Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/d341a6-98a2-4b1e-9ba4-b66044adbcb1/1/rTD7Q4juZxRK4E3choEtY-Ao9Hg.mft
File:                     rTD7Q4juZxRK4E3choEtY-Ao9Hg.mft (raw, json)
Hash identifier:          6CH6ke0Qb5EVC2MsywhVutr0S6T0uV8nKiCrREEEu9o=
Subject key identifier:   21:12:2B:5A:13:D9:07:76:F8:22:1D:78:AE:05:5D:62:AA:CB:AA:23
Authority key identifier: AD:30:FB:43:88:EE:67:14:4A:E0:4D:DC:86:81:2D:63:E0:28:F4:78
Certificate issuer:       /CN=ad30fb4388ee67144ae04ddc86812d63e028f478
Certificate serial:       019A71B8A68FF3AACD74ABB69DA9D200F8A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rTD7Q4juZxRK4E3choEtY-Ao9Hg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/d341a6-98a2-4b1e-9ba4-b66044adbcb1/1/rTD7Q4juZxRK4E3choEtY-Ao9Hg.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 07:01:57 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:57 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:57 +0000
Files and hashes:         1: rTD7Q4juZxRK4E3choEtY-Ao9Hg.crl (hash: OZ2jx84po7vCMxYgcyW0qtWEZeselJlLUReLA7OpcdA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/d341a6-98a2-4b1e-9ba4-b66044adbcb1/1/rTD7Q4juZxRK4E3choEtY-Ao9Hg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/d341a6-98a2-4b1e-9ba4-b66044adbcb1/1/rTD7Q4juZxRK4E3choEtY-Ao9Hg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rTD7Q4juZxRK4E3choEtY-Ao9Hg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:a6:8f:f3:aa:cd:74:ab:b6:9d:a9:d2:00:f8:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad30fb4388ee67144ae04ddc86812d63e028f478
        Validity
            Not Before: Nov 11 07:01:57 2025 GMT
            Not After : Nov 12 07:01:57 2025 GMT
        Subject: CN=21122b5a13d90776f8221d78ae055d62aacbaa23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:0d:a2:d8:4d:fe:ff:b7:4a:7f:8a:cc:37:6b:
                    52:1c:ea:a4:c6:8d:f5:75:cb:0b:fc:c9:9d:4c:c6:
                    a4:61:71:80:41:5d:2b:75:cb:15:20:45:62:5f:e7:
                    fb:38:3e:cd:fc:cb:31:75:b2:7c:fd:b8:81:63:87:
                    22:9b:c2:6e:c4:38:f1:92:2f:eb:69:7b:27:a6:a0:
                    07:63:06:9e:43:ee:32:76:f0:a3:14:e7:da:18:60:
                    89:ae:57:86:dc:c7:b8:5a:0e:7d:31:56:13:2d:e8:
                    07:eb:c2:7f:6e:ba:3d:dc:18:8c:82:f1:e8:95:f4:
                    4c:37:0f:da:c8:a3:4f:66:70:56:91:8d:31:8d:be:
                    44:c7:ce:fd:73:bb:87:29:2b:2b:18:a5:45:6d:06:
                    b0:eb:97:6c:db:bb:70:8a:af:fe:da:c5:0b:85:95:
                    13:85:a8:3d:42:9b:c0:12:94:73:f0:ab:12:59:99:
                    c5:7b:1f:54:f7:15:46:e1:ee:d1:ca:ed:45:00:d3:
                    6f:27:1e:cc:bf:fc:5a:5f:fa:27:d3:b6:80:01:e3:
                    b1:61:30:c4:28:05:7b:31:a5:e6:24:61:7b:93:13:
                    b9:21:f0:1f:b5:ac:58:1a:29:ae:48:c5:05:c7:73:
                    b6:a9:0d:24:98:78:48:57:90:7c:9e:45:95:4f:66:
                    49:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:12:2B:5A:13:D9:07:76:F8:22:1D:78:AE:05:5D:62:AA:CB:AA:23
            X509v3 Authority Key Identifier:
                keyid:AD:30:FB:43:88:EE:67:14:4A:E0:4D:DC:86:81:2D:63:E0:28:F4:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rTD7Q4juZxRK4E3choEtY-Ao9Hg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/d341a6-98a2-4b1e-9ba4-b66044adbcb1/1/rTD7Q4juZxRK4E3choEtY-Ao9Hg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/d341a6-98a2-4b1e-9ba4-b66044adbcb1/1/rTD7Q4juZxRK4E3choEtY-Ao9Hg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:10:7e:c0:cd:15:95:7c:8f:14:08:6f:2c:18:c9:da:21:8d:
         40:dd:5f:d5:18:b7:ec:c8:65:d1:0a:58:6c:b8:d9:24:f0:f3:
         9c:49:c5:aa:1f:9e:50:f4:d7:e1:3a:ca:64:82:67:d6:9a:44:
         81:e9:c8:87:46:36:66:ce:2e:17:3d:48:45:af:b4:f0:65:d3:
         f3:8c:fa:01:c3:6c:da:47:1b:4d:95:40:98:72:36:6f:8b:74:
         ea:ce:53:43:95:07:54:45:38:66:7a:fb:a7:59:c7:ae:9d:91:
         1c:a6:e5:73:86:66:bb:93:60:c5:4a:51:b5:5a:1e:9e:7b:34:
         a4:e0:ba:5e:c4:a9:1c:8f:bb:6d:40:0a:bd:99:d1:34:b5:70:
         bd:6a:9b:38:e1:7a:df:1d:97:99:f5:00:cc:31:ec:2c:11:4a:
         11:29:35:81:37:e5:07:60:5e:fc:f1:99:70:91:92:26:60:e7:
         71:ff:ec:18:6e:df:ac:78:f6:46:a0:6e:d3:a6:d7:73:97:d3:
         e2:c2:49:71:2d:88:7f:5d:60:52:0d:cd:8d:7a:0f:b5:b7:07:
         56:5c:f6:70:55:29:59:36:ff:a5:91:a1:30:21:99:02:ee:69:
         5f:29:ba:6a:54:70:3e:de:ce:a7:ce:2c:d7:10:f5:44:a0:22:
         c4:36:ac:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuKaP86rNdKu2nanSAPimMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMzBmYjQzODhlZTY3MTQ0YWUwNGRkYzg2ODEyZDYzZTAy
OGY0NzgwHhcNMjUxMTExMDcwMTU3WhcNMjUxMTEyMDcwMTU3WjAzMTEwLwYDVQQD
EygyMTEyMmI1YTEzZDkwNzc2ZjgyMjFkNzhhZTA1NWQ2MmFhY2JhYTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjw2i2E3+/7dKf4rMN2tSHOqkxo31
dcsL/MmdTMakYXGAQV0rdcsVIEViX+f7OD7N/MsxdbJ8/biBY4cim8JuxDjxki/r
aXsnpqAHYwaeQ+4ydvCjFOfaGGCJrleG3Me4Wg59MVYTLegH68J/bro93BiMgvHo
lfRMNw/ayKNPZnBWkY0xjb5Ex879c7uHKSsrGKVFbQaw65ds27twiq/+2sULhZUT
hag9QpvAEpRz8KsSWZnFex9U9xVG4e7Ryu1FANNvJx7Mv/xaX/on07aAAeOxYTDE
KAV7MaXmJGF7kxO5IfAftaxYGimuSMUFx3O2qQ0kmHhIV5B8nkWVT2ZJywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCESK1oT2Qd2+CIdeK4FXWKqy6ojMB8GA1UdIwQY
MBaAFK0w+0OI7mcUSuBN3IaBLWPgKPR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclREN1E0anVaeFJLNEUzY2hvRXRZLUFvOUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9kMzQxYTYtOThhMi00YjFlLTliYTQt
YjY2MDQ0YWRiY2IxLzEvclREN1E0anVaeFJLNEUzY2hvRXRZLUFvOUhnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9kMzQxYTYtOThhMi00YjFlLTliYTQtYjY2MDQ0YWRiY2Ix
LzEvclREN1E0anVaeFJLNEUzY2hvRXRZLUFvOUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVRB+wM0V
lXyPFAhvLBjJ2iGNQN1f1Ri37Mhl0QpYbLjZJPDznEnFqh+eUPTX4TrKZIJn1ppE
genIh0Y2Zs4uFz1IRa+08GXT84z6AcNs2kcbTZVAmHI2b4t06s5TQ5UHVEU4Znr7
p1nHrp2RHKblc4Zmu5NgxUpRtVoenns0pOC6XsSpHI+7bUAKvZnRNLVwvWqbOOF6
3x2XmfUAzDHsLBFKESk1gTflB2Be/PGZcJGSJmDncf/sGG7frHj2RqBu06bXc5fT
4sJJcS2If11gUg3NjXoPtbcHVlz2cFUpWTb/pZGhMCGZAu5pXym6alRwPt7Op84s
1xD1RKAixDaspw==
-----END CERTIFICATE-----