Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/5a6aad-a4c7-43b9-8a9e-8d7b736a695c/1/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.mft
File:                     Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.mft (raw, json)
Hash identifier:          HRt+bBiQ5CMCikiRlsqglh7C1/ilD4etjud2gsOA08s=
Subject key identifier:   87:C4:1F:4E:9D:D8:FC:EE:70:79:8A:AB:67:08:08:FB:64:40:D3:45
Authority key identifier: 4B:17:7C:45:0D:20:35:06:7B:AA:26:92:0B:8A:4B:D3:6C:7B:33:14
Certificate issuer:       /CN=4b177c450d2035067baa26920b8a4bd36c7b3314
Certificate serial:       019A71B94E76F1F44DBE8A28971FFEB794C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/5a6aad-a4c7-43b9-8a9e-8d7b736a695c/1/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.mft
Manifest number:          0E31
Signing time:             Tue 11 Nov 2025 07:02:40 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:40 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:40 +0000
Files and hashes:         1: Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.crl (hash: j5jw1MpnfsGkH3UmdsVGoaH5ZaWqzjqhvslwaEdVov8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/5a6aad-a4c7-43b9-8a9e-8d7b736a695c/1/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/5a6aad-a4c7-43b9-8a9e-8d7b736a695c/1/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:4e:76:f1:f4:4d:be:8a:28:97:1f:fe:b7:94:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b177c450d2035067baa26920b8a4bd36c7b3314
        Validity
            Not Before: Nov 11 07:02:40 2025 GMT
            Not After : Nov 12 07:02:40 2025 GMT
        Subject: CN=87c41f4e9dd8fcee70798aab670808fb6440d345
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:d8:c8:a2:f6:84:31:8b:f3:cd:5d:7a:0a:d6:
                    30:dc:7c:23:df:59:d4:55:fc:34:f0:d4:2c:8a:de:
                    07:51:f4:ba:0f:17:f6:76:5a:19:54:5b:90:dd:93:
                    fe:08:bb:d2:cc:71:bc:b9:c8:8f:73:b2:21:f0:60:
                    79:69:fc:82:6f:e6:2f:68:94:28:fd:79:0f:b6:6f:
                    d6:68:35:70:99:ac:54:1b:eb:6a:7e:0f:61:7d:82:
                    f9:80:72:2b:b7:87:d7:5c:d4:54:bd:32:b9:8c:7d:
                    d4:7a:7b:21:88:8d:b5:3d:2e:bb:98:ee:bf:e0:cd:
                    65:c8:ab:15:81:5f:42:fc:ad:46:7e:32:51:6e:66:
                    3b:67:e1:4b:ee:ef:4d:f1:59:2c:3e:4a:96:06:1f:
                    68:34:d9:6f:60:76:2a:90:f6:11:e4:13:3b:1a:f2:
                    a6:aa:ac:d3:8f:dc:73:b9:62:a0:12:e5:bf:65:2e:
                    b8:22:1b:41:c5:e0:c2:87:6c:4d:e1:1e:44:3a:c2:
                    90:5d:d3:19:a5:60:12:09:64:eb:95:05:83:cd:f3:
                    0f:d7:91:5e:13:2e:6b:5d:ae:44:c8:19:1c:d1:81:
                    29:26:6a:01:b9:90:25:a8:6d:07:94:8e:1a:a4:20:
                    d6:82:17:b5:04:c5:b5:08:74:2c:64:e4:e9:6a:32:
                    9c:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:C4:1F:4E:9D:D8:FC:EE:70:79:8A:AB:67:08:08:FB:64:40:D3:45
            X509v3 Authority Key Identifier:
                keyid:4B:17:7C:45:0D:20:35:06:7B:AA:26:92:0B:8A:4B:D3:6C:7B:33:14

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/5a6aad-a4c7-43b9-8a9e-8d7b736a695c/1/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/5a6aad-a4c7-43b9-8a9e-8d7b736a695c/1/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:73:d8:d2:94:6e:f8:40:fe:0c:7c:e1:3d:4e:41:b3:d1:24:
         73:f0:1f:e2:5e:ed:e8:45:f5:08:4d:50:9b:68:c7:0d:78:df:
         ae:bc:40:59:73:87:b7:69:d0:c4:3e:02:79:49:ee:90:ca:e2:
         8d:de:6c:2d:0b:30:ce:23:e4:67:9a:d2:f7:1f:2c:69:39:d9:
         2e:4a:94:a2:d9:01:30:91:a7:f0:3b:2b:25:2a:c7:b4:8e:d7:
         6c:a6:3d:9b:3f:d3:62:36:81:4d:3c:f5:b7:4d:da:57:62:a9:
         42:09:45:47:cf:d0:c3:99:7c:d0:5c:8f:45:d8:b6:df:57:2e:
         19:47:d7:63:d2:cf:b5:1e:70:e1:40:53:ea:2b:de:37:64:a4:
         d7:db:09:9e:54:54:7b:5c:22:af:97:74:e4:35:ac:e1:df:43:
         00:d7:aa:c8:aa:2b:c1:d8:e3:ff:49:81:82:c6:84:7c:a3:b5:
         ca:49:63:f4:b2:50:85:da:98:34:8e:f0:7d:33:94:88:e0:08:
         d6:e8:87:0e:1f:b0:08:52:6f:e4:b5:98:dc:5e:98:b5:9d:e8:
         12:b5:c9:d7:6c:21:95:6f:cb:96:1a:1b:bd:d9:bd:33:67:82:
         0f:83:2d:2b:70:c8:b4:43:8e:82:5d:81:94:bd:e0:5e:c4:68:
         2c:68:91:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuU528fRNvooolx/+t5TEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiMTc3YzQ1MGQyMDM1MDY3YmFhMjY5MjBiOGE0YmQzNmM3
YjMzMTQwHhcNMjUxMTExMDcwMjQwWhcNMjUxMTEyMDcwMjQwWjAzMTEwLwYDVQQD
Eyg4N2M0MWY0ZTlkZDhmY2VlNzA3OThhYWI2NzA4MDhmYjY0NDBkMzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9jIovaEMYvzzV16CtYw3Hwj31nU
Vfw08NQsit4HUfS6Dxf2dloZVFuQ3ZP+CLvSzHG8uciPc7Ih8GB5afyCb+YvaJQo
/XkPtm/WaDVwmaxUG+tqfg9hfYL5gHIrt4fXXNRUvTK5jH3UenshiI21PS67mO6/
4M1lyKsVgV9C/K1GfjJRbmY7Z+FL7u9N8VksPkqWBh9oNNlvYHYqkPYR5BM7GvKm
qqzTj9xzuWKgEuW/ZS64IhtBxeDCh2xN4R5EOsKQXdMZpWASCWTrlQWDzfMP15Fe
Ey5rXa5EyBkc0YEpJmoBuZAlqG0HlI4apCDWghe1BMW1CHQsZOTpajKcBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIfEH06d2PzucHmKq2cICPtkQNNFMB8GA1UdIwQY
MBaAFEsXfEUNIDUGe6omkguKS9NsezMUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3hkOFJRMGdOUVo3cWlhU0M0cEwwMng3TXhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS81YTZhYWQtYTRjNy00M2I5LThhOWUt
OGQ3YjczNmE2OTVjLzEvU3hkOFJRMGdOUVo3cWlhU0M0cEwwMng3TXhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS81YTZhYWQtYTRjNy00M2I5LThhOWUtOGQ3YjczNmE2OTVj
LzEvU3hkOFJRMGdOUVo3cWlhU0M0cEwwMng3TXhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXXPY0pRu
+ED+DHzhPU5Bs9Ekc/Af4l7t6EX1CE1Qm2jHDXjfrrxAWXOHt2nQxD4CeUnukMri
jd5sLQswziPkZ5rS9x8saTnZLkqUotkBMJGn8DsrJSrHtI7XbKY9mz/TYjaBTTz1
t03aV2KpQglFR8/Qw5l80FyPRdi231cuGUfXY9LPtR5w4UBT6iveN2Sk19sJnlRU
e1wir5d05DWs4d9DANeqyKorwdjj/0mBgsaEfKO1yklj9LJQhdqYNI7wfTOUiOAI
1uiHDh+wCFJv5LWY3F6YtZ3oErXJ12whlW/Llhobvdm9M2eCD4MtK3DItEOOgl2B
lL3gXsRoLGiR6Q==
-----END CERTIFICATE-----