Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft
File:                     ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft (raw, json)
Hash identifier:          ksAbF5XkXT1TRboHgm89PtQsY6g1PQoJn334qiIIf7A=
Subject key identifier:   A6:91:FE:EA:AC:93:1F:81:64:1C:60:2C:65:4B:71:2A:ED:88:17:A7
Authority key identifier: 72:24:D6:F0:72:52:1A:D6:EB:3D:02:9B:18:9F:42:D2:40:A9:15:30
Certificate issuer:       /CN=7224d6f072521ad6eb3d029b189f42d240a91530
Certificate serial:       019A725CD139DE3F2E1D5CBFFA0A28383F4F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 10:01:16 +0000
Manifest this update:     Tue 11 Nov 2025 10:01:16 +0000
Manifest next update:     Wed 12 Nov 2025 10:01:16 +0000
Files and hashes:         1: ciTW8HJSGtbrPQKbGJ9C0kCpFTA.crl (hash: Udzvb9dHXbxgUR1oz40dlMfv4OXZB2D4J+C9X8DMsDo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:d1:39:de:3f:2e:1d:5c:bf:fa:0a:28:38:3f:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7224d6f072521ad6eb3d029b189f42d240a91530
        Validity
            Not Before: Nov 11 10:01:16 2025 GMT
            Not After : Nov 12 10:01:16 2025 GMT
        Subject: CN=a691feeaac931f81641c602c654b712aed8817a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:ff:53:45:01:13:6b:0a:bb:d7:f0:13:18:4c:
                    b7:60:bb:3c:51:86:f6:a8:8c:3f:68:26:59:43:80:
                    7b:a7:55:6b:b9:38:3b:e8:c5:2e:1f:1b:7a:3b:e0:
                    0c:33:72:e2:79:76:f2:c7:16:5c:0f:7a:d1:01:58:
                    4b:fa:a2:b1:83:f6:ee:39:c9:bc:fd:e1:91:e0:42:
                    e0:44:2d:80:05:fd:f7:3d:af:a9:87:55:e6:2e:3f:
                    23:51:9b:21:d8:cb:7d:1e:18:b2:92:c9:88:2e:cd:
                    6f:f9:50:3f:31:b9:78:63:73:53:ec:51:49:c5:97:
                    8e:05:e2:8e:4c:7a:15:08:8b:21:72:d1:d3:7d:85:
                    71:c2:86:d3:03:fb:f8:8c:51:bb:a6:5a:57:82:6b:
                    a0:5e:36:83:2d:e7:c5:3f:ad:98:de:8f:f9:59:aa:
                    fd:22:ce:88:fc:88:f1:91:18:71:59:b4:f4:da:15:
                    6e:e9:a1:4e:fc:57:15:80:d8:ca:7c:96:3c:ce:ae:
                    89:35:58:71:51:cd:c1:79:48:a7:ec:76:e9:16:3b:
                    2a:f5:4d:58:a8:51:a8:3e:bc:72:3d:82:16:bb:4b:
                    06:44:e5:d5:2a:49:02:89:e4:05:b5:ff:1b:44:2f:
                    ec:aa:e4:fc:64:a1:e8:5f:93:8c:8d:71:5b:97:e5:
                    f5:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:91:FE:EA:AC:93:1F:81:64:1C:60:2C:65:4B:71:2A:ED:88:17:A7
            X509v3 Authority Key Identifier:
                keyid:72:24:D6:F0:72:52:1A:D6:EB:3D:02:9B:18:9F:42:D2:40:A9:15:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:df:81:05:41:ac:d9:04:19:27:f2:42:03:de:88:a8:6c:a6:
         03:c4:20:25:ca:12:f9:84:c7:f5:a9:b6:3b:93:03:59:fc:16:
         d3:2d:dc:56:57:b6:b7:11:c7:91:14:b8:78:6d:f5:63:e2:21:
         e4:65:42:fe:19:4d:fa:fe:f4:31:e1:73:d9:47:38:a6:89:68:
         05:79:7e:03:68:9c:fd:e8:23:57:b6:42:b1:41:8b:ec:0b:d7:
         05:e8:29:10:46:02:d6:e0:1e:98:b8:5b:9d:e2:05:04:f4:c4:
         d1:71:cc:7a:9d:9b:1a:c1:b1:c5:38:d8:50:19:53:d8:3b:45:
         9b:42:37:51:bf:23:66:00:97:00:1d:1a:b2:d7:8f:5e:32:0e:
         dd:1b:d0:ee:5b:32:32:db:30:46:0f:6b:11:35:4f:2d:0b:3a:
         fb:70:b1:b1:e8:09:ac:08:e5:9f:82:e0:f5:5b:46:c1:d0:de:
         23:09:b1:9d:71:c1:75:c3:8a:fa:e7:97:58:34:b5:85:be:d5:
         81:03:bf:0c:f6:1c:25:e2:26:6f:4b:06:e1:0e:3e:cf:1a:76:
         a3:80:b8:82:df:9f:5a:8a:86:ff:e1:8f:4b:7e:15:a4:24:4f:
         7d:ca:fd:6d:82:a8:2b:32:b4:87:e8:f6:80:8f:d8:f0:74:f8:
         f9:ed:5b:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXNE53j8uHVy/+gooOD9PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMjRkNmYwNzI1MjFhZDZlYjNkMDI5YjE4OWY0MmQyNDBh
OTE1MzAwHhcNMjUxMTExMTAwMTE2WhcNMjUxMTEyMTAwMTE2WjAzMTEwLwYDVQQD
EyhhNjkxZmVlYWFjOTMxZjgxNjQxYzYwMmM2NTRiNzEyYWVkODgxN2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/9TRQETawq71/ATGEy3YLs8UYb2
qIw/aCZZQ4B7p1VruTg76MUuHxt6O+AMM3LieXbyxxZcD3rRAVhL+qKxg/buOcm8
/eGR4ELgRC2ABf33Pa+ph1XmLj8jUZsh2Mt9HhiyksmILs1v+VA/Mbl4Y3NT7FFJ
xZeOBeKOTHoVCIshctHTfYVxwobTA/v4jFG7plpXgmugXjaDLefFP62Y3o/5War9
Is6I/IjxkRhxWbT02hVu6aFO/FcVgNjKfJY8zq6JNVhxUc3BeUin7HbpFjsq9U1Y
qFGoPrxyPYIWu0sGROXVKkkCieQFtf8bRC/squT8ZKHoX5OMjXFbl+X1wQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKaR/uqskx+BZBxgLGVLcSrtiBenMB8GA1UdIwQY
MBaAFHIk1vByUhrW6z0CmxifQtJAqRUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lUVzhISlNHdGJyUFFLYkdKOUMwa0NwRlRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS80M2YyZDAtNTFlYi00NWM1LWJiYmUt
OWMxMzcwZGE5MzllLzEvY2lUVzhISlNHdGJyUFFLYkdKOUMwa0NwRlRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS80M2YyZDAtNTFlYi00NWM1LWJiYmUtOWMxMzcwZGE5Mzll
LzEvY2lUVzhISlNHdGJyUFFLYkdKOUMwa0NwRlRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc9+BBUGs
2QQZJ/JCA96IqGymA8QgJcoS+YTH9am2O5MDWfwW0y3cVle2txHHkRS4eG31Y+Ih
5GVC/hlN+v70MeFz2Uc4poloBXl+A2ic/egjV7ZCsUGL7AvXBegpEEYC1uAemLhb
neIFBPTE0XHMep2bGsGxxTjYUBlT2DtFm0I3Ub8jZgCXAB0astePXjIO3RvQ7lsy
MtswRg9rETVPLQs6+3CxsegJrAjln4Lg9VtGwdDeIwmxnXHBdcOK+ueXWDS1hb7V
gQO/DPYcJeImb0sG4Q4+zxp2o4C4gt+fWoqG/+GPS34VpCRPfcr9bYKoKzK0h+j2
gI/Y8HT4+e1bcA==
-----END CERTIFICATE-----