Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft
File:                     tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft (raw, json)
Hash identifier:          F0JuhrkRpxChXe0oVVcpRNUjV7Ew/ttwcieHIksMLBo=
Subject key identifier:   D0:51:16:03:DB:E0:3F:83:B6:AC:E2:D9:8F:C3:F3:B9:A6:1B:83:AC
Authority key identifier: B5:39:83:18:35:C8:7C:75:01:F6:C3:7C:B4:8E:60:A7:95:A3:94:BB
Certificate issuer:       /CN=b539831835c87c7501f6c37cb48e60a795a394bb
Certificate serial:       019A71B7B3B88A94E2EAC444189B8CD81795
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tTmDGDXIfHUB9sN8tI5gp5WjlLs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft
Manifest number:          171E
Signing time:             Tue 11 Nov 2025 07:00:55 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:55 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:55 +0000
Files and hashes:         1: tTmDGDXIfHUB9sN8tI5gp5WjlLs.crl (hash: WxpSZU3h73myg77HogYNOKlMA/Vk5OQxDXgf3dSDZF0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tTmDGDXIfHUB9sN8tI5gp5WjlLs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:b3:b8:8a:94:e2:ea:c4:44:18:9b:8c:d8:17:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b539831835c87c7501f6c37cb48e60a795a394bb
        Validity
            Not Before: Nov 11 07:00:55 2025 GMT
            Not After : Nov 12 07:00:55 2025 GMT
        Subject: CN=d0511603dbe03f83b6ace2d98fc3f3b9a61b83ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:f1:ec:55:bf:70:d2:5e:aa:67:91:b3:25:53:
                    20:eb:7e:c5:da:63:3c:36:11:54:d7:1b:88:b3:68:
                    55:7a:ff:2f:2b:bb:62:b3:33:95:94:0e:68:6f:e6:
                    9c:3f:83:a6:be:87:9c:08:99:94:54:09:f5:b5:d8:
                    86:70:39:82:7d:22:a5:fd:84:02:31:45:5f:67:2d:
                    23:9b:b6:2c:22:cc:67:3f:96:6e:f7:4f:2d:e2:d0:
                    d2:43:03:60:25:b7:b3:d2:66:8d:64:77:e8:9c:3d:
                    9b:1f:9b:19:4e:e6:51:c2:76:5a:c5:56:1e:60:14:
                    e7:43:a6:2f:d8:2c:5d:3f:15:e3:39:17:5a:55:10:
                    23:f4:d3:23:3c:10:83:61:1b:0d:d4:71:15:31:f0:
                    36:de:b9:e1:63:76:9b:47:e4:e5:e0:60:6c:59:8e:
                    7b:e7:e7:92:a3:99:c1:bb:1d:2c:74:79:ae:86:d6:
                    a2:b7:47:ae:ce:88:48:7a:9e:92:3d:f4:b5:07:85:
                    93:36:26:93:2a:65:ec:c3:58:f7:d0:9d:cc:6c:ec:
                    1e:60:03:4a:86:ae:b6:ab:88:a8:17:2d:e8:cc:ae:
                    31:39:01:fd:9e:85:40:89:71:ed:d5:5b:f7:5d:4d:
                    35:12:09:1a:75:37:30:0a:69:7b:2a:05:91:fa:fc:
                    49:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:51:16:03:DB:E0:3F:83:B6:AC:E2:D9:8F:C3:F3:B9:A6:1B:83:AC
            X509v3 Authority Key Identifier:
                keyid:B5:39:83:18:35:C8:7C:75:01:F6:C3:7C:B4:8E:60:A7:95:A3:94:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTmDGDXIfHUB9sN8tI5gp5WjlLs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:c9:a0:36:b1:d0:4b:57:95:45:29:0e:c3:b7:92:32:2e:db:
         75:16:48:52:ae:80:dd:6a:cf:f1:47:10:ab:ac:a0:86:ca:05:
         86:29:88:bd:7a:0a:01:c8:d8:74:b3:35:6b:f2:80:56:4b:1d:
         99:79:78:6a:42:4e:92:7a:fd:43:4b:c1:4f:6f:bb:ac:71:e7:
         36:82:84:2e:39:c1:5d:bf:2a:a6:84:14:e7:b1:3d:61:55:6a:
         20:40:dc:af:8c:0e:e7:ae:84:45:0d:4d:45:1c:a4:4e:83:f4:
         eb:1c:ab:24:7a:45:07:8f:9a:da:75:5a:66:cf:c6:98:8b:91:
         59:4a:6f:26:51:3d:b5:b8:2f:78:35:21:af:e5:a3:d5:52:49:
         35:c0:e7:4f:4f:9e:20:9c:86:9f:f9:09:f2:b9:7e:6c:2a:75:
         42:5a:4f:26:76:64:7f:45:f9:2d:2c:eb:8d:a7:3d:2e:18:c3:
         59:4f:9c:b0:c2:19:c2:a3:55:90:b2:eb:9e:a7:51:f1:d2:14:
         b0:e8:1d:ea:e6:e9:b4:04:35:bc:6a:3e:28:67:e2:08:97:92:
         4e:db:ed:9e:43:05:52:da:56:8d:b5:57:57:1e:33:6f:64:4c:
         dc:b0:22:30:57:1d:54:46:32:04:db:b5:be:57:02:92:e1:e1:
         3c:0a:0f:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt7O4ipTi6sREGJuM2BeVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1Mzk4MzE4MzVjODdjNzUwMWY2YzM3Y2I0OGU2MGE3OTVh
Mzk0YmIwHhcNMjUxMTExMDcwMDU1WhcNMjUxMTEyMDcwMDU1WjAzMTEwLwYDVQQD
EyhkMDUxMTYwM2RiZTAzZjgzYjZhY2UyZDk4ZmMzZjNiOWE2MWI4M2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPHsVb9w0l6qZ5GzJVMg637F2mM8
NhFU1xuIs2hVev8vK7tiszOVlA5ob+acP4OmvoecCJmUVAn1tdiGcDmCfSKl/YQC
MUVfZy0jm7YsIsxnP5Zu908t4tDSQwNgJbez0maNZHfonD2bH5sZTuZRwnZaxVYe
YBTnQ6Yv2CxdPxXjORdaVRAj9NMjPBCDYRsN1HEVMfA23rnhY3abR+Tl4GBsWY57
5+eSo5nBux0sdHmuhtait0euzohIep6SPfS1B4WTNiaTKmXsw1j30J3MbOweYANK
hq62q4ioFy3ozK4xOQH9noVAiXHt1Vv3XU01EgkadTcwCml7KgWR+vxJVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNBRFgPb4D+Dtqzi2Y/D87mmG4OsMB8GA1UdIwQY
MBaAFLU5gxg1yHx1AfbDfLSOYKeVo5S7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFRtREdEWElmSFVCOXNOOHRJNWdwNVdqbExzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9lNzAzYzgtNDY1Zi00N2E1LTk1MmMt
NDk1ZTE4ODcwMWI2LzEvdFRtREdEWElmSFVCOXNOOHRJNWdwNVdqbExzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9lNzAzYzgtNDY1Zi00N2E1LTk1MmMtNDk1ZTE4ODcwMWI2
LzEvdFRtREdEWElmSFVCOXNOOHRJNWdwNVdqbExzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe8mgNrHQ
S1eVRSkOw7eSMi7bdRZIUq6A3WrP8UcQq6yghsoFhimIvXoKAcjYdLM1a/KAVksd
mXl4akJOknr9Q0vBT2+7rHHnNoKELjnBXb8qpoQU57E9YVVqIEDcr4wO566ERQ1N
RRykToP06xyrJHpFB4+a2nVaZs/GmIuRWUpvJlE9tbgveDUhr+Wj1VJJNcDnT0+e
IJyGn/kJ8rl+bCp1QlpPJnZkf0X5LSzrjac9LhjDWU+csMIZwqNVkLLrnqdR8dIU
sOgd6ubptAQ1vGo+KGfiCJeSTtvtnkMFUtpWjbVXVx4zb2RM3LAiMFcdVEYyBNu1
vlcCkuHhPAoPKA==
-----END CERTIFICATE-----