Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/00b84b-b5d1-4c1d-8e70-09e8fafaf0cc/1/wA7St1AmRN0DbiOS-wMyz7FNuNI.mft
File:                     wA7St1AmRN0DbiOS-wMyz7FNuNI.mft (raw, json)
Hash identifier:          Yle6GhA3DQvAyGF+pC/65u6aS9/+T22uyNjLCsSdzu4=
Subject key identifier:   A3:49:42:5E:90:3C:69:C6:EA:2C:8E:9F:FA:9A:B3:B7:08:53:AF:E6
Authority key identifier: C0:0E:D2:B7:50:26:44:DD:03:6E:23:92:FB:03:32:CF:B1:4D:B8:D2
Certificate issuer:       /CN=c00ed2b7502644dd036e2392fb0332cfb14db8d2
Certificate serial:       019A725C495D706CE58B01CCF85A68FE9309
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wA7St1AmRN0DbiOS-wMyz7FNuNI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/00b84b-b5d1-4c1d-8e70-09e8fafaf0cc/1/wA7St1AmRN0DbiOS-wMyz7FNuNI.mft
Manifest number:          171D
Signing time:             Tue 11 Nov 2025 10:00:41 +0000
Manifest this update:     Tue 11 Nov 2025 10:00:41 +0000
Manifest next update:     Wed 12 Nov 2025 10:00:41 +0000
Files and hashes:         1: wA7St1AmRN0DbiOS-wMyz7FNuNI.crl (hash: MN1c/4URyEz7yT2j4HzY2eV9U4TSyfJQuJsEiZnbt8g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/00b84b-b5d1-4c1d-8e70-09e8fafaf0cc/1/wA7St1AmRN0DbiOS-wMyz7FNuNI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/00b84b-b5d1-4c1d-8e70-09e8fafaf0cc/1/wA7St1AmRN0DbiOS-wMyz7FNuNI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wA7St1AmRN0DbiOS-wMyz7FNuNI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:49:5d:70:6c:e5:8b:01:cc:f8:5a:68:fe:93:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c00ed2b7502644dd036e2392fb0332cfb14db8d2
        Validity
            Not Before: Nov 11 10:00:41 2025 GMT
            Not After : Nov 12 10:00:41 2025 GMT
        Subject: CN=a349425e903c69c6ea2c8e9ffa9ab3b70853afe6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:b9:99:61:12:47:81:c2:c8:3b:42:c9:b5:5b:
                    cd:22:d9:73:c7:a3:c3:00:7a:f6:3f:f3:7b:22:ec:
                    db:12:bb:94:2d:42:6a:38:3b:b1:db:e6:df:11:a4:
                    36:61:6a:a8:b9:28:35:48:46:4f:ba:6c:75:b8:cf:
                    c6:9c:40:e9:7f:45:a3:c0:0d:0b:55:a9:bf:63:c2:
                    e4:06:82:8f:b5:bf:14:6d:46:e1:07:95:1a:8e:bd:
                    30:c4:3d:2c:2c:fc:e9:d7:10:24:4a:17:fe:cf:e6:
                    db:25:78:ff:dc:59:6b:0b:13:d7:f0:cc:fa:18:37:
                    31:3b:55:c8:c4:4e:47:cd:ee:37:c3:c3:70:2f:55:
                    a4:be:e9:2c:9d:f9:68:d2:cf:23:70:07:24:f4:a2:
                    a2:79:a9:28:c8:5f:96:d9:62:02:65:13:29:fe:c4:
                    8f:9d:fd:b6:04:71:0d:43:a7:1b:31:09:e0:8b:54:
                    0f:99:74:bb:36:c7:ed:a9:fb:ec:ed:a3:06:88:bf:
                    8f:21:dd:b4:4c:7f:0f:9c:7f:0e:ee:85:e9:67:f2:
                    7b:58:db:64:e5:c2:45:0b:b4:95:58:d7:72:c6:c3:
                    9b:1e:1a:ee:3e:e0:69:80:52:96:b0:a2:dd:db:dc:
                    37:83:bc:bd:9b:21:51:18:37:1d:6c:d2:c2:56:81:
                    46:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:49:42:5E:90:3C:69:C6:EA:2C:8E:9F:FA:9A:B3:B7:08:53:AF:E6
            X509v3 Authority Key Identifier:
                keyid:C0:0E:D2:B7:50:26:44:DD:03:6E:23:92:FB:03:32:CF:B1:4D:B8:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wA7St1AmRN0DbiOS-wMyz7FNuNI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/00b84b-b5d1-4c1d-8e70-09e8fafaf0cc/1/wA7St1AmRN0DbiOS-wMyz7FNuNI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/00b84b-b5d1-4c1d-8e70-09e8fafaf0cc/1/wA7St1AmRN0DbiOS-wMyz7FNuNI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:12:24:82:42:0e:f0:05:36:b8:b5:71:3f:66:23:2b:84:10:
         10:77:6f:cc:7b:ae:3a:2f:43:8d:3c:b3:17:61:90:81:c1:a3:
         e9:66:23:09:20:4b:61:5b:1c:bd:56:21:12:7e:4b:47:b3:c5:
         f4:6b:41:a0:dc:e3:a8:55:8c:e6:fd:48:38:22:40:13:61:d2:
         da:55:22:e2:89:1a:5b:6d:38:2d:bf:91:d1:81:79:12:01:32:
         1e:7a:e2:15:ab:98:e7:f3:32:8e:b9:8e:ac:f4:f8:fb:29:be:
         94:e8:9e:62:e3:1a:27:3c:d5:02:de:0b:f2:23:f9:f3:63:44:
         d1:5e:6f:8f:e1:0a:2c:b3:09:71:31:82:39:54:e4:76:2f:48:
         f2:32:10:e9:de:7e:98:a1:c0:f8:b3:6c:08:2f:63:71:6f:20:
         b9:e1:20:dc:5e:1a:6e:9e:74:26:20:1b:c8:67:89:9a:d7:9f:
         c7:cf:8f:6d:0a:3a:0e:c6:7c:e2:59:38:2c:d3:5d:bc:d3:8d:
         76:9f:eb:c6:d4:7f:3e:cc:5c:6d:a9:b3:bf:95:bd:3b:80:68:
         2b:e2:56:dd:1c:a8:bd:1f:73:3b:fa:55:8a:74:6c:3a:34:9a:
         08:64:be:bf:fb:2a:dc:f3:d9:d0:30:31:90:8b:48:72:d8:31:
         98:8b:56:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXEldcGzliwHM+Fpo/pMJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwMGVkMmI3NTAyNjQ0ZGQwMzZlMjM5MmZiMDMzMmNmYjE0
ZGI4ZDIwHhcNMjUxMTExMTAwMDQxWhcNMjUxMTEyMTAwMDQxWjAzMTEwLwYDVQQD
EyhhMzQ5NDI1ZTkwM2M2OWM2ZWEyYzhlOWZmYTlhYjNiNzA4NTNhZmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbmZYRJHgcLIO0LJtVvNItlzx6PD
AHr2P/N7IuzbEruULUJqODux2+bfEaQ2YWqouSg1SEZPumx1uM/GnEDpf0WjwA0L
Vam/Y8LkBoKPtb8UbUbhB5Uajr0wxD0sLPzp1xAkShf+z+bbJXj/3FlrCxPX8Mz6
GDcxO1XIxE5Hze43w8NwL1Wkvuksnflo0s8jcAck9KKieakoyF+W2WICZRMp/sSP
nf22BHENQ6cbMQngi1QPmXS7Nsftqfvs7aMGiL+PId20TH8PnH8O7oXpZ/J7WNtk
5cJFC7SVWNdyxsObHhruPuBpgFKWsKLd29w3g7y9myFRGDcdbNLCVoFGVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKNJQl6QPGnG6iyOn/qas7cIU6/mMB8GA1UdIwQY
MBaAFMAO0rdQJkTdA24jkvsDMs+xTbjSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0E3U3QxQW1STjBEYmlPUy13TXl6N0ZOdU5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8wMGI4NGItYjVkMS00YzFkLThlNzAt
MDllOGZhZmFmMGNjLzEvd0E3U3QxQW1STjBEYmlPUy13TXl6N0ZOdU5JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8wMGI4NGItYjVkMS00YzFkLThlNzAtMDllOGZhZmFmMGNj
LzEvd0E3U3QxQW1STjBEYmlPUy13TXl6N0ZOdU5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKhIkgkIO
8AU2uLVxP2YjK4QQEHdvzHuuOi9DjTyzF2GQgcGj6WYjCSBLYVscvVYhEn5LR7PF
9GtBoNzjqFWM5v1IOCJAE2HS2lUi4okaW204Lb+R0YF5EgEyHnriFauY5/MyjrmO
rPT4+ym+lOieYuMaJzzVAt4L8iP582NE0V5vj+EKLLMJcTGCOVTkdi9I8jIQ6d5+
mKHA+LNsCC9jcW8gueEg3F4abp50JiAbyGeJmtefx8+PbQo6DsZ84lk4LNNdvNON
dp/rxtR/Psxcbamzv5W9O4BoK+JW3RyovR9zO/pVinRsOjSaCGS+v/sq3PPZ0DAx
kItIctgxmItWSQ==
-----END CERTIFICATE-----