Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/d531a8-02ae-4b0b-8f44-5287698aff3c/1/dLCDZQKVGJ8AmqdMEsvGHuI_p1M.mft
File:                     dLCDZQKVGJ8AmqdMEsvGHuI_p1M.mft (raw, json)
Hash identifier:          C+9qZYebnt4QeDFX/4+BvybolWv6FO3z3U/NbMszne4=
Subject key identifier:   8D:03:06:AE:AA:96:69:1F:A6:87:8A:3D:BF:95:57:A5:98:A8:B4:72
Authority key identifier: 74:B0:83:65:02:95:18:9F:00:9A:A7:4C:12:CB:C6:1E:E2:3F:A7:53
Certificate issuer:       /CN=74b083650295189f009aa74c12cbc61ee23fa753
Certificate serial:       019A71B7AA32823B579DC29EFE0C4934A2BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dLCDZQKVGJ8AmqdMEsvGHuI_p1M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/d531a8-02ae-4b0b-8f44-5287698aff3c/1/dLCDZQKVGJ8AmqdMEsvGHuI_p1M.mft
Manifest number:          171D
Signing time:             Tue 11 Nov 2025 07:00:53 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:53 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:53 +0000
Files and hashes:         1: dLCDZQKVGJ8AmqdMEsvGHuI_p1M.crl (hash: IAzxWsS2YSFkrY51LSzThUYRnBz0Hgd3AJ2EK9Oay2g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/d531a8-02ae-4b0b-8f44-5287698aff3c/1/dLCDZQKVGJ8AmqdMEsvGHuI_p1M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/d531a8-02ae-4b0b-8f44-5287698aff3c/1/dLCDZQKVGJ8AmqdMEsvGHuI_p1M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dLCDZQKVGJ8AmqdMEsvGHuI_p1M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:aa:32:82:3b:57:9d:c2:9e:fe:0c:49:34:a2:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74b083650295189f009aa74c12cbc61ee23fa753
        Validity
            Not Before: Nov 11 07:00:53 2025 GMT
            Not After : Nov 12 07:00:53 2025 GMT
        Subject: CN=8d0306aeaa96691fa6878a3dbf9557a598a8b472
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:dd:a1:d6:46:41:06:e8:96:ef:85:76:39:b3:
                    55:28:d0:5c:80:a1:fa:c7:fd:e9:54:c1:7a:31:5a:
                    72:df:53:6c:71:65:64:bc:a7:ae:27:5b:31:d8:74:
                    76:6e:48:83:22:9d:38:d5:c6:12:fe:cf:cc:61:dd:
                    66:de:61:51:37:52:c1:b6:94:8f:f5:73:27:95:8b:
                    85:be:07:b7:a6:28:76:e0:6c:2b:30:73:39:f1:86:
                    42:f0:4e:8e:8a:22:7f:38:f9:2f:b7:b3:fb:ec:2d:
                    26:5f:07:9c:84:fe:21:73:ec:1f:8e:d0:c6:11:56:
                    19:6f:ac:a3:8e:00:8b:40:ac:43:40:e6:09:4b:2d:
                    49:71:fb:35:73:5e:0e:83:5d:38:f1:7e:60:cb:66:
                    34:18:b9:8b:68:97:3c:9a:71:4e:42:0a:ff:2a:f7:
                    3f:96:cc:b2:10:20:dd:c5:df:52:42:fc:e3:18:35:
                    c4:3a:5f:c2:ae:90:5e:e5:5a:4a:86:a2:4a:bf:cc:
                    27:35:42:ab:ef:66:6b:31:04:a7:07:53:cc:ed:7c:
                    fa:36:12:7d:bc:ba:85:10:f3:1d:89:b1:e2:97:18:
                    6c:66:b1:ab:74:8a:84:ac:f9:94:a3:63:93:31:e8:
                    17:55:8e:4c:43:e5:28:ae:f8:3f:59:2a:31:3e:26:
                    71:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:03:06:AE:AA:96:69:1F:A6:87:8A:3D:BF:95:57:A5:98:A8:B4:72
            X509v3 Authority Key Identifier:
                keyid:74:B0:83:65:02:95:18:9F:00:9A:A7:4C:12:CB:C6:1E:E2:3F:A7:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dLCDZQKVGJ8AmqdMEsvGHuI_p1M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/d531a8-02ae-4b0b-8f44-5287698aff3c/1/dLCDZQKVGJ8AmqdMEsvGHuI_p1M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/d531a8-02ae-4b0b-8f44-5287698aff3c/1/dLCDZQKVGJ8AmqdMEsvGHuI_p1M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:23:de:9b:88:b7:35:6e:b8:f7:56:4f:9c:3f:7b:dc:88:78:
         56:0f:91:dc:f6:bf:ae:25:7a:af:0b:19:59:24:54:22:dd:ab:
         dd:08:ad:63:18:ef:cd:d7:aa:79:ce:c7:5e:24:12:e3:b4:8d:
         63:3c:d3:31:d3:2c:d4:d7:36:2f:7d:95:b8:33:e1:71:c7:fb:
         42:b2:a8:62:27:03:92:fd:8d:15:73:8a:90:6e:77:b7:68:23:
         5e:59:1a:8a:bc:a7:41:f1:e4:c9:7f:b4:09:f5:23:8b:a3:a9:
         6f:26:83:de:46:42:81:53:bf:31:e6:e8:25:6e:58:f7:af:a7:
         89:51:24:cf:66:73:63:62:dc:74:fe:68:af:79:8a:a6:c0:ff:
         97:3b:39:32:11:f7:8a:6a:d1:b5:11:24:9a:44:f2:35:44:d9:
         d1:59:d0:51:97:33:69:5f:cc:ce:13:cd:92:61:e2:2c:2f:9f:
         c8:b3:a4:55:bb:75:eb:4e:88:6b:76:7a:d0:5b:f3:40:03:f6:
         a7:71:ec:68:02:91:eb:3e:80:84:df:41:de:03:0a:22:12:de:
         d8:88:b6:20:d1:3f:c0:8c:57:22:49:c5:cb:1e:5a:4a:48:42:
         cf:57:7f:06:e0:18:fc:c7:72:96:d3:92:80:c5:2f:73:da:25:
         e4:ac:cf:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt6oygjtXncKe/gxJNKK/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YjA4MzY1MDI5NTE4OWYwMDlhYTc0YzEyY2JjNjFlZTIz
ZmE3NTMwHhcNMjUxMTExMDcwMDUzWhcNMjUxMTEyMDcwMDUzWjAzMTEwLwYDVQQD
Eyg4ZDAzMDZhZWFhOTY2OTFmYTY4NzhhM2RiZjk1NTdhNTk4YThiNDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8N2h1kZBBuiW74V2ObNVKNBcgKH6
x/3pVMF6MVpy31NscWVkvKeuJ1sx2HR2bkiDIp041cYS/s/MYd1m3mFRN1LBtpSP
9XMnlYuFvge3pih24GwrMHM58YZC8E6OiiJ/OPkvt7P77C0mXwechP4hc+wfjtDG
EVYZb6yjjgCLQKxDQOYJSy1Jcfs1c14Og1048X5gy2Y0GLmLaJc8mnFOQgr/Kvc/
lsyyECDdxd9SQvzjGDXEOl/CrpBe5VpKhqJKv8wnNUKr72ZrMQSnB1PM7Xz6NhJ9
vLqFEPMdibHilxhsZrGrdIqErPmUo2OTMegXVY5MQ+Uorvg/WSoxPiZxdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI0DBq6qlmkfpoeKPb+VV6WYqLRyMB8GA1UdIwQY
MBaAFHSwg2UClRifAJqnTBLLxh7iP6dTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZExDRFpRS1ZHSjhBbXFkTUVzdkdIdUlfcDFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9kNTMxYTgtMDJhZS00YjBiLThmNDQt
NTI4NzY5OGFmZjNjLzEvZExDRFpRS1ZHSjhBbXFkTUVzdkdIdUlfcDFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9kNTMxYTgtMDJhZS00YjBiLThmNDQtNTI4NzY5OGFmZjNj
LzEvZExDRFpRS1ZHSjhBbXFkTUVzdkdIdUlfcDFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIyPem4i3
NW6491ZPnD973Ih4Vg+R3Pa/riV6rwsZWSRUIt2r3QitYxjvzdeqec7HXiQS47SN
YzzTMdMs1Nc2L32VuDPhccf7QrKoYicDkv2NFXOKkG53t2gjXlkairynQfHkyX+0
CfUji6OpbyaD3kZCgVO/MeboJW5Y96+niVEkz2ZzY2LcdP5or3mKpsD/lzs5MhH3
imrRtREkmkTyNUTZ0VnQUZczaV/MzhPNkmHiLC+fyLOkVbt1606Ia3Z60FvzQAP2
p3HsaAKR6z6AhN9B3gMKIhLe2Ii2INE/wIxXIknFyx5aSkhCz1d/BuAY/MdyltOS
gMUvc9ol5KzPew==
-----END CERTIFICATE-----