Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft
File:                     I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft (raw, json)
Hash identifier:          boFL9sbbiiY3NfngAIgPXhYgPhnGenBh2Y+tpyAon2U=
Subject key identifier:   EF:50:7C:CB:2B:FF:CB:E6:57:F3:BD:C4:48:42:26:94:74:A1:D9:18
Authority key identifier: 23:74:3F:E3:17:C3:24:BF:79:43:EA:73:A7:D4:B7:86:CF:DC:1E:9F
Certificate issuer:       /CN=23743fe317c324bf7943ea73a7d4b786cfdc1e9f
Certificate serial:       019A71B7F229F78DFB45222946CB8F4F1211
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 07:01:11 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:11 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:11 +0000
Files and hashes:         1: I3Q_4xfDJL95Q-pzp9S3hs_cHp8.crl (hash: EJ6VpNsHifzcpNVg3N6AwDPCenLvViGH0lTP+ZyHtTc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:f2:29:f7:8d:fb:45:22:29:46:cb:8f:4f:12:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23743fe317c324bf7943ea73a7d4b786cfdc1e9f
        Validity
            Not Before: Nov 11 07:01:11 2025 GMT
            Not After : Nov 12 07:01:11 2025 GMT
        Subject: CN=ef507ccb2bffcbe657f3bdc44842269474a1d918
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:c5:c8:70:b6:42:26:d0:24:27:e9:30:96:5b:
                    61:32:43:02:9f:ca:17:c8:71:46:f5:4b:79:50:d9:
                    76:c3:af:16:35:0c:b5:f1:cf:51:94:8b:91:82:2f:
                    ea:a0:cc:e1:74:3c:b2:3a:ec:0d:a1:36:92:24:6a:
                    98:ee:b9:3d:1d:88:57:a0:78:aa:60:80:85:c1:8f:
                    89:6e:34:82:07:2d:85:da:54:fc:f9:7d:1c:b8:87:
                    8b:a0:c3:b2:ff:94:f4:03:15:78:de:54:29:63:95:
                    83:c9:8c:de:9f:c0:7a:3f:7e:e9:a9:c8:af:08:d9:
                    ca:f9:09:f1:40:8d:a7:e3:44:fc:68:96:00:07:9d:
                    51:d6:dd:44:e4:41:54:ca:3d:c0:c4:07:85:d4:8b:
                    e0:28:7a:9d:f5:50:80:4c:b7:44:d6:f0:35:57:dc:
                    6c:1a:be:db:8f:08:ef:03:8a:57:ca:8e:5b:30:3e:
                    ce:5d:27:c2:11:54:c6:82:16:73:4e:b5:7a:1f:0f:
                    30:bb:d5:fe:ac:3d:bc:d9:b4:15:76:62:7b:43:e7:
                    c4:b7:6d:ef:a4:f0:73:cc:37:af:97:7a:3b:0d:1a:
                    a6:bd:a9:dd:04:db:56:66:a6:1f:eb:0b:67:68:ab:
                    a9:71:c4:76:21:31:24:2b:2a:92:ec:3c:e6:d2:3b:
                    5c:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:50:7C:CB:2B:FF:CB:E6:57:F3:BD:C4:48:42:26:94:74:A1:D9:18
            X509v3 Authority Key Identifier:
                keyid:23:74:3F:E3:17:C3:24:BF:79:43:EA:73:A7:D4:B7:86:CF:DC:1E:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:48:5d:f0:0d:39:f5:9b:4b:38:76:1c:a6:92:c8:a7:19:dc:
         b6:c4:6a:e3:ea:d8:f6:b3:49:80:4f:49:8e:ec:06:4f:36:5d:
         0e:55:f2:95:c3:04:32:1a:e6:f0:0d:97:36:76:7e:ad:66:00:
         50:6e:bd:18:b8:18:7a:19:69:eb:c3:c6:38:7c:82:ad:c8:42:
         21:60:59:1e:cc:42:9c:ff:d9:b4:55:99:2b:0b:4e:1e:bf:b3:
         8c:37:2f:aa:c6:1e:96:f0:e4:61:7f:bd:7f:73:a2:be:9b:f4:
         9f:0d:90:c3:08:87:69:8a:d0:71:9f:a1:92:e4:35:a7:45:f5:
         33:29:46:ac:15:ab:f2:e9:0a:32:ac:54:28:d7:83:1c:43:43:
         86:ab:0b:cb:6b:b3:17:82:82:ba:e6:e1:d6:49:d6:a7:90:f2:
         7b:71:68:88:a6:17:b7:b3:64:9f:a5:28:04:66:72:53:1d:69:
         02:dd:2e:6f:9e:59:9d:f9:3e:19:b7:8e:66:71:a9:4e:0b:df:
         3f:d2:31:9f:5b:e5:2e:c8:43:f3:60:a2:2e:51:ca:07:9e:27:
         2e:25:a6:64:21:74:11:3d:5b:2a:15:20:ea:d9:75:3d:c5:3f:
         cd:d2:13:90:c2:66:db:9c:ef:09:ff:63:db:2a:9e:39:49:33:
         2b:99:ee:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt/Ip9437RSIpRsuPTxIRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNzQzZmUzMTdjMzI0YmY3OTQzZWE3M2E3ZDRiNzg2Y2Zk
YzFlOWYwHhcNMjUxMTExMDcwMTExWhcNMjUxMTEyMDcwMTExWjAzMTEwLwYDVQQD
EyhlZjUwN2NjYjJiZmZjYmU2NTdmM2JkYzQ0ODQyMjY5NDc0YTFkOTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8XIcLZCJtAkJ+kwllthMkMCn8oX
yHFG9Ut5UNl2w68WNQy18c9RlIuRgi/qoMzhdDyyOuwNoTaSJGqY7rk9HYhXoHiq
YICFwY+JbjSCBy2F2lT8+X0cuIeLoMOy/5T0AxV43lQpY5WDyYzen8B6P37pqciv
CNnK+QnxQI2n40T8aJYAB51R1t1E5EFUyj3AxAeF1IvgKHqd9VCATLdE1vA1V9xs
Gr7bjwjvA4pXyo5bMD7OXSfCEVTGghZzTrV6Hw8wu9X+rD282bQVdmJ7Q+fEt23v
pPBzzDevl3o7DRqmvandBNtWZqYf6wtnaKupccR2ITEkKyqS7Dzm0jtcBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO9QfMsr/8vmV/O9xEhCJpR0odkYMB8GA1UdIwQY
MBaAFCN0P+MXwyS/eUPqc6fUt4bP3B6fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTNRXzR4ZkRKTDk1US1wenA5UzNoc19jSHA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8zZWY4NDYtZjg0ZC00NTVmLThlZTgt
Zjk2MTNkYTA5ZWViLzEvSTNRXzR4ZkRKTDk1US1wenA5UzNoc19jSHA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8zZWY4NDYtZjg0ZC00NTVmLThlZTgtZjk2MTNkYTA5ZWVi
LzEvSTNRXzR4ZkRKTDk1US1wenA5UzNoc19jSHA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgEhd8A05
9ZtLOHYcppLIpxnctsRq4+rY9rNJgE9JjuwGTzZdDlXylcMEMhrm8A2XNnZ+rWYA
UG69GLgYehlp68PGOHyCrchCIWBZHsxCnP/ZtFWZKwtOHr+zjDcvqsYelvDkYX+9
f3Oivpv0nw2QwwiHaYrQcZ+hkuQ1p0X1MylGrBWr8ukKMqxUKNeDHENDhqsLy2uz
F4KCuubh1knWp5Dye3FoiKYXt7Nkn6UoBGZyUx1pAt0ub55Znfk+GbeOZnGpTgvf
P9Ixn1vlLshD82CiLlHKB54nLiWmZCF0ET1bKhUg6tl1PcU/zdITkMJm25zvCf9j
2yqeOUkzK5nuwA==
-----END CERTIFICATE-----