Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/cb879b-9c96-429a-9bb3-e18d998c64ef/1/5huaXW2YcDw4cqG7P5DRA2hcvQQ.mft
File:                     5huaXW2YcDw4cqG7P5DRA2hcvQQ.mft (raw, json)
Hash identifier:          99l9Hn040ueV48ltCJtRPVTMwqNa2DkONAPSu3TUluo=
Subject key identifier:   FF:C3:A3:CE:3E:2F:C8:FE:CB:FF:24:05:81:A3:4B:32:5E:B1:6B:82
Authority key identifier: E6:1B:9A:5D:6D:98:70:3C:38:72:A1:BB:3F:90:D1:03:68:5C:BD:04
Certificate issuer:       /CN=e61b9a5d6d98703c3872a1bb3f90d103685cbd04
Certificate serial:       019A729336F5C4D8B8E5C0AD0981A2F6B3C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5huaXW2YcDw4cqG7P5DRA2hcvQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/cb879b-9c96-429a-9bb3-e18d998c64ef/1/5huaXW2YcDw4cqG7P5DRA2hcvQQ.mft
Manifest number:          171C
Signing time:             Tue 11 Nov 2025 11:00:41 +0000
Manifest this update:     Tue 11 Nov 2025 11:00:41 +0000
Manifest next update:     Wed 12 Nov 2025 11:00:41 +0000
Files and hashes:         1: 5huaXW2YcDw4cqG7P5DRA2hcvQQ.crl (hash: DNJjjC/0wXvDJ7RhnVp4D6Kl4DirBSU3D3B0t8McRmc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/cb879b-9c96-429a-9bb3-e18d998c64ef/1/5huaXW2YcDw4cqG7P5DRA2hcvQQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/cb879b-9c96-429a-9bb3-e18d998c64ef/1/5huaXW2YcDw4cqG7P5DRA2hcvQQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5huaXW2YcDw4cqG7P5DRA2hcvQQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:36:f5:c4:d8:b8:e5:c0:ad:09:81:a2:f6:b3:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e61b9a5d6d98703c3872a1bb3f90d103685cbd04
        Validity
            Not Before: Nov 11 11:00:41 2025 GMT
            Not After : Nov 12 11:00:41 2025 GMT
        Subject: CN=ffc3a3ce3e2fc8fecbff240581a34b325eb16b82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:48:a7:e5:43:fd:85:6b:a9:f5:ed:3f:4a:34:
                    3c:ac:a3:46:db:53:d1:b9:7b:40:f4:f7:09:87:d4:
                    52:23:69:ca:04:8f:36:81:ad:49:28:c4:63:c7:06:
                    2d:dc:82:c7:fa:af:2e:99:27:5a:53:28:f8:da:15:
                    b0:00:96:43:41:d6:6b:c9:1f:79:52:71:7a:d0:13:
                    65:e0:5c:07:5d:d6:a1:26:ea:99:40:94:58:fa:54:
                    db:34:a2:57:04:bb:83:25:76:40:7f:0a:33:9f:02:
                    53:32:f0:93:f5:c4:b0:7e:94:27:71:c3:5f:2d:97:
                    cb:c1:f0:89:72:11:91:a8:30:81:85:bc:4d:f0:b9:
                    95:0d:28:a7:77:66:92:54:eb:57:c4:b4:0a:4c:9c:
                    e4:61:05:c8:d8:db:da:ad:58:36:ae:80:42:a3:6b:
                    00:ee:c7:a4:4c:1c:bc:18:98:c2:c5:82:e7:b1:1b:
                    a7:f9:23:99:26:5f:a8:d0:25:1c:a5:7b:2c:b6:99:
                    3e:12:97:72:d0:15:42:2e:40:70:fa:cf:d4:f8:d6:
                    0f:5d:96:2f:1c:63:d2:cd:ae:17:e1:58:58:9a:a9:
                    13:e7:35:53:a9:74:7a:a4:51:00:3c:80:c7:7d:5f:
                    35:21:44:42:01:09:08:46:4a:aa:d2:4d:30:3c:72:
                    b6:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:C3:A3:CE:3E:2F:C8:FE:CB:FF:24:05:81:A3:4B:32:5E:B1:6B:82
            X509v3 Authority Key Identifier:
                keyid:E6:1B:9A:5D:6D:98:70:3C:38:72:A1:BB:3F:90:D1:03:68:5C:BD:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5huaXW2YcDw4cqG7P5DRA2hcvQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/cb879b-9c96-429a-9bb3-e18d998c64ef/1/5huaXW2YcDw4cqG7P5DRA2hcvQQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/cb879b-9c96-429a-9bb3-e18d998c64ef/1/5huaXW2YcDw4cqG7P5DRA2hcvQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:b4:db:53:41:6a:fd:b6:a6:0b:85:0d:77:7c:bc:ef:ad:3c:
         a9:c3:c8:e8:a1:74:c9:c0:12:8a:7d:48:6e:b8:0f:f5:f0:d8:
         a8:59:a0:8f:69:9a:34:6c:d9:ad:44:69:d0:6b:37:3d:6b:85:
         67:e8:8a:88:ab:f4:e7:7a:fd:e6:01:61:41:1b:f3:c0:30:ba:
         d5:ab:e6:21:f9:13:00:c5:36:64:61:ad:54:f1:57:7e:e4:40:
         42:74:8c:f1:d8:51:76:dd:03:e5:0b:b4:29:bf:6e:08:60:5f:
         3d:e1:ce:cb:cd:b1:1f:92:d5:b9:ae:2e:92:8f:23:cb:3d:44:
         b8:d5:e5:83:55:dd:3e:7b:e1:43:96:16:1f:0a:41:a7:f8:32:
         36:e3:f8:1a:23:c5:92:9e:82:6e:27:34:97:00:23:11:c8:94:
         c5:3e:8e:df:a2:ff:22:51:f6:81:56:96:22:66:34:f7:91:7f:
         44:7b:75:ec:87:78:45:81:14:33:ce:31:04:81:d7:0c:c8:0d:
         f4:66:2d:d9:c6:87:08:e5:6d:b4:cf:77:49:54:3e:ce:6d:d1:
         1f:3e:fd:f6:cc:f7:f3:03:76:24:12:94:09:c9:e7:2e:b1:5d:
         c4:0b:05:19:ed:8c:94:b8:81:a2:2a:c9:98:1f:f2:d6:f0:1d:
         a6:01:f7:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpykzb1xNi45cCtCYGi9rPHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2MWI5YTVkNmQ5ODcwM2MzODcyYTFiYjNmOTBkMTAzNjg1
Y2JkMDQwHhcNMjUxMTExMTEwMDQxWhcNMjUxMTEyMTEwMDQxWjAzMTEwLwYDVQQD
EyhmZmMzYTNjZTNlMmZjOGZlY2JmZjI0MDU4MWEzNGIzMjVlYjE2YjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0in5UP9hWup9e0/SjQ8rKNG21PR
uXtA9PcJh9RSI2nKBI82ga1JKMRjxwYt3ILH+q8umSdaUyj42hWwAJZDQdZryR95
UnF60BNl4FwHXdahJuqZQJRY+lTbNKJXBLuDJXZAfwoznwJTMvCT9cSwfpQnccNf
LZfLwfCJchGRqDCBhbxN8LmVDSind2aSVOtXxLQKTJzkYQXI2NvarVg2roBCo2sA
7sekTBy8GJjCxYLnsRun+SOZJl+o0CUcpXsstpk+Epdy0BVCLkBw+s/U+NYPXZYv
HGPSza4X4VhYmqkT5zVTqXR6pFEAPIDHfV81IURCAQkIRkqq0k0wPHK2xQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP/Do84+L8j+y/8kBYGjSzJesWuCMB8GA1UdIwQY
MBaAFOYbml1tmHA8OHKhuz+Q0QNoXL0EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWh1YVhXMlljRHc0Y3FHN1A1RFJBMmhjdlFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jYjg3OWItOWM5Ni00MjlhLTliYjMt
ZTE4ZDk5OGM2NGVmLzEvNWh1YVhXMlljRHc0Y3FHN1A1RFJBMmhjdlFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9jYjg3OWItOWM5Ni00MjlhLTliYjMtZTE4ZDk5OGM2NGVm
LzEvNWh1YVhXMlljRHc0Y3FHN1A1RFJBMmhjdlFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFLTbU0Fq
/bamC4UNd3y87608qcPI6KF0ycASin1IbrgP9fDYqFmgj2maNGzZrURp0Gs3PWuF
Z+iKiKv053r95gFhQRvzwDC61avmIfkTAMU2ZGGtVPFXfuRAQnSM8dhRdt0D5Qu0
Kb9uCGBfPeHOy82xH5LVua4uko8jyz1EuNXlg1XdPnvhQ5YWHwpBp/gyNuP4GiPF
kp6Cbic0lwAjEciUxT6O36L/IlH2gVaWImY095F/RHt17Id4RYEUM84xBIHXDMgN
9GYt2caHCOVttM93SVQ+zm3RHz799sz38wN2JBKUCcnnLrFdxAsFGe2MlLiBoirJ
mB/y1vAdpgH31A==
-----END CERTIFICATE-----