Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/d31eab-31e1-4964-962e-e15bc9650aab/1/8UVKs8Pgm2VctHJVOf9uaZMcRrA.mft
File:                     8UVKs8Pgm2VctHJVOf9uaZMcRrA.mft (raw, json)
Hash identifier:          BOjfSCb3JKxbuTE3lkfWfYHaOOdqAfd3BRJ/t0ARt7U=
Subject key identifier:   F4:D7:FF:BA:61:58:77:47:E1:B1:63:D0:5F:57:FB:2C:5C:80:34:C2
Authority key identifier: F1:45:4A:B3:C3:E0:9B:65:5C:B4:72:55:39:FF:6E:69:93:1C:46:B0
Certificate issuer:       /CN=f1454ab3c3e09b655cb4725539ff6e69931c46b0
Certificate serial:       019A73014F11595BDA660C31E744C154D460
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8UVKs8Pgm2VctHJVOf9uaZMcRrA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/d31eab-31e1-4964-962e-e15bc9650aab/1/8UVKs8Pgm2VctHJVOf9uaZMcRrA.mft
Manifest number:          171D
Signing time:             Tue 11 Nov 2025 13:00:56 +0000
Manifest this update:     Tue 11 Nov 2025 13:00:56 +0000
Manifest next update:     Wed 12 Nov 2025 13:00:56 +0000
Files and hashes:         1: 8UVKs8Pgm2VctHJVOf9uaZMcRrA.crl (hash: N1pADRWKHV6TlzsaVZ1e0LUsIKVs979r000PcGH15rs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/d31eab-31e1-4964-962e-e15bc9650aab/1/8UVKs8Pgm2VctHJVOf9uaZMcRrA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/d31eab-31e1-4964-962e-e15bc9650aab/1/8UVKs8Pgm2VctHJVOf9uaZMcRrA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8UVKs8Pgm2VctHJVOf9uaZMcRrA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:01:4f:11:59:5b:da:66:0c:31:e7:44:c1:54:d4:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f1454ab3c3e09b655cb4725539ff6e69931c46b0
        Validity
            Not Before: Nov 11 13:00:56 2025 GMT
            Not After : Nov 12 13:00:56 2025 GMT
        Subject: CN=f4d7ffba61587747e1b163d05f57fb2c5c8034c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f9:e0:53:21:3f:10:7c:a8:05:0d:c6:86:b7:f2:
                    a5:60:b5:5b:8a:a1:22:19:80:69:f0:f1:02:0c:85:
                    1f:ee:b3:94:ce:c5:20:04:26:99:5b:b0:e5:73:84:
                    d3:98:66:aa:ba:b3:7e:18:81:81:e1:61:d6:16:14:
                    1e:0f:7f:29:87:3d:76:d1:f8:9e:54:6c:fa:60:7c:
                    ff:7e:fb:43:8b:d3:7d:ef:a6:7a:eb:93:b8:a3:18:
                    57:2f:6b:c9:93:f9:56:54:81:83:77:39:3a:d6:4d:
                    ff:6b:bc:11:af:01:32:ae:40:95:eb:4a:df:3b:e2:
                    ad:a3:9b:fc:3c:6a:55:20:6f:66:cd:ec:69:b9:d3:
                    e5:a2:58:04:36:29:3b:9d:b2:c7:51:cf:59:17:f9:
                    f2:6f:b3:82:ee:34:ef:28:6f:71:7c:4a:84:f2:0c:
                    68:fa:6e:bb:5c:b4:c3:12:aa:72:81:89:b6:ca:b1:
                    6d:66:fb:b0:d9:54:3b:1b:ad:68:fb:67:ad:c2:2e:
                    12:7f:35:db:23:cb:64:2c:ae:a0:38:93:02:9e:11:
                    10:84:cc:c1:8c:95:b5:6d:7d:ee:bf:c0:75:71:0e:
                    77:b3:c9:b8:57:f0:e9:65:c6:1d:8f:29:4b:3c:a0:
                    77:24:90:98:d6:1e:1c:4f:fa:0c:34:2f:29:68:a1:
                    5b:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:D7:FF:BA:61:58:77:47:E1:B1:63:D0:5F:57:FB:2C:5C:80:34:C2
            X509v3 Authority Key Identifier:
                keyid:F1:45:4A:B3:C3:E0:9B:65:5C:B4:72:55:39:FF:6E:69:93:1C:46:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8UVKs8Pgm2VctHJVOf9uaZMcRrA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d31eab-31e1-4964-962e-e15bc9650aab/1/8UVKs8Pgm2VctHJVOf9uaZMcRrA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d31eab-31e1-4964-962e-e15bc9650aab/1/8UVKs8Pgm2VctHJVOf9uaZMcRrA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:cb:97:85:3a:1b:52:9e:3c:ef:ed:85:83:f1:4a:f4:3e:07:
         92:3b:bd:b6:73:3a:72:fe:4e:5a:4b:11:8c:52:84:7b:ce:a4:
         5a:62:3f:3e:64:ef:ed:b7:0b:de:91:a4:f5:bb:9a:ef:f3:01:
         24:89:a9:2b:72:36:75:93:8e:93:7b:31:af:0e:6f:d7:fc:1a:
         74:5f:62:7f:94:49:2e:dd:29:7b:88:39:3a:5f:8a:21:5b:79:
         e8:83:83:56:04:9a:71:48:64:e5:09:be:90:9c:75:7d:a4:8c:
         fa:06:db:c1:b4:e9:27:36:9a:c9:5e:e9:b5:e3:ea:71:71:f1:
         50:d0:1e:69:32:c1:7d:3f:af:a4:d1:60:f4:2e:c5:d9:85:72:
         fb:55:cd:ef:22:b1:cb:67:b3:13:cb:c9:58:0a:2c:52:66:d4:
         fd:e1:ac:4a:04:2b:01:0d:6e:30:2d:e9:ce:1e:8d:e7:34:86:
         ff:52:d9:6c:82:60:d2:1d:a0:eb:14:db:6a:ed:9f:72:6c:ea:
         4c:37:fe:0b:ea:86:75:26:91:71:a9:99:57:97:fc:bd:ad:a4:
         82:b6:6d:83:92:3c:2e:7f:14:75:26:52:98:10:86:99:56:0c:
         c1:06:4e:b2:ef:c1:ac:56:f3:6d:02:f0:c9:02:33:fa:40:4e:
         a2:c8:c2:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAU8RWVvaZgwx50TBVNRgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNDU0YWIzYzNlMDliNjU1Y2I0NzI1NTM5ZmY2ZTY5OTMx
YzQ2YjAwHhcNMjUxMTExMTMwMDU2WhcNMjUxMTEyMTMwMDU2WjAzMTEwLwYDVQQD
EyhmNGQ3ZmZiYTYxNTg3NzQ3ZTFiMTYzZDA1ZjU3ZmIyYzVjODAzNGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+eBTIT8QfKgFDcaGt/KlYLVbiqEi
GYBp8PECDIUf7rOUzsUgBCaZW7Dlc4TTmGaqurN+GIGB4WHWFhQeD38phz120fie
VGz6YHz/fvtDi9N976Z665O4oxhXL2vJk/lWVIGDdzk61k3/a7wRrwEyrkCV60rf
O+Kto5v8PGpVIG9mzexpudPlolgENik7nbLHUc9ZF/nyb7OC7jTvKG9xfEqE8gxo
+m67XLTDEqpygYm2yrFtZvuw2VQ7G61o+2etwi4SfzXbI8tkLK6gOJMCnhEQhMzB
jJW1bX3uv8B1cQ53s8m4V/DpZcYdjylLPKB3JJCY1h4cT/oMNC8paKFbpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPTX/7phWHdH4bFj0F9X+yxcgDTCMB8GA1UdIwQY
MBaAFPFFSrPD4JtlXLRyVTn/bmmTHEawMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVWS3M4UGdtMlZjdEhKVk9mOXVhWk1jUnJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kMzFlYWItMzFlMS00OTY0LTk2MmUt
ZTE1YmM5NjUwYWFiLzEvOFVWS3M4UGdtMlZjdEhKVk9mOXVhWk1jUnJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9kMzFlYWItMzFlMS00OTY0LTk2MmUtZTE1YmM5NjUwYWFi
LzEvOFVWS3M4UGdtMlZjdEhKVk9mOXVhWk1jUnJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbMuXhTob
Up487+2Fg/FK9D4Hkju9tnM6cv5OWksRjFKEe86kWmI/PmTv7bcL3pGk9bua7/MB
JImpK3I2dZOOk3sxrw5v1/wadF9if5RJLt0pe4g5Ol+KIVt56IODVgSacUhk5Qm+
kJx1faSM+gbbwbTpJzaayV7ptePqcXHxUNAeaTLBfT+vpNFg9C7F2YVy+1XN7yKx
y2ezE8vJWAosUmbU/eGsSgQrAQ1uMC3pzh6N5zSG/1LZbIJg0h2g6xTbau2fcmzq
TDf+C+qGdSaRcamZV5f8va2kgrZtg5I8Ln8UdSZSmBCGmVYMwQZOsu/BrFbzbQLw
yQIz+kBOosjCaw==
-----END CERTIFICATE-----