Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/2d52ae-3928-449e-86eb-66f053f6a4f8/1/pCqe9isMK_HTQWU5sqBKJlmMLEM.mft
File:                     pCqe9isMK_HTQWU5sqBKJlmMLEM.mft (raw, json)
Hash identifier:          xzhSihEcg5U298SqPFxZ1ZMOv7MEkHrfpwEzAG3qcVs=
Subject key identifier:   E9:16:08:8D:86:08:FF:EF:BE:EF:12:BE:5D:05:F1:23:35:C4:91:8C
Authority key identifier: A4:2A:9E:F6:2B:0C:2B:F1:D3:41:65:39:B2:A0:4A:26:59:8C:2C:43
Certificate issuer:       /CN=a42a9ef62b0c2bf1d3416539b2a04a26598c2c43
Certificate serial:       019A71B79FD3DBEA9CAB643F8697EB956613
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pCqe9isMK_HTQWU5sqBKJlmMLEM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/2d52ae-3928-449e-86eb-66f053f6a4f8/1/pCqe9isMK_HTQWU5sqBKJlmMLEM.mft
Manifest number:          171D
Signing time:             Tue 11 Nov 2025 07:00:50 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:50 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:50 +0000
Files and hashes:         1: pCqe9isMK_HTQWU5sqBKJlmMLEM.crl (hash: 2tYydxDzfXLDrUY/n89DmTU5+kUMydyi7Mj0nhDAJho=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a5/2d52ae-3928-449e-86eb-66f053f6a4f8/1/pCqe9isMK_HTQWU5sqBKJlmMLEM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a5/2d52ae-3928-449e-86eb-66f053f6a4f8/1/pCqe9isMK_HTQWU5sqBKJlmMLEM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pCqe9isMK_HTQWU5sqBKJlmMLEM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:9f:d3:db:ea:9c:ab:64:3f:86:97:eb:95:66:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a42a9ef62b0c2bf1d3416539b2a04a26598c2c43
        Validity
            Not Before: Nov 11 07:00:50 2025 GMT
            Not After : Nov 12 07:00:50 2025 GMT
        Subject: CN=e916088d8608ffefbeef12be5d05f12335c4918c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:d4:1f:07:66:68:6b:26:64:a6:82:64:f0:2a:
                    2b:88:d4:b4:e5:b1:69:2a:8c:24:fb:1b:00:01:8f:
                    5c:30:ed:c6:42:6b:2b:87:ba:d0:ca:d9:b2:8c:b1:
                    71:dc:e1:10:74:3b:91:e5:e6:64:92:a6:3d:64:64:
                    b1:f4:08:66:eb:c8:bc:68:ef:d7:c6:80:d8:de:24:
                    96:29:e1:04:23:93:e9:f9:05:64:5e:83:00:96:f0:
                    d0:11:57:32:d0:b9:c8:6c:c2:f2:4f:b3:b5:d0:c5:
                    56:81:8d:5c:9c:ac:e2:33:74:ff:92:c4:ee:89:38:
                    db:7b:ec:c8:b7:85:60:4f:3f:3d:07:c0:34:5b:32:
                    6a:8b:bb:7d:76:65:4b:2d:2a:4a:5a:73:10:a6:f2:
                    be:a7:24:87:a5:22:a7:68:ce:3a:72:3b:9c:a8:8c:
                    b8:38:a1:fb:48:dc:35:7e:4b:83:05:db:4c:b9:33:
                    90:97:69:32:a5:3b:a8:99:be:75:8d:aa:6f:bc:2a:
                    9c:51:cb:d3:83:c8:31:39:68:6e:6d:0d:a0:f5:b6:
                    47:ec:33:4b:9f:14:d3:7a:85:94:ed:ce:e3:21:1f:
                    e8:91:f3:34:e3:57:5f:c3:94:f9:11:56:14:94:54:
                    15:82:0b:b6:8f:fd:5f:17:e7:19:86:a8:d6:9b:3b:
                    45:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:16:08:8D:86:08:FF:EF:BE:EF:12:BE:5D:05:F1:23:35:C4:91:8C
            X509v3 Authority Key Identifier:
                keyid:A4:2A:9E:F6:2B:0C:2B:F1:D3:41:65:39:B2:A0:4A:26:59:8C:2C:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pCqe9isMK_HTQWU5sqBKJlmMLEM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/2d52ae-3928-449e-86eb-66f053f6a4f8/1/pCqe9isMK_HTQWU5sqBKJlmMLEM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/2d52ae-3928-449e-86eb-66f053f6a4f8/1/pCqe9isMK_HTQWU5sqBKJlmMLEM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:52:ac:f0:74:08:d2:2c:7a:ec:11:7c:29:f5:2d:bf:0b:db:
         61:96:34:45:dc:6c:c2:44:d5:a2:c2:e4:dc:95:ca:2f:5c:66:
         1d:a6:72:ab:87:64:f6:2c:13:0e:36:bf:d5:6f:64:89:41:5a:
         e9:d6:08:5d:a8:cb:bd:0b:5c:9b:af:61:8e:2b:b4:2c:00:ef:
         8a:42:68:68:75:c3:04:7c:d2:5b:61:23:22:98:46:ea:f3:5d:
         d0:d7:64:c1:3b:30:c8:d3:21:d1:b7:3e:ae:51:47:b4:4a:5f:
         10:14:cb:a1:d8:f5:f1:62:65:42:5b:08:52:a2:2e:37:64:25:
         42:56:35:df:13:3e:f1:11:12:bb:ad:02:5e:e0:72:85:d6:21:
         47:e2:f4:4c:18:88:66:ca:45:c7:a4:43:4a:ad:07:7e:9f:55:
         a2:44:07:0e:5d:04:79:de:83:92:05:5d:bd:16:bf:ab:9f:8e:
         d3:d3:8f:5a:2b:16:07:0a:7a:84:05:9f:11:fc:5f:e5:35:20:
         d1:f5:b4:05:02:6d:1f:34:91:7f:73:3b:09:e1:c1:da:cd:27:
         cb:06:cb:dd:17:af:7e:15:69:f6:76:8f:c0:79:ed:c4:e4:a8:
         01:52:f8:00:be:54:14:fb:25:fb:59:ff:84:bb:43:a8:76:71:
         bd:0c:3d:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt5/T2+qcq2Q/hpfrlWYTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MmE5ZWY2MmIwYzJiZjFkMzQxNjUzOWIyYTA0YTI2NTk4
YzJjNDMwHhcNMjUxMTExMDcwMDUwWhcNMjUxMTEyMDcwMDUwWjAzMTEwLwYDVQQD
EyhlOTE2MDg4ZDg2MDhmZmVmYmVlZjEyYmU1ZDA1ZjEyMzM1YzQ5MThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNQfB2ZoayZkpoJk8CoriNS05bFp
Kowk+xsAAY9cMO3GQmsrh7rQytmyjLFx3OEQdDuR5eZkkqY9ZGSx9Ahm68i8aO/X
xoDY3iSWKeEEI5Pp+QVkXoMAlvDQEVcy0LnIbMLyT7O10MVWgY1cnKziM3T/ksTu
iTjbe+zIt4VgTz89B8A0WzJqi7t9dmVLLSpKWnMQpvK+pySHpSKnaM46cjucqIy4
OKH7SNw1fkuDBdtMuTOQl2kypTuomb51japvvCqcUcvTg8gxOWhubQ2g9bZH7DNL
nxTTeoWU7c7jIR/okfM041dfw5T5EVYUlFQVggu2j/1fF+cZhqjWmztFkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOkWCI2GCP/vvu8Svl0F8SM1xJGMMB8GA1UdIwQY
MBaAFKQqnvYrDCvx00FlObKgSiZZjCxDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcENxZTlpc01LX0hUUVdVNXNxQktKbG1NTEVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8yZDUyYWUtMzkyOC00NDllLTg2ZWIt
NjZmMDUzZjZhNGY4LzEvcENxZTlpc01LX0hUUVdVNXNxQktKbG1NTEVNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8yZDUyYWUtMzkyOC00NDllLTg2ZWItNjZmMDUzZjZhNGY4
LzEvcENxZTlpc01LX0hUUVdVNXNxQktKbG1NTEVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV1Ks8HQI
0ix67BF8KfUtvwvbYZY0RdxswkTVosLk3JXKL1xmHaZyq4dk9iwTDja/1W9kiUFa
6dYIXajLvQtcm69hjiu0LADvikJoaHXDBHzSW2EjIphG6vNd0NdkwTswyNMh0bc+
rlFHtEpfEBTLodj18WJlQlsIUqIuN2QlQlY13xM+8RESu60CXuByhdYhR+L0TBiI
ZspFx6RDSq0Hfp9VokQHDl0Eed6DkgVdvRa/q5+O09OPWisWBwp6hAWfEfxf5TUg
0fW0BQJtHzSRf3M7CeHB2s0nywbL3RevfhVp9naPwHntxOSoAVL4AL5UFPsl+1n/
hLtDqHZxvQw97w==
-----END CERTIFICATE-----