Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/c8961f-d1d7-46ac-9f8d-33ebac095077/1/rlDsNS6NuwzfbgjFfHHKoRpEUAM.mft
File:                     rlDsNS6NuwzfbgjFfHHKoRpEUAM.mft (raw, json)
Hash identifier:          CO//oQndGOvhQTS+9of3g5VJJqH0lNugCuXCuiCd2tA=
Subject key identifier:   71:FE:F6:6C:BC:B0:79:91:B2:DA:3F:19:D2:F6:AE:89:8D:E6:14:D1
Authority key identifier: AE:50:EC:35:2E:8D:BB:0C:DF:6E:08:C5:7C:71:CA:A1:1A:44:50:03
Certificate issuer:       /CN=ae50ec352e8dbb0cdf6e08c57c71caa11a445003
Certificate serial:       019A71B8985DFC28F57554A9B372E9275AF3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rlDsNS6NuwzfbgjFfHHKoRpEUAM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/c8961f-d1d7-46ac-9f8d-33ebac095077/1/rlDsNS6NuwzfbgjFfHHKoRpEUAM.mft
Manifest number:          171C
Signing time:             Tue 11 Nov 2025 07:01:54 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:54 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:54 +0000
Files and hashes:         1: rlDsNS6NuwzfbgjFfHHKoRpEUAM.crl (hash: C33XBqs8tigtwAzNTlb179sl+/fAF7lniCFh0faNno8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/c8961f-d1d7-46ac-9f8d-33ebac095077/1/rlDsNS6NuwzfbgjFfHHKoRpEUAM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/c8961f-d1d7-46ac-9f8d-33ebac095077/1/rlDsNS6NuwzfbgjFfHHKoRpEUAM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rlDsNS6NuwzfbgjFfHHKoRpEUAM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:98:5d:fc:28:f5:75:54:a9:b3:72:e9:27:5a:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae50ec352e8dbb0cdf6e08c57c71caa11a445003
        Validity
            Not Before: Nov 11 07:01:54 2025 GMT
            Not After : Nov 12 07:01:54 2025 GMT
        Subject: CN=71fef66cbcb07991b2da3f19d2f6ae898de614d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:32:af:ab:9a:e9:37:ff:39:99:25:3c:97:5f:
                    1d:6c:f4:cc:ed:b2:f2:b3:9a:c0:5b:ee:67:16:64:
                    40:83:e1:51:ae:92:34:1e:21:9a:64:5d:94:cd:9f:
                    ab:7b:bb:bb:69:99:7e:7f:3b:ae:cc:af:12:0a:ea:
                    a1:c4:4c:75:d7:03:2e:99:26:ae:b1:76:f0:e7:09:
                    bf:3b:4e:81:93:67:99:f0:e1:d6:2d:9f:ec:c4:75:
                    af:0a:a8:7a:82:b9:d6:58:84:4c:64:a4:d5:a3:1d:
                    81:89:39:e7:cd:76:78:53:4c:26:c1:3d:6f:3d:15:
                    fc:00:b1:da:a1:3e:01:73:d8:ab:f3:16:e8:08:80:
                    48:99:15:27:f5:9c:ce:7e:35:c3:bb:8b:8a:ef:79:
                    ec:a4:6a:e0:70:53:24:b2:67:70:02:5a:35:f4:bb:
                    6b:e4:22:a9:52:d1:bd:ca:9d:4c:7e:9a:43:a1:93:
                    8e:ea:e3:ef:34:db:86:1d:cd:df:6e:0a:ca:96:01:
                    d5:c1:e8:14:c4:03:2b:5d:23:2c:cf:00:50:36:f6:
                    21:eb:b7:4a:6f:50:ff:b9:af:01:c8:bf:49:f3:5f:
                    20:81:1d:e5:e1:d9:bb:b2:38:c6:dc:8a:95:2d:8d:
                    17:2c:3e:7f:a3:72:63:30:77:e3:31:2f:04:53:3b:
                    5d:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:FE:F6:6C:BC:B0:79:91:B2:DA:3F:19:D2:F6:AE:89:8D:E6:14:D1
            X509v3 Authority Key Identifier:
                keyid:AE:50:EC:35:2E:8D:BB:0C:DF:6E:08:C5:7C:71:CA:A1:1A:44:50:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rlDsNS6NuwzfbgjFfHHKoRpEUAM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/c8961f-d1d7-46ac-9f8d-33ebac095077/1/rlDsNS6NuwzfbgjFfHHKoRpEUAM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/c8961f-d1d7-46ac-9f8d-33ebac095077/1/rlDsNS6NuwzfbgjFfHHKoRpEUAM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:c9:50:20:6f:d9:87:01:6f:aa:fe:1e:23:e3:28:1b:8a:d6:
         d6:68:b8:1d:a5:a0:73:6b:80:93:37:7b:69:32:ac:20:35:0e:
         e7:06:19:69:c6:e3:1f:6c:98:a1:6c:c8:01:28:18:8c:97:82:
         15:49:15:f9:90:92:18:d0:08:b6:07:20:1b:05:fd:e0:f5:1e:
         bc:91:80:4d:74:57:d7:17:2c:0f:85:48:60:7f:53:e2:80:aa:
         4e:67:e6:64:99:a5:65:47:51:95:92:0a:9e:d7:23:bb:95:f2:
         c2:9d:02:ca:55:54:03:b5:2a:fc:fe:b7:92:7d:75:ec:89:b2:
         cf:aa:f7:82:7a:76:0b:13:fc:4c:30:46:f4:e2:0e:1e:29:10:
         46:cb:15:24:ce:60:68:6a:05:3b:56:7f:fd:c2:8a:e9:49:36:
         92:f4:65:e9:8b:17:b4:65:75:e8:bb:79:66:23:aa:78:fc:38:
         57:0a:b1:ee:a8:5a:b6:ef:a7:86:f1:5c:27:97:4d:bc:a5:05:
         71:09:a3:e6:76:45:b3:a8:a6:08:2b:e1:ca:2b:21:2b:a6:01:
         0b:66:3c:9f:1f:a8:3d:a7:0e:4d:91:40:56:c1:cf:7e:21:0d:
         b2:88:1c:31:a2:7f:28:93:d8:7b:51:6d:12:e0:b8:a5:46:31:
         b0:02:b6:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuJhd/Cj1dVSps3LpJ1rzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNTBlYzM1MmU4ZGJiMGNkZjZlMDhjNTdjNzFjYWExMWE0
NDUwMDMwHhcNMjUxMTExMDcwMTU0WhcNMjUxMTEyMDcwMTU0WjAzMTEwLwYDVQQD
Eyg3MWZlZjY2Y2JjYjA3OTkxYjJkYTNmMTlkMmY2YWU4OThkZTYxNGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujKvq5rpN/85mSU8l18dbPTM7bLy
s5rAW+5nFmRAg+FRrpI0HiGaZF2UzZ+re7u7aZl+fzuuzK8SCuqhxEx11wMumSau
sXbw5wm/O06Bk2eZ8OHWLZ/sxHWvCqh6grnWWIRMZKTVox2BiTnnzXZ4U0wmwT1v
PRX8ALHaoT4Bc9ir8xboCIBImRUn9ZzOfjXDu4uK73nspGrgcFMksmdwAlo19Ltr
5CKpUtG9yp1MfppDoZOO6uPvNNuGHc3fbgrKlgHVwegUxAMrXSMszwBQNvYh67dK
b1D/ua8ByL9J818ggR3l4dm7sjjG3IqVLY0XLD5/o3JjMHfjMS8EUztdSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHH+9my8sHmRsto/GdL2romN5hTRMB8GA1UdIwQY
MBaAFK5Q7DUujbsM324IxXxxyqEaRFADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmxEc05TNk51d3pmYmdqRmZISEtvUnBFVUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9jODk2MWYtZDFkNy00NmFjLTlmOGQt
MzNlYmFjMDk1MDc3LzEvcmxEc05TNk51d3pmYmdqRmZISEtvUnBFVUFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9jODk2MWYtZDFkNy00NmFjLTlmOGQtMzNlYmFjMDk1MDc3
LzEvcmxEc05TNk51d3pmYmdqRmZISEtvUnBFVUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYMlQIG/Z
hwFvqv4eI+MoG4rW1mi4HaWgc2uAkzd7aTKsIDUO5wYZacbjH2yYoWzIASgYjJeC
FUkV+ZCSGNAItgcgGwX94PUevJGATXRX1xcsD4VIYH9T4oCqTmfmZJmlZUdRlZIK
ntcju5Xywp0CylVUA7Uq/P63kn117Imyz6r3gnp2CxP8TDBG9OIOHikQRssVJM5g
aGoFO1Z//cKK6Uk2kvRl6YsXtGV16Lt5ZiOqePw4Vwqx7qhatu+nhvFcJ5dNvKUF
cQmj5nZFs6imCCvhyishK6YBC2Y8nx+oPacOTZFAVsHPfiENsogcMaJ/KJPYe1Ft
EuC4pUYxsAK2zw==
-----END CERTIFICATE-----