Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.mft
File:                     qCYCgPNU92LV7fNMisgW4cIHG1k.mft (raw, json)
Hash identifier:          QIK7p5Wm3SDfy6J4Qf0EhPyxB/gX5jKps3OUUqxNm4g=
Subject key identifier:   6C:83:21:CA:90:40:5E:64:87:2C:58:97:1A:D8:74:93:93:65:02:2E
Authority key identifier: A8:26:02:80:F3:54:F7:62:D5:ED:F3:4C:8A:C8:16:E1:C2:07:1B:59
Certificate issuer:       /CN=a8260280f354f762d5edf34c8ac816e1c2071b59
Certificate serial:       019A729365A0A90EB82B2612A05D40DCFDFF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qCYCgPNU92LV7fNMisgW4cIHG1k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.mft
Manifest number:          171D
Signing time:             Tue 11 Nov 2025 11:00:53 +0000
Manifest this update:     Tue 11 Nov 2025 11:00:53 +0000
Manifest next update:     Wed 12 Nov 2025 11:00:53 +0000
Files and hashes:         1: qCYCgPNU92LV7fNMisgW4cIHG1k.crl (hash: 4s2B2j/ezPHf4g0W5JaQErPxtaDoWS2+G7A84DwPD3g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qCYCgPNU92LV7fNMisgW4cIHG1k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:65:a0:a9:0e:b8:2b:26:12:a0:5d:40:dc:fd:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a8260280f354f762d5edf34c8ac816e1c2071b59
        Validity
            Not Before: Nov 11 11:00:53 2025 GMT
            Not After : Nov 12 11:00:53 2025 GMT
        Subject: CN=6c8321ca90405e64872c58971ad874939365022e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:8f:88:67:c0:0a:20:aa:11:5e:1e:d5:02:8d:
                    c1:37:0c:2a:ac:79:12:21:60:f1:54:1d:52:04:76:
                    28:07:40:2f:5b:74:5c:fc:ff:9f:88:4b:41:3c:22:
                    a3:ca:26:1b:c0:4d:88:ad:9a:47:33:36:e7:b2:35:
                    80:38:27:b9:f2:a2:b6:92:8d:91:24:c3:1f:59:16:
                    e8:aa:23:ec:0e:6f:18:23:ab:3f:09:48:42:da:54:
                    0d:e8:3f:83:42:8c:b4:54:46:36:4b:fe:10:de:7e:
                    e5:66:6b:85:5c:61:8d:d9:cb:e1:e3:41:07:4d:bf:
                    fe:7a:da:81:ca:42:94:33:e6:2e:47:a1:ce:49:a9:
                    cd:c8:78:e1:4a:11:50:5e:a0:84:bd:49:50:e9:ff:
                    bb:ba:3c:48:bd:12:a8:5d:f1:d9:ed:32:9a:27:23:
                    84:d7:4d:8f:a9:22:ac:8d:14:32:22:3e:3e:1a:10:
                    49:0b:62:d7:28:21:8f:7a:cf:ec:00:c3:1e:0a:d5:
                    05:20:6c:38:16:35:c9:04:3f:8d:96:44:f1:8c:c6:
                    27:d5:11:b6:30:e8:e9:a7:69:d8:94:80:ef:55:65:
                    36:ba:bb:82:8f:8b:b2:27:ad:92:c0:1c:e1:dd:cd:
                    8a:c2:3f:15:cc:23:a8:76:d2:22:05:21:a4:71:ad:
                    39:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:83:21:CA:90:40:5E:64:87:2C:58:97:1A:D8:74:93:93:65:02:2E
            X509v3 Authority Key Identifier:
                keyid:A8:26:02:80:F3:54:F7:62:D5:ED:F3:4C:8A:C8:16:E1:C2:07:1B:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qCYCgPNU92LV7fNMisgW4cIHG1k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:34:d4:6b:b5:16:95:b8:11:a1:0a:f7:f3:c7:3e:fd:03:3b:
         d3:06:72:f4:87:b1:55:58:c7:f2:44:a3:ce:14:78:64:29:ec:
         31:51:af:04:ba:1e:3e:09:15:e6:e3:5c:9f:f7:1b:b0:dc:2d:
         de:13:1a:42:c4:a2:07:ec:e9:5e:84:7f:a2:b8:ae:4b:77:10:
         e6:28:96:a7:9d:77:d6:40:67:70:38:cb:cd:a7:b5:c7:f3:5c:
         86:4c:6d:ff:e3:bc:1e:fa:90:d4:23:b7:b0:9f:a3:4f:b2:37:
         ab:b7:b2:32:3b:31:fa:a1:52:48:9f:2e:e0:f6:0b:7c:6b:7d:
         1e:35:5b:da:24:6f:06:23:72:ee:d9:28:62:2b:b5:fa:af:20:
         10:95:c5:ff:88:b4:dc:3d:83:3f:f9:2e:e9:da:4c:5f:ba:81:
         de:fc:4a:8e:6e:2d:07:b0:86:08:d0:8c:d9:56:12:86:05:6a:
         39:82:b0:9a:4b:04:f8:c0:61:99:3a:2b:18:0e:c5:ed:65:b3:
         52:3e:dd:f1:a0:a4:e3:8c:d0:e8:93:bb:dd:e9:44:05:be:85:
         da:25:d6:7f:a7:93:d8:a3:b9:85:d6:6c:83:b2:32:74:9c:a4:
         45:28:10:69:66:32:f6:8a:2d:36:2a:84:c3:f8:48:49:64:46:
         10:4f:da:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk2WgqQ64KyYSoF1A3P3/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MjYwMjgwZjM1NGY3NjJkNWVkZjM0YzhhYzgxNmUxYzIw
NzFiNTkwHhcNMjUxMTExMTEwMDUzWhcNMjUxMTEyMTEwMDUzWjAzMTEwLwYDVQQD
Eyg2YzgzMjFjYTkwNDA1ZTY0ODcyYzU4OTcxYWQ4NzQ5MzkzNjUwMjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhI+IZ8AKIKoRXh7VAo3BNwwqrHkS
IWDxVB1SBHYoB0AvW3Rc/P+fiEtBPCKjyiYbwE2IrZpHMzbnsjWAOCe58qK2ko2R
JMMfWRboqiPsDm8YI6s/CUhC2lQN6D+DQoy0VEY2S/4Q3n7lZmuFXGGN2cvh40EH
Tb/+etqBykKUM+YuR6HOSanNyHjhShFQXqCEvUlQ6f+7ujxIvRKoXfHZ7TKaJyOE
102PqSKsjRQyIj4+GhBJC2LXKCGPes/sAMMeCtUFIGw4FjXJBD+NlkTxjMYn1RG2
MOjpp2nYlIDvVWU2uruCj4uyJ62SwBzh3c2Kwj8VzCOodtIiBSGkca05cQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGyDIcqQQF5khyxYlxrYdJOTZQIuMB8GA1UdIwQY
MBaAFKgmAoDzVPdi1e3zTIrIFuHCBxtZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUNZQ2dQTlU5MkxWN2ZOTWlzZ1c0Y0lIRzFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9hMzAzZmQtMzZhNi00MzhkLTk2ZGEt
MTgzYTQ3YTQ1YjJhLzEvcUNZQ2dQTlU5MkxWN2ZOTWlzZ1c0Y0lIRzFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9hMzAzZmQtMzZhNi00MzhkLTk2ZGEtMTgzYTQ3YTQ1YjJh
LzEvcUNZQ2dQTlU5MkxWN2ZOTWlzZ1c0Y0lIRzFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfTTUa7UW
lbgRoQr388c+/QM70wZy9IexVVjH8kSjzhR4ZCnsMVGvBLoePgkV5uNcn/cbsNwt
3hMaQsSiB+zpXoR/oriuS3cQ5iiWp5131kBncDjLzae1x/Nchkxt/+O8HvqQ1CO3
sJ+jT7I3q7eyMjsx+qFSSJ8u4PYLfGt9HjVb2iRvBiNy7tkoYiu1+q8gEJXF/4i0
3D2DP/ku6dpMX7qB3vxKjm4tB7CGCNCM2VYShgVqOYKwmksE+MBhmTorGA7F7WWz
Uj7d8aCk44zQ6JO73elEBb6F2iXWf6eT2KO5hdZsg7IydJykRSgQaWYy9ootNiqE
w/hISWRGEE/ajg==
-----END CERTIFICATE-----