Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft
File:                     PRf0av89iyHwD-6PY16uNKf0pNc.mft (raw, json)
Hash identifier:          IwBIM3Qdlv7K8TYb4XSAYBx6L5jrGB0adcGE0Y/8BBQ=
Subject key identifier:   94:F2:03:54:1A:FC:59:77:9B:10:01:1A:7A:04:98:B2:D4:3D:9F:48
Authority key identifier: 3D:17:F4:6A:FF:3D:8B:21:F0:0F:EE:8F:63:5E:AE:34:A7:F4:A4:D7
Certificate issuer:       /CN=3d17f46aff3d8b21f00fee8f635eae34a7f4a4d7
Certificate serial:       019A71B8A0D6663A01F3BCAA22D429C5F7A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PRf0av89iyHwD-6PY16uNKf0pNc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft
Manifest number:          0C0D
Signing time:             Tue 11 Nov 2025 07:01:56 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:56 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:56 +0000
Files and hashes:         1: PRf0av89iyHwD-6PY16uNKf0pNc.crl (hash: iVd1jmAs0gCDDtZNRsMOsyKuSx0bGq4QVhpqErYzUUI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PRf0av89iyHwD-6PY16uNKf0pNc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:a0:d6:66:3a:01:f3:bc:aa:22:d4:29:c5:f7:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d17f46aff3d8b21f00fee8f635eae34a7f4a4d7
        Validity
            Not Before: Nov 11 07:01:56 2025 GMT
            Not After : Nov 12 07:01:56 2025 GMT
        Subject: CN=94f203541afc59779b10011a7a0498b2d43d9f48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:f5:29:67:79:ae:33:26:58:a1:f5:d8:c1:a3:
                    b7:bc:35:ef:4c:69:eb:a3:89:da:29:e9:12:2e:67:
                    aa:12:cd:10:4d:00:e9:f0:9e:30:53:57:e2:4f:7a:
                    2a:d9:c4:d7:d0:9c:5b:d8:cc:bf:30:a1:ab:56:71:
                    e8:0c:95:40:87:6d:bf:33:2d:19:87:70:f2:18:06:
                    df:b2:25:28:27:3e:9e:f2:45:89:66:dd:3d:a3:5b:
                    5a:c9:79:37:ce:77:2e:80:79:fb:77:a6:be:3f:2a:
                    ac:36:57:cc:f7:3f:60:98:b9:f2:c7:44:4e:ea:2e:
                    06:0c:33:79:e0:4b:bb:0d:d9:40:24:bf:e0:43:2f:
                    72:10:c1:36:8e:94:52:eb:0f:60:3f:b6:62:d9:4c:
                    3e:41:71:20:67:a7:de:28:ee:73:67:3d:71:8c:bb:
                    70:1d:bd:62:67:37:fb:9a:d5:af:cd:c8:02:5d:f2:
                    7d:3f:ff:b2:44:c3:1f:8c:22:15:fa:76:a6:b9:4e:
                    b1:7b:d7:75:21:3a:b2:c3:95:98:a5:10:a0:d0:c3:
                    78:d2:84:2e:e9:6a:23:91:a9:1b:6b:59:a6:c7:fd:
                    de:98:37:80:50:69:2e:1d:27:f9:15:6b:2d:27:69:
                    f8:d5:73:aa:3d:ac:85:f9:1f:fd:b5:62:51:65:af:
                    01:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:F2:03:54:1A:FC:59:77:9B:10:01:1A:7A:04:98:B2:D4:3D:9F:48
            X509v3 Authority Key Identifier:
                keyid:3D:17:F4:6A:FF:3D:8B:21:F0:0F:EE:8F:63:5E:AE:34:A7:F4:A4:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PRf0av89iyHwD-6PY16uNKf0pNc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:5c:e9:8b:a4:af:1c:fa:13:a3:78:c2:29:0b:2c:87:b5:cc:
         68:56:41:eb:a1:59:0f:28:79:61:2e:80:af:7b:53:0b:6c:a9:
         25:e8:b2:06:6e:92:1f:bf:97:8f:95:18:1f:9d:bf:b4:c2:3e:
         34:25:77:7b:d7:4d:fd:16:70:1b:05:1b:22:ce:7b:e8:e3:3f:
         e8:c6:4e:63:35:4e:08:5a:87:e5:de:a6:c3:0d:af:de:b1:eb:
         b6:0b:f2:8e:f4:13:1b:43:37:34:c0:10:86:7b:e2:e5:08:ed:
         d4:7c:d3:34:e7:ff:c5:36:d4:80:1d:66:aa:31:e2:b1:ac:12:
         0e:b5:e1:c1:cf:e9:27:83:4e:9b:f8:ab:6c:46:80:3e:13:31:
         70:be:1f:4e:48:eb:76:e4:cd:41:8e:82:25:df:c3:fe:9d:09:
         f4:38:e3:b7:d4:a0:4f:be:88:f8:4f:01:65:67:40:c8:69:76:
         f2:3f:b9:86:30:d5:01:80:1c:44:18:5e:a8:9d:b5:e2:9b:1e:
         dd:c4:3d:a9:7d:af:f3:4b:f2:fb:38:e4:76:28:22:d0:2b:77:
         d1:04:5e:07:89:55:0b:2b:b0:82:2c:54:ce:aa:b4:4c:eb:7f:
         a1:78:c7:1a:45:1b:7c:d2:9e:4f:a7:99:b2:2a:94:aa:28:80:
         80:fd:90:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuKDWZjoB87yqItQpxfeiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMTdmNDZhZmYzZDhiMjFmMDBmZWU4ZjYzNWVhZTM0YTdm
NGE0ZDcwHhcNMjUxMTExMDcwMTU2WhcNMjUxMTEyMDcwMTU2WjAzMTEwLwYDVQQD
Eyg5NGYyMDM1NDFhZmM1OTc3OWIxMDAxMWE3YTA0OThiMmQ0M2Q5ZjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/UpZ3muMyZYofXYwaO3vDXvTGnr
o4naKekSLmeqEs0QTQDp8J4wU1fiT3oq2cTX0Jxb2My/MKGrVnHoDJVAh22/My0Z
h3DyGAbfsiUoJz6e8kWJZt09o1tayXk3zncugHn7d6a+PyqsNlfM9z9gmLnyx0RO
6i4GDDN54Eu7DdlAJL/gQy9yEME2jpRS6w9gP7Zi2Uw+QXEgZ6feKO5zZz1xjLtw
Hb1iZzf7mtWvzcgCXfJ9P/+yRMMfjCIV+namuU6xe9d1ITqyw5WYpRCg0MN40oQu
6Wojkakba1mmx/3emDeAUGkuHSf5FWstJ2n41XOqPayF+R/9tWJRZa8BIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJTyA1Qa/Fl3mxABGnoEmLLUPZ9IMB8GA1UdIwQY
MBaAFD0X9Gr/PYsh8A/uj2NerjSn9KTXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFJmMGF2ODlpeUh3RC02UFkxNnVOS2YwcE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9iMjgxYzctY2Q5YS00Mzc1LWI4NGEt
ODUxZWQ1MjlmMjIyLzEvUFJmMGF2ODlpeUh3RC02UFkxNnVOS2YwcE5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9iMjgxYzctY2Q5YS00Mzc1LWI4NGEtODUxZWQ1MjlmMjIy
LzEvUFJmMGF2ODlpeUh3RC02UFkxNnVOS2YwcE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqFzpi6Sv
HPoTo3jCKQssh7XMaFZB66FZDyh5YS6Ar3tTC2ypJeiyBm6SH7+Xj5UYH52/tMI+
NCV3e9dN/RZwGwUbIs576OM/6MZOYzVOCFqH5d6mww2v3rHrtgvyjvQTG0M3NMAQ
hnvi5Qjt1HzTNOf/xTbUgB1mqjHisawSDrXhwc/pJ4NOm/irbEaAPhMxcL4fTkjr
duTNQY6CJd/D/p0J9Djjt9SgT76I+E8BZWdAyGl28j+5hjDVAYAcRBheqJ214pse
3cQ9qX2v80vy+zjkdigi0Ct30QReB4lVCyuwgixUzqq0TOt/oXjHGkUbfNKeT6eZ
siqUqiiAgP2Qyw==
-----END CERTIFICATE-----