Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/a32c29-4087-4f87-89d9-9e4d1376ba31/1/sTFfExaKIog9oEuECAZgc7Hz8Nw.mft
File:                     sTFfExaKIog9oEuECAZgc7Hz8Nw.mft (raw, json)
Hash identifier:          gQVUbIeWNLPfO+vH8O0HyNuFAwU7CQu7sdiioSYApP4=
Subject key identifier:   A3:5F:67:90:EF:3E:B9:95:20:4C:6D:AD:36:F0:12:12:6C:E4:2E:28
Authority key identifier: B1:31:5F:13:16:8A:22:88:3D:A0:4B:84:08:06:60:73:B1:F3:F0:DC
Certificate issuer:       /CN=b1315f13168a22883da04b8408066073b1f3f0dc
Certificate serial:       019A71B8F60F2CDDC2DC3BC98224FD7B558A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sTFfExaKIog9oEuECAZgc7Hz8Nw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/a32c29-4087-4f87-89d9-9e4d1376ba31/1/sTFfExaKIog9oEuECAZgc7Hz8Nw.mft
Manifest number:          171C
Signing time:             Tue 11 Nov 2025 07:02:18 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:18 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:18 +0000
Files and hashes:         1: sTFfExaKIog9oEuECAZgc7Hz8Nw.crl (hash: CF8KIGfWtvhABDKm/WdcM09WqYMYX9xdjsSWhssBQ2c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/a32c29-4087-4f87-89d9-9e4d1376ba31/1/sTFfExaKIog9oEuECAZgc7Hz8Nw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/a32c29-4087-4f87-89d9-9e4d1376ba31/1/sTFfExaKIog9oEuECAZgc7Hz8Nw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sTFfExaKIog9oEuECAZgc7Hz8Nw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:f6:0f:2c:dd:c2:dc:3b:c9:82:24:fd:7b:55:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1315f13168a22883da04b8408066073b1f3f0dc
        Validity
            Not Before: Nov 11 07:02:18 2025 GMT
            Not After : Nov 12 07:02:18 2025 GMT
        Subject: CN=a35f6790ef3eb995204c6dad36f012126ce42e28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:a3:c1:c4:26:0e:18:c1:b9:de:44:a5:4d:fd:
                    58:70:01:c4:5b:4c:e6:02:2b:c3:0c:f1:2d:8a:60:
                    a3:ed:a2:a4:cc:45:c0:cb:2b:54:85:b8:90:bd:cd:
                    3d:1e:03:61:89:40:3f:e1:62:d4:b8:c5:98:b3:a6:
                    c2:00:08:4c:67:51:b0:63:25:1e:c2:21:ba:dd:c0:
                    0a:34:39:58:b7:2c:de:98:bd:a4:ea:2c:8a:d6:06:
                    15:c3:e7:2e:6f:2a:26:6a:19:fc:cd:31:a0:01:83:
                    17:a1:cd:30:21:b5:ed:f4:cd:59:1b:76:d3:36:1a:
                    70:33:ca:69:1e:7b:7b:a5:38:cb:66:11:6f:a5:ce:
                    14:17:de:07:1a:97:8b:bf:f9:45:ab:9a:4f:52:82:
                    d5:dd:5c:c2:aa:86:d7:2b:94:42:82:de:de:e7:f4:
                    7b:85:a5:7e:68:db:2a:ff:10:18:e4:7f:12:59:ee:
                    b7:36:ad:ef:1b:b1:1c:a1:e8:8e:ca:7f:dd:3f:b7:
                    00:b8:41:03:ac:a5:fb:da:18:bc:cd:fe:86:d2:5f:
                    60:d5:76:d1:e5:91:8c:ce:dd:bf:3e:52:9d:7e:27:
                    44:01:24:47:00:f6:de:73:da:83:8c:03:8f:68:4f:
                    b0:13:e7:a5:59:d0:d3:a9:4f:1a:74:f9:99:e4:40:
                    3c:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:5F:67:90:EF:3E:B9:95:20:4C:6D:AD:36:F0:12:12:6C:E4:2E:28
            X509v3 Authority Key Identifier:
                keyid:B1:31:5F:13:16:8A:22:88:3D:A0:4B:84:08:06:60:73:B1:F3:F0:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sTFfExaKIog9oEuECAZgc7Hz8Nw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/a32c29-4087-4f87-89d9-9e4d1376ba31/1/sTFfExaKIog9oEuECAZgc7Hz8Nw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/a32c29-4087-4f87-89d9-9e4d1376ba31/1/sTFfExaKIog9oEuECAZgc7Hz8Nw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:16:5c:b9:eb:f6:68:51:63:05:1f:69:b2:1b:96:cc:73:22:
         bf:b0:9d:16:01:af:e3:cb:59:c8:84:e3:b0:ca:23:e0:92:85:
         96:7b:ce:3d:35:38:05:71:14:aa:08:9a:db:a9:04:8f:2d:27:
         8a:69:f5:e7:ed:c2:6a:57:cf:02:ef:0c:f3:17:a2:6d:d8:13:
         b8:94:d4:85:b0:3e:9e:c7:2b:d9:f6:98:84:d5:b7:b1:b5:aa:
         52:7e:d9:20:a6:fb:2a:0e:61:15:91:26:47:bb:de:80:94:d9:
         52:ab:cd:93:44:a7:a3:0d:a6:a9:f4:31:c3:ac:99:d1:00:3b:
         1a:f6:f0:5e:e2:b9:66:c2:27:9d:e2:d0:27:50:e0:17:8e:37:
         95:f6:97:07:52:68:ed:7c:d6:86:d3:07:c7:33:b1:86:18:57:
         ab:b1:87:5e:cf:a2:b8:0a:b5:66:6e:5e:9f:12:88:1b:cf:29:
         e9:8f:ce:e4:7c:8b:af:c7:f8:e7:f0:ad:6c:78:ad:3f:60:d3:
         77:e4:2d:e2:f4:29:25:d7:db:fd:42:91:8d:f6:34:1a:63:33:
         27:af:03:8b:bb:49:70:8f:3f:43:4f:de:f8:27:a5:52:9a:23:
         66:71:f4:3b:3e:72:03:f1:39:5a:02:02:da:82:5b:66:dc:d4:
         15:a3:12:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuPYPLN3C3DvJgiT9e1WKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMzE1ZjEzMTY4YTIyODgzZGEwNGI4NDA4MDY2MDczYjFm
M2YwZGMwHhcNMjUxMTExMDcwMjE4WhcNMjUxMTEyMDcwMjE4WjAzMTEwLwYDVQQD
EyhhMzVmNjc5MGVmM2ViOTk1MjA0YzZkYWQzNmYwMTIxMjZjZTQyZTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6PBxCYOGMG53kSlTf1YcAHEW0zm
AivDDPEtimCj7aKkzEXAyytUhbiQvc09HgNhiUA/4WLUuMWYs6bCAAhMZ1GwYyUe
wiG63cAKNDlYtyzemL2k6iyK1gYVw+cubyomahn8zTGgAYMXoc0wIbXt9M1ZG3bT
NhpwM8ppHnt7pTjLZhFvpc4UF94HGpeLv/lFq5pPUoLV3VzCqobXK5RCgt7e5/R7
haV+aNsq/xAY5H8SWe63Nq3vG7EcoeiOyn/dP7cAuEEDrKX72hi8zf6G0l9g1XbR
5ZGMzt2/PlKdfidEASRHAPbec9qDjAOPaE+wE+elWdDTqU8adPmZ5EA8CwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKNfZ5DvPrmVIExtrTbwEhJs5C4oMB8GA1UdIwQY
MBaAFLExXxMWiiKIPaBLhAgGYHOx8/DcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1RGZkV4YUtJb2c5b0V1RUNBWmdjN0h6OE53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9hMzJjMjktNDA4Ny00Zjg3LTg5ZDkt
OWU0ZDEzNzZiYTMxLzEvc1RGZkV4YUtJb2c5b0V1RUNBWmdjN0h6OE53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9hMzJjMjktNDA4Ny00Zjg3LTg5ZDktOWU0ZDEzNzZiYTMx
LzEvc1RGZkV4YUtJb2c5b0V1RUNBWmdjN0h6OE53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjRZcuev2
aFFjBR9pshuWzHMiv7CdFgGv48tZyITjsMoj4JKFlnvOPTU4BXEUqgia26kEjy0n
imn15+3CalfPAu8M8xeibdgTuJTUhbA+nscr2faYhNW3sbWqUn7ZIKb7Kg5hFZEm
R7vegJTZUqvNk0Snow2mqfQxw6yZ0QA7GvbwXuK5ZsInneLQJ1DgF443lfaXB1Jo
7XzWhtMHxzOxhhhXq7GHXs+iuAq1Zm5enxKIG88p6Y/O5HyLr8f45/CtbHitP2DT
d+Qt4vQpJdfb/UKRjfY0GmMzJ68Di7tJcI8/Q0/e+CelUpojZnH0Oz5yA/E5WgIC
2oJbZtzUFaMSHg==
-----END CERTIFICATE-----