Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
File:                     Gvq72Ih6kieJRewu74JDoSlq33g.mft (raw, json)
Hash identifier:          VR37iNc3EmZnRiDEcRmh40B7yGmAqT1DguSe3VgLnbM=
Subject key identifier:   11:AC:F6:DC:17:ED:C0:AA:13:D1:D8:7A:81:C0:AB:FF:46:EA:F9:5C
Authority key identifier: 1A:FA:BB:D8:88:7A:92:27:89:45:EC:2E:EF:82:43:A1:29:6A:DF:78
Certificate issuer:       /CN=1afabbd8887a92278945ec2eef8243a1296adf78
Certificate serial:       019A71B91F1D503CDD2D8468EA2C48FE228A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
Manifest number:          171C
Signing time:             Tue 11 Nov 2025 07:02:28 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:28 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:28 +0000
Files and hashes:         1: Gvq72Ih6kieJRewu74JDoSlq33g.crl (hash: w37Loh+hsSe89mlWhctcX074krRpNDfaRiUUXWDIF3s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:1f:1d:50:3c:dd:2d:84:68:ea:2c:48:fe:22:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1afabbd8887a92278945ec2eef8243a1296adf78
        Validity
            Not Before: Nov 11 07:02:28 2025 GMT
            Not After : Nov 12 07:02:28 2025 GMT
        Subject: CN=11acf6dc17edc0aa13d1d87a81c0abff46eaf95c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:25:5e:bc:9a:21:4f:d8:25:b4:12:b3:ae:57:
                    18:de:5b:c3:32:77:77:50:21:26:c8:17:b2:a7:27:
                    47:78:70:9c:d6:80:23:0c:90:48:03:d8:8a:a0:39:
                    39:c0:fb:b8:b7:09:eb:97:64:28:98:00:fb:8d:8a:
                    92:8e:92:1d:e8:77:e7:06:dd:de:f9:87:d6:fe:bd:
                    be:44:05:43:6e:4f:d2:e5:51:0e:c9:3c:13:fb:53:
                    93:b7:94:b1:f6:9d:83:cc:0c:64:64:a9:53:a8:fc:
                    ce:3d:73:c3:49:c7:d1:73:26:b6:7f:51:92:c0:80:
                    4f:66:4a:72:03:fa:4f:5f:08:69:3f:e0:0d:37:02:
                    87:fe:74:2c:71:4e:fd:2b:46:de:23:58:43:24:21:
                    d3:06:b2:74:6f:97:ae:e6:6c:03:ae:02:7d:97:88:
                    93:71:66:09:fb:2c:ef:ef:65:c1:90:a3:79:0c:10:
                    6a:8f:9c:4a:41:90:80:c8:04:60:cc:41:33:8b:3a:
                    3b:1d:13:89:20:b4:59:d0:b5:7e:d9:06:70:f0:29:
                    bb:fe:24:05:59:c0:d4:e7:dc:4d:f7:26:0d:10:24:
                    aa:b4:1e:26:82:cd:8e:fb:b4:1e:56:b1:3a:d6:38:
                    f3:67:24:98:2f:81:6b:f8:5f:74:28:77:2a:b4:26:
                    ee:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:AC:F6:DC:17:ED:C0:AA:13:D1:D8:7A:81:C0:AB:FF:46:EA:F9:5C
            X509v3 Authority Key Identifier:
                keyid:1A:FA:BB:D8:88:7A:92:27:89:45:EC:2E:EF:82:43:A1:29:6A:DF:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:a9:29:62:5c:46:24:6c:c7:06:4e:bd:c9:54:14:5b:65:65:
         c5:35:ac:40:79:4b:6f:fc:46:de:99:f9:9f:df:d8:e3:00:e8:
         fa:6a:2c:1d:88:a2:50:0d:fb:3d:34:04:cc:13:27:85:87:44:
         50:c4:42:74:86:1a:8c:2b:74:df:3b:99:42:ab:4a:de:9e:ad:
         ba:04:69:21:5d:95:c5:3f:4d:55:4b:f8:ac:8d:4b:98:71:4c:
         5d:e4:1e:59:08:a0:cd:14:a4:e8:35:80:01:78:25:49:72:f0:
         d3:40:0b:95:d7:da:96:0d:d5:d7:56:03:8c:fb:54:34:e5:da:
         55:2b:98:c2:d8:e2:cd:56:9a:c3:80:29:da:e4:8a:0e:3f:a4:
         a6:ba:0f:e6:c5:17:7d:83:65:33:c0:3f:27:c9:be:14:26:4a:
         35:b4:b8:a6:b1:7f:bb:06:79:18:f4:74:84:1d:24:3b:b7:41:
         c8:dc:39:7a:6f:cd:6d:99:16:db:7f:5b:f6:71:6a:44:f5:3b:
         c8:05:64:03:fb:24:f4:e9:32:0e:99:4d:7d:22:ca:eb:f0:b4:
         e5:81:f9:1d:7f:af:8e:5c:78:04:66:ca:d5:c6:b9:04:e5:5f:
         ca:e4:ca:4b:ba:50:f0:91:57:d5:d1:68:3b:a4:73:57:80:f4:
         dd:c0:4b:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuR8dUDzdLYRo6ixI/iKKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZmFiYmQ4ODg3YTkyMjc4OTQ1ZWMyZWVmODI0M2ExMjk2
YWRmNzgwHhcNMjUxMTExMDcwMjI4WhcNMjUxMTEyMDcwMjI4WjAzMTEwLwYDVQQD
EygxMWFjZjZkYzE3ZWRjMGFhMTNkMWQ4N2E4MWMwYWJmZjQ2ZWFmOTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjiVevJohT9gltBKzrlcY3lvDMnd3
UCEmyBeypydHeHCc1oAjDJBIA9iKoDk5wPu4twnrl2QomAD7jYqSjpId6HfnBt3e
+YfW/r2+RAVDbk/S5VEOyTwT+1OTt5Sx9p2DzAxkZKlTqPzOPXPDScfRcya2f1GS
wIBPZkpyA/pPXwhpP+ANNwKH/nQscU79K0beI1hDJCHTBrJ0b5eu5mwDrgJ9l4iT
cWYJ+yzv72XBkKN5DBBqj5xKQZCAyARgzEEzizo7HROJILRZ0LV+2QZw8Cm7/iQF
WcDU59xN9yYNECSqtB4mgs2O+7QeVrE61jjzZySYL4Fr+F90KHcqtCbuwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBGs9twX7cCqE9HYeoHAq/9G6vlcMB8GA1UdIwQY
MBaAFBr6u9iIepIniUXsLu+CQ6Epat94MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9kZjdhNGMtMjU0OC00MGRkLTkwMGUt
NTE2MDY1YjZjZmE1LzEvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9kZjdhNGMtMjU0OC00MGRkLTkwMGUtNTE2MDY1YjZjZmE1
LzEvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGakpYlxG
JGzHBk69yVQUW2VlxTWsQHlLb/xG3pn5n9/Y4wDo+mosHYiiUA37PTQEzBMnhYdE
UMRCdIYajCt03zuZQqtK3p6tugRpIV2VxT9NVUv4rI1LmHFMXeQeWQigzRSk6DWA
AXglSXLw00ALldfalg3V11YDjPtUNOXaVSuYwtjizVaaw4Ap2uSKDj+kproP5sUX
fYNlM8A/J8m+FCZKNbS4prF/uwZ5GPR0hB0kO7dByNw5em/NbZkW239b9nFqRPU7
yAVkA/sk9OkyDplNfSLK6/C05YH5HX+vjlx4BGbK1ca5BOVfyuTKS7pQ8JFX1dFo
O6RzV4D03cBLsA==
-----END CERTIFICATE-----