Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2891f6-7861-4037-8008-52cf0195838b/1/dBkW6TW7TmhYsdIjYVrONp7SaB4.mft
File:                     dBkW6TW7TmhYsdIjYVrONp7SaB4.mft (raw, json)
Hash identifier:          8CmSDxn9TgxkZHh6Ihpj9onrppJOMT8yeKuLA+uS1E4=
Subject key identifier:   1E:96:69:B1:1E:6C:7C:40:7D:C3:02:00:62:AA:F8:D8:16:5D:16:AD
Authority key identifier: 74:19:16:E9:35:BB:4E:68:58:B1:D2:23:61:5A:CE:36:9E:D2:68:1E
Certificate issuer:       /CN=741916e935bb4e6858b1d223615ace369ed2681e
Certificate serial:       019A729400DBFAEF4F3794F449ABFCDE905C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dBkW6TW7TmhYsdIjYVrONp7SaB4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/2891f6-7861-4037-8008-52cf0195838b/1/dBkW6TW7TmhYsdIjYVrONp7SaB4.mft
Manifest number:          171D
Signing time:             Tue 11 Nov 2025 11:01:33 +0000
Manifest this update:     Tue 11 Nov 2025 11:01:33 +0000
Manifest next update:     Wed 12 Nov 2025 11:01:33 +0000
Files and hashes:         1: dBkW6TW7TmhYsdIjYVrONp7SaB4.crl (hash: O+LAvoKCPvLMELg4rIE4UY1ZhpF0HQMQQ37m+RzUy5g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/2891f6-7861-4037-8008-52cf0195838b/1/dBkW6TW7TmhYsdIjYVrONp7SaB4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/2891f6-7861-4037-8008-52cf0195838b/1/dBkW6TW7TmhYsdIjYVrONp7SaB4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dBkW6TW7TmhYsdIjYVrONp7SaB4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:94:00:db:fa:ef:4f:37:94:f4:49:ab:fc:de:90:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=741916e935bb4e6858b1d223615ace369ed2681e
        Validity
            Not Before: Nov 11 11:01:33 2025 GMT
            Not After : Nov 12 11:01:33 2025 GMT
        Subject: CN=1e9669b11e6c7c407dc3020062aaf8d8165d16ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:48:66:0a:4f:98:4d:8e:b2:b5:2e:51:ee:7c:
                    cb:36:13:9f:2a:36:9f:22:08:29:34:5b:55:7f:db:
                    81:66:5b:7f:37:a6:2b:80:c2:a8:b3:2f:41:55:d7:
                    64:43:61:03:5e:e4:02:af:82:2b:b4:51:62:60:df:
                    16:ee:5b:76:4c:e8:66:e5:df:b3:12:bc:51:52:68:
                    ba:0b:5d:78:70:c8:d6:7d:c1:68:32:39:00:d2:d9:
                    f3:a2:0d:7c:cd:4a:15:f7:04:51:c0:ab:bb:16:2b:
                    8f:ce:5b:d8:c8:62:bc:46:ad:e4:4a:d6:30:99:71:
                    22:2a:7f:7a:ad:ee:18:5e:ac:94:b3:13:ab:ee:03:
                    2f:44:81:5f:b8:a4:9a:5a:e7:82:f2:c8:4b:8c:a5:
                    5e:31:1e:1b:c5:20:6d:86:cf:aa:fc:86:53:fc:09:
                    8a:47:57:26:6c:17:6a:d0:93:21:b7:e7:43:ca:3d:
                    bf:6b:80:61:f4:85:a4:4e:53:36:29:76:ff:c8:c3:
                    e2:fd:30:47:b8:8b:f4:26:89:59:6c:ce:46:09:99:
                    15:59:07:97:87:61:8e:fb:57:78:30:7d:8b:82:1c:
                    64:a7:0e:14:0f:4c:4d:27:92:30:6c:b6:28:96:8c:
                    1d:a9:d4:1d:8c:54:66:40:6a:4a:d0:a1:10:a0:d5:
                    f7:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:96:69:B1:1E:6C:7C:40:7D:C3:02:00:62:AA:F8:D8:16:5D:16:AD
            X509v3 Authority Key Identifier:
                keyid:74:19:16:E9:35:BB:4E:68:58:B1:D2:23:61:5A:CE:36:9E:D2:68:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dBkW6TW7TmhYsdIjYVrONp7SaB4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2891f6-7861-4037-8008-52cf0195838b/1/dBkW6TW7TmhYsdIjYVrONp7SaB4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2891f6-7861-4037-8008-52cf0195838b/1/dBkW6TW7TmhYsdIjYVrONp7SaB4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:74:07:1e:5b:39:f9:74:dc:63:d5:dd:b5:7a:4c:87:30:30:
         57:f5:20:35:b1:4b:3a:13:b8:4f:2c:d5:a3:2d:7a:eb:83:c5:
         24:12:39:cd:f5:33:7c:7b:e0:07:5a:e4:d7:f1:a9:c8:9c:cf:
         29:76:c7:72:46:d5:85:bb:66:74:ee:a4:44:c8:a8:2a:29:94:
         00:01:e5:b8:b2:4f:36:fa:54:1c:82:f4:7e:e6:50:af:f7:31:
         50:b3:06:16:53:77:18:19:0d:49:ba:8a:dd:a6:15:37:06:3f:
         c9:d4:54:72:5d:4e:8e:61:7f:ff:8a:f3:b6:08:ea:98:a2:75:
         9d:a9:fb:24:d6:22:93:51:0c:be:83:71:eb:82:dc:65:69:b7:
         a2:74:fc:9b:54:68:5a:a1:2e:43:f2:97:cf:d0:8f:ce:5b:c4:
         43:27:5f:42:59:b2:b9:2b:de:6b:43:2d:2f:a5:6a:b6:e7:12:
         60:1f:b9:dc:73:6f:6c:89:9e:91:82:68:2e:59:08:66:f3:07:
         aa:f1:61:53:4c:46:86:1e:f9:a3:72:c8:c4:2d:b1:b6:fb:f8:
         1a:7a:c4:84:11:40:0d:ed:d6:b7:74:0e:f4:b5:be:48:e2:4f:
         1a:b1:b4:0a:ae:bf:43:ba:4c:0e:ac:34:eb:b3:b1:ad:9c:16:
         8d:d7:83:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpylADb+u9PN5T0Sav83pBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MTkxNmU5MzViYjRlNjg1OGIxZDIyMzYxNWFjZTM2OWVk
MjY4MWUwHhcNMjUxMTExMTEwMTMzWhcNMjUxMTEyMTEwMTMzWjAzMTEwLwYDVQQD
EygxZTk2NjliMTFlNmM3YzQwN2RjMzAyMDA2MmFhZjhkODE2NWQxNmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUhmCk+YTY6ytS5R7nzLNhOfKjaf
IggpNFtVf9uBZlt/N6YrgMKosy9BVddkQ2EDXuQCr4IrtFFiYN8W7lt2TOhm5d+z
ErxRUmi6C114cMjWfcFoMjkA0tnzog18zUoV9wRRwKu7FiuPzlvYyGK8Rq3kStYw
mXEiKn96re4YXqyUsxOr7gMvRIFfuKSaWueC8shLjKVeMR4bxSBths+q/IZT/AmK
R1cmbBdq0JMht+dDyj2/a4Bh9IWkTlM2KXb/yMPi/TBHuIv0JolZbM5GCZkVWQeX
h2GO+1d4MH2Lghxkpw4UD0xNJ5IwbLYolowdqdQdjFRmQGpK0KEQoNX3UwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB6WabEebHxAfcMCAGKq+NgWXRatMB8GA1UdIwQY
MBaAFHQZFuk1u05oWLHSI2Fazjae0mgeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEJrVzZUVzdUbWhZc2RJallWck9OcDdTYUI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yODkxZjYtNzg2MS00MDM3LTgwMDgt
NTJjZjAxOTU4MzhiLzEvZEJrVzZUVzdUbWhZc2RJallWck9OcDdTYUI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yODkxZjYtNzg2MS00MDM3LTgwMDgtNTJjZjAxOTU4Mzhi
LzEvZEJrVzZUVzdUbWhZc2RJallWck9OcDdTYUI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX3QHHls5
+XTcY9XdtXpMhzAwV/UgNbFLOhO4TyzVoy1664PFJBI5zfUzfHvgB1rk1/GpyJzP
KXbHckbVhbtmdO6kRMioKimUAAHluLJPNvpUHIL0fuZQr/cxULMGFlN3GBkNSbqK
3aYVNwY/ydRUcl1OjmF//4rztgjqmKJ1nan7JNYik1EMvoNx64LcZWm3onT8m1Ro
WqEuQ/KXz9CPzlvEQydfQlmyuSvea0MtL6VqtucSYB+53HNvbImekYJoLlkIZvMH
qvFhU0xGhh75o3LIxC2xtvv4GnrEhBFADe3Wt3QO9LW+SOJPGrG0Cq6/Q7pMDqw0
67OxrZwWjdeD5A==
-----END CERTIFICATE-----