Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft
File:                     I1PVKkAkkfT5n-VHG90aXdb0K7w.mft (raw, json)
Hash identifier:          uUUWLBAjTVqZ/cwkXoiq/hczymmhJJ9MOkD2kxu9mZY=
Subject key identifier:   6F:97:B2:E4:1A:5D:D3:67:00:BD:7D:E4:56:B4:F8:D7:BF:64:11:F7
Authority key identifier: 23:53:D5:2A:40:24:91:F4:F9:9F:E5:47:1B:DD:1A:5D:D6:F4:2B:BC
Certificate issuer:       /CN=2353d52a402491f4f99fe5471bdd1a5dd6f42bbc
Certificate serial:       019A7225C4D8F398D82863DF46B3BB96DE49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft
Manifest number:          1719
Signing time:             Tue 11 Nov 2025 09:01:08 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:08 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:08 +0000
Files and hashes:         1: I1PVKkAkkfT5n-VHG90aXdb0K7w.crl (hash: RDdrtHiIhfl2sEya9jVbW+3+feUA9TBKzQtORy9UJ+w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:c4:d8:f3:98:d8:28:63:df:46:b3:bb:96:de:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2353d52a402491f4f99fe5471bdd1a5dd6f42bbc
        Validity
            Not Before: Nov 11 09:01:08 2025 GMT
            Not After : Nov 12 09:01:08 2025 GMT
        Subject: CN=6f97b2e41a5dd36700bd7de456b4f8d7bf6411f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:3c:28:45:97:b3:40:c1:e7:4b:83:e1:54:70:
                    52:32:5b:1d:d1:7a:59:1e:30:7d:c5:f0:bb:c2:00:
                    21:03:72:73:16:28:98:25:38:f7:c6:4e:b7:20:69:
                    67:c9:76:31:42:12:55:09:91:3d:87:c6:83:48:64:
                    08:14:5f:3d:d5:d4:ae:23:11:e2:8a:e2:af:b3:47:
                    b4:a3:4a:07:1e:4b:8d:06:fd:ae:56:0d:15:b7:4a:
                    9f:b4:d0:ae:4d:60:78:55:a7:f8:5f:68:69:69:ad:
                    ff:df:d1:e3:70:b9:52:bb:a4:0d:a3:10:19:0d:ef:
                    f9:df:6e:33:f4:64:01:c9:ca:0d:8a:b1:d8:64:02:
                    79:af:4d:84:73:d2:78:e0:eb:ca:dd:21:06:58:10:
                    69:55:69:51:72:50:99:b9:02:4c:ad:2b:ea:e1:fd:
                    ba:94:e5:22:da:d4:f0:9d:58:07:fc:75:01:ed:61:
                    5b:20:00:d9:5b:60:23:c2:46:4c:fd:ed:ba:a6:ab:
                    05:3b:e7:62:41:7b:1f:71:56:7d:ad:83:d5:fe:d6:
                    07:a6:2c:4f:e7:dc:b9:f3:dc:c1:13:b1:7f:78:b9:
                    98:82:d3:9a:ed:0f:6c:bd:b6:b8:ba:f7:b2:8a:c4:
                    64:79:3a:9d:29:41:d3:05:b3:c1:84:2f:fd:8c:41:
                    fa:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:97:B2:E4:1A:5D:D3:67:00:BD:7D:E4:56:B4:F8:D7:BF:64:11:F7
            X509v3 Authority Key Identifier:
                keyid:23:53:D5:2A:40:24:91:F4:F9:9F:E5:47:1B:DD:1A:5D:D6:F4:2B:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:8d:df:53:32:57:23:9f:44:be:4d:bc:3e:9b:d7:fb:76:a5:
         e6:55:f5:94:9f:cb:c5:48:a1:10:8e:0b:03:bb:e3:17:a0:c0:
         9c:52:49:90:56:c8:17:d8:87:df:59:e7:8f:08:05:04:82:9e:
         7a:9e:83:bb:f5:d4:74:8d:65:4b:a0:8b:00:38:ba:8e:f8:27:
         b9:36:ae:8d:cb:62:32:4d:52:41:5c:d7:c6:1f:f1:19:66:00:
         c1:50:67:55:f8:47:43:57:1e:38:81:db:70:c0:48:f0:29:94:
         24:81:56:fe:7e:6e:3d:f2:cb:a2:fc:6c:1e:39:59:63:d9:00:
         7a:52:d3:25:a1:9d:f2:6e:a1:4a:a2:8f:40:fa:91:40:fe:eb:
         ac:44:36:0a:12:dd:bf:8f:cb:5e:63:c8:44:58:2c:df:cc:1c:
         23:3f:a2:e2:e6:64:35:17:42:5e:c6:75:f0:1b:54:bb:dc:6a:
         a6:c3:a7:4a:db:99:ca:8d:6a:a9:65:52:6d:c6:cd:8f:1e:0c:
         af:58:7b:24:f6:be:87:09:c9:a5:5a:60:99:34:09:1c:97:cd:
         91:e2:29:9f:85:46:4d:50:37:bc:1a:ac:ae:41:27:41:ce:ea:
         d6:37:aa:ac:2b:18:4b:a6:ad:9d:59:7b:c1:a2:dd:a4:7d:23:
         5b:a8:ee:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJcTY85jYKGPfRrO7lt5JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNTNkNTJhNDAyNDkxZjRmOTlmZTU0NzFiZGQxYTVkZDZm
NDJiYmMwHhcNMjUxMTExMDkwMTA4WhcNMjUxMTEyMDkwMTA4WjAzMTEwLwYDVQQD
Eyg2Zjk3YjJlNDFhNWRkMzY3MDBiZDdkZTQ1NmI0ZjhkN2JmNjQxMWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTwoRZezQMHnS4PhVHBSMlsd0XpZ
HjB9xfC7wgAhA3JzFiiYJTj3xk63IGlnyXYxQhJVCZE9h8aDSGQIFF891dSuIxHi
iuKvs0e0o0oHHkuNBv2uVg0Vt0qftNCuTWB4Vaf4X2hpaa3/39HjcLlSu6QNoxAZ
De/5324z9GQBycoNirHYZAJ5r02Ec9J44OvK3SEGWBBpVWlRclCZuQJMrSvq4f26
lOUi2tTwnVgH/HUB7WFbIADZW2AjwkZM/e26pqsFO+diQXsfcVZ9rYPV/tYHpixP
59y589zBE7F/eLmYgtOa7Q9svba4uveyisRkeTqdKUHTBbPBhC/9jEH6cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG+XsuQaXdNnAL195Fa0+Ne/ZBH3MB8GA1UdIwQY
MBaAFCNT1SpAJJH0+Z/lRxvdGl3W9Cu8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTFQVktrQWtrZlQ1bi1WSEc5MGFYZGIwSzd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xZjFhZjYtZGQxYi00MTE3LWFjMTct
ZGVhYjg1ODZmMmNlLzEvSTFQVktrQWtrZlQ1bi1WSEc5MGFYZGIwSzd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xZjFhZjYtZGQxYi00MTE3LWFjMTctZGVhYjg1ODZmMmNl
LzEvSTFQVktrQWtrZlQ1bi1WSEc5MGFYZGIwSzd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQI3fUzJX
I59Evk28PpvX+3al5lX1lJ/LxUihEI4LA7vjF6DAnFJJkFbIF9iH31nnjwgFBIKe
ep6Du/XUdI1lS6CLADi6jvgnuTaujctiMk1SQVzXxh/xGWYAwVBnVfhHQ1ceOIHb
cMBI8CmUJIFW/n5uPfLLovxsHjlZY9kAelLTJaGd8m6hSqKPQPqRQP7rrEQ2ChLd
v4/LXmPIRFgs38wcIz+i4uZkNRdCXsZ18BtUu9xqpsOnStuZyo1qqWVSbcbNjx4M
r1h7JPa+hwnJpVpgmTQJHJfNkeIpn4VGTVA3vBqsrkEnQc7q1jeqrCsYS6atnVl7
waLdpH0jW6juDg==
-----END CERTIFICATE-----