Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft
File:                     Kf5mFpV0HYXP7c9v-890aZlZVp8.mft (raw, json)
Hash identifier:          ROoAz8CLgFXMOuxZ1NeePCkapdDJ70XEICOcHvG9tBI=
Subject key identifier:   9A:03:2E:9A:FE:CB:14:61:8A:53:D2:CA:82:A3:5F:C6:6D:D8:A1:C7
Authority key identifier: 29:FE:66:16:95:74:1D:85:CF:ED:CF:6F:FB:CF:74:69:99:59:56:9F
Certificate issuer:       /CN=29fe661695741d85cfedcf6ffbcf74699959569f
Certificate serial:       019A71B8058FCB845D2FC52E6931C0B673B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kf5mFpV0HYXP7c9v-890aZlZVp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft
Manifest number:          171D
Signing time:             Tue 11 Nov 2025 07:01:16 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:16 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:16 +0000
Files and hashes:         1: Kf5mFpV0HYXP7c9v-890aZlZVp8.crl (hash: DF4XAf3X36pU1EdA4bYLwYM9Usqzo73C7ihFOObacVE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Kf5mFpV0HYXP7c9v-890aZlZVp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:05:8f:cb:84:5d:2f:c5:2e:69:31:c0:b6:73:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29fe661695741d85cfedcf6ffbcf74699959569f
        Validity
            Not Before: Nov 11 07:01:16 2025 GMT
            Not After : Nov 12 07:01:16 2025 GMT
        Subject: CN=9a032e9afecb14618a53d2ca82a35fc66dd8a1c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:ec:95:db:f6:43:83:75:d4:7e:c1:89:1a:c8:
                    26:4e:40:03:86:b5:d5:07:a1:be:cd:d7:32:1c:44:
                    d9:3f:fd:4a:54:ee:09:91:ee:0d:bd:b7:2a:11:7a:
                    c1:7e:bc:2f:9b:3d:ea:6d:18:35:01:84:13:58:a6:
                    4d:1d:66:16:3f:be:5f:2b:c4:3a:57:af:c9:86:a2:
                    a3:41:e5:16:37:77:14:05:e6:0d:fc:36:64:7a:1e:
                    0c:9e:aa:e4:47:26:46:44:22:9c:4d:9e:ca:e0:7a:
                    3a:4f:25:64:47:ec:6b:e2:b4:a1:02:a6:93:11:01:
                    d8:6a:c9:d8:20:e7:cd:a7:8f:7e:49:c4:d0:3a:70:
                    94:2b:8e:0a:3e:5a:b2:11:02:c5:d2:99:82:f5:89:
                    0c:05:51:8a:bd:13:a6:b2:1f:a2:3a:dc:3b:af:8a:
                    3a:ad:d3:86:30:74:51:69:7e:f1:4c:ee:86:ce:10:
                    4c:aa:3f:4a:4b:00:7e:46:2e:dc:3b:7b:77:30:64:
                    f5:3f:d7:ed:a0:b0:b5:32:bf:e9:bf:84:ca:6e:ac:
                    44:6f:85:28:d2:41:f3:4e:30:ac:c9:fa:29:ac:e5:
                    21:72:a4:f6:aa:db:14:62:e5:e4:dd:76:d7:ef:7e:
                    4f:d5:1f:83:b2:55:96:6b:ad:21:93:e9:3b:f5:f5:
                    de:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:03:2E:9A:FE:CB:14:61:8A:53:D2:CA:82:A3:5F:C6:6D:D8:A1:C7
            X509v3 Authority Key Identifier:
                keyid:29:FE:66:16:95:74:1D:85:CF:ED:CF:6F:FB:CF:74:69:99:59:56:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kf5mFpV0HYXP7c9v-890aZlZVp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:59:96:66:46:e3:15:e8:10:a0:c0:7c:0b:96:88:dc:43:85:
         bc:f1:b4:1d:ae:e5:1e:e3:67:4b:4f:58:1c:f9:b1:c2:01:26:
         40:16:75:9e:ec:b6:1a:1b:2f:f4:97:a7:b3:4b:64:34:88:ac:
         76:a0:c8:fd:e3:d0:e4:36:13:7f:cb:53:e1:c4:ed:c2:f0:74:
         51:4c:8b:4c:66:45:2b:9d:57:7b:c4:9c:f3:84:4b:81:42:87:
         7e:52:6a:fa:ed:6f:4d:db:ed:04:37:a6:71:10:c0:ef:e9:0a:
         57:f3:43:ab:39:aa:e1:18:84:71:fe:33:c3:79:34:cb:cf:91:
         7d:88:cc:ef:c2:08:e2:d6:89:71:e7:74:f0:00:06:f0:af:f7:
         2b:8b:d6:fb:c6:6d:53:1d:a1:a6:3d:d6:30:54:92:3a:e0:b3:
         0c:f8:7d:45:79:84:4a:61:d3:21:1a:39:2d:43:73:3f:06:67:
         a6:e9:44:2d:ef:c5:23:d9:62:70:dd:5e:35:fb:68:ac:fd:e1:
         20:63:68:14:55:5d:d6:b9:ed:c6:95:67:5b:8b:98:11:e7:fc:
         59:d6:5d:f6:14:51:e7:a8:31:ed:cc:3c:e8:70:a4:bf:b7:46:
         6d:13:ef:24:19:16:ef:49:fa:74:a5:8e:1d:9a:bd:28:e3:3b:
         e5:b8:ce:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuAWPy4RdL8UuaTHAtnO5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZmU2NjE2OTU3NDFkODVjZmVkY2Y2ZmZiY2Y3NDY5OTk1
OTU2OWYwHhcNMjUxMTExMDcwMTE2WhcNMjUxMTEyMDcwMTE2WjAzMTEwLwYDVQQD
Eyg5YTAzMmU5YWZlY2IxNDYxOGE1M2QyY2E4MmEzNWZjNjZkZDhhMWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9OyV2/ZDg3XUfsGJGsgmTkADhrXV
B6G+zdcyHETZP/1KVO4Jke4NvbcqEXrBfrwvmz3qbRg1AYQTWKZNHWYWP75fK8Q6
V6/JhqKjQeUWN3cUBeYN/DZkeh4MnqrkRyZGRCKcTZ7K4Ho6TyVkR+xr4rShAqaT
EQHYasnYIOfNp49+ScTQOnCUK44KPlqyEQLF0pmC9YkMBVGKvROmsh+iOtw7r4o6
rdOGMHRRaX7xTO6GzhBMqj9KSwB+Ri7cO3t3MGT1P9ftoLC1Mr/pv4TKbqxEb4Uo
0kHzTjCsyfoprOUhcqT2qtsUYuXk3XbX735P1R+DslWWa60hk+k79fXe+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJoDLpr+yxRhilPSyoKjX8Zt2KHHMB8GA1UdIwQY
MBaAFCn+ZhaVdB2Fz+3Pb/vPdGmZWVafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2Y1bUZwVjBIWVhQN2M5di04OTBhWmxaVnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi81MWVjYzktNTY4MS00YjAyLTlkYjgt
MmU4ODBhN2E4MmNhLzEvS2Y1bUZwVjBIWVhQN2M5di04OTBhWmxaVnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi81MWVjYzktNTY4MS00YjAyLTlkYjgtMmU4ODBhN2E4MmNh
LzEvS2Y1bUZwVjBIWVhQN2M5di04OTBhWmxaVnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkFmWZkbj
FegQoMB8C5aI3EOFvPG0Ha7lHuNnS09YHPmxwgEmQBZ1nuy2Ghsv9Jens0tkNIis
dqDI/ePQ5DYTf8tT4cTtwvB0UUyLTGZFK51Xe8Sc84RLgUKHflJq+u1vTdvtBDem
cRDA7+kKV/NDqzmq4RiEcf4zw3k0y8+RfYjM78II4taJced08AAG8K/3K4vW+8Zt
Ux2hpj3WMFSSOuCzDPh9RXmESmHTIRo5LUNzPwZnpulELe/FI9licN1eNftorP3h
IGNoFFVd1rntxpVnW4uYEef8WdZd9hRR56gx7cw86HCkv7dGbRPvJBkW70n6dKWO
HZq9KOM75bjOcA==
-----END CERTIFICATE-----