Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
File:                     I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft (raw, json)
Hash identifier:          ip8puCBhJLpTLw1+onSIi/YcGzyIdKLaG98jYkHaUIE=
Subject key identifier:   7C:13:B9:D5:AA:EB:33:25:37:D1:71:BF:8B:53:F3:7B:95:20:D9:2B
Authority key identifier: 23:F9:10:84:05:88:19:88:9A:4A:8F:32:EA:34:77:59:54:31:34:F0
Certificate issuer:       /CN=23f91084058819889a4a8f32ea347759543134f0
Certificate serial:       019A72263BE12AD901EB39D772041EA861CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
Manifest number:          171C
Signing time:             Tue 11 Nov 2025 09:01:39 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:39 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:39 +0000
Files and hashes:         1: I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl (hash: D54D9fzhinzjWGEx3SzFN48rL7EkztgwSNkB+fgKCzs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:3b:e1:2a:d9:01:eb:39:d7:72:04:1e:a8:61:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23f91084058819889a4a8f32ea347759543134f0
        Validity
            Not Before: Nov 11 09:01:39 2025 GMT
            Not After : Nov 12 09:01:39 2025 GMT
        Subject: CN=7c13b9d5aaeb332537d171bf8b53f37b9520d92b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:02:7b:23:0d:3d:bc:24:35:68:d2:cc:36:8d:
                    33:87:57:9a:8d:87:a0:46:23:82:2b:43:fb:7e:0a:
                    eb:b1:45:76:71:2d:3b:9a:7f:b1:7b:fb:c6:3f:0f:
                    50:b9:79:34:84:d8:0f:f6:ce:fd:03:05:f2:34:99:
                    8b:da:f1:d0:9a:47:52:7a:25:c2:2e:5a:6c:b1:c1:
                    0d:f1:24:d2:ec:f7:84:54:13:98:b8:24:ae:25:b8:
                    36:fc:b6:94:7b:b5:06:f0:5b:07:58:48:57:d6:79:
                    ef:0b:81:31:ba:7f:a9:e2:90:6d:48:be:3d:d5:c1:
                    a4:f9:96:ea:b3:e9:34:42:9e:eb:f9:cd:60:61:7e:
                    8a:e1:4e:80:f6:48:27:57:ed:30:4d:0b:60:13:b8:
                    da:23:9b:d5:a6:b9:bb:3f:55:5c:b4:de:89:ea:00:
                    dd:cb:0b:67:ef:c3:f0:b7:67:b3:74:ac:6b:f0:15:
                    49:6f:1d:de:20:df:1f:b5:ba:51:b6:e2:7f:ec:fb:
                    34:78:61:20:30:8b:57:27:32:66:8d:4a:35:07:7f:
                    5e:40:6d:96:ec:be:dc:5a:2b:2a:67:30:89:e5:41:
                    b5:29:47:4d:7d:05:de:5d:18:b2:9f:60:5e:b6:fa:
                    d7:9b:a6:08:cf:d4:7a:7d:f5:b7:71:1a:23:a2:cf:
                    0d:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:13:B9:D5:AA:EB:33:25:37:D1:71:BF:8B:53:F3:7B:95:20:D9:2B
            X509v3 Authority Key Identifier:
                keyid:23:F9:10:84:05:88:19:88:9A:4A:8F:32:EA:34:77:59:54:31:34:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:d2:48:8c:58:0b:a8:c7:40:93:4c:d5:d4:ce:91:8e:68:a5:
         e2:e7:6c:44:2b:a1:0b:67:69:66:dd:d6:a3:5d:a9:35:dd:12:
         6a:65:91:e4:ca:15:7d:54:0d:8d:90:63:54:42:de:77:b5:c1:
         45:6b:26:30:67:aa:04:98:75:03:99:7a:dd:a7:e2:60:f6:38:
         a3:31:4c:b7:85:6a:4d:73:90:5c:3e:b5:97:bd:7d:32:6d:9e:
         83:d2:74:65:79:97:58:0b:de:d3:63:7d:fe:a1:f2:dc:19:d6:
         e1:5a:44:35:25:5a:c4:0e:21:17:f3:6c:7f:5a:9f:1b:9b:c9:
         8f:f2:70:91:40:aa:36:dc:f1:48:47:27:c7:20:c9:39:57:1a:
         27:c5:e0:4e:da:e6:76:65:db:9a:a9:ed:f1:7f:2f:c8:34:38:
         d6:0d:b4:96:9d:c5:c9:58:d6:b4:10:9b:81:fd:a8:8c:5c:9a:
         6d:e2:3a:6e:d9:5a:ec:de:15:16:80:7f:0e:03:82:50:af:0f:
         54:4a:5e:ca:56:a0:e9:cf:b5:fb:70:6f:fa:b4:f8:a3:b1:7b:
         4c:b2:e0:a1:1f:3f:a9:07:3d:22:18:ca:7f:ba:40:47:9a:c3:
         75:34:35:97:00:c5:ef:1a:5c:4f:49:2a:03:96:18:21:69:cc:
         6b:36:de:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJjvhKtkB6znXcgQeqGHPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZjkxMDg0MDU4ODE5ODg5YTRhOGYzMmVhMzQ3NzU5NTQz
MTM0ZjAwHhcNMjUxMTExMDkwMTM5WhcNMjUxMTEyMDkwMTM5WjAzMTEwLwYDVQQD
Eyg3YzEzYjlkNWFhZWIzMzI1MzdkMTcxYmY4YjUzZjM3Yjk1MjBkOTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAJ7Iw09vCQ1aNLMNo0zh1eajYeg
RiOCK0P7fgrrsUV2cS07mn+xe/vGPw9QuXk0hNgP9s79AwXyNJmL2vHQmkdSeiXC
LlpsscEN8STS7PeEVBOYuCSuJbg2/LaUe7UG8FsHWEhX1nnvC4Exun+p4pBtSL49
1cGk+Zbqs+k0Qp7r+c1gYX6K4U6A9kgnV+0wTQtgE7jaI5vVprm7P1VctN6J6gDd
ywtn78Pwt2ezdKxr8BVJbx3eIN8ftbpRtuJ/7Ps0eGEgMItXJzJmjUo1B39eQG2W
7L7cWisqZzCJ5UG1KUdNfQXeXRiyn2BetvrXm6YIz9R6ffW3cRojos8NEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHwTudWq6zMlN9Fxv4tT83uVINkrMB8GA1UdIwQY
MBaAFCP5EIQFiBmImkqPMuo0d1lUMTTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8yMDUwMDctNzljNi00ODUyLTg5MjQt
ZmRjZWQ0NWQyZmVjLzEvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8yMDUwMDctNzljNi00ODUyLTg5MjQtZmRjZWQ0NWQyZmVj
LzEvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIdJIjFgL
qMdAk0zV1M6Rjmil4udsRCuhC2dpZt3Wo12pNd0SamWR5MoVfVQNjZBjVELed7XB
RWsmMGeqBJh1A5l63afiYPY4ozFMt4VqTXOQXD61l719Mm2eg9J0ZXmXWAve02N9
/qHy3BnW4VpENSVaxA4hF/Nsf1qfG5vJj/JwkUCqNtzxSEcnxyDJOVcaJ8XgTtrm
dmXbmqnt8X8vyDQ41g20lp3FyVjWtBCbgf2ojFyabeI6btla7N4VFoB/DgOCUK8P
VEpeylag6c+1+3Bv+rT4o7F7TLLgoR8/qQc9IhjKf7pAR5rDdTQ1lwDF7xpcT0kq
A5YYIWnMazbe0w==
-----END CERTIFICATE-----