Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft
File:                     JkXNQMgEm-mprn8DM2q9P-CCr7k.mft (raw, json)
Hash identifier:          1Wh1GW8Ln1hb1JKwblMioQGN5xf9laVgdBfzhFEEvRw=
Subject key identifier:   14:93:61:90:32:7F:E3:16:9D:F4:80:7B:90:5F:3E:D4:DC:83:DC:20
Authority key identifier: 26:45:CD:40:C8:04:9B:E9:A9:AE:7F:03:33:6A:BD:3F:E0:82:AF:B9
Certificate issuer:       /CN=2645cd40c8049be9a9ae7f03336abd3fe082afb9
Certificate serial:       019A71B8E4B4A53E05C223059E73A5B22174
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JkXNQMgEm-mprn8DM2q9P-CCr7k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft
Manifest number:          171D
Signing time:             Tue 11 Nov 2025 07:02:13 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:13 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:13 +0000
Files and hashes:         1: JkXNQMgEm-mprn8DM2q9P-CCr7k.crl (hash: 0+OmN3BAZOIkNfVSDNSoklPa+45I0TfPBvWneVecNoo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JkXNQMgEm-mprn8DM2q9P-CCr7k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:e4:b4:a5:3e:05:c2:23:05:9e:73:a5:b2:21:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2645cd40c8049be9a9ae7f03336abd3fe082afb9
        Validity
            Not Before: Nov 11 07:02:13 2025 GMT
            Not After : Nov 12 07:02:13 2025 GMT
        Subject: CN=14936190327fe3169df4807b905f3ed4dc83dc20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:16:a6:96:2b:5c:30:9c:fc:88:b2:fe:3d:c8:
                    e8:1e:94:c5:af:c9:5c:2d:3e:bb:dd:14:67:d8:db:
                    f5:8f:37:1d:16:f7:36:f0:c2:6e:7f:01:79:14:49:
                    45:0d:25:d4:cb:61:32:fe:fd:9e:81:62:91:aa:f8:
                    a7:1e:0c:90:d1:6d:fa:37:0d:c9:62:f9:31:11:aa:
                    5a:e0:40:98:d4:f4:85:e7:2a:6b:7b:73:cb:4e:35:
                    2e:a7:3c:99:40:01:04:b6:c7:90:e6:59:fe:80:72:
                    7e:9b:6b:b3:73:be:47:5a:22:7f:5f:47:f9:87:a8:
                    f0:bc:bd:c0:c5:1e:d8:86:d1:15:02:af:82:87:25:
                    be:61:ef:f6:7f:af:11:f7:01:56:63:fe:c5:85:74:
                    3d:ee:a2:9a:2b:2a:40:c8:0f:ea:c3:e4:20:68:0e:
                    6b:35:7c:25:f4:3d:38:43:5d:c8:17:07:e8:03:d6:
                    9e:5c:10:31:7d:1d:b0:ea:9a:48:95:77:f2:bc:f6:
                    9a:83:10:90:a2:3c:ed:a5:4c:bb:c1:3a:91:93:fd:
                    c0:0e:ce:07:30:5d:28:f7:20:bc:2a:21:ec:55:58:
                    8e:5c:c4:92:21:94:46:58:07:ce:d6:fe:56:4d:03:
                    ef:b2:0c:62:72:ef:17:6f:6d:39:31:87:8a:e2:fd:
                    a5:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:93:61:90:32:7F:E3:16:9D:F4:80:7B:90:5F:3E:D4:DC:83:DC:20
            X509v3 Authority Key Identifier:
                keyid:26:45:CD:40:C8:04:9B:E9:A9:AE:7F:03:33:6A:BD:3F:E0:82:AF:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JkXNQMgEm-mprn8DM2q9P-CCr7k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:d0:47:a6:2c:9d:e8:40:7d:1f:b4:95:b0:55:c1:93:5a:94:
         0f:ab:48:fc:1a:3b:12:fa:32:73:ca:cf:ec:66:9d:45:8e:00:
         a2:37:67:0e:cd:2f:de:c5:cc:d8:50:80:cc:59:62:18:03:92:
         e3:09:04:9c:8b:4a:62:c6:56:f0:8a:41:e9:36:c1:76:cb:93:
         a9:39:a9:4c:67:50:eb:94:97:6e:ad:58:f2:5d:a3:b7:22:5e:
         34:dc:8f:c1:eb:69:46:05:7e:5e:94:b6:b3:ea:f8:8b:51:bd:
         90:de:0b:5a:d9:dc:89:de:95:d7:9c:f1:bc:5c:c7:c5:2f:96:
         72:52:5e:5e:6d:3b:61:e6:b8:a5:ad:9c:b6:7d:aa:81:cb:f1:
         4e:d1:df:b6:9f:67:f7:13:0b:17:15:34:01:32:86:96:71:4f:
         1c:a4:3f:6f:d7:93:21:d6:41:4e:15:48:64:81:a5:e3:60:6e:
         e9:48:5a:8b:42:bd:a7:87:ee:6b:e0:49:38:91:45:00:f7:02:
         08:bc:23:71:f3:6e:45:11:89:5f:42:0a:94:85:15:90:9b:e8:
         0f:8e:f7:d4:07:46:a5:15:7e:98:fb:41:14:67:3c:4c:ef:e0:
         bc:6f:74:57:db:e7:21:5c:79:1c:76:cf:94:6e:e7:ae:55:b2:
         7e:7c:98:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuOS0pT4FwiMFnnOlsiF0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NDVjZDQwYzgwNDliZTlhOWFlN2YwMzMzNmFiZDNmZTA4
MmFmYjkwHhcNMjUxMTExMDcwMjEzWhcNMjUxMTEyMDcwMjEzWjAzMTEwLwYDVQQD
EygxNDkzNjE5MDMyN2ZlMzE2OWRmNDgwN2I5MDVmM2VkNGRjODNkYzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRamlitcMJz8iLL+PcjoHpTFr8lc
LT673RRn2Nv1jzcdFvc28MJufwF5FElFDSXUy2Ey/v2egWKRqvinHgyQ0W36Nw3J
YvkxEapa4ECY1PSF5ypre3PLTjUupzyZQAEEtseQ5ln+gHJ+m2uzc75HWiJ/X0f5
h6jwvL3AxR7YhtEVAq+ChyW+Ye/2f68R9wFWY/7FhXQ97qKaKypAyA/qw+QgaA5r
NXwl9D04Q13IFwfoA9aeXBAxfR2w6ppIlXfyvPaagxCQojztpUy7wTqRk/3ADs4H
MF0o9yC8KiHsVViOXMSSIZRGWAfO1v5WTQPvsgxicu8Xb205MYeK4v2lkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBSTYZAyf+MWnfSAe5BfPtTcg9wgMB8GA1UdIwQY
MBaAFCZFzUDIBJvpqa5/AzNqvT/ggq+5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmtYTlFNZ0VtLW1wcm44RE0ycTlQLUNDcjdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9kOTczMmItNGRmOS00NWM2LWE5MWUt
YzExNDlhMDE4MTVmLzEvSmtYTlFNZ0VtLW1wcm44RE0ycTlQLUNDcjdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9kOTczMmItNGRmOS00NWM2LWE5MWUtYzExNDlhMDE4MTVm
LzEvSmtYTlFNZ0VtLW1wcm44RE0ycTlQLUNDcjdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVdBHpiyd
6EB9H7SVsFXBk1qUD6tI/Bo7Evoyc8rP7GadRY4AojdnDs0v3sXM2FCAzFliGAOS
4wkEnItKYsZW8IpB6TbBdsuTqTmpTGdQ65SXbq1Y8l2jtyJeNNyPwetpRgV+XpS2
s+r4i1G9kN4LWtncid6V15zxvFzHxS+WclJeXm07Yea4pa2ctn2qgcvxTtHftp9n
9xMLFxU0ATKGlnFPHKQ/b9eTIdZBThVIZIGl42Bu6Uhai0K9p4fua+BJOJFFAPcC
CLwjcfNuRRGJX0IKlIUVkJvoD4731AdGpRV+mPtBFGc8TO/gvG90V9vnIVx5HHbP
lG7nrlWyfnyYvg==
-----END CERTIFICATE-----