Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
File:                     y_nNJDztaTe2vqVxAoFP-bpCZiE.mft (raw, json)
Hash identifier:          LM2wpfYq3ITQbZEtS6U0NJOC8impjxm2xICp9lJfoB4=
Subject key identifier:   70:1E:8C:E8:D2:B7:9A:B1:05:56:8D:7B:CA:88:38:3D:A8:4C:BD:A1
Authority key identifier: CB:F9:CD:24:3C:ED:69:37:B6:BE:A5:71:02:81:4F:F9:BA:42:66:21
Certificate issuer:       /CN=cbf9cd243ced6937b6bea57102814ff9ba426621
Certificate serial:       019A72265FBCA4F78C64DC99A3A13AB0878F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
Manifest number:          171C
Signing time:             Tue 11 Nov 2025 09:01:48 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:48 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:48 +0000
Files and hashes:         1: y_nNJDztaTe2vqVxAoFP-bpCZiE.crl (hash: HTqSvBTdzwj41WC6E3N+la3D01bO+NIh+v+hvGyty3M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:5f:bc:a4:f7:8c:64:dc:99:a3:a1:3a:b0:87:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbf9cd243ced6937b6bea57102814ff9ba426621
        Validity
            Not Before: Nov 11 09:01:48 2025 GMT
            Not After : Nov 12 09:01:48 2025 GMT
        Subject: CN=701e8ce8d2b79ab105568d7bca88383da84cbda1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:fe:25:34:e6:d4:41:03:c3:fc:e1:fc:eb:d5:
                    f8:61:67:37:c1:35:62:a0:2c:16:31:d6:b1:1e:0a:
                    27:54:5c:be:ae:3f:cc:23:48:b1:59:5a:d3:6a:21:
                    63:43:9c:49:c0:47:21:0e:92:4c:5b:73:47:28:33:
                    b1:7e:06:d3:52:66:08:5c:0a:bc:6c:c5:4c:e3:35:
                    57:9a:c8:f7:60:53:68:e9:f8:6b:49:0d:09:92:91:
                    36:8a:29:9a:b4:92:c2:83:3c:d8:43:03:d5:44:4c:
                    51:67:fd:d9:e6:40:00:a7:96:28:06:5b:f8:bc:38:
                    67:f9:30:1b:76:2d:71:ed:a6:3e:74:0e:05:de:d0:
                    60:7e:1c:c0:fe:34:74:2b:7e:6b:44:ce:b4:a5:1c:
                    c9:b1:e4:54:41:1e:3b:84:d7:a3:c2:e0:64:59:38:
                    4f:03:54:cc:a2:36:16:75:37:ed:77:f0:e0:fc:c7:
                    42:9a:7c:2c:bb:8f:58:e6:4d:e5:92:c0:33:41:54:
                    40:92:3e:37:c0:ca:5d:6a:00:2b:19:29:e6:88:96:
                    9d:3c:fe:ee:70:9c:e1:8b:7d:0c:02:8f:b7:f0:e2:
                    1c:3b:7c:5e:e6:a5:ac:b8:32:b9:4f:04:97:65:41:
                    14:d2:e5:c3:37:e8:a5:18:99:7f:eb:cf:a0:5e:34:
                    99:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:1E:8C:E8:D2:B7:9A:B1:05:56:8D:7B:CA:88:38:3D:A8:4C:BD:A1
            X509v3 Authority Key Identifier:
                keyid:CB:F9:CD:24:3C:ED:69:37:B6:BE:A5:71:02:81:4F:F9:BA:42:66:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:be:e8:d1:ae:04:02:a6:70:74:d8:03:21:2b:cf:a6:a9:4b:
         88:04:ae:9e:aa:3f:54:1e:b0:81:ba:c1:81:73:ba:e9:26:08:
         88:f7:3f:19:1a:e1:f8:ff:34:80:3d:82:d6:2e:55:a9:77:e8:
         8d:61:98:7a:26:c6:8e:c5:e3:9d:ae:64:23:c0:b6:7b:a8:8a:
         d6:ec:91:c8:e1:62:c4:24:82:b9:ee:2c:43:81:02:8b:bd:1f:
         00:be:d2:2d:77:99:af:3b:28:6a:ab:e2:b3:7b:3f:b3:73:0c:
         49:bd:2a:f3:bc:be:50:d3:99:bd:88:79:85:19:48:12:56:87:
         d9:e3:b3:f7:63:4a:ad:06:b4:4a:8f:fd:7d:3f:ec:fb:d9:2c:
         2a:42:ee:9b:cd:16:64:8b:90:c4:bd:e1:00:6c:ba:f7:43:d3:
         ae:2c:ff:a0:a5:dd:12:2c:88:2f:9d:a6:ff:74:2e:b5:69:2e:
         4c:ed:41:60:4e:b3:22:01:11:88:7a:42:37:c7:93:ea:a9:df:
         3a:dc:19:eb:37:d7:83:c2:15:bf:37:23:ec:c6:ab:90:82:e2:
         a3:46:4e:94:2a:14:b0:fa:d2:5e:bf:5b:f7:e7:47:36:9c:e6:
         c8:bb:42:8c:27:8d:6d:d3:b0:23:74:c7:12:cd:c0:a5:38:8d:
         f6:51:0b:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJl+8pPeMZNyZo6E6sIePMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZjljZDI0M2NlZDY5MzdiNmJlYTU3MTAyODE0ZmY5YmE0
MjY2MjEwHhcNMjUxMTExMDkwMTQ4WhcNMjUxMTEyMDkwMTQ4WjAzMTEwLwYDVQQD
Eyg3MDFlOGNlOGQyYjc5YWIxMDU1NjhkN2JjYTg4MzgzZGE4NGNiZGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/4lNObUQQPD/OH869X4YWc3wTVi
oCwWMdaxHgonVFy+rj/MI0ixWVrTaiFjQ5xJwEchDpJMW3NHKDOxfgbTUmYIXAq8
bMVM4zVXmsj3YFNo6fhrSQ0JkpE2iimatJLCgzzYQwPVRExRZ/3Z5kAAp5YoBlv4
vDhn+TAbdi1x7aY+dA4F3tBgfhzA/jR0K35rRM60pRzJseRUQR47hNejwuBkWThP
A1TMojYWdTftd/Dg/MdCmnwsu49Y5k3lksAzQVRAkj43wMpdagArGSnmiJadPP7u
cJzhi30MAo+38OIcO3xe5qWsuDK5TwSXZUEU0uXDN+ilGJl/68+gXjSZUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHAejOjSt5qxBVaNe8qIOD2oTL2hMB8GA1UdIwQY
MBaAFMv5zSQ87Wk3tr6lcQKBT/m6QmYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy80OTdkZDEtNzU1ZS00NDJhLWIzMWQt
MWMxMzI1MGE2YTNjLzEveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy80OTdkZDEtNzU1ZS00NDJhLWIzMWQtMWMxMzI1MGE2YTNj
LzEveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjL7o0a4E
AqZwdNgDISvPpqlLiASunqo/VB6wgbrBgXO66SYIiPc/GRrh+P80gD2C1i5VqXfo
jWGYeibGjsXjna5kI8C2e6iK1uyRyOFixCSCue4sQ4ECi70fAL7SLXeZrzsoaqvi
s3s/s3MMSb0q87y+UNOZvYh5hRlIElaH2eOz92NKrQa0So/9fT/s+9ksKkLum80W
ZIuQxL3hAGy690PTriz/oKXdEiyIL52m/3QutWkuTO1BYE6zIgERiHpCN8eT6qnf
OtwZ6zfXg8IVvzcj7MarkILio0ZOlCoUsPrSXr9b9+dHNpzmyLtCjCeNbdOwI3TH
Es3ApTiN9lELZQ==
-----END CERTIFICATE-----