Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/e7e36e-a323-4f47-a776-66b141194fd2/1/cm-USKkQ0ldBV6MEA_RsEXKu7bY.mft
File:                     cm-USKkQ0ldBV6MEA_RsEXKu7bY.mft (raw, json)
Hash identifier:          QighvcP443mLxyrItIFDhESkDWcifPT+NlD6FP4XdPY=
Subject key identifier:   4C:F3:9D:41:BC:82:16:49:66:B6:F1:F9:99:A2:3A:3C:5A:82:BA:41
Authority key identifier: 72:6F:94:48:A9:10:D2:57:41:57:A3:04:03:F4:6C:11:72:AE:ED:B6
Certificate issuer:       /CN=726f9448a910d2574157a30403f46c1172aeedb6
Certificate serial:       019A7112D2E10B0298B5A54DCEB3924A65BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cm-USKkQ0ldBV6MEA_RsEXKu7bY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/e7e36e-a323-4f47-a776-66b141194fd2/1/cm-USKkQ0ldBV6MEA_RsEXKu7bY.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 04:00:50 +0000
Manifest this update:     Tue 11 Nov 2025 04:00:50 +0000
Manifest next update:     Wed 12 Nov 2025 04:00:50 +0000
Files and hashes:         1: cm-USKkQ0ldBV6MEA_RsEXKu7bY.crl (hash: j7gfIZfYVxiL5/8WkVJlAxfHuYlxJbjBTKiMdqRXApM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/e7e36e-a323-4f47-a776-66b141194fd2/1/cm-USKkQ0ldBV6MEA_RsEXKu7bY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/e7e36e-a323-4f47-a776-66b141194fd2/1/cm-USKkQ0ldBV6MEA_RsEXKu7bY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cm-USKkQ0ldBV6MEA_RsEXKu7bY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:12:d2:e1:0b:02:98:b5:a5:4d:ce:b3:92:4a:65:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=726f9448a910d2574157a30403f46c1172aeedb6
        Validity
            Not Before: Nov 11 04:00:50 2025 GMT
            Not After : Nov 12 04:00:50 2025 GMT
        Subject: CN=4cf39d41bc82164966b6f1f999a23a3c5a82ba41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:3d:80:bd:be:82:67:38:87:2b:5f:47:2f:ea:
                    02:e8:b4:cc:44:fd:d1:62:26:03:24:ce:86:35:36:
                    1f:15:91:35:84:6d:17:fb:1b:e4:34:b1:ca:45:c2:
                    d2:c2:25:7b:78:1c:fa:ee:aa:b3:dd:da:4a:f5:26:
                    ea:d9:48:b3:d4:d4:22:da:66:f9:31:c8:02:fb:3e:
                    cc:51:8e:83:29:23:fd:a1:e9:83:32:42:44:60:2c:
                    94:34:fb:80:e2:05:e8:83:75:23:3e:6b:f0:bb:ef:
                    26:5d:7e:d4:9a:be:14:bd:5e:96:fd:bc:1b:31:c5:
                    1a:2d:3d:cd:3e:d1:1d:fd:0a:1a:78:cc:e4:b0:46:
                    21:75:c5:87:a9:10:9d:cf:56:ca:78:8e:e6:7a:cd:
                    aa:6a:5a:8d:32:11:45:20:92:00:5d:2b:97:6f:18:
                    43:43:a0:b6:9d:21:c5:e5:4e:de:3a:5d:95:ec:fd:
                    0e:a1:17:9b:d0:74:0c:25:ff:eb:76:f4:29:3b:8b:
                    fa:62:2b:0a:89:29:3d:f4:68:c6:42:09:c4:b5:44:
                    80:3a:89:9e:6d:6e:64:24:48:7c:99:1f:7b:55:39:
                    75:65:e9:a0:5c:fa:14:aa:f8:d6:a3:5c:cc:8d:b4:
                    49:c9:10:bc:13:3a:dd:1f:57:d3:3c:9a:d4:08:ad:
                    56:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:F3:9D:41:BC:82:16:49:66:B6:F1:F9:99:A2:3A:3C:5A:82:BA:41
            X509v3 Authority Key Identifier:
                keyid:72:6F:94:48:A9:10:D2:57:41:57:A3:04:03:F4:6C:11:72:AE:ED:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cm-USKkQ0ldBV6MEA_RsEXKu7bY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/e7e36e-a323-4f47-a776-66b141194fd2/1/cm-USKkQ0ldBV6MEA_RsEXKu7bY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/e7e36e-a323-4f47-a776-66b141194fd2/1/cm-USKkQ0ldBV6MEA_RsEXKu7bY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:bb:bb:6b:50:bd:23:15:50:4c:0b:ff:b0:d4:20:e0:50:c8:
         03:f3:07:6d:35:5e:72:65:0c:d5:27:95:e9:7f:43:0f:b3:aa:
         f1:ae:ce:de:32:1c:08:7c:b3:bf:38:20:26:83:b4:48:9e:5c:
         eb:c1:b8:fa:4d:ec:eb:99:c8:49:3a:d1:d6:7f:2e:e9:6f:0e:
         73:6f:4b:62:70:dc:44:84:19:b1:31:51:5a:42:b5:3a:82:7c:
         ac:21:9b:d4:ca:a2:55:e7:ea:cf:79:3a:d4:7f:54:40:40:d4:
         d8:16:a6:00:c6:db:b2:46:2a:48:49:d7:d1:d1:c7:f8:ad:50:
         52:60:e2:06:83:4f:9f:16:8e:3f:9d:09:bf:2a:30:12:02:4b:
         9e:8e:3e:f6:ff:e1:84:50:f2:5a:4b:5d:eb:ea:74:ac:2a:58:
         60:96:04:00:7d:53:6e:2b:33:50:09:0b:ee:5b:41:e8:ad:91:
         a1:83:73:d8:74:d2:87:28:35:f8:d7:1b:68:2a:15:df:17:a8:
         19:c3:da:92:8b:1b:1a:21:83:6d:67:d0:03:cf:71:a7:fd:5b:
         c3:6b:d4:7e:70:8b:59:ec:8e:c1:03:6d:f8:69:7e:ce:ba:b7:
         8a:ba:fa:12:ba:1d:4c:fe:29:da:f8:89:9a:6c:26:b3:2c:e2:
         1a:86:03:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEtLhCwKYtaVNzrOSSmW/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNmY5NDQ4YTkxMGQyNTc0MTU3YTMwNDAzZjQ2YzExNzJh
ZWVkYjYwHhcNMjUxMTExMDQwMDUwWhcNMjUxMTEyMDQwMDUwWjAzMTEwLwYDVQQD
Eyg0Y2YzOWQ0MWJjODIxNjQ5NjZiNmYxZjk5OWEyM2EzYzVhODJiYTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2T2Avb6CZziHK19HL+oC6LTMRP3R
YiYDJM6GNTYfFZE1hG0X+xvkNLHKRcLSwiV7eBz67qqz3dpK9Sbq2Uiz1NQi2mb5
McgC+z7MUY6DKSP9oemDMkJEYCyUNPuA4gXog3UjPmvwu+8mXX7Umr4UvV6W/bwb
McUaLT3NPtEd/QoaeMzksEYhdcWHqRCdz1bKeI7mes2qalqNMhFFIJIAXSuXbxhD
Q6C2nSHF5U7eOl2V7P0OoReb0HQMJf/rdvQpO4v6YisKiSk99GjGQgnEtUSAOome
bW5kJEh8mR97VTl1ZemgXPoUqvjWo1zMjbRJyRC8EzrdH1fTPJrUCK1WqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEzznUG8ghZJZrbx+ZmiOjxagrpBMB8GA1UdIwQY
MBaAFHJvlEipENJXQVejBAP0bBFyru22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY20tVVNLa1EwbGRCVjZNRUFfUnNFWEt1N2JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9lN2UzNmUtYTMyMy00ZjQ3LWE3NzYt
NjZiMTQxMTk0ZmQyLzEvY20tVVNLa1EwbGRCVjZNRUFfUnNFWEt1N2JZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9lN2UzNmUtYTMyMy00ZjQ3LWE3NzYtNjZiMTQxMTk0ZmQy
LzEvY20tVVNLa1EwbGRCVjZNRUFfUnNFWEt1N2JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABLu7a1C9
IxVQTAv/sNQg4FDIA/MHbTVecmUM1SeV6X9DD7Oq8a7O3jIcCHyzvzggJoO0SJ5c
68G4+k3s65nISTrR1n8u6W8Oc29LYnDcRIQZsTFRWkK1OoJ8rCGb1MqiVefqz3k6
1H9UQEDU2BamAMbbskYqSEnX0dHH+K1QUmDiBoNPnxaOP50JvyowEgJLno4+9v/h
hFDyWktd6+p0rCpYYJYEAH1TbiszUAkL7ltB6K2RoYNz2HTShyg1+NcbaCoV3xeo
GcPakosbGiGDbWfQA89xp/1bw2vUfnCLWeyOwQNt+Gl+zrq3irr6ErodTP4p2viJ
mmwmsyziGoYDrQ==
-----END CERTIFICATE-----