Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/4b5495-1072-4ef3-8669-fc3559696246/1/eFlmnCt8CyXAfnkyuKH5iwu-3Ew.mft
File:                     eFlmnCt8CyXAfnkyuKH5iwu-3Ew.mft (raw, json)
Hash identifier:          DEXHOqGfLTaPToQlxTGZWZosSwMl+il69sAG4a+vU9Q=
Subject key identifier:   AE:08:46:3E:2A:5B:F0:C2:B4:62:6C:E9:4E:3F:55:40:3B:92:B4:63
Authority key identifier: 78:59:66:9C:2B:7C:0B:25:C0:7E:79:32:B8:A1:F9:8B:0B:BE:DC:4C
Certificate issuer:       /CN=7859669c2b7c0b25c07e7932b8a1f98b0bbedc4c
Certificate serial:       019A71B924D8F20BB46D531AB77F1F9B389F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eFlmnCt8CyXAfnkyuKH5iwu-3Ew.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/4b5495-1072-4ef3-8669-fc3559696246/1/eFlmnCt8CyXAfnkyuKH5iwu-3Ew.mft
Manifest number:          171D
Signing time:             Tue 11 Nov 2025 07:02:30 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:30 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:30 +0000
Files and hashes:         1: eFlmnCt8CyXAfnkyuKH5iwu-3Ew.crl (hash: 2eQ+nVOl1WJd7a0RBNMtscBjWpuDURqWpznv7kV9Xx8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/4b5495-1072-4ef3-8669-fc3559696246/1/eFlmnCt8CyXAfnkyuKH5iwu-3Ew.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/4b5495-1072-4ef3-8669-fc3559696246/1/eFlmnCt8CyXAfnkyuKH5iwu-3Ew.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eFlmnCt8CyXAfnkyuKH5iwu-3Ew.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:24:d8:f2:0b:b4:6d:53:1a:b7:7f:1f:9b:38:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7859669c2b7c0b25c07e7932b8a1f98b0bbedc4c
        Validity
            Not Before: Nov 11 07:02:30 2025 GMT
            Not After : Nov 12 07:02:30 2025 GMT
        Subject: CN=ae08463e2a5bf0c2b4626ce94e3f55403b92b463
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:80:8c:31:dd:dd:bb:45:aa:94:28:b1:3c:87:
                    2c:1e:99:26:3f:e9:17:dc:59:c4:4e:f5:47:91:b6:
                    7e:e0:0e:35:85:e4:13:55:22:0f:71:18:99:62:90:
                    fe:bd:9c:cd:2c:c6:35:8d:ef:45:45:53:76:db:a4:
                    7d:e5:fc:50:0a:fb:f5:fa:94:ed:84:21:c3:97:c2:
                    c8:aa:b7:4f:50:2d:cd:cd:81:e3:fe:c7:1e:7c:ce:
                    d3:90:3a:27:86:8b:37:34:37:75:98:a2:1f:ea:3e:
                    7f:2a:68:da:45:18:90:cd:59:aa:96:87:de:de:1d:
                    63:a4:f1:0e:71:48:16:7a:57:47:fe:77:99:9e:22:
                    20:be:30:ca:a4:d8:c5:0e:21:2f:ac:32:be:f0:ed:
                    d0:bf:00:4c:0e:2f:b9:ce:d9:20:c2:3f:f7:4d:ca:
                    ab:90:d4:df:98:b0:95:11:f0:b2:b3:39:5f:4f:c4:
                    f3:e0:d3:67:98:ff:a7:a9:0c:be:21:1c:18:ee:5f:
                    50:46:e1:25:7a:08:a3:be:48:0f:62:6b:ee:d4:0c:
                    bc:bc:46:2d:7c:90:c8:cd:64:d0:9c:29:58:2f:8d:
                    07:b8:c6:f8:85:d5:60:ff:25:dd:68:b0:bc:31:21:
                    df:69:c7:45:06:ea:d3:d0:4b:dc:81:6d:7f:f2:c7:
                    54:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:08:46:3E:2A:5B:F0:C2:B4:62:6C:E9:4E:3F:55:40:3B:92:B4:63
            X509v3 Authority Key Identifier:
                keyid:78:59:66:9C:2B:7C:0B:25:C0:7E:79:32:B8:A1:F9:8B:0B:BE:DC:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eFlmnCt8CyXAfnkyuKH5iwu-3Ew.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/4b5495-1072-4ef3-8669-fc3559696246/1/eFlmnCt8CyXAfnkyuKH5iwu-3Ew.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/4b5495-1072-4ef3-8669-fc3559696246/1/eFlmnCt8CyXAfnkyuKH5iwu-3Ew.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:be:c1:23:e3:04:e5:de:ca:f9:70:b7:51:2c:9f:a2:2d:68:
         bd:08:05:8f:f3:40:68:c9:e2:97:83:ac:39:91:2c:b5:58:0d:
         96:ff:c0:b3:06:f2:f4:90:9d:21:07:ea:c3:c1:2d:1c:8e:ed:
         f3:51:ab:09:a7:0c:a5:fa:17:60:3c:78:ef:8e:f1:0c:b0:a6:
         a2:a2:ac:b7:7d:35:13:24:e9:85:29:a1:03:fb:db:d3:14:5a:
         af:53:b2:c2:0b:59:e0:b0:c5:3f:98:0f:41:eb:2f:4a:5e:3d:
         50:e9:c4:55:ea:19:cf:4c:f4:fe:dc:db:bd:82:41:b0:7d:dd:
         93:35:c1:03:6d:ac:4f:5f:27:cc:2a:9c:d7:cf:3b:cf:86:70:
         c8:f1:02:89:f6:15:a0:95:e2:27:46:64:81:66:26:0d:be:55:
         37:cd:37:8e:4a:0a:2d:cd:38:ad:82:8f:22:34:cb:e6:c3:0a:
         a6:5b:ff:96:d6:91:cd:68:c7:e6:e2:fb:54:2b:72:a0:bd:87:
         9d:fa:13:30:46:bc:d0:1e:9c:80:c5:46:25:07:12:c1:d2:6f:
         7b:bc:91:e9:92:4b:87:d0:0a:84:72:40:85:29:3e:8c:61:f2:
         0f:b7:da:d0:84:e9:e2:82:61:3a:55:16:ed:13:f9:9f:42:0f:
         79:d6:e7:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuSTY8gu0bVMat38fmzifMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4NTk2NjljMmI3YzBiMjVjMDdlNzkzMmI4YTFmOThiMGJi
ZWRjNGMwHhcNMjUxMTExMDcwMjMwWhcNMjUxMTEyMDcwMjMwWjAzMTEwLwYDVQQD
EyhhZTA4NDYzZTJhNWJmMGMyYjQ2MjZjZTk0ZTNmNTU0MDNiOTJiNDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYCMMd3du0WqlCixPIcsHpkmP+kX
3FnETvVHkbZ+4A41heQTVSIPcRiZYpD+vZzNLMY1je9FRVN226R95fxQCvv1+pTt
hCHDl8LIqrdPUC3NzYHj/scefM7TkDonhos3NDd1mKIf6j5/KmjaRRiQzVmqlofe
3h1jpPEOcUgWeldH/neZniIgvjDKpNjFDiEvrDK+8O3QvwBMDi+5ztkgwj/3Tcqr
kNTfmLCVEfCyszlfT8Tz4NNnmP+nqQy+IRwY7l9QRuElegijvkgPYmvu1Ay8vEYt
fJDIzWTQnClYL40HuMb4hdVg/yXdaLC8MSHfacdFBurT0EvcgW1/8sdUOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK4IRj4qW/DCtGJs6U4/VUA7krRjMB8GA1UdIwQY
MBaAFHhZZpwrfAslwH55Mrih+YsLvtxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUZsbW5DdDhDeVhBZm5reXVLSDVpd3UtM0V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS80YjU0OTUtMTA3Mi00ZWYzLTg2Njkt
ZmMzNTU5Njk2MjQ2LzEvZUZsbW5DdDhDeVhBZm5reXVLSDVpd3UtM0V3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS80YjU0OTUtMTA3Mi00ZWYzLTg2NjktZmMzNTU5Njk2MjQ2
LzEvZUZsbW5DdDhDeVhBZm5reXVLSDVpd3UtM0V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM77BI+ME
5d7K+XC3USyfoi1ovQgFj/NAaMnil4OsOZEstVgNlv/Aswby9JCdIQfqw8EtHI7t
81GrCacMpfoXYDx4747xDLCmoqKst301EyTphSmhA/vb0xRar1OywgtZ4LDFP5gP
QesvSl49UOnEVeoZz0z0/tzbvYJBsH3dkzXBA22sT18nzCqc1887z4ZwyPECifYV
oJXiJ0ZkgWYmDb5VN803jkoKLc04rYKPIjTL5sMKplv/ltaRzWjH5uL7VCtyoL2H
nfoTMEa80B6cgMVGJQcSwdJve7yR6ZJLh9AKhHJAhSk+jGHyD7fa0ITp4oJhOlUW
7RP5n0IPedbnYw==
-----END CERTIFICATE-----