Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
File:                     z4duDnrrYE0WMdSaAl4XitJ0qBI.mft (raw, json)
Hash identifier:          BDazhqTnNUncrsUcLcZ8TiE4u2zNy0qxHJL+uZS/7QI=
Subject key identifier:   FD:9D:2C:1E:FC:FE:B3:FC:C1:27:F6:77:EC:BE:39:FF:D1:83:D7:F2
Authority key identifier: CF:87:6E:0E:7A:EB:60:4D:16:31:D4:9A:02:5E:17:8A:D2:74:A8:12
Certificate issuer:       /CN=cf876e0e7aeb604d1631d49a025e178ad274a812
Certificate serial:       019A7293B753E34E6F819984B1A7E1A14959
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
Manifest number:          171C
Signing time:             Tue 11 Nov 2025 11:01:14 +0000
Manifest this update:     Tue 11 Nov 2025 11:01:14 +0000
Manifest next update:     Wed 12 Nov 2025 11:01:14 +0000
Files and hashes:         1: z4duDnrrYE0WMdSaAl4XitJ0qBI.crl (hash: z91pFg9wwfLLkjCv1FNDwkyFGCCBDmPUAZX4ugo+Gi8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:b7:53:e3:4e:6f:81:99:84:b1:a7:e1:a1:49:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf876e0e7aeb604d1631d49a025e178ad274a812
        Validity
            Not Before: Nov 11 11:01:14 2025 GMT
            Not After : Nov 12 11:01:14 2025 GMT
        Subject: CN=fd9d2c1efcfeb3fcc127f677ecbe39ffd183d7f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:83:e2:ca:ef:87:ca:ed:df:d0:f7:30:d7:56:
                    76:34:1f:07:43:d3:75:08:c1:c3:a8:f6:0e:8b:b4:
                    f5:c7:5c:08:a1:56:7a:96:c0:73:31:4d:ec:ec:f6:
                    31:b7:39:0b:c0:0b:b7:7f:7e:7b:89:b6:77:77:8b:
                    46:28:0b:b4:cc:a2:06:d4:29:78:69:06:83:5e:0a:
                    2b:63:c8:f2:88:3f:1b:3e:28:aa:15:dc:86:35:cc:
                    e1:21:4a:28:16:be:d1:60:54:e5:8c:1b:04:95:f3:
                    89:1f:83:43:97:ee:ff:fd:4f:02:b1:68:61:69:cb:
                    c7:51:4e:13:3b:00:52:b1:c9:d6:78:da:e5:3e:11:
                    6d:50:f7:4c:94:7e:7e:6c:4e:86:58:2a:0f:25:1a:
                    7b:3c:9a:47:b4:2b:35:d3:24:52:17:d9:26:01:60:
                    ff:e9:2d:59:2b:1e:b8:79:e1:4e:99:0f:68:31:80:
                    b7:6b:78:94:51:6b:0c:58:86:00:69:41:d6:24:84:
                    1a:43:ce:4d:fd:fd:d4:07:1c:ea:bc:ae:ad:fe:f4:
                    ef:2c:ad:38:ba:1f:03:ce:e2:0f:53:c0:3d:d7:94:
                    1c:88:e8:07:5f:33:e6:cc:b2:f6:97:bf:43:11:58:
                    0b:c1:e9:83:91:95:be:34:53:95:4d:e4:0a:02:ba:
                    68:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:9D:2C:1E:FC:FE:B3:FC:C1:27:F6:77:EC:BE:39:FF:D1:83:D7:F2
            X509v3 Authority Key Identifier:
                keyid:CF:87:6E:0E:7A:EB:60:4D:16:31:D4:9A:02:5E:17:8A:D2:74:A8:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:2c:c5:04:8d:a6:a0:c3:ee:1b:29:59:d1:41:21:8a:b0:82:
         ce:09:e5:53:01:a0:9a:66:b6:7f:0e:a1:07:99:b2:e9:d2:a3:
         52:a8:c3:72:04:be:c6:73:4a:c3:16:30:de:4b:cd:80:e9:f7:
         0c:d2:32:2e:0f:bc:83:a9:0f:6a:59:26:1a:bc:9e:cc:a7:92:
         d5:72:bc:18:02:b0:14:35:27:fa:1b:f3:21:97:d5:d4:7b:de:
         78:42:82:e8:be:a8:0b:4c:e4:03:7e:59:2c:6e:46:1c:b4:da:
         b9:b1:e1:e8:b0:0d:42:98:2c:1e:0a:4b:90:94:81:9f:c0:1a:
         dd:25:80:62:b5:2a:65:ee:60:7f:d2:59:9f:f3:af:c8:a5:ea:
         97:bc:ce:82:40:15:14:b5:1d:0d:3c:8d:c8:e6:63:ef:f5:cf:
         43:f2:8c:7d:e0:93:b8:cd:fe:44:9c:fb:8a:b9:70:f2:a9:40:
         d9:3d:f9:9d:b4:88:0a:03:b7:01:28:a2:4f:7a:06:99:e3:3f:
         95:d9:04:60:c7:a7:d6:ff:da:fd:49:2a:3a:44:3c:17:7d:f3:
         79:16:4c:2b:dd:11:b2:0f:24:6d:e1:b2:b7:58:9c:e4:3e:e2:
         18:73:7b:e8:82:3f:ac:ba:38:05:d4:25:29:23:1f:00:e0:c9:
         5e:96:8a:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk7dT405vgZmEsafhoUlZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmODc2ZTBlN2FlYjYwNGQxNjMxZDQ5YTAyNWUxNzhhZDI3
NGE4MTIwHhcNMjUxMTExMTEwMTE0WhcNMjUxMTEyMTEwMTE0WjAzMTEwLwYDVQQD
EyhmZDlkMmMxZWZjZmViM2ZjYzEyN2Y2NzdlY2JlMzlmZmQxODNkN2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3YPiyu+Hyu3f0Pcw11Z2NB8HQ9N1
CMHDqPYOi7T1x1wIoVZ6lsBzMU3s7PYxtzkLwAu3f357ibZ3d4tGKAu0zKIG1Cl4
aQaDXgorY8jyiD8bPiiqFdyGNczhIUooFr7RYFTljBsElfOJH4NDl+7//U8CsWhh
acvHUU4TOwBSscnWeNrlPhFtUPdMlH5+bE6GWCoPJRp7PJpHtCs10yRSF9kmAWD/
6S1ZKx64eeFOmQ9oMYC3a3iUUWsMWIYAaUHWJIQaQ85N/f3UBxzqvK6t/vTvLK04
uh8DzuIPU8A915QciOgHXzPmzLL2l79DEVgLwemDkZW+NFOVTeQKArpoFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP2dLB78/rP8wSf2d+y+Of/Rg9fyMB8GA1UdIwQY
MBaAFM+Hbg5662BNFjHUmgJeF4rSdKgSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9hNWJjOGEtMDQ5ZC00MzE0LTliMWEt
Mjk3NTVhN2M5NGZkLzEvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9hNWJjOGEtMDQ5ZC00MzE0LTliMWEtMjk3NTVhN2M5NGZk
LzEvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVizFBI2m
oMPuGylZ0UEhirCCzgnlUwGgmma2fw6hB5my6dKjUqjDcgS+xnNKwxYw3kvNgOn3
DNIyLg+8g6kPalkmGryezKeS1XK8GAKwFDUn+hvzIZfV1HveeEKC6L6oC0zkA35Z
LG5GHLTaubHh6LANQpgsHgpLkJSBn8Aa3SWAYrUqZe5gf9JZn/OvyKXql7zOgkAV
FLUdDTyNyOZj7/XPQ/KMfeCTuM3+RJz7irlw8qlA2T35nbSICgO3ASiiT3oGmeM/
ldkEYMen1v/a/UkqOkQ8F33zeRZMK90Rsg8kbeGyt1ic5D7iGHN76II/rLo4BdQl
KSMfAODJXpaKwQ==
-----END CERTIFICATE-----