Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft
File:                     _tPwXKP9-ef5nGXMagpnJPWTGnA.mft (raw, json)
Hash identifier:          YJIkalAlkW3yx9Hzvxi95RKLgJPD1hCtqzykJrCcSzU=
Subject key identifier:   E4:9C:8A:B3:9C:53:FF:6D:5D:CC:26:0B:75:A0:60:26:07:97:46:F7
Authority key identifier: FE:D3:F0:5C:A3:FD:F9:E7:F9:9C:65:CC:6A:0A:67:24:F5:93:1A:70
Certificate issuer:       /CN=fed3f05ca3fdf9e7f99c65cc6a0a6724f5931a70
Certificate serial:       019A71B8CC0D47A7D9CEAB3AA45B6126E9B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_tPwXKP9-ef5nGXMagpnJPWTGnA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft
Manifest number:          171A
Signing time:             Tue 11 Nov 2025 07:02:07 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:07 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:07 +0000
Files and hashes:         1: _tPwXKP9-ef5nGXMagpnJPWTGnA.crl (hash: irUvJXtdJP5YtPSiJK4D2tl5P1zir3XoM1LE7fQdH4s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_tPwXKP9-ef5nGXMagpnJPWTGnA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:cc:0d:47:a7:d9:ce:ab:3a:a4:5b:61:26:e9:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fed3f05ca3fdf9e7f99c65cc6a0a6724f5931a70
        Validity
            Not Before: Nov 11 07:02:07 2025 GMT
            Not After : Nov 12 07:02:07 2025 GMT
        Subject: CN=e49c8ab39c53ff6d5dcc260b75a06026079746f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:ce:9c:b0:9c:01:de:65:ac:4c:93:8a:c9:0b:
                    0f:43:7f:e7:29:92:e5:e9:00:df:c9:f1:e9:12:57:
                    b5:b7:a6:91:c5:3a:8b:ff:72:be:1b:9a:89:3e:10:
                    20:d4:65:b8:0a:27:03:13:34:d6:7e:b6:d4:7f:32:
                    ae:e6:14:57:4e:83:ee:c4:ac:a2:81:19:2d:55:92:
                    1f:3d:e4:8d:c0:9f:9e:eb:7e:1d:98:3c:3a:51:29:
                    dd:04:ff:59:6c:2b:2e:c4:4e:35:7d:04:b2:ea:13:
                    2f:76:2c:5a:c6:cf:bd:0f:50:fa:06:98:6a:db:c6:
                    06:e8:f4:f5:87:5b:bb:69:75:04:8b:60:1b:32:fd:
                    04:a5:bd:99:03:8d:d8:77:6e:75:a0:6a:08:35:b9:
                    c3:d5:1e:12:c0:f9:27:9d:f8:c1:7e:7b:69:84:f2:
                    89:98:f1:56:34:7d:30:82:9c:53:52:22:2c:00:0e:
                    d4:eb:5f:15:f2:cf:95:24:3a:1a:11:db:54:a1:b0:
                    7f:63:af:41:8f:de:03:e2:b0:d7:24:b2:c2:51:de:
                    4f:cc:3a:e3:29:10:65:0d:51:77:11:ed:6b:ad:c9:
                    a3:a4:7e:de:da:e6:2f:1b:cc:a6:c2:16:05:21:18:
                    2b:bd:b2:89:16:e4:9d:40:6f:f5:0e:f7:39:a8:c0:
                    72:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:9C:8A:B3:9C:53:FF:6D:5D:CC:26:0B:75:A0:60:26:07:97:46:F7
            X509v3 Authority Key Identifier:
                keyid:FE:D3:F0:5C:A3:FD:F9:E7:F9:9C:65:CC:6A:0A:67:24:F5:93:1A:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_tPwXKP9-ef5nGXMagpnJPWTGnA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:d7:8b:e4:fe:da:9b:bf:7f:f9:b1:25:6d:c5:f4:39:15:04:
         f4:05:9a:4f:88:d8:a8:97:b7:75:ec:a1:61:cb:38:ec:0e:e9:
         2f:8d:39:37:65:33:dc:52:3e:72:08:86:92:15:f6:15:41:d9:
         30:fe:4f:b9:2b:4a:9f:bc:71:8f:a4:3e:b3:70:69:53:52:6e:
         be:f9:05:5a:0b:4f:a4:14:a9:61:98:75:e5:7b:9a:6f:e5:83:
         ec:33:31:af:8d:0f:84:cb:15:82:f1:b4:68:c1:79:ab:a0:4c:
         3b:fe:aa:34:fe:22:25:52:41:f2:3a:df:64:22:ca:32:7b:23:
         2b:a1:0c:d3:ea:34:40:7b:f1:e3:da:df:c2:87:d8:96:bf:f0:
         ac:6b:8b:18:98:38:33:58:48:d6:86:e5:00:4f:ed:91:df:e0:
         3b:04:6b:ed:3f:86:4d:76:b7:cf:76:94:6d:89:87:2b:db:d8:
         75:60:64:e1:2a:52:6c:29:c1:60:9f:b1:71:e3:e9:8a:30:ee:
         50:a6:50:1f:ff:a2:3b:f7:07:96:0a:af:24:2f:58:33:07:5f:
         91:b1:1a:d4:e6:e0:ad:95:8f:44:91:b3:69:c0:cd:07:bf:3b:
         bb:1f:de:11:d6:a9:c4:22:d3:eb:0c:c0:ba:17:f3:3e:5e:5f:
         be:8b:73:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuMwNR6fZzqs6pFthJum0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZDNmMDVjYTNmZGY5ZTdmOTljNjVjYzZhMGE2NzI0ZjU5
MzFhNzAwHhcNMjUxMTExMDcwMjA3WhcNMjUxMTEyMDcwMjA3WjAzMTEwLwYDVQQD
EyhlNDljOGFiMzljNTNmZjZkNWRjYzI2MGI3NWEwNjAyNjA3OTc0NmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3s6csJwB3mWsTJOKyQsPQ3/nKZLl
6QDfyfHpEle1t6aRxTqL/3K+G5qJPhAg1GW4CicDEzTWfrbUfzKu5hRXToPuxKyi
gRktVZIfPeSNwJ+e634dmDw6USndBP9ZbCsuxE41fQSy6hMvdixaxs+9D1D6Bphq
28YG6PT1h1u7aXUEi2AbMv0Epb2ZA43Yd251oGoINbnD1R4SwPknnfjBfntphPKJ
mPFWNH0wgpxTUiIsAA7U618V8s+VJDoaEdtUobB/Y69Bj94D4rDXJLLCUd5PzDrj
KRBlDVF3Ee1rrcmjpH7e2uYvG8ymwhYFIRgrvbKJFuSdQG/1Dvc5qMByZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOScirOcU/9tXcwmC3WgYCYHl0b3MB8GA1UdIwQY
MBaAFP7T8Fyj/fnn+ZxlzGoKZyT1kxpwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3RQd1hLUDktZWY1bkdYTWFncG5KUFdUR25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9jOTU2MzktNzIyYS00MDIxLWJlZWIt
YWM1ZWU2MjViYWJjLzEvX3RQd1hLUDktZWY1bkdYTWFncG5KUFdUR25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9jOTU2MzktNzIyYS00MDIxLWJlZWItYWM1ZWU2MjViYWJj
LzEvX3RQd1hLUDktZWY1bkdYTWFncG5KUFdUR25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoteL5P7a
m79/+bElbcX0ORUE9AWaT4jYqJe3deyhYcs47A7pL405N2Uz3FI+cgiGkhX2FUHZ
MP5PuStKn7xxj6Q+s3BpU1JuvvkFWgtPpBSpYZh15Xuab+WD7DMxr40PhMsVgvG0
aMF5q6BMO/6qNP4iJVJB8jrfZCLKMnsjK6EM0+o0QHvx49rfwofYlr/wrGuLGJg4
M1hI1oblAE/tkd/gOwRr7T+GTXa3z3aUbYmHK9vYdWBk4SpSbCnBYJ+xcePpijDu
UKZQH/+iO/cHlgqvJC9YMwdfkbEa1ObgrZWPRJGzacDNB787ux/eEdapxCLT6wzA
uhfzPl5fvotz6g==
-----END CERTIFICATE-----