Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/307e30-177d-4b3f-b564-bd2f8c6d5499/1/v_tlOi9T2WcLP5GEAgnz8seKwbI.mft
File:                     v_tlOi9T2WcLP5GEAgnz8seKwbI.mft (raw, json)
Hash identifier:          mVyOQksFozOlPSTerT/yKVg5prNQpBa32gUqgnX5I0s=
Subject key identifier:   29:5C:A7:EC:CC:F3:D8:32:5D:24:DC:13:0F:4A:A6:42:2C:15:2E:B6
Authority key identifier: BF:FB:65:3A:2F:53:D9:67:0B:3F:91:84:02:09:F3:F2:C7:8A:C1:B2
Certificate issuer:       /CN=bffb653a2f53d9670b3f91840209f3f2c78ac1b2
Certificate serial:       019A71B793E6EA5506F740B67E53741DA105
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v_tlOi9T2WcLP5GEAgnz8seKwbI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/307e30-177d-4b3f-b564-bd2f8c6d5499/1/v_tlOi9T2WcLP5GEAgnz8seKwbI.mft
Manifest number:          171D
Signing time:             Tue 11 Nov 2025 07:00:47 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:47 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:47 +0000
Files and hashes:         1: v_tlOi9T2WcLP5GEAgnz8seKwbI.crl (hash: RfrfCLZZTILCXZ9Tm+k9Au10mc1pefWme2kDFvwLaME=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/307e30-177d-4b3f-b564-bd2f8c6d5499/1/v_tlOi9T2WcLP5GEAgnz8seKwbI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/307e30-177d-4b3f-b564-bd2f8c6d5499/1/v_tlOi9T2WcLP5GEAgnz8seKwbI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/v_tlOi9T2WcLP5GEAgnz8seKwbI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:93:e6:ea:55:06:f7:40:b6:7e:53:74:1d:a1:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bffb653a2f53d9670b3f91840209f3f2c78ac1b2
        Validity
            Not Before: Nov 11 07:00:47 2025 GMT
            Not After : Nov 12 07:00:47 2025 GMT
        Subject: CN=295ca7ecccf3d8325d24dc130f4aa6422c152eb6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:2d:35:ce:47:e9:ea:fd:d6:18:c9:ed:44:c1:
                    36:fa:22:44:58:5f:85:e6:11:fc:12:51:1e:33:40:
                    64:86:e6:8b:80:33:00:49:e5:5e:33:e8:01:91:06:
                    62:85:ea:6d:0d:ec:d0:ce:d5:c4:dc:46:7c:4c:23:
                    eb:27:95:f0:9e:fb:ff:c4:17:7a:5a:18:ef:38:d8:
                    62:31:b2:dd:77:3e:68:a6:bc:8d:63:05:8e:12:b3:
                    91:4a:c4:e7:88:7a:5a:64:db:62:60:78:af:e4:fd:
                    64:69:79:df:8c:8c:0c:10:84:e7:92:fd:c1:c4:c7:
                    50:23:75:0f:3c:8a:a9:15:fe:49:3e:cf:cf:4e:ae:
                    41:79:df:e5:7c:98:8f:6b:ee:a8:0c:75:a5:1f:f0:
                    ff:63:dc:a8:6f:1c:83:b2:f2:2e:76:61:d4:0e:6e:
                    07:b7:53:3d:8e:fc:1d:78:d6:ed:ba:a4:f9:21:cf:
                    ad:8b:d2:d3:ff:4f:05:b8:f5:da:30:95:0a:8b:c7:
                    a9:7c:bf:34:ca:40:c9:70:6e:9e:d7:3d:da:1c:a8:
                    b5:f5:16:9f:f6:24:be:61:d2:45:50:37:bd:d5:41:
                    df:5e:f8:48:d6:44:cf:c2:b3:f2:7b:4c:9d:b6:66:
                    5e:a0:47:c3:2c:f1:af:95:f2:f6:87:5f:0b:c9:ab:
                    8d:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:5C:A7:EC:CC:F3:D8:32:5D:24:DC:13:0F:4A:A6:42:2C:15:2E:B6
            X509v3 Authority Key Identifier:
                keyid:BF:FB:65:3A:2F:53:D9:67:0B:3F:91:84:02:09:F3:F2:C7:8A:C1:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v_tlOi9T2WcLP5GEAgnz8seKwbI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/307e30-177d-4b3f-b564-bd2f8c6d5499/1/v_tlOi9T2WcLP5GEAgnz8seKwbI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/307e30-177d-4b3f-b564-bd2f8c6d5499/1/v_tlOi9T2WcLP5GEAgnz8seKwbI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:62:ae:76:a6:b3:aa:a6:2c:2b:c6:86:9b:e5:8a:d9:17:11:
         08:1e:ee:34:23:ea:ab:48:58:7f:32:1c:9d:e3:09:54:d6:1e:
         f1:f2:9b:25:00:7a:be:7c:c4:39:e8:0f:60:05:dc:12:0a:a0:
         c8:15:b3:a7:25:d7:64:c4:36:37:33:31:6a:2f:3c:c2:e5:c5:
         54:3e:de:b4:2c:99:70:4f:db:46:bb:50:7f:6b:d9:97:97:49:
         65:fb:48:51:a9:83:06:06:00:9d:99:b2:0d:f6:8b:4e:e1:e4:
         f9:67:15:29:cd:08:55:69:29:59:3f:32:9d:bd:c1:45:e7:1d:
         a2:12:58:94:f3:40:df:ec:77:2c:4d:87:dd:93:3c:48:7a:a5:
         ad:3c:d6:62:e1:b1:41:46:27:c8:1a:92:4c:d0:15:9a:93:99:
         b6:15:1a:6b:0d:77:b1:71:6d:da:00:9d:72:e1:7d:59:0b:f2:
         08:9f:7e:50:35:75:d2:06:5f:e5:f7:29:5f:1e:53:f0:d2:07:
         5d:41:a0:fc:27:ba:9c:17:32:80:8b:99:9c:5d:62:8a:9a:bb:
         f2:b7:4a:51:17:44:4d:72:9e:a8:18:81:89:b1:0b:92:17:f4:
         a5:72:e7:cd:cc:4b:cf:01:92:df:84:ba:5b:8d:24:ae:aa:17:
         89:09:11:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt5Pm6lUG90C2flN0HaEFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZmI2NTNhMmY1M2Q5NjcwYjNmOTE4NDAyMDlmM2YyYzc4
YWMxYjIwHhcNMjUxMTExMDcwMDQ3WhcNMjUxMTEyMDcwMDQ3WjAzMTEwLwYDVQQD
EygyOTVjYTdlY2NjZjNkODMyNWQyNGRjMTMwZjRhYTY0MjJjMTUyZWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1S01zkfp6v3WGMntRME2+iJEWF+F
5hH8ElEeM0BkhuaLgDMASeVeM+gBkQZiheptDezQztXE3EZ8TCPrJ5Xwnvv/xBd6
WhjvONhiMbLddz5opryNYwWOErORSsTniHpaZNtiYHiv5P1kaXnfjIwMEITnkv3B
xMdQI3UPPIqpFf5JPs/PTq5Bed/lfJiPa+6oDHWlH/D/Y9yobxyDsvIudmHUDm4H
t1M9jvwdeNbtuqT5Ic+ti9LT/08FuPXaMJUKi8epfL80ykDJcG6e1z3aHKi19Raf
9iS+YdJFUDe91UHfXvhI1kTPwrPye0ydtmZeoEfDLPGvlfL2h18LyauNJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFClcp+zM89gyXSTcEw9KpkIsFS62MB8GA1UdIwQY
MBaAFL/7ZTovU9lnCz+RhAIJ8/LHisGyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdl90bE9pOVQyV2NMUDVHRUFnbno4c2VLd2JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMDdlMzAtMTc3ZC00YjNmLWI1NjQt
YmQyZjhjNmQ1NDk5LzEvdl90bE9pOVQyV2NMUDVHRUFnbno4c2VLd2JJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMDdlMzAtMTc3ZC00YjNmLWI1NjQtYmQyZjhjNmQ1NDk5
LzEvdl90bE9pOVQyV2NMUDVHRUFnbno4c2VLd2JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJWKudqaz
qqYsK8aGm+WK2RcRCB7uNCPqq0hYfzIcneMJVNYe8fKbJQB6vnzEOegPYAXcEgqg
yBWzpyXXZMQ2NzMxai88wuXFVD7etCyZcE/bRrtQf2vZl5dJZftIUamDBgYAnZmy
DfaLTuHk+WcVKc0IVWkpWT8ynb3BRecdohJYlPNA3+x3LE2H3ZM8SHqlrTzWYuGx
QUYnyBqSTNAVmpOZthUaaw13sXFt2gCdcuF9WQvyCJ9+UDV10gZf5fcpXx5T8NIH
XUGg/Ce6nBcygIuZnF1iipq78rdKURdETXKeqBiBibELkhf0pXLnzcxLzwGS34S6
W40krqoXiQkRog==
-----END CERTIFICATE-----