Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/b680af-d5ab-4b2f-a837-0d41a64e90ec/1/EDfew086MutlAvFmKoKiD4teohw.mft
File:                     EDfew086MutlAvFmKoKiD4teohw.mft (raw, json)
Hash identifier:          nM/gsNE+IIelsGwaPerWmPeBHxHUpPUw+CUPZrk/iCw=
Subject key identifier:   74:09:18:37:3C:FB:24:D6:F2:EE:29:B1:82:F7:99:8D:B1:94:8A:54
Authority key identifier: 10:37:DE:C3:4F:3A:32:EB:65:02:F1:66:2A:82:A2:0F:8B:5E:A2:1C
Certificate issuer:       /CN=1037dec34f3a32eb6502f1662a82a20f8b5ea21c
Certificate serial:       019A722638FFF9BF8BF5A1863AAE0DA96EF1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EDfew086MutlAvFmKoKiD4teohw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/b680af-d5ab-4b2f-a837-0d41a64e90ec/1/EDfew086MutlAvFmKoKiD4teohw.mft
Manifest number:          171D
Signing time:             Tue 11 Nov 2025 09:01:38 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:38 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:38 +0000
Files and hashes:         1: EDfew086MutlAvFmKoKiD4teohw.crl (hash: POcuySKARFsaD9BHOCodInhBpIBr0i6HCIoVCdFoJrc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/b680af-d5ab-4b2f-a837-0d41a64e90ec/1/EDfew086MutlAvFmKoKiD4teohw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/b680af-d5ab-4b2f-a837-0d41a64e90ec/1/EDfew086MutlAvFmKoKiD4teohw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EDfew086MutlAvFmKoKiD4teohw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:38:ff:f9:bf:8b:f5:a1:86:3a:ae:0d:a9:6e:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1037dec34f3a32eb6502f1662a82a20f8b5ea21c
        Validity
            Not Before: Nov 11 09:01:38 2025 GMT
            Not After : Nov 12 09:01:38 2025 GMT
        Subject: CN=740918373cfb24d6f2ee29b182f7998db1948a54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:0b:0f:b0:24:65:bc:0a:86:0e:0d:16:9f:0a:
                    68:0d:08:a8:1a:c4:cc:3b:87:be:86:5b:74:81:f5:
                    d7:fd:65:a0:d2:6e:82:03:d6:e9:a6:1e:92:43:88:
                    fb:c5:04:83:2c:f2:47:7f:3b:53:7a:ee:2a:29:96:
                    de:ec:a2:1d:27:75:7a:de:29:7e:30:59:98:a2:78:
                    ff:96:ad:f3:c1:b0:da:de:6a:a0:39:83:15:30:cf:
                    61:79:9c:cb:d8:1f:8d:60:ec:a8:07:a8:74:9a:40:
                    87:6c:8a:5c:4c:53:09:34:a7:02:36:5e:f7:4a:0e:
                    2b:81:94:4e:f8:22:79:0c:c0:db:8b:9e:9a:0b:06:
                    d1:ca:5b:65:68:90:77:73:7f:f4:cc:d5:4b:b3:d8:
                    4e:d3:34:2a:ef:61:cb:76:09:aa:96:93:10:e3:65:
                    60:f5:cb:f0:fc:be:e9:2a:38:38:c5:5e:f2:54:b6:
                    a3:43:9c:17:0e:54:4e:e8:6a:b0:18:d1:87:72:70:
                    63:f0:e1:f3:6f:9d:49:b5:19:83:db:11:68:ec:02:
                    60:6e:15:a4:92:3b:ff:7d:0e:b9:c8:1d:9c:6c:d0:
                    c6:0d:d6:8d:59:f9:16:0f:71:82:ef:9c:db:39:50:
                    a3:79:52:34:0d:9f:2e:ac:3b:d7:a0:4e:d3:be:75:
                    74:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:09:18:37:3C:FB:24:D6:F2:EE:29:B1:82:F7:99:8D:B1:94:8A:54
            X509v3 Authority Key Identifier:
                keyid:10:37:DE:C3:4F:3A:32:EB:65:02:F1:66:2A:82:A2:0F:8B:5E:A2:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EDfew086MutlAvFmKoKiD4teohw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/b680af-d5ab-4b2f-a837-0d41a64e90ec/1/EDfew086MutlAvFmKoKiD4teohw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/b680af-d5ab-4b2f-a837-0d41a64e90ec/1/EDfew086MutlAvFmKoKiD4teohw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:8c:3e:a3:90:e1:7d:a8:c9:6e:c7:79:e4:2a:20:5f:bb:bb:
         a7:c4:f1:a3:e3:64:d8:0a:aa:04:ba:5f:12:bb:f2:8d:18:83:
         46:3a:e5:ed:d2:09:76:70:a8:41:8d:cd:ef:d3:37:a6:c7:45:
         1f:80:2d:de:b0:5b:08:82:34:ea:30:95:39:ed:6e:77:34:3e:
         27:38:83:94:6d:84:3e:b2:6d:c2:d5:79:7c:59:72:85:dd:5b:
         e4:4d:5f:88:fa:c0:f4:45:e9:8b:9b:d4:9b:5f:8b:4b:6f:b4:
         6e:8c:66:1b:64:e3:03:d7:ce:39:f5:56:fa:02:f4:e5:b5:b5:
         c3:01:b5:c6:f4:ca:ad:a0:11:4c:c8:78:9e:db:ef:96:0c:93:
         bb:c9:91:7c:3c:97:8e:2f:b7:1c:27:bc:f0:63:34:60:b4:5b:
         a8:f8:ec:f0:19:eb:bb:38:00:87:86:42:56:79:cb:cf:9b:3c:
         16:62:be:98:d5:59:13:b5:81:e3:bd:37:89:9b:05:cf:df:28:
         51:78:ec:cf:23:f7:52:85:33:60:26:d9:ec:77:c1:33:2d:88:
         21:e5:a1:54:45:78:8f:71:c3:4d:a4:f9:32:c5:ea:01:32:3d:
         72:a2:05:f8:f6:bd:88:4b:ea:1a:36:46:c1:8e:ac:79:56:1f:
         02:74:63:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJjj/+b+L9aGGOq4NqW7xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMzdkZWMzNGYzYTMyZWI2NTAyZjE2NjJhODJhMjBmOGI1
ZWEyMWMwHhcNMjUxMTExMDkwMTM4WhcNMjUxMTEyMDkwMTM4WjAzMTEwLwYDVQQD
Eyg3NDA5MTgzNzNjZmIyNGQ2ZjJlZTI5YjE4MmY3OTk4ZGIxOTQ4YTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAsPsCRlvAqGDg0WnwpoDQioGsTM
O4e+hlt0gfXX/WWg0m6CA9bpph6SQ4j7xQSDLPJHfztTeu4qKZbe7KIdJ3V63il+
MFmYonj/lq3zwbDa3mqgOYMVMM9heZzL2B+NYOyoB6h0mkCHbIpcTFMJNKcCNl73
Sg4rgZRO+CJ5DMDbi56aCwbRyltlaJB3c3/0zNVLs9hO0zQq72HLdgmqlpMQ42Vg
9cvw/L7pKjg4xV7yVLajQ5wXDlRO6GqwGNGHcnBj8OHzb51JtRmD2xFo7AJgbhWk
kjv/fQ65yB2cbNDGDdaNWfkWD3GC75zbOVCjeVI0DZ8urDvXoE7TvnV01wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHQJGDc8+yTW8u4psYL3mY2xlIpUMB8GA1UdIwQY
MBaAFBA33sNPOjLrZQLxZiqCog+LXqIcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRURmZXcwODZNdXRsQXZGbUtvS2lENHRlb2h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9iNjgwYWYtZDVhYi00YjJmLWE4Mzct
MGQ0MWE2NGU5MGVjLzEvRURmZXcwODZNdXRsQXZGbUtvS2lENHRlb2h3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9iNjgwYWYtZDVhYi00YjJmLWE4MzctMGQ0MWE2NGU5MGVj
LzEvRURmZXcwODZNdXRsQXZGbUtvS2lENHRlb2h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOow+o5Dh
fajJbsd55CogX7u7p8Txo+Nk2AqqBLpfErvyjRiDRjrl7dIJdnCoQY3N79M3psdF
H4At3rBbCII06jCVOe1udzQ+JziDlG2EPrJtwtV5fFlyhd1b5E1fiPrA9EXpi5vU
m1+LS2+0boxmG2TjA9fOOfVW+gL05bW1wwG1xvTKraARTMh4ntvvlgyTu8mRfDyX
ji+3HCe88GM0YLRbqPjs8BnruzgAh4ZCVnnLz5s8FmK+mNVZE7WB4703iZsFz98o
UXjszyP3UoUzYCbZ7HfBMy2IIeWhVEV4j3HDTaT5MsXqATI9cqIF+Pa9iEvqGjZG
wY6seVYfAnRjTQ==
-----END CERTIFICATE-----