Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/497125-61fb-42e8-ac49-61673a477543/1/9z1njq7ZSnm3Qt1DveP1TynbMVI.mft
File:                     9z1njq7ZSnm3Qt1DveP1TynbMVI.mft (raw, json)
Hash identifier:          2HtMp2bovFYkg+DGW0XUq2F9zWJFfQ9FmOA2wF4pBgA=
Subject key identifier:   B0:59:04:E9:58:16:27:17:31:F3:17:C1:BC:1B:28:2F:75:FA:E6:D6
Authority key identifier: F7:3D:67:8E:AE:D9:4A:79:B7:42:DD:43:BD:E3:F5:4F:29:DB:31:52
Certificate issuer:       /CN=f73d678eaed94a79b742dd43bde3f54f29db3152
Certificate serial:       019A71EEA372CCD33C7A181D30A8D8FE9E8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9z1njq7ZSnm3Qt1DveP1TynbMVI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/497125-61fb-42e8-ac49-61673a477543/1/9z1njq7ZSnm3Qt1DveP1TynbMVI.mft
Manifest number:          0119
Signing time:             Tue 11 Nov 2025 08:00:56 +0000
Manifest this update:     Tue 11 Nov 2025 08:00:56 +0000
Manifest next update:     Wed 12 Nov 2025 08:00:56 +0000
Files and hashes:         1: 9z1njq7ZSnm3Qt1DveP1TynbMVI.crl (hash: G/PbIVPZQVA1kUypeiUOQ14U7x4lDIe66CJ1hT5QNUM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/497125-61fb-42e8-ac49-61673a477543/1/9z1njq7ZSnm3Qt1DveP1TynbMVI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/497125-61fb-42e8-ac49-61673a477543/1/9z1njq7ZSnm3Qt1DveP1TynbMVI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9z1njq7ZSnm3Qt1DveP1TynbMVI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 08:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:ee:a3:72:cc:d3:3c:7a:18:1d:30:a8:d8:fe:9e:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f73d678eaed94a79b742dd43bde3f54f29db3152
        Validity
            Not Before: Nov 11 08:00:56 2025 GMT
            Not After : Nov 12 08:00:56 2025 GMT
        Subject: CN=b05904e95816271731f317c1bc1b282f75fae6d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:b1:15:d4:ea:93:fc:68:36:21:ba:64:fe:58:
                    4c:37:41:e4:8f:40:a7:c8:20:c8:9b:37:0e:51:c6:
                    e9:09:29:a5:73:c1:b7:2b:81:9f:54:d9:7c:24:52:
                    2f:6e:f9:b9:cb:32:a1:9c:7a:fc:bb:a6:97:16:6c:
                    30:e9:5d:8b:c3:ae:fb:ec:7f:a5:3f:4a:80:ae:e5:
                    33:54:9d:c5:ec:cb:30:40:d4:17:d0:58:9c:8c:1a:
                    39:cd:8d:6e:48:c6:4b:01:59:4d:43:38:ed:94:ed:
                    95:8d:bc:2c:8f:a9:e1:e6:b8:0e:92:1f:ed:41:b8:
                    e2:15:14:77:b5:51:2a:cd:47:68:15:39:98:a5:94:
                    8a:f0:ee:4b:63:95:ec:72:bd:c7:52:a5:1e:1a:78:
                    0e:f4:60:61:84:d3:82:60:aa:3b:3d:27:1b:b1:76:
                    a3:06:c0:f9:f6:f2:9d:f8:62:9d:ef:eb:53:7f:74:
                    25:1f:4d:8b:0b:66:44:20:48:e6:3f:e0:bb:56:95:
                    03:1d:e0:ff:67:0b:67:7b:f1:54:45:d5:3e:46:12:
                    92:09:ed:b3:3d:f2:66:e2:59:de:39:0e:62:3c:45:
                    d3:16:4b:14:59:fa:c4:03:ee:d9:5f:6a:aa:f8:19:
                    14:f2:e9:a2:3d:40:61:3a:0b:8a:06:67:81:e4:c8:
                    bc:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:59:04:E9:58:16:27:17:31:F3:17:C1:BC:1B:28:2F:75:FA:E6:D6
            X509v3 Authority Key Identifier:
                keyid:F7:3D:67:8E:AE:D9:4A:79:B7:42:DD:43:BD:E3:F5:4F:29:DB:31:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9z1njq7ZSnm3Qt1DveP1TynbMVI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/497125-61fb-42e8-ac49-61673a477543/1/9z1njq7ZSnm3Qt1DveP1TynbMVI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/497125-61fb-42e8-ac49-61673a477543/1/9z1njq7ZSnm3Qt1DveP1TynbMVI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:93:64:93:b8:6b:cb:da:f5:b3:3c:83:c1:fb:bd:fb:54:d2:
         50:2d:a9:38:06:3e:42:f2:73:1b:ff:70:25:63:27:f5:26:e3:
         aa:6e:38:dc:af:c1:2f:c2:e1:7d:e4:a4:5e:60:8e:1c:da:0f:
         60:c1:94:d9:16:2b:ae:9a:48:f8:8e:e5:8f:67:87:70:7d:b6:
         99:af:c0:ca:ab:74:be:bb:96:df:c7:84:8b:47:28:88:d1:64:
         86:eb:6d:22:c2:78:68:28:a1:81:4d:7a:6d:10:60:b2:88:6d:
         e1:71:90:77:13:65:26:5c:ee:7c:1a:d5:74:7d:99:ec:46:c3:
         9a:2f:3b:fd:5f:5f:5c:d9:fb:b9:f6:b0:8c:12:9b:84:66:c2:
         04:9c:5b:2d:cc:aa:f0:63:7f:a6:cd:a6:32:17:02:93:58:e4:
         2a:8c:49:bc:7b:24:88:06:30:b9:05:11:b4:b3:ec:2d:c2:b9:
         69:b8:62:34:e3:0b:2a:5d:76:7b:18:af:e5:81:dc:b0:2b:14:
         9b:bf:35:13:3c:01:f5:a7:40:f0:f1:50:2f:46:21:18:7c:72:
         71:db:51:eb:00:cf:63:da:53:8d:c7:80:b9:05:a5:77:9e:fb:
         4d:cf:11:00:24:21:15:22:99:3d:16:01:2e:0f:1e:6d:81:bd:
         82:19:82:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7qNyzNM8ehgdMKjY/p6NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3M2Q2NzhlYWVkOTRhNzliNzQyZGQ0M2JkZTNmNTRmMjlk
YjMxNTIwHhcNMjUxMTExMDgwMDU2WhcNMjUxMTEyMDgwMDU2WjAzMTEwLwYDVQQD
EyhiMDU5MDRlOTU4MTYyNzE3MzFmMzE3YzFiYzFiMjgyZjc1ZmFlNmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbEV1OqT/Gg2Ibpk/lhMN0Hkj0Cn
yCDImzcOUcbpCSmlc8G3K4GfVNl8JFIvbvm5yzKhnHr8u6aXFmww6V2Lw6777H+l
P0qAruUzVJ3F7MswQNQX0FicjBo5zY1uSMZLAVlNQzjtlO2Vjbwsj6nh5rgOkh/t
QbjiFRR3tVEqzUdoFTmYpZSK8O5LY5Xscr3HUqUeGngO9GBhhNOCYKo7PScbsXaj
BsD59vKd+GKd7+tTf3QlH02LC2ZEIEjmP+C7VpUDHeD/Zwtne/FURdU+RhKSCe2z
PfJm4lneOQ5iPEXTFksUWfrEA+7ZX2qq+BkU8umiPUBhOguKBmeB5Mi89QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLBZBOlYFicXMfMXwbwbKC91+ubWMB8GA1UdIwQY
MBaAFPc9Z46u2Up5t0LdQ73j9U8p2zFSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXoxbmpxN1pTbm0zUXQxRHZlUDFUeW5iTVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi80OTcxMjUtNjFmYi00MmU4LWFjNDkt
NjE2NzNhNDc3NTQzLzEvOXoxbmpxN1pTbm0zUXQxRHZlUDFUeW5iTVZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi80OTcxMjUtNjFmYi00MmU4LWFjNDktNjE2NzNhNDc3NTQz
LzEvOXoxbmpxN1pTbm0zUXQxRHZlUDFUeW5iTVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfpNkk7hr
y9r1szyDwfu9+1TSUC2pOAY+QvJzG/9wJWMn9Sbjqm443K/BL8LhfeSkXmCOHNoP
YMGU2RYrrppI+I7lj2eHcH22ma/Ayqt0vruW38eEi0coiNFkhuttIsJ4aCihgU16
bRBgsoht4XGQdxNlJlzufBrVdH2Z7EbDmi87/V9fXNn7ufawjBKbhGbCBJxbLcyq
8GN/ps2mMhcCk1jkKoxJvHskiAYwuQURtLPsLcK5abhiNOMLKl12exiv5YHcsCsU
m781EzwB9adA8PFQL0YhGHxycdtR6wDPY9pTjceAuQWld577Tc8RACQhFSKZPRYB
Lg8ebYG9ghmCGg==
-----END CERTIFICATE-----