Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/23244d-4886-470b-b1fc-290aa4318caa/1/_1VJGZMcZ70mUPxODHPC-z4ijZU.mft
File:                     _1VJGZMcZ70mUPxODHPC-z4ijZU.mft (raw, json)
Hash identifier:          kIFO+v6Xfdku8Y7u+b8xJvQrf1P4zrrPf/4NB867oOg=
Subject key identifier:   82:92:CE:2D:6F:6D:53:70:78:37:5A:57:3E:22:2B:56:05:1F:E3:ED
Authority key identifier: FF:55:49:19:93:1C:67:BD:26:50:FC:4E:0C:73:C2:FB:3E:22:8D:95
Certificate issuer:       /CN=ff554919931c67bd2650fc4e0c73c2fb3e228d95
Certificate serial:       019A725C85EFF95D4B5F832FB32EC919E929
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_1VJGZMcZ70mUPxODHPC-z4ijZU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/23244d-4886-470b-b1fc-290aa4318caa/1/_1VJGZMcZ70mUPxODHPC-z4ijZU.mft
Manifest number:          171A
Signing time:             Tue 11 Nov 2025 10:00:57 +0000
Manifest this update:     Tue 11 Nov 2025 10:00:57 +0000
Manifest next update:     Wed 12 Nov 2025 10:00:57 +0000
Files and hashes:         1: _1VJGZMcZ70mUPxODHPC-z4ijZU.crl (hash: J12NKDQP7MDnNjcFOJ+5qbj0ZC+anpGVokrn+oaED3Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/23244d-4886-470b-b1fc-290aa4318caa/1/_1VJGZMcZ70mUPxODHPC-z4ijZU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/23244d-4886-470b-b1fc-290aa4318caa/1/_1VJGZMcZ70mUPxODHPC-z4ijZU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_1VJGZMcZ70mUPxODHPC-z4ijZU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:85:ef:f9:5d:4b:5f:83:2f:b3:2e:c9:19:e9:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff554919931c67bd2650fc4e0c73c2fb3e228d95
        Validity
            Not Before: Nov 11 10:00:57 2025 GMT
            Not After : Nov 12 10:00:57 2025 GMT
        Subject: CN=8292ce2d6f6d537078375a573e222b56051fe3ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:1c:30:68:03:31:29:b6:ba:68:46:1e:70:a0:
                    fc:a6:b7:c4:6e:d6:44:86:62:e8:7b:34:d9:43:d9:
                    fc:fd:8b:a3:cc:45:37:1e:4a:1f:a2:d4:7a:32:59:
                    df:36:df:c3:d6:5c:c1:49:10:e5:eb:8b:87:2a:6b:
                    f7:0b:3e:e4:0b:a0:2f:54:b4:17:28:98:c9:a3:de:
                    3f:b4:c4:7d:7c:56:ea:ee:ab:ab:94:2a:6c:d8:d1:
                    27:19:79:3c:bb:c1:85:d3:9d:85:ec:49:a0:b1:3f:
                    c6:ca:1e:62:43:8d:54:6c:ad:1f:2c:e7:af:23:c3:
                    a3:49:10:01:94:dd:1a:24:d7:8b:ab:4e:b9:7f:93:
                    25:71:14:7e:61:62:5c:34:e4:c3:c8:14:ad:24:13:
                    b1:25:b3:84:af:33:74:24:68:d7:90:55:51:4c:f4:
                    6f:c9:ea:38:86:93:2a:39:e7:67:b9:1e:0a:9b:58:
                    68:ee:0f:b8:12:4e:ec:40:bc:b9:9f:ae:d2:6c:2e:
                    f2:43:03:03:22:fd:fd:cb:46:ae:cd:2c:2d:5d:62:
                    4c:bb:e8:b9:bf:29:1f:ed:69:c5:18:24:98:6e:f6:
                    fe:70:20:d4:a3:1a:e5:69:01:31:69:8b:76:5a:be:
                    2e:e2:7f:c9:7d:47:38:cb:a4:da:fe:37:da:5c:5e:
                    b7:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:92:CE:2D:6F:6D:53:70:78:37:5A:57:3E:22:2B:56:05:1F:E3:ED
            X509v3 Authority Key Identifier:
                keyid:FF:55:49:19:93:1C:67:BD:26:50:FC:4E:0C:73:C2:FB:3E:22:8D:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_1VJGZMcZ70mUPxODHPC-z4ijZU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/23244d-4886-470b-b1fc-290aa4318caa/1/_1VJGZMcZ70mUPxODHPC-z4ijZU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/23244d-4886-470b-b1fc-290aa4318caa/1/_1VJGZMcZ70mUPxODHPC-z4ijZU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:15:88:8c:93:f2:6b:de:ad:da:fa:61:77:25:f1:c9:a5:04:
         22:45:50:d8:45:e3:2f:05:e5:27:4c:6c:9f:e2:60:86:2b:4f:
         98:a0:f5:f0:b5:12:fe:74:3a:57:08:70:1e:aa:6b:56:f6:9c:
         77:b0:c5:69:70:6c:07:df:e6:f2:b6:ee:e6:36:8f:ef:84:61:
         e4:b3:59:08:32:3a:4f:83:1f:1d:2f:46:35:01:d1:03:96:ec:
         f1:1e:b8:79:72:82:9b:50:ff:3c:1e:90:08:39:49:c9:fa:c2:
         09:98:1c:8d:39:dd:98:35:0d:2f:00:fa:88:55:57:2b:20:07:
         a5:ce:f7:14:1a:6e:06:f0:27:f0:da:02:a8:98:58:60:e0:5f:
         1c:a5:27:fb:47:11:ae:a7:c1:65:bb:dc:a7:e7:7f:78:7c:d1:
         f0:a7:dd:67:4c:7a:11:60:ea:1c:d7:a8:44:3e:5a:a3:0a:bc:
         87:78:5f:fe:10:ae:2a:11:9b:be:bc:05:61:f5:b7:06:d9:33:
         f6:c8:49:21:d8:40:4b:42:ae:01:4c:92:ab:00:1c:b3:95:a5:
         d9:6f:74:85:b8:2a:3f:f9:64:45:9d:22:bc:3d:ec:48:88:4a:
         75:aa:46:e4:fa:8f:c3:a4:64:ff:7b:57:4f:77:ec:50:65:c4:
         14:26:77:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXIXv+V1LX4Mvsy7JGekpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNTU0OTE5OTMxYzY3YmQyNjUwZmM0ZTBjNzNjMmZiM2Uy
MjhkOTUwHhcNMjUxMTExMTAwMDU3WhcNMjUxMTEyMTAwMDU3WjAzMTEwLwYDVQQD
Eyg4MjkyY2UyZDZmNmQ1MzcwNzgzNzVhNTczZTIyMmI1NjA1MWZlM2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0BwwaAMxKba6aEYecKD8prfEbtZE
hmLoezTZQ9n8/YujzEU3HkofotR6MlnfNt/D1lzBSRDl64uHKmv3Cz7kC6AvVLQX
KJjJo94/tMR9fFbq7qurlCps2NEnGXk8u8GF052F7EmgsT/Gyh5iQ41UbK0fLOev
I8OjSRABlN0aJNeLq065f5MlcRR+YWJcNOTDyBStJBOxJbOErzN0JGjXkFVRTPRv
yeo4hpMqOednuR4Km1ho7g+4Ek7sQLy5n67SbC7yQwMDIv39y0auzSwtXWJMu+i5
vykf7WnFGCSYbvb+cCDUoxrlaQExaYt2Wr4u4n/JfUc4y6Ta/jfaXF63ZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIKSzi1vbVNweDdaVz4iK1YFH+PtMB8GA1UdIwQY
MBaAFP9VSRmTHGe9JlD8Tgxzwvs+Io2VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzFWSkdaTWNaNzBtVVB4T0RIUEMtejRpalpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8yMzI0NGQtNDg4Ni00NzBiLWIxZmMt
MjkwYWE0MzE4Y2FhLzEvXzFWSkdaTWNaNzBtVVB4T0RIUEMtejRpalpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8yMzI0NGQtNDg4Ni00NzBiLWIxZmMtMjkwYWE0MzE4Y2Fh
LzEvXzFWSkdaTWNaNzBtVVB4T0RIUEMtejRpalpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnBWIjJPy
a96t2vphdyXxyaUEIkVQ2EXjLwXlJ0xsn+JghitPmKD18LUS/nQ6VwhwHqprVvac
d7DFaXBsB9/m8rbu5jaP74Rh5LNZCDI6T4MfHS9GNQHRA5bs8R64eXKCm1D/PB6Q
CDlJyfrCCZgcjTndmDUNLwD6iFVXKyAHpc73FBpuBvAn8NoCqJhYYOBfHKUn+0cR
rqfBZbvcp+d/eHzR8KfdZ0x6EWDqHNeoRD5aowq8h3hf/hCuKhGbvrwFYfW3Btkz
9shJIdhAS0KuAUySqwAcs5Wl2W90hbgqP/lkRZ0ivD3sSIhKdapG5PqPw6Rk/3tX
T3fsUGXEFCZ3XA==
-----END CERTIFICATE-----