Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft
File:                     7bKno-y66qV0GCMdsLYkq797pkU.mft (raw, json)
Hash identifier:          b/CJ/3nDRiV4/qsPQ4SjTv5U81e1ZX16mfvz1Z1T/90=
Subject key identifier:   59:F8:6D:B7:65:D4:C2:0A:1D:7A:5F:9E:A0:D4:D0:60:C6:B3:75:34
Authority key identifier: ED:B2:A7:A3:EC:BA:EA:A5:74:18:23:1D:B0:B6:24:AB:BF:7B:A6:45
Certificate issuer:       /CN=edb2a7a3ecbaeaa57418231db0b624abbf7ba645
Certificate serial:       019A72260C5DB5EB4F96DD1D37A94C0E25F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7bKno-y66qV0GCMdsLYkq797pkU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 09:01:27 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:27 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:27 +0000
Files and hashes:         1: 7bKno-y66qV0GCMdsLYkq797pkU.crl (hash: xI/ltt8lo+TdLINn/0aYLClP3iWYU79D9rN5FJ/qAVM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7bKno-y66qV0GCMdsLYkq797pkU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:0c:5d:b5:eb:4f:96:dd:1d:37:a9:4c:0e:25:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=edb2a7a3ecbaeaa57418231db0b624abbf7ba645
        Validity
            Not Before: Nov 11 09:01:27 2025 GMT
            Not After : Nov 12 09:01:27 2025 GMT
        Subject: CN=59f86db765d4c20a1d7a5f9ea0d4d060c6b37534
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:e0:7a:13:50:db:42:1b:ca:7b:29:9b:74:39:
                    d4:46:be:a7:1c:e4:d2:7e:18:60:db:5f:7f:b5:80:
                    f7:c5:3d:e6:f2:af:b2:1c:7e:f6:89:c5:ba:6d:0f:
                    48:ff:b2:be:91:96:97:01:f4:ec:bf:0f:c3:15:fb:
                    aa:a7:85:2b:3c:18:ec:5f:a9:fe:7d:49:62:a3:db:
                    71:f9:d5:ef:26:62:1c:8a:52:e6:d8:86:4d:c0:6a:
                    28:ca:b3:76:fc:8f:2d:70:66:e8:bb:33:bb:26:e4:
                    3d:e8:8e:55:d9:60:db:bb:0b:9a:58:64:9a:7d:d2:
                    1b:c7:75:24:46:ab:5b:61:1d:5c:c4:50:2e:b8:4c:
                    0b:d9:4c:b1:e4:ca:4d:3b:4a:70:9b:b7:bc:e7:29:
                    55:c0:09:f3:84:4f:0d:fd:e6:35:18:a5:82:36:52:
                    cf:12:66:c7:1c:72:f3:eb:1e:01:84:39:ee:95:ee:
                    8e:cb:2f:b9:40:50:37:96:f8:3d:50:c8:ca:1d:eb:
                    a8:8c:39:6c:0d:91:f6:da:63:3f:66:73:ff:cf:d4:
                    b0:0e:bd:1f:c3:f2:90:ae:f8:76:91:0b:90:7b:9a:
                    9d:e3:23:b6:49:31:bc:c5:b9:86:b3:a9:44:93:20:
                    36:f3:42:ce:61:88:f4:ed:3f:30:25:4a:79:90:32:
                    dd:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:F8:6D:B7:65:D4:C2:0A:1D:7A:5F:9E:A0:D4:D0:60:C6:B3:75:34
            X509v3 Authority Key Identifier:
                keyid:ED:B2:A7:A3:EC:BA:EA:A5:74:18:23:1D:B0:B6:24:AB:BF:7B:A6:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7bKno-y66qV0GCMdsLYkq797pkU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b3:bb:3c:5a:d1:28:54:f7:8b:6f:f4:38:cb:fb:94:ac:8e:dd:
         f0:7c:90:73:17:a6:3d:6d:e5:1c:4e:b1:3a:39:d6:60:3b:20:
         af:69:79:3a:08:3b:0d:dc:39:0a:ca:81:a7:cb:6d:eb:5f:b8:
         82:81:12:78:66:92:91:26:49:b8:0c:35:73:32:43:62:43:cd:
         21:8a:06:35:8f:c1:9d:0a:d8:68:fc:e0:fe:de:a0:fa:97:c4:
         36:9d:ff:49:d1:0d:ce:b9:71:19:16:63:90:f7:fb:33:3c:5a:
         e2:ee:3e:57:60:90:ae:d7:5f:df:a7:41:4e:b3:c8:c3:16:54:
         51:70:8d:bf:d3:e1:1e:d1:67:14:01:d9:4b:50:6c:85:23:73:
         90:8c:aa:81:6f:ec:c1:1f:e8:c9:c0:75:29:ad:ce:62:f0:2e:
         25:e8:2a:7f:5c:c9:00:8d:83:5d:44:ba:0d:f3:03:2a:a1:62:
         7e:ea:df:c7:56:95:75:96:eb:38:3d:f2:e3:e1:32:9f:46:fc:
         de:49:ae:85:99:4e:18:74:db:51:b2:84:a8:cc:c2:ed:b0:db:
         e2:b2:92:ce:c3:0d:07:e0:7d:d5:b5:84:8d:a5:21:5d:fb:66:
         f3:7e:e1:5e:11:bd:17:88:38:6b:b1:ed:c2:c9:44:f8:a2:ae:
         52:51:b2:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJgxdtetPlt0dN6lMDiX3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkYjJhN2EzZWNiYWVhYTU3NDE4MjMxZGIwYjYyNGFiYmY3
YmE2NDUwHhcNMjUxMTExMDkwMTI3WhcNMjUxMTEyMDkwMTI3WjAzMTEwLwYDVQQD
Eyg1OWY4NmRiNzY1ZDRjMjBhMWQ3YTVmOWVhMGQ0ZDA2MGM2YjM3NTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7eB6E1DbQhvKeymbdDnURr6nHOTS
fhhg219/tYD3xT3m8q+yHH72icW6bQ9I/7K+kZaXAfTsvw/DFfuqp4UrPBjsX6n+
fUlio9tx+dXvJmIcilLm2IZNwGooyrN2/I8tcGbouzO7JuQ96I5V2WDbuwuaWGSa
fdIbx3UkRqtbYR1cxFAuuEwL2Uyx5MpNO0pwm7e85ylVwAnzhE8N/eY1GKWCNlLP
EmbHHHLz6x4BhDnule6Oyy+5QFA3lvg9UMjKHeuojDlsDZH22mM/ZnP/z9SwDr0f
w/KQrvh2kQuQe5qd4yO2STG8xbmGs6lEkyA280LOYYj07T8wJUp5kDLdYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFn4bbdl1MIKHXpfnqDU0GDGs3U0MB8GA1UdIwQY
MBaAFO2yp6PsuuqldBgjHbC2JKu/e6ZFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2JLbm8teTY2cVYwR0NNZHNMWWtxNzk3cGtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS80M2VkMWMtZmY1MC00MmUwLWI3ZDQt
YWYyNTRjZTNmZTY5LzEvN2JLbm8teTY2cVYwR0NNZHNMWWtxNzk3cGtVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS80M2VkMWMtZmY1MC00MmUwLWI3ZDQtYWYyNTRjZTNmZTY5
LzEvN2JLbm8teTY2cVYwR0NNZHNMWWtxNzk3cGtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs7s8WtEo
VPeLb/Q4y/uUrI7d8HyQcxemPW3lHE6xOjnWYDsgr2l5Ogg7Ddw5CsqBp8tt61+4
goESeGaSkSZJuAw1czJDYkPNIYoGNY/BnQrYaPzg/t6g+pfENp3/SdENzrlxGRZj
kPf7Mzxa4u4+V2CQrtdf36dBTrPIwxZUUXCNv9PhHtFnFAHZS1BshSNzkIyqgW/s
wR/oycB1Ka3OYvAuJegqf1zJAI2DXUS6DfMDKqFifurfx1aVdZbrOD3y4+Eyn0b8
3kmuhZlOGHTbUbKEqMzC7bDb4rKSzsMNB+B91bWEjaUhXftm837hXhG9F4g4a7Ht
wslE+KKuUlGyew==
-----END CERTIFICATE-----