Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft
File:                     Le43b1HIyKVVUo1MFesfTKOZxJE.mft (raw, json)
Hash identifier:          xtx7wUduHT85OQphY2E+lBML+lfy/paFEjziN3QX9ps=
Subject key identifier:   D8:CC:22:5F:62:9C:F5:3A:73:8B:B8:89:F6:9A:64:7A:E3:A2:CF:80
Authority key identifier: 2D:EE:37:6F:51:C8:C8:A5:55:52:8D:4C:15:EB:1F:4C:A3:99:C4:91
Certificate issuer:       /CN=2dee376f51c8c8a555528d4c15eb1f4ca399c491
Certificate serial:       019A71B8F6EC0A5D0E8D2F317014895F8D92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Le43b1HIyKVVUo1MFesfTKOZxJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 07:02:18 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:18 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:18 +0000
Files and hashes:         1: Le43b1HIyKVVUo1MFesfTKOZxJE.crl (hash: rZ2+tKCeZFWnAkBRs2DzH9fWDiwQkctSXh/UQA44yZA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Le43b1HIyKVVUo1MFesfTKOZxJE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:f6:ec:0a:5d:0e:8d:2f:31:70:14:89:5f:8d:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2dee376f51c8c8a555528d4c15eb1f4ca399c491
        Validity
            Not Before: Nov 11 07:02:18 2025 GMT
            Not After : Nov 12 07:02:18 2025 GMT
        Subject: CN=d8cc225f629cf53a738bb889f69a647ae3a2cf80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:04:d5:e7:8a:2b:2e:61:89:8d:85:8e:65:61:
                    2a:0b:aa:78:ce:cd:b3:db:dd:b9:ac:98:bc:aa:12:
                    58:17:fe:4b:f4:01:87:d5:b7:22:9c:03:23:8b:f2:
                    14:40:db:44:6d:b2:16:08:ac:d7:43:06:36:41:6e:
                    b2:c6:56:37:be:07:b5:4b:d5:bb:f1:ce:e4:76:2e:
                    d3:09:ba:ff:d8:ed:08:a9:86:60:29:f6:9c:c0:a7:
                    df:18:09:6a:f9:36:a9:6f:da:97:e6:4e:cd:41:d1:
                    f8:ce:67:8a:1b:ec:67:f7:28:ed:73:50:1a:a2:af:
                    65:2a:d0:da:c4:35:23:79:95:62:e1:cc:a6:52:40:
                    78:fd:0b:af:71:d3:11:f5:93:32:cc:58:6a:6e:94:
                    64:30:a1:e9:6b:68:67:d9:d2:6c:00:7c:34:93:1d:
                    b2:e3:e1:83:2e:01:57:ba:a1:9e:bb:42:31:b6:6c:
                    2f:f4:07:41:3a:54:69:2d:72:79:5a:24:4b:e4:44:
                    68:90:b1:60:ba:17:08:05:15:2e:fe:49:75:34:ab:
                    73:04:d5:a2:90:5b:a7:5c:68:e7:30:cb:fa:ad:30:
                    94:83:d7:34:0c:5c:6e:87:82:f3:d6:b5:e2:88:42:
                    00:84:5e:33:b8:11:e8:34:03:8f:ce:39:1c:d0:a1:
                    46:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:CC:22:5F:62:9C:F5:3A:73:8B:B8:89:F6:9A:64:7A:E3:A2:CF:80
            X509v3 Authority Key Identifier:
                keyid:2D:EE:37:6F:51:C8:C8:A5:55:52:8D:4C:15:EB:1F:4C:A3:99:C4:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Le43b1HIyKVVUo1MFesfTKOZxJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:8a:51:22:3e:89:64:bd:c0:07:38:1d:bd:e1:17:f3:40:37:
         21:03:8e:34:71:56:7a:f7:e9:b0:8c:16:a5:d6:d3:e9:c3:e7:
         ce:59:f5:32:e1:90:16:52:fe:bd:4c:d2:7e:db:39:3b:5a:4f:
         41:d7:e9:d4:22:23:8d:1d:7b:5c:9f:94:8b:f6:6f:32:a2:3a:
         9c:6b:ce:36:e5:4f:32:98:c4:ce:80:d5:5e:11:ee:ff:92:ea:
         2e:1f:64:d8:8a:cd:66:06:c8:85:e6:c5:3b:60:2c:0f:26:d2:
         5c:88:95:d9:a9:49:7d:fe:52:24:22:4f:5b:af:0a:d5:8b:8d:
         8f:bb:1f:53:00:da:f6:11:07:26:69:66:b4:6b:dd:71:83:d6:
         9e:9a:e0:d6:42:7a:30:6d:c7:d3:e9:d4:d6:c3:28:ac:70:0f:
         47:68:3b:26:83:7c:44:f5:e9:1c:17:4f:e3:07:32:27:68:de:
         d6:08:0c:52:62:13:f6:04:ec:bb:7a:58:85:9d:c3:86:f5:5a:
         cf:b5:15:0a:1b:02:8c:05:15:7b:7a:44:8a:ba:2c:f5:1f:30:
         ab:5e:ed:58:37:b6:88:5a:b7:34:67:10:f7:84:21:2a:f5:d4:
         9c:e3:39:15:38:69:97:e1:35:ee:dd:f2:76:fb:11:dc:08:cc:
         35:73:58:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuPbsCl0OjS8xcBSJX42SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkZWUzNzZmNTFjOGM4YTU1NTUyOGQ0YzE1ZWIxZjRjYTM5
OWM0OTEwHhcNMjUxMTExMDcwMjE4WhcNMjUxMTEyMDcwMjE4WjAzMTEwLwYDVQQD
EyhkOGNjMjI1ZjYyOWNmNTNhNzM4YmI4ODlmNjlhNjQ3YWUzYTJjZjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwTV54orLmGJjYWOZWEqC6p4zs2z
2925rJi8qhJYF/5L9AGH1bcinAMji/IUQNtEbbIWCKzXQwY2QW6yxlY3vge1S9W7
8c7kdi7TCbr/2O0IqYZgKfacwKffGAlq+Tapb9qX5k7NQdH4zmeKG+xn9yjtc1Aa
oq9lKtDaxDUjeZVi4cymUkB4/QuvcdMR9ZMyzFhqbpRkMKHpa2hn2dJsAHw0kx2y
4+GDLgFXuqGeu0Ixtmwv9AdBOlRpLXJ5WiRL5ERokLFguhcIBRUu/kl1NKtzBNWi
kFunXGjnMMv6rTCUg9c0DFxuh4Lz1rXiiEIAhF4zuBHoNAOPzjkc0KFGyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNjMIl9inPU6c4u4ifaaZHrjos+AMB8GA1UdIwQY
MBaAFC3uN29RyMilVVKNTBXrH0yjmcSRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGU0M2IxSEl5S1ZWVW8xTUZlc2ZUS09aeEpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8zYmUwOTctMjhmNC00OWU4LWFkMjUt
ZmY1Y2JkYWM1ODQ1LzEvTGU0M2IxSEl5S1ZWVW8xTUZlc2ZUS09aeEpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8zYmUwOTctMjhmNC00OWU4LWFkMjUtZmY1Y2JkYWM1ODQ1
LzEvTGU0M2IxSEl5S1ZWVW8xTUZlc2ZUS09aeEpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH4pRIj6J
ZL3ABzgdveEX80A3IQOONHFWevfpsIwWpdbT6cPnzln1MuGQFlL+vUzSfts5O1pP
Qdfp1CIjjR17XJ+Ui/ZvMqI6nGvONuVPMpjEzoDVXhHu/5LqLh9k2IrNZgbIhebF
O2AsDybSXIiV2alJff5SJCJPW68K1YuNj7sfUwDa9hEHJmlmtGvdcYPWnprg1kJ6
MG3H0+nU1sMorHAPR2g7JoN8RPXpHBdP4wcyJ2je1ggMUmIT9gTsu3pYhZ3DhvVa
z7UVChsCjAUVe3pEiros9R8wq17tWDe2iFq3NGcQ94QhKvXUnOM5FThpl+E17t3y
dvsR3AjMNXNYbw==
-----END CERTIFICATE-----