Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
File:                     FYi9izG5XpysnzgSjZW4UvA9V4Q.mft (raw, json)
Hash identifier:          EGP16by5mJUeLuGy9f3wfmQdXYkjx8TXf0O3FWyrpXs=
Subject key identifier:   12:DF:5A:EC:D7:FB:4C:99:6A:2B:F9:19:E4:63:B0:56:A7:55:8C:51
Authority key identifier: 15:88:BD:8B:31:B9:5E:9C:AC:9F:38:12:8D:95:B8:52:F0:3D:57:84
Certificate issuer:       /CN=1588bd8b31b95e9cac9f38128d95b852f03d5784
Certificate serial:       019A71B8CFF1A1E1EE516EFF7B5753E05011
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
Manifest number:          171C
Signing time:             Tue 11 Nov 2025 07:02:08 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:08 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:08 +0000
Files and hashes:         1: FYi9izG5XpysnzgSjZW4UvA9V4Q.crl (hash: xM1BfKGYVYQNghyHTtHP/crtDV3fv4AN9BEft1M42Vs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:cf:f1:a1:e1:ee:51:6e:ff:7b:57:53:e0:50:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1588bd8b31b95e9cac9f38128d95b852f03d5784
        Validity
            Not Before: Nov 11 07:02:08 2025 GMT
            Not After : Nov 12 07:02:08 2025 GMT
        Subject: CN=12df5aecd7fb4c996a2bf919e463b056a7558c51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:3b:b1:74:92:5a:76:e3:9c:5f:a1:ce:8c:f7:
                    a3:84:e5:f9:de:e6:fd:1d:ec:98:fd:d4:af:f4:d4:
                    73:f8:6e:2e:c8:0c:50:ac:c0:a4:a7:cb:79:87:e6:
                    d0:ca:94:d8:c3:84:e2:78:fe:0e:14:c8:1e:20:50:
                    32:83:a7:1f:76:c4:69:85:0d:49:cd:6a:63:13:29:
                    ce:7b:59:49:56:0c:e1:ac:36:b4:53:fd:a0:c2:a7:
                    68:f6:ec:b1:79:b3:a0:7f:c1:c4:18:9b:3e:71:b1:
                    6f:f2:f3:54:5e:88:b0:ef:1c:17:1b:18:f4:87:df:
                    6f:62:87:e4:d3:fe:72:9a:36:b1:98:88:f2:7b:73:
                    26:68:ae:6e:38:ba:c9:8f:a4:6a:c0:b6:4a:a7:5c:
                    04:4d:4a:a1:72:3b:4f:95:45:4a:1f:4c:28:b0:59:
                    3e:11:76:b7:c6:dc:3f:d2:3c:97:3d:0c:c0:c4:04:
                    ec:b9:9d:f1:da:23:a8:94:be:e9:8c:90:e5:08:09:
                    64:80:d4:3c:dc:03:43:0a:3d:35:60:31:98:c9:02:
                    00:d2:28:82:0d:66:3f:f2:69:1b:6a:46:f6:ab:89:
                    25:49:59:be:c2:5b:10:ed:d1:55:74:15:31:b3:f6:
                    fa:fc:c5:52:47:f5:dc:17:e2:33:30:d6:3d:da:41:
                    7e:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:DF:5A:EC:D7:FB:4C:99:6A:2B:F9:19:E4:63:B0:56:A7:55:8C:51
            X509v3 Authority Key Identifier:
                keyid:15:88:BD:8B:31:B9:5E:9C:AC:9F:38:12:8D:95:B8:52:F0:3D:57:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:ee:55:0a:11:59:e5:b4:2f:1e:7c:52:a8:5f:63:24:d8:4f:
         aa:a0:5f:f3:47:1e:e6:3b:60:c6:ff:2e:b6:51:8d:0e:cb:41:
         34:25:32:34:cd:74:0b:64:dc:d5:d3:e1:cf:72:a9:da:af:27:
         22:ac:61:d8:08:f6:47:c4:78:68:0a:65:a4:7a:bd:4d:6d:35:
         04:9e:d8:c7:49:2f:d6:14:53:20:a4:4f:46:9f:b5:ca:14:74:
         e1:00:d8:20:9a:a7:83:5b:38:be:42:87:22:b2:a2:c4:0c:75:
         ec:2f:fc:f6:29:f4:0e:2e:8f:a0:b0:cb:6d:cd:c5:c6:d4:67:
         62:e3:fa:91:3e:de:77:f3:56:6b:de:c5:a3:85:37:cb:b1:98:
         2e:4c:cf:e2:96:35:0d:99:1f:fa:6b:6e:01:52:86:fe:55:5c:
         33:85:85:9c:16:0a:b1:ba:eb:9f:98:b3:dc:56:44:57:d8:d3:
         da:f1:cf:c2:82:44:aa:d6:6c:12:d6:8e:58:5a:cc:08:73:13:
         7d:09:07:8d:0a:38:ff:f0:f4:eb:b2:31:15:3e:7f:57:ec:35:
         70:08:31:bb:70:36:0f:68:ed:03:db:e4:c2:e1:8a:28:b2:40:
         f2:22:80:39:e6:c9:e0:a4:8a:92:0c:23:65:c4:32:f0:f6:d3:
         a4:80:84:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuM/xoeHuUW7/e1dT4FARMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ODhiZDhiMzFiOTVlOWNhYzlmMzgxMjhkOTViODUyZjAz
ZDU3ODQwHhcNMjUxMTExMDcwMjA4WhcNMjUxMTEyMDcwMjA4WjAzMTEwLwYDVQQD
EygxMmRmNWFlY2Q3ZmI0Yzk5NmEyYmY5MTllNDYzYjA1NmE3NTU4YzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDuxdJJaduOcX6HOjPejhOX53ub9
HeyY/dSv9NRz+G4uyAxQrMCkp8t5h+bQypTYw4TieP4OFMgeIFAyg6cfdsRphQ1J
zWpjEynOe1lJVgzhrDa0U/2gwqdo9uyxebOgf8HEGJs+cbFv8vNUXoiw7xwXGxj0
h99vYofk0/5ymjaxmIjye3MmaK5uOLrJj6RqwLZKp1wETUqhcjtPlUVKH0wosFk+
EXa3xtw/0jyXPQzAxATsuZ3x2iOolL7pjJDlCAlkgNQ83ANDCj01YDGYyQIA0iiC
DWY/8mkbakb2q4klSVm+wlsQ7dFVdBUxs/b6/MVSR/XcF+IzMNY92kF+eQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBLfWuzX+0yZaiv5GeRjsFanVYxRMB8GA1UdIwQY
MBaAFBWIvYsxuV6crJ84Eo2VuFLwPVeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRllpOWl6RzVYcHlzbnpnU2paVzRVdkE5VjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9kMWFhMmUtYjgxOS00MjFjLTg0NTYt
YjVhZTgzOWYzMGUyLzEvRllpOWl6RzVYcHlzbnpnU2paVzRVdkE5VjRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9kMWFhMmUtYjgxOS00MjFjLTg0NTYtYjVhZTgzOWYzMGUy
LzEvRllpOWl6RzVYcHlzbnpnU2paVzRVdkE5VjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp+5VChFZ
5bQvHnxSqF9jJNhPqqBf80ce5jtgxv8utlGNDstBNCUyNM10C2Tc1dPhz3Kp2q8n
Iqxh2Aj2R8R4aAplpHq9TW01BJ7Yx0kv1hRTIKRPRp+1yhR04QDYIJqng1s4vkKH
IrKixAx17C/89in0Di6PoLDLbc3FxtRnYuP6kT7ed/NWa97Fo4U3y7GYLkzP4pY1
DZkf+mtuAVKG/lVcM4WFnBYKsbrrn5iz3FZEV9jT2vHPwoJEqtZsEtaOWFrMCHMT
fQkHjQo4//D067IxFT5/V+w1cAgxu3A2D2jtA9vkwuGKKLJA8iKAOebJ4KSKkgwj
ZcQy8PbTpICE3w==
-----END CERTIFICATE-----