoYU5Mc243dzVEcWpabWt1dmZzTzFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8zNDQwNGEtNDEzMi00ZTgzLThlNDYtMzkwZTkzNWJlZGEz
LzEvWGYwNFBoYU5Mc243dzVEcWpabWt1dmZzTzFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdSwcmvQ5
s+RQMguChGM+q8pQEeKpxthpttc1OOgvCh8YdazsRXYr+/mEUa2anNpdDbxn40/p
G9AIx64GYa0hbbb3xdJjFmaJNksDOZjbtAa++Ibxq+lZe6X4yoYY62cetUo3hGHe
8HLudH7CPbcd2vqA98YZ+CLwRJKAovC+g+fy404bFvFoQRmPkiOT58nFx7AiNGfH
Au1XQqAtpsSrNxpFymt1OpEa6aQ+eq+HhP+AXk3sqKRHKWZ9agFJpNFxdpAIR6SX
mxZwzChOgelgdQlgUipe748OVL5VVh6J13fI4L9a1KrJBL1anWzF1WERYAC97Mpd
sySPd5rjvTtmjg==
-----END CERTIFICATE-----