Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft
File:                     MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft (raw, json)
Hash identifier:          XjUW9pZN9nc9ahPA448LixijzUyX31+7IzD7E08W7QY=
Subject key identifier:   1D:91:68:E9:C4:00:32:F1:D5:08:4F:8D:C0:22:E2:78:55:AE:85:8C
Authority key identifier: 30:FD:95:CE:80:EA:CE:73:4E:34:0D:DD:72:31:10:FA:52:52:FA:34
Certificate issuer:       /CN=30fd95ce80eace734e340ddd723110fa5252fa34
Certificate serial:       019A71EEA240EBCAADE50D6144A79FD69CCD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MP2VzoDqznNONA3dcjEQ-lJS-jQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft
Manifest number:          171D
Signing time:             Tue 11 Nov 2025 08:00:55 +0000
Manifest this update:     Tue 11 Nov 2025 08:00:55 +0000
Manifest next update:     Wed 12 Nov 2025 08:00:55 +0000
Files and hashes:         1: MP2VzoDqznNONA3dcjEQ-lJS-jQ.crl (hash: B2hMnPss4eY0KUQqskQtDCUzNYG/rLDDfPP1RRf0o60=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MP2VzoDqznNONA3dcjEQ-lJS-jQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 08:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:ee:a2:40:eb:ca:ad:e5:0d:61:44:a7:9f:d6:9c:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30fd95ce80eace734e340ddd723110fa5252fa34
        Validity
            Not Before: Nov 11 08:00:55 2025 GMT
            Not After : Nov 12 08:00:55 2025 GMT
        Subject: CN=1d9168e9c40032f1d5084f8dc022e27855ae858c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:b5:13:44:60:ad:6b:bd:9e:d4:13:da:5f:81:
                    b3:5e:38:39:8e:2a:38:f4:be:ed:9c:41:45:1e:23:
                    97:be:48:06:19:b0:b4:47:45:a3:6b:f0:ab:31:95:
                    25:65:34:9f:aa:37:61:63:fe:53:89:af:1c:12:f6:
                    07:5c:bc:a7:e7:57:ce:fc:01:96:f7:75:09:64:ee:
                    a7:48:c0:01:63:9e:97:89:7d:18:fe:97:ac:ba:65:
                    92:d5:9b:ac:89:f6:52:eb:60:ee:35:35:17:78:88:
                    76:5f:3a:6a:50:36:db:b5:b7:11:cf:1e:e5:b9:64:
                    5a:1d:a6:b8:8b:15:06:64:f2:f2:14:95:fe:3e:dd:
                    64:21:8a:6c:b0:15:93:75:ec:40:bb:20:94:78:00:
                    76:31:bb:cc:74:03:e2:2c:d3:7d:98:d1:32:6f:85:
                    03:a1:6f:6c:80:30:7b:0d:52:21:c2:fd:05:e9:38:
                    d2:20:6d:12:68:3d:2e:85:f0:39:77:b8:d0:a9:41:
                    2d:06:cd:60:27:e1:d9:8b:89:77:d9:59:5e:ad:83:
                    72:b8:d4:96:be:af:0b:c3:e4:45:c2:1a:ee:77:90:
                    b0:82:e0:dd:66:ac:b9:f0:db:2a:04:be:7a:38:25:
                    07:43:4d:7e:e5:10:8f:46:af:51:2a:cf:d7:10:87:
                    a8:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:91:68:E9:C4:00:32:F1:D5:08:4F:8D:C0:22:E2:78:55:AE:85:8C
            X509v3 Authority Key Identifier:
                keyid:30:FD:95:CE:80:EA:CE:73:4E:34:0D:DD:72:31:10:FA:52:52:FA:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MP2VzoDqznNONA3dcjEQ-lJS-jQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:46:fe:70:93:88:8b:7d:43:7b:39:a6:4b:56:45:92:50:09:
         cc:a9:b0:1b:60:e1:29:6b:12:37:66:c5:5b:de:e8:31:07:64:
         52:3f:4b:48:f3:f2:a2:c8:7b:d6:93:3b:db:d8:00:ef:ad:cf:
         79:2d:ca:48:33:11:53:96:26:3b:6a:66:08:9b:e5:70:f0:99:
         54:a2:1e:ed:db:c5:ba:27:9d:44:a9:d7:6a:42:7f:57:26:24:
         f4:c1:8c:d0:ab:8b:a7:bc:d6:e9:f6:9c:86:c9:9e:d4:4b:e5:
         4e:a9:e4:88:99:9e:58:85:5a:0e:4e:f2:93:c8:8c:75:3b:31:
         c4:7e:c3:cb:ad:28:b2:c6:10:e4:23:b8:f5:b6:f5:c0:72:0c:
         97:c9:64:8d:e2:14:a3:cc:71:af:88:7e:5c:80:59:d9:d4:f7:
         3f:46:6a:66:ec:61:0a:b0:fa:b4:63:cd:9d:ab:e8:51:25:4d:
         53:56:44:d0:59:ae:b8:d8:f3:f5:38:f6:3d:32:7a:53:80:87:
         48:31:45:39:fe:6f:8e:42:05:c4:a1:27:da:ae:9a:c9:c9:e5:
         4b:86:29:cf:a7:4e:8a:27:c9:ca:52:b2:61:82:eb:40:46:c2:
         76:be:41:4c:9f:fc:45:33:40:ea:59:7d:c8:ce:79:d8:e1:31:
         cb:b5:72:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7qJA68qt5Q1hRKef1pzNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZmQ5NWNlODBlYWNlNzM0ZTM0MGRkZDcyMzExMGZhNTI1
MmZhMzQwHhcNMjUxMTExMDgwMDU1WhcNMjUxMTEyMDgwMDU1WjAzMTEwLwYDVQQD
EygxZDkxNjhlOWM0MDAzMmYxZDUwODRmOGRjMDIyZTI3ODU1YWU4NThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7UTRGCta72e1BPaX4GzXjg5jio4
9L7tnEFFHiOXvkgGGbC0R0Wja/CrMZUlZTSfqjdhY/5Tia8cEvYHXLyn51fO/AGW
93UJZO6nSMABY56XiX0Y/pesumWS1ZusifZS62DuNTUXeIh2XzpqUDbbtbcRzx7l
uWRaHaa4ixUGZPLyFJX+Pt1kIYpssBWTdexAuyCUeAB2MbvMdAPiLNN9mNEyb4UD
oW9sgDB7DVIhwv0F6TjSIG0SaD0uhfA5d7jQqUEtBs1gJ+HZi4l32VlerYNyuNSW
vq8Lw+RFwhrud5CwguDdZqy58NsqBL56OCUHQ01+5RCPRq9RKs/XEIeo7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB2RaOnEADLx1QhPjcAi4nhVroWMMB8GA1UdIwQY
MBaAFDD9lc6A6s5zTjQN3XIxEPpSUvo0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVAyVnpvRHF6bk5PTkEzZGNqRVEtbEpTLWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS84MjBmMTctMzdiYi00ODY3LWJjODAt
YzdkM2U5NmZkMzViLzEvTVAyVnpvRHF6bk5PTkEzZGNqRVEtbEpTLWpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS84MjBmMTctMzdiYi00ODY3LWJjODAtYzdkM2U5NmZkMzVi
LzEvTVAyVnpvRHF6bk5PTkEzZGNqRVEtbEpTLWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlkb+cJOI
i31DezmmS1ZFklAJzKmwG2DhKWsSN2bFW97oMQdkUj9LSPPyosh71pM729gA763P
eS3KSDMRU5YmO2pmCJvlcPCZVKIe7dvFuiedRKnXakJ/VyYk9MGM0KuLp7zW6fac
hsme1EvlTqnkiJmeWIVaDk7yk8iMdTsxxH7Dy60ossYQ5CO49bb1wHIMl8lkjeIU
o8xxr4h+XIBZ2dT3P0ZqZuxhCrD6tGPNnavoUSVNU1ZE0FmuuNjz9Tj2PTJ6U4CH
SDFFOf5vjkIFxKEn2q6aycnlS4Ypz6dOiifJylKyYYLrQEbCdr5BTJ/8RTNA6ll9
yM552OExy7Vy5A==
-----END CERTIFICATE-----