Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.mft
File:                     R8aO1Qu1PcroV-TIW8r9UT8ndNo.mft (raw, json)
Hash identifier:          lHXpPczN+fSoKKeG2J0Th/0FuJU/zHrT/+/LsvoI3Yk=
Subject key identifier:   49:DA:88:74:D5:05:34:A9:5F:95:E1:A8:6F:52:E7:44:25:A2:F7:BF
Authority key identifier: 47:C6:8E:D5:0B:B5:3D:CA:E8:57:E4:C8:5B:CA:FD:51:3F:27:74:DA
Certificate issuer:       /CN=47c68ed50bb53dcae857e4c85bcafd513f2774da
Certificate serial:       019A71B8553EAAB9620D27952C4C681DF1B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/R8aO1Qu1PcroV-TIW8r9UT8ndNo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 07:01:37 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:37 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:37 +0000
Files and hashes:         1: R8aO1Qu1PcroV-TIW8r9UT8ndNo.crl (hash: DqcmS74Ma/1CNdqfb8/qlLXtVADOwU5Ta5iY5OxiE5E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/R8aO1Qu1PcroV-TIW8r9UT8ndNo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:55:3e:aa:b9:62:0d:27:95:2c:4c:68:1d:f1:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=47c68ed50bb53dcae857e4c85bcafd513f2774da
        Validity
            Not Before: Nov 11 07:01:37 2025 GMT
            Not After : Nov 12 07:01:37 2025 GMT
        Subject: CN=49da8874d50534a95f95e1a86f52e74425a2f7bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:6b:07:f4:27:4f:44:48:fd:5e:97:3c:37:1d:
                    c4:61:f2:80:b8:4e:00:3b:10:87:9d:f9:07:5d:35:
                    13:3c:9f:48:bf:29:57:a7:f2:95:d4:08:86:87:04:
                    cf:37:c9:5a:81:2c:a9:09:86:f3:6c:19:f4:e4:a0:
                    29:ca:a0:b4:83:c2:a0:6f:24:2a:21:f2:73:70:fa:
                    49:b0:c6:d1:4b:fe:7c:5d:75:19:d9:58:95:74:37:
                    10:94:eb:61:79:6c:41:96:a7:06:ec:fb:8f:4c:d6:
                    c7:40:a1:e2:d0:ca:7e:bd:d8:90:cd:a4:ba:4d:5c:
                    ec:4d:15:c3:df:49:a1:70:e0:63:48:3c:01:62:a0:
                    fa:cd:76:ac:07:3b:40:9a:ba:63:98:cb:a3:31:15:
                    6d:9f:0c:44:7f:5c:ca:e1:1c:f7:d5:c1:78:9a:6b:
                    36:39:d1:cf:13:00:c1:54:57:3f:b4:80:25:3f:d5:
                    f1:95:80:ce:2d:89:12:eb:44:db:7f:54:b0:0f:1f:
                    b9:05:87:59:f4:67:b7:34:a2:1a:11:7c:04:2e:cd:
                    26:4b:66:38:ef:f0:d3:32:94:63:44:9d:3a:65:dc:
                    0d:81:78:39:a9:ec:a5:24:f6:d9:dd:56:a8:b1:ab:
                    53:4b:1a:f3:e8:45:35:a6:59:96:86:89:46:07:01:
                    0b:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:DA:88:74:D5:05:34:A9:5F:95:E1:A8:6F:52:E7:44:25:A2:F7:BF
            X509v3 Authority Key Identifier:
                keyid:47:C6:8E:D5:0B:B5:3D:CA:E8:57:E4:C8:5B:CA:FD:51:3F:27:74:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R8aO1Qu1PcroV-TIW8r9UT8ndNo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:23:8f:87:d4:83:15:4f:b9:ac:47:68:10:16:6f:29:a3:8c:
         90:82:3c:cf:57:46:dd:28:61:b9:0b:4d:2d:05:4b:96:38:51:
         79:aa:30:56:ee:27:b5:11:a2:ac:65:09:35:83:19:1c:3b:15:
         67:53:3e:6e:b8:ad:df:c4:98:a6:52:26:c0:6d:2d:4d:c5:c7:
         32:b0:32:d7:f1:e3:de:54:31:45:1f:a4:e2:33:ed:d2:35:60:
         47:aa:d6:9c:08:86:5b:38:4b:9f:08:87:f6:ae:ec:2c:ad:79:
         41:4e:4f:27:cd:39:1c:d7:a5:2d:39:c0:c1:bf:af:c4:bb:37:
         07:67:2a:cb:f4:d8:e7:8c:89:3f:70:77:b3:69:10:ef:97:75:
         3a:c4:9e:8c:c1:4e:a8:a2:44:c7:fa:5b:06:d0:ad:28:07:39:
         df:08:30:1d:d7:0c:1b:9e:17:90:79:e9:29:c3:43:a0:9e:ad:
         8f:ed:0d:a7:fd:a0:a3:e2:ea:78:56:75:7f:5b:98:7d:b9:b5:
         34:7b:48:b7:68:a5:e1:06:1f:b3:5c:c9:5f:73:a5:8c:e6:73:
         cf:f0:4c:ae:a3:74:79:99:1c:7f:3b:81:76:c0:bc:33:a9:63:
         4b:0c:54:1f:04:1e:ee:3e:b4:48:b0:67:c9:bd:83:25:5d:cd:
         34:7b:0f:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuFU+qrliDSeVLExoHfGzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3YzY4ZWQ1MGJiNTNkY2FlODU3ZTRjODViY2FmZDUxM2Yy
Nzc0ZGEwHhcNMjUxMTExMDcwMTM3WhcNMjUxMTEyMDcwMTM3WjAzMTEwLwYDVQQD
Eyg0OWRhODg3NGQ1MDUzNGE5NWY5NWUxYTg2ZjUyZTc0NDI1YTJmN2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2sH9CdPREj9Xpc8Nx3EYfKAuE4A
OxCHnfkHXTUTPJ9IvylXp/KV1AiGhwTPN8lagSypCYbzbBn05KApyqC0g8KgbyQq
IfJzcPpJsMbRS/58XXUZ2ViVdDcQlOtheWxBlqcG7PuPTNbHQKHi0Mp+vdiQzaS6
TVzsTRXD30mhcOBjSDwBYqD6zXasBztAmrpjmMujMRVtnwxEf1zK4Rz31cF4mms2
OdHPEwDBVFc/tIAlP9XxlYDOLYkS60Tbf1SwDx+5BYdZ9Ge3NKIaEXwELs0mS2Y4
7/DTMpRjRJ06ZdwNgXg5qeylJPbZ3VaosatTSxrz6EU1plmWholGBwELlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEnaiHTVBTSpX5XhqG9S50Qlove/MB8GA1UdIwQY
MBaAFEfGjtULtT3K6FfkyFvK/VE/J3TaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjhhTzFRdTFQY3JvVi1USVc4cjlVVDhuZE5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9mZmNhMTgtOWQ3Ni00MDljLWEwZWMt
N2M0NTA0OTgyMDMwLzEvUjhhTzFRdTFQY3JvVi1USVc4cjlVVDhuZE5vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9mZmNhMTgtOWQ3Ni00MDljLWEwZWMtN2M0NTA0OTgyMDMw
LzEvUjhhTzFRdTFQY3JvVi1USVc4cjlVVDhuZE5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoSOPh9SD
FU+5rEdoEBZvKaOMkII8z1dG3ShhuQtNLQVLljhReaowVu4ntRGirGUJNYMZHDsV
Z1M+brit38SYplImwG0tTcXHMrAy1/Hj3lQxRR+k4jPt0jVgR6rWnAiGWzhLnwiH
9q7sLK15QU5PJ805HNelLTnAwb+vxLs3B2cqy/TY54yJP3B3s2kQ75d1OsSejMFO
qKJEx/pbBtCtKAc53wgwHdcMG54XkHnpKcNDoJ6tj+0Np/2go+LqeFZ1f1uYfbm1
NHtIt2il4QYfs1zJX3OljOZzz/BMrqN0eZkcfzuBdsC8M6ljSwxUHwQe7j60SLBn
yb2DJV3NNHsPZA==
-----END CERTIFICATE-----