Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/4a6c6d-b855-4b46-b32f-cac2cfff6779/1/iwUOQskY3jwnNm3vQzph8Tw7FrI.mft
File:                     iwUOQskY3jwnNm3vQzph8Tw7FrI.mft (raw, json)
Hash identifier:          kyz9aJ7YgJqhCr8uU5uTt6BL81uaqwqIMVLZMG8nZDc=
Subject key identifier:   3F:CD:19:82:51:54:B2:F9:5C:1D:E8:8C:97:E1:59:8F:B8:88:8E:EA
Authority key identifier: 8B:05:0E:42:C9:18:DE:3C:27:36:6D:EF:43:3A:61:F1:3C:3B:16:B2
Certificate issuer:       /CN=8b050e42c918de3c27366def433a61f13c3b16b2
Certificate serial:       019A71B933AA0C7494144BECE50D55EB8FE7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iwUOQskY3jwnNm3vQzph8Tw7FrI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/4a6c6d-b855-4b46-b32f-cac2cfff6779/1/iwUOQskY3jwnNm3vQzph8Tw7FrI.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 07:02:34 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:34 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:34 +0000
Files and hashes:         1: iwUOQskY3jwnNm3vQzph8Tw7FrI.crl (hash: oFfujRhc7WJm0X3R8iqGEuOnpsAesBhYg0HC1PUcYEI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1c/4a6c6d-b855-4b46-b32f-cac2cfff6779/1/iwUOQskY3jwnNm3vQzph8Tw7FrI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1c/4a6c6d-b855-4b46-b32f-cac2cfff6779/1/iwUOQskY3jwnNm3vQzph8Tw7FrI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iwUOQskY3jwnNm3vQzph8Tw7FrI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:33:aa:0c:74:94:14:4b:ec:e5:0d:55:eb:8f:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8b050e42c918de3c27366def433a61f13c3b16b2
        Validity
            Not Before: Nov 11 07:02:34 2025 GMT
            Not After : Nov 12 07:02:34 2025 GMT
        Subject: CN=3fcd19825154b2f95c1de88c97e1598fb8888eea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:bf:77:51:98:ed:c6:b4:cb:e4:7f:15:50:0c:
                    a2:9d:78:48:ea:69:f6:cc:b9:91:06:d5:92:e0:60:
                    0a:98:72:e3:98:c4:b0:42:4b:42:33:bb:a0:68:0c:
                    53:2b:00:95:50:ac:06:bf:5a:db:81:78:c7:f8:b6:
                    3a:a7:be:33:5e:cc:a6:a8:70:6c:78:22:63:f0:69:
                    a7:01:06:1f:e0:76:5c:b8:71:a6:c3:08:4c:92:76:
                    ba:c0:61:c7:c7:cf:5b:b7:a8:7d:9c:f8:82:08:83:
                    08:4d:ec:6f:78:99:09:f9:bb:a3:7d:1e:92:ef:c3:
                    42:c7:e4:22:7f:da:96:ae:47:5a:e8:03:18:d3:fb:
                    af:1e:f0:77:6e:c9:80:3b:4e:9e:2a:ca:cc:05:f0:
                    c3:e9:68:1f:10:9b:47:4c:9e:26:d4:cf:25:ec:e7:
                    a3:66:19:4d:99:b4:db:39:fa:d7:17:f2:0f:68:40:
                    e6:53:bd:b7:15:f4:b8:41:9e:f0:5f:8b:ec:2e:44:
                    ce:db:31:86:a6:1c:2b:55:8c:be:ee:ec:56:54:34:
                    56:83:a7:f9:5e:3b:09:82:ea:91:c9:36:33:33:2d:
                    22:28:05:28:54:e6:fe:30:cd:c2:3e:93:1e:c0:50:
                    d7:1a:42:8f:a7:c7:60:57:04:3e:73:08:3a:ce:78:
                    0a:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:CD:19:82:51:54:B2:F9:5C:1D:E8:8C:97:E1:59:8F:B8:88:8E:EA
            X509v3 Authority Key Identifier:
                keyid:8B:05:0E:42:C9:18:DE:3C:27:36:6D:EF:43:3A:61:F1:3C:3B:16:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iwUOQskY3jwnNm3vQzph8Tw7FrI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/4a6c6d-b855-4b46-b32f-cac2cfff6779/1/iwUOQskY3jwnNm3vQzph8Tw7FrI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/4a6c6d-b855-4b46-b32f-cac2cfff6779/1/iwUOQskY3jwnNm3vQzph8Tw7FrI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:f4:75:f0:83:55:12:44:d5:4d:85:3a:fc:cf:fb:1f:07:21:
         9c:ea:b3:51:61:0e:99:4e:4c:fc:09:b3:c1:9d:99:42:ed:f3:
         49:fa:e4:d1:03:79:35:9d:dd:4e:f4:10:b1:09:e0:20:4c:63:
         b0:21:f5:c2:19:02:8f:10:fb:78:a3:68:e0:df:58:c6:8f:c0:
         40:26:bd:64:da:1f:de:c0:d5:4b:67:e2:fa:8c:f7:36:05:7e:
         5f:f2:92:bd:29:07:63:83:bb:d8:f0:53:62:fc:2e:40:fb:84:
         2c:fc:11:b3:4a:43:55:0c:b3:aa:10:01:cd:04:58:ea:d3:4b:
         07:2c:8f:7c:72:d1:a9:f4:b4:ba:67:46:c0:75:03:00:54:43:
         0f:16:dc:44:62:64:dc:1a:51:e7:28:10:2d:ed:d9:14:ed:25:
         5c:82:1f:23:4a:e8:62:bc:6e:a6:9e:b6:c2:2d:a2:12:17:ef:
         2e:12:ef:b6:03:89:26:7d:39:10:98:cb:73:1b:38:0c:85:ab:
         69:05:ed:fe:f4:b7:0f:67:39:f3:94:d1:08:95:8b:ae:49:fd:
         2d:a8:9c:ae:1a:39:42:1d:72:1e:45:2c:d1:18:c0:2a:d3:ae:
         27:ef:47:8f:32:f4:ec:8f:36:fd:75:ab:2f:68:ee:ee:0d:10:
         6f:2d:27:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuTOqDHSUFEvs5Q1V64/nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMDUwZTQyYzkxOGRlM2MyNzM2NmRlZjQzM2E2MWYxM2Mz
YjE2YjIwHhcNMjUxMTExMDcwMjM0WhcNMjUxMTEyMDcwMjM0WjAzMTEwLwYDVQQD
EygzZmNkMTk4MjUxNTRiMmY5NWMxZGU4OGM5N2UxNTk4ZmI4ODg4ZWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2L93UZjtxrTL5H8VUAyinXhI6mn2
zLmRBtWS4GAKmHLjmMSwQktCM7ugaAxTKwCVUKwGv1rbgXjH+LY6p74zXsymqHBs
eCJj8GmnAQYf4HZcuHGmwwhMkna6wGHHx89bt6h9nPiCCIMITexveJkJ+bujfR6S
78NCx+Qif9qWrkda6AMY0/uvHvB3bsmAO06eKsrMBfDD6WgfEJtHTJ4m1M8l7Oej
ZhlNmbTbOfrXF/IPaEDmU723FfS4QZ7wX4vsLkTO2zGGphwrVYy+7uxWVDRWg6f5
XjsJguqRyTYzMy0iKAUoVOb+MM3CPpMewFDXGkKPp8dgVwQ+cwg6zngKCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD/NGYJRVLL5XB3ojJfhWY+4iI7qMB8GA1UdIwQY
MBaAFIsFDkLJGN48JzZt70M6YfE8OxayMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXdVT1Fza1kzanduTm0zdlF6cGg4VHc3RnJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy80YTZjNmQtYjg1NS00YjQ2LWIzMmYt
Y2FjMmNmZmY2Nzc5LzEvaXdVT1Fza1kzanduTm0zdlF6cGg4VHc3RnJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy80YTZjNmQtYjg1NS00YjQ2LWIzMmYtY2FjMmNmZmY2Nzc5
LzEvaXdVT1Fza1kzanduTm0zdlF6cGg4VHc3RnJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPvR18INV
EkTVTYU6/M/7HwchnOqzUWEOmU5M/AmzwZ2ZQu3zSfrk0QN5NZ3dTvQQsQngIExj
sCH1whkCjxD7eKNo4N9Yxo/AQCa9ZNof3sDVS2fi+oz3NgV+X/KSvSkHY4O72PBT
YvwuQPuELPwRs0pDVQyzqhABzQRY6tNLByyPfHLRqfS0umdGwHUDAFRDDxbcRGJk
3BpR5ygQLe3ZFO0lXIIfI0roYrxupp62wi2iEhfvLhLvtgOJJn05EJjLcxs4DIWr
aQXt/vS3D2c585TRCJWLrkn9Laicrho5Qh1yHkUs0RjAKtOuJ+9HjzL07I82/XWr
L2ju7g0Qby0nuA==
-----END CERTIFICATE-----