Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.mft
File:                     X1G82J639bOrCIBu9Rp8L265jvw.mft (raw, json)
Hash identifier:          gQyq4YrOqKONAnxSpY3JUUy0G2ResWZP7Y1aqESv8qg=
Subject key identifier:   84:30:C9:78:82:C5:95:09:DD:CE:DF:11:46:9B:61:FF:92:94:ED:70
Authority key identifier: 5F:51:BC:D8:9E:B7:F5:B3:AB:08:80:6E:F5:1A:7C:2F:6E:B9:8E:FC
Certificate issuer:       /CN=5f51bcd89eb7f5b3ab08806ef51a7c2f6eb98efc
Certificate serial:       019A71B86E9790FEA6B6B6E723017F4C2440
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X1G82J639bOrCIBu9Rp8L265jvw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.mft
Manifest number:          1725
Signing time:             Tue 11 Nov 2025 07:01:43 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:43 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:43 +0000
Files and hashes:         1: X1G82J639bOrCIBu9Rp8L265jvw.crl (hash: ABzX9HCQ0Ps0TjhLklan2YMbsEuPfbPFKEPWn9OBTEY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/X1G82J639bOrCIBu9Rp8L265jvw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:6e:97:90:fe:a6:b6:b6:e7:23:01:7f:4c:24:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f51bcd89eb7f5b3ab08806ef51a7c2f6eb98efc
        Validity
            Not Before: Nov 11 07:01:43 2025 GMT
            Not After : Nov 12 07:01:43 2025 GMT
        Subject: CN=8430c97882c59509ddcedf11469b61ff9294ed70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:c6:bd:6a:9a:6e:3b:4e:11:59:97:fc:07:40:
                    50:9e:f6:0b:f3:1f:3f:66:24:e3:b4:0f:97:3b:49:
                    8b:0d:42:7c:c5:4d:44:6d:50:9f:28:01:98:a6:f7:
                    53:b1:2f:af:87:ea:72:54:4a:88:71:26:20:ff:63:
                    37:73:a7:87:71:66:92:82:a9:62:86:7e:9d:e0:8a:
                    52:9d:fa:7f:ef:c7:86:6e:c2:0b:72:7a:42:de:7c:
                    a3:9d:8e:6c:5e:ae:96:02:17:31:41:e4:c7:68:cd:
                    cb:00:1a:ba:9a:e6:6c:e6:82:46:da:c4:25:02:3e:
                    d8:70:8c:08:38:f5:4e:b0:6a:a3:3a:18:64:ba:a3:
                    cb:07:cb:ce:61:95:e5:7a:2a:bf:04:3b:22:74:c9:
                    18:da:49:4c:0a:a6:00:ba:ae:f1:d1:56:b3:4b:fd:
                    95:92:35:a4:74:4b:da:0d:4c:e2:a7:81:d7:20:a0:
                    f5:4b:bf:89:f4:56:70:d9:64:36:4e:a4:f4:cc:e4:
                    f0:fc:7e:75:a5:5c:b6:d7:27:c2:d3:a0:dd:09:b2:
                    0e:ea:36:1a:03:99:7c:3a:e5:1d:b4:1e:61:d1:6f:
                    9a:94:e7:a9:a3:40:9e:a5:2e:f0:85:87:15:c7:96:
                    b8:b1:06:d7:0a:fb:e3:76:d8:45:af:b2:3a:ac:06:
                    90:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:30:C9:78:82:C5:95:09:DD:CE:DF:11:46:9B:61:FF:92:94:ED:70
            X509v3 Authority Key Identifier:
                keyid:5F:51:BC:D8:9E:B7:F5:B3:AB:08:80:6E:F5:1A:7C:2F:6E:B9:8E:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X1G82J639bOrCIBu9Rp8L265jvw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:61:69:21:db:ee:d8:c5:fb:cc:13:7c:c0:9f:a4:1e:fd:7d:
         f1:03:0b:dc:db:32:33:1e:07:66:26:cc:5f:52:08:84:0f:34:
         14:e4:3a:2e:4d:ed:28:70:78:cc:c0:e8:dd:97:d3:78:0f:69:
         49:e3:dc:06:6c:96:03:6e:a2:79:ad:44:d2:17:3d:f2:96:13:
         1b:c4:e1:32:57:28:23:a9:0e:09:95:f5:08:cd:73:a9:b7:88:
         95:34:86:78:04:74:d5:4d:65:a9:e2:e5:f5:2e:b8:5d:f1:8c:
         2a:d8:6d:4f:78:61:a7:ba:7a:f1:fc:86:a6:0b:6d:7a:44:43:
         4c:e6:db:57:28:c0:86:d3:cd:96:6c:f0:26:4a:0c:3d:09:b9:
         8e:06:14:c9:a6:f8:e2:e5:aa:93:df:98:ab:f9:7e:76:2e:80:
         1f:f2:9c:15:4e:ff:4f:69:51:13:76:ef:bc:9d:43:d9:3d:b5:
         6b:4e:ad:5c:91:1b:02:40:6c:a4:f2:5f:6e:0d:40:d0:8e:51:
         84:2a:35:a2:8e:e1:76:46:9c:26:cb:21:0c:05:c7:3e:f4:46:
         c1:9a:36:6b:1c:13:24:d7:da:42:5b:09:5a:95:d1:0f:8c:94:
         34:7a:ad:13:27:fe:5a:e7:93:74:3e:58:de:38:65:9a:50:a2:
         ad:5e:8e:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuG6XkP6mtrbnIwF/TCRAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNTFiY2Q4OWViN2Y1YjNhYjA4ODA2ZWY1MWE3YzJmNmVi
OThlZmMwHhcNMjUxMTExMDcwMTQzWhcNMjUxMTEyMDcwMTQzWjAzMTEwLwYDVQQD
Eyg4NDMwYzk3ODgyYzU5NTA5ZGRjZWRmMTE0NjliNjFmZjkyOTRlZDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8a9appuO04RWZf8B0BQnvYL8x8/
ZiTjtA+XO0mLDUJ8xU1EbVCfKAGYpvdTsS+vh+pyVEqIcSYg/2M3c6eHcWaSgqli
hn6d4IpSnfp/78eGbsILcnpC3nyjnY5sXq6WAhcxQeTHaM3LABq6muZs5oJG2sQl
Aj7YcIwIOPVOsGqjOhhkuqPLB8vOYZXleiq/BDsidMkY2klMCqYAuq7x0VazS/2V
kjWkdEvaDUzip4HXIKD1S7+J9FZw2WQ2TqT0zOTw/H51pVy21yfC06DdCbIO6jYa
A5l8OuUdtB5h0W+alOepo0CepS7whYcVx5a4sQbXCvvjdthFr7I6rAaQYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIQwyXiCxZUJ3c7fEUabYf+SlO1wMB8GA1UdIwQY
MBaAFF9RvNiet/WzqwiAbvUafC9uuY78MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDFHODJKNjM5Yk9yQ0lCdTlScDhMMjY1anZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi80MWY2ZjUtY2VmMC00YTU3LThlNDct
MGE4NTk4NjIwOGE5LzEvWDFHODJKNjM5Yk9yQ0lCdTlScDhMMjY1anZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi80MWY2ZjUtY2VmMC00YTU3LThlNDctMGE4NTk4NjIwOGE5
LzEvWDFHODJKNjM5Yk9yQ0lCdTlScDhMMjY1anZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmWFpIdvu
2MX7zBN8wJ+kHv198QML3NsyMx4HZibMX1IIhA80FOQ6Lk3tKHB4zMDo3ZfTeA9p
SePcBmyWA26iea1E0hc98pYTG8ThMlcoI6kOCZX1CM1zqbeIlTSGeAR01U1lqeLl
9S64XfGMKthtT3hhp7p68fyGpgttekRDTObbVyjAhtPNlmzwJkoMPQm5jgYUyab4
4uWqk9+Yq/l+di6AH/KcFU7/T2lRE3bvvJ1D2T21a06tXJEbAkBspPJfbg1A0I5R
hCo1oo7hdkacJsshDAXHPvRGwZo2axwTJNfaQlsJWpXRD4yUNHqtEyf+WueTdD5Y
3jhlmlCirV6O8A==
-----END CERTIFICATE-----