Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft
File:                     s9nxe5jDqWQThWY7jNW3X-HwpJg.mft (raw, json)
Hash identifier:          D72P7kg5NOe5yRnk2tRqw0xX4zUs7zo2nBTS/R8EPFQ=
Subject key identifier:   FE:BF:0E:79:56:9F:A0:59:A7:64:F7:78:06:20:68:7E:97:D6:D2:16
Authority key identifier: B3:D9:F1:7B:98:C3:A9:64:13:85:66:3B:8C:D5:B7:5F:E1:F0:A4:98
Certificate issuer:       /CN=b3d9f17b98c3a9641385663b8cd5b75fe1f0a498
Certificate serial:       019A718081486EBDF3F87482987F18FC1155
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s9nxe5jDqWQThWY7jNW3X-HwpJg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft
Manifest number:          171A
Signing time:             Tue 11 Nov 2025 06:00:38 +0000
Manifest this update:     Tue 11 Nov 2025 06:00:38 +0000
Manifest next update:     Wed 12 Nov 2025 06:00:38 +0000
Files and hashes:         1: s9nxe5jDqWQThWY7jNW3X-HwpJg.crl (hash: rSX531NKlQOcnIxPKSom8TI9l+M1RsYSHHWa12fIz2g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s9nxe5jDqWQThWY7jNW3X-HwpJg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 06:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:80:81:48:6e:bd:f3:f8:74:82:98:7f:18:fc:11:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3d9f17b98c3a9641385663b8cd5b75fe1f0a498
        Validity
            Not Before: Nov 11 06:00:38 2025 GMT
            Not After : Nov 12 06:00:38 2025 GMT
        Subject: CN=febf0e79569fa059a764f7780620687e97d6d216
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:86:dc:6e:84:51:7e:7d:1e:a5:38:59:24:ee:
                    b8:f6:c1:2f:42:02:02:41:dc:7e:a0:5d:32:06:94:
                    45:1f:07:04:82:22:35:fe:4d:45:f8:bb:7b:36:ec:
                    e9:57:0a:05:a7:00:47:53:7e:87:77:1f:b9:fb:1a:
                    61:92:18:de:07:52:6f:e3:6f:22:45:70:25:c9:46:
                    27:be:63:7b:b6:7a:e0:2e:e2:ba:92:6d:69:d0:66:
                    ed:c2:94:8b:50:a3:3c:e2:60:83:0d:51:96:58:8e:
                    41:d3:77:32:0c:95:87:e7:7b:4c:99:c1:c1:86:41:
                    cf:5a:b4:6c:16:4a:10:9d:86:c6:be:48:09:8b:b3:
                    9d:82:e4:2b:17:c4:2d:13:33:ab:26:f5:6c:76:77:
                    e8:0b:cb:73:80:f6:10:0a:e1:5e:41:2b:5a:c1:da:
                    10:c7:d0:94:f2:8d:bf:4f:f3:d5:d5:7a:5d:87:c3:
                    61:b5:71:bd:e6:c7:1e:bd:11:14:51:32:f9:60:7b:
                    5a:90:ef:07:ca:78:3b:7c:47:d2:c3:80:de:28:d6:
                    e7:21:16:cd:12:c6:37:09:07:6e:36:ae:a6:eb:5d:
                    a5:49:08:99:ba:a8:90:28:ba:d5:d2:e5:ce:99:02:
                    13:fe:ab:ce:28:4c:3a:e6:f8:cc:9e:16:20:16:b3:
                    43:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:BF:0E:79:56:9F:A0:59:A7:64:F7:78:06:20:68:7E:97:D6:D2:16
            X509v3 Authority Key Identifier:
                keyid:B3:D9:F1:7B:98:C3:A9:64:13:85:66:3B:8C:D5:B7:5F:E1:F0:A4:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9nxe5jDqWQThWY7jNW3X-HwpJg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:80:d4:d7:e7:c0:86:e4:d2:1e:9e:16:7c:94:b3:4d:7d:29:
         22:9f:8d:8b:e4:f1:29:0f:b2:98:76:2c:17:31:47:f2:24:29:
         2e:87:ae:85:8a:cb:50:29:8b:a5:cb:1f:44:2d:0a:fd:06:24:
         7a:6b:b8:c0:06:ed:3d:22:32:0e:f6:c9:3c:d7:4e:dd:4b:fd:
         6a:7c:31:4f:2d:92:99:9b:50:52:10:76:e7:12:f5:1a:6d:f6:
         22:04:e5:7e:40:11:42:28:6f:1e:e0:e1:37:89:54:a6:31:00:
         57:a8:62:5e:4d:1c:0f:44:34:5c:d9:88:25:5f:09:76:a0:7f:
         bb:01:10:d8:48:d1:82:b0:df:aa:72:5d:ee:82:af:0a:64:f2:
         f9:8c:82:c8:0b:17:43:7b:2a:e0:03:8c:b9:88:d5:b5:05:c4:
         48:24:f2:00:7b:2f:fd:95:80:23:2a:8b:14:86:58:e9:16:a4:
         b2:6a:42:58:e7:d2:9c:dd:f0:84:b7:a3:e4:85:ed:98:16:66:
         7c:0c:3d:4b:19:3c:ec:d5:c6:7c:fe:fa:f4:e3:ae:70:17:5e:
         a8:d4:40:ff:f4:29:c7:e8:88:57:91:0d:e3:4a:bc:ed:85:67:
         5c:e8:43:78:d6:05:ba:2d:1a:d0:56:50:7c:79:7f:7b:e5:92:
         a5:88:fa:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxgIFIbr3z+HSCmH8Y/BFVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZDlmMTdiOThjM2E5NjQxMzg1NjYzYjhjZDViNzVmZTFm
MGE0OTgwHhcNMjUxMTExMDYwMDM4WhcNMjUxMTEyMDYwMDM4WjAzMTEwLwYDVQQD
EyhmZWJmMGU3OTU2OWZhMDU5YTc2NGY3NzgwNjIwNjg3ZTk3ZDZkMjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYbcboRRfn0epThZJO649sEvQgIC
Qdx+oF0yBpRFHwcEgiI1/k1F+Lt7NuzpVwoFpwBHU36Hdx+5+xphkhjeB1Jv428i
RXAlyUYnvmN7tnrgLuK6km1p0GbtwpSLUKM84mCDDVGWWI5B03cyDJWH53tMmcHB
hkHPWrRsFkoQnYbGvkgJi7OdguQrF8QtEzOrJvVsdnfoC8tzgPYQCuFeQStawdoQ
x9CU8o2/T/PV1Xpdh8NhtXG95scevREUUTL5YHtakO8Hyng7fEfSw4DeKNbnIRbN
EsY3CQduNq6m612lSQiZuqiQKLrV0uXOmQIT/qvOKEw65vjMnhYgFrNDTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP6/DnlWn6BZp2T3eAYgaH6X1tIWMB8GA1UdIwQY
MBaAFLPZ8XuYw6lkE4VmO4zVt1/h8KSYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczlueGU1akRxV1FUaFdZN2pOVzNYLUh3cEpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi81ZmU1ZTYtMWE2Zi00NmYxLWE5OTkt
MThlYzZhMDA4YzU2LzEvczlueGU1akRxV1FUaFdZN2pOVzNYLUh3cEpnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi81ZmU1ZTYtMWE2Zi00NmYxLWE5OTktMThlYzZhMDA4YzU2
LzEvczlueGU1akRxV1FUaFdZN2pOVzNYLUh3cEpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE4DU1+fA
huTSHp4WfJSzTX0pIp+Ni+TxKQ+ymHYsFzFH8iQpLoeuhYrLUCmLpcsfRC0K/QYk
emu4wAbtPSIyDvbJPNdO3Uv9anwxTy2SmZtQUhB25xL1Gm32IgTlfkARQihvHuDh
N4lUpjEAV6hiXk0cD0Q0XNmIJV8JdqB/uwEQ2EjRgrDfqnJd7oKvCmTy+YyCyAsX
Q3sq4AOMuYjVtQXESCTyAHsv/ZWAIyqLFIZY6RaksmpCWOfSnN3whLej5IXtmBZm
fAw9Sxk87NXGfP769OOucBdeqNRA//Qpx+iIV5EN40q87YVnXOhDeNYFui0a0FZQ
fHl/e+WSpYj6sg==
-----END CERTIFICATE-----