Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
File:                     y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft (raw, json)
Hash identifier:          vTGqULwNaznQzwDikIL1KNkyklMKDFYT+WTfPqAam+I=
Subject key identifier:   76:4C:06:C0:B3:95:EC:AF:BC:07:A7:0E:A6:72:AF:00:D1:18:CC:00
Authority key identifier: CB:C2:EB:DA:3A:B0:85:10:EB:E9:A1:0E:60:BE:23:16:02:28:A9:42
Certificate issuer:       /CN=cbc2ebda3ab08510ebe9a10e60be23160228a942
Certificate serial:       019A71B886C3C74EA2C823A5F8303C1D7EC6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 07:01:49 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:49 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:49 +0000
Files and hashes:         1: y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl (hash: jIwOaDg4UGuvonqfdF0m455i9fAV+YkG55NtDxzMtjY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:86:c3:c7:4e:a2:c8:23:a5:f8:30:3c:1d:7e:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbc2ebda3ab08510ebe9a10e60be23160228a942
        Validity
            Not Before: Nov 11 07:01:49 2025 GMT
            Not After : Nov 12 07:01:49 2025 GMT
        Subject: CN=764c06c0b395ecafbc07a70ea672af00d118cc00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:38:17:35:60:93:2a:b9:22:8d:ad:2f:61:e2:
                    64:9e:3d:bf:02:f1:6d:72:eb:5e:95:94:03:e7:27:
                    c7:25:41:4a:55:e8:8a:17:40:5d:65:8f:e1:82:85:
                    07:1e:94:26:3c:0d:2d:cb:d1:21:66:db:41:b5:5e:
                    74:66:db:cf:ba:94:fb:05:40:04:5c:56:b9:31:50:
                    7b:89:9d:68:29:71:36:34:4e:60:6a:8d:68:46:02:
                    a5:8a:2d:b3:eb:44:63:40:66:3d:a1:33:d2:bd:ca:
                    b5:94:8f:1e:e8:06:2a:40:d3:72:13:7d:e0:0f:5e:
                    d4:5b:f4:99:19:28:81:57:d8:76:f0:48:f1:aa:65:
                    01:ff:4a:7d:d9:1b:c9:94:ad:81:d6:9d:09:73:f2:
                    e4:d8:ef:40:e4:10:7a:5e:b9:30:99:02:66:22:87:
                    83:06:73:4a:10:8d:f3:c4:a1:c9:38:2f:ed:7b:c5:
                    12:06:b5:f8:c5:63:55:66:20:51:fd:2c:14:32:6e:
                    a5:68:f1:47:10:f9:11:76:dc:80:e9:fa:c7:52:0b:
                    d5:e5:cc:6a:2d:fa:2b:83:14:9c:af:72:40:c9:5e:
                    f9:cc:eb:4e:39:09:d9:3e:af:79:64:53:0d:74:41:
                    d9:e2:4e:3d:0b:e3:60:a8:5a:a8:cb:19:f6:86:4d:
                    bc:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:4C:06:C0:B3:95:EC:AF:BC:07:A7:0E:A6:72:AF:00:D1:18:CC:00
            X509v3 Authority Key Identifier:
                keyid:CB:C2:EB:DA:3A:B0:85:10:EB:E9:A1:0E:60:BE:23:16:02:28:A9:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:3a:7a:ed:10:db:34:77:4d:64:15:f8:eb:59:8e:c1:14:7f:
         05:c1:03:6f:ec:6a:73:36:6a:60:c8:0a:b3:02:cf:e0:db:73:
         a6:c4:c7:21:6d:f3:e3:32:15:87:ca:e3:20:41:61:b1:4a:67:
         ac:da:11:21:5e:e6:8f:d0:9e:72:13:40:74:af:b1:91:ae:a6:
         0b:0c:a6:e6:e4:12:4f:fb:6c:1e:de:b0:f4:d6:84:67:b1:45:
         a6:c8:28:93:f2:1e:35:88:04:ca:d1:bc:ac:dd:aa:5b:e3:e8:
         e9:7c:73:3c:96:8f:26:ba:31:82:24:13:60:f5:4b:18:f8:df:
         c5:ef:16:93:9e:ae:ed:8d:d1:e1:91:cb:59:c1:4d:1b:05:05:
         93:5d:e9:98:63:f8:a1:bc:af:cd:d5:ed:0d:fc:bf:8f:ba:e7:
         87:1b:33:61:4b:5f:01:d2:e9:97:c0:2d:fc:5e:87:cf:38:79:
         b1:2d:29:52:da:1b:e0:81:cd:38:98:8c:79:ca:a2:9a:f4:8c:
         c2:cf:02:38:c3:bb:e9:7d:40:23:7d:d4:e6:2d:4c:8c:dd:7b:
         59:87:d9:e8:6c:70:2e:4c:8a:0d:94:1e:bc:e7:e3:18:b4:a6:
         49:0a:a7:46:dc:d2:7d:60:bd:1c:be:86:28:15:40:e5:71:33:
         68:ce:ca:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuIbDx06iyCOl+DA8HX7GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYzJlYmRhM2FiMDg1MTBlYmU5YTEwZTYwYmUyMzE2MDIy
OGE5NDIwHhcNMjUxMTExMDcwMTQ5WhcNMjUxMTEyMDcwMTQ5WjAzMTEwLwYDVQQD
Eyg3NjRjMDZjMGIzOTVlY2FmYmMwN2E3MGVhNjcyYWYwMGQxMThjYzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTgXNWCTKrkija0vYeJknj2/AvFt
cutelZQD5yfHJUFKVeiKF0BdZY/hgoUHHpQmPA0ty9EhZttBtV50ZtvPupT7BUAE
XFa5MVB7iZ1oKXE2NE5gao1oRgKlii2z60RjQGY9oTPSvcq1lI8e6AYqQNNyE33g
D17UW/SZGSiBV9h28EjxqmUB/0p92RvJlK2B1p0Jc/Lk2O9A5BB6XrkwmQJmIoeD
BnNKEI3zxKHJOC/te8USBrX4xWNVZiBR/SwUMm6laPFHEPkRdtyA6frHUgvV5cxq
LforgxScr3JAyV75zOtOOQnZPq95ZFMNdEHZ4k49C+NgqFqoyxn2hk28DQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHZMBsCzleyvvAenDqZyrwDRGMwAMB8GA1UdIwQY
MBaAFMvC69o6sIUQ6+mhDmC+IxYCKKlCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy84MTRkZDAtMDllMS00MjczLTg3M2Et
NzQ2MzgxNWEzZjRlLzEveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy84MTRkZDAtMDllMS00MjczLTg3M2EtNzQ2MzgxNWEzZjRl
LzEveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANDp67RDb
NHdNZBX461mOwRR/BcEDb+xqczZqYMgKswLP4NtzpsTHIW3z4zIVh8rjIEFhsUpn
rNoRIV7mj9CechNAdK+xka6mCwym5uQST/tsHt6w9NaEZ7FFpsgok/IeNYgEytG8
rN2qW+Po6XxzPJaPJroxgiQTYPVLGPjfxe8Wk56u7Y3R4ZHLWcFNGwUFk13pmGP4
obyvzdXtDfy/j7rnhxszYUtfAdLpl8At/F6Hzzh5sS0pUtob4IHNOJiMecqimvSM
ws8COMO76X1AI33U5i1MjN17WYfZ6GxwLkyKDZQevOfjGLSmSQqnRtzSfWC9HL6G
KBVA5XEzaM7KJA==
-----END CERTIFICATE-----