Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/14d7b8-afce-45a1-b272-04d96fa83d07/1/_9YayMVuOP32EjgDbHNUcnADRjE.mft
File:                     _9YayMVuOP32EjgDbHNUcnADRjE.mft (raw, json)
Hash identifier:          3/m+1BvTFYyP/DeRcgAsT6OAeajsaoLiMY91TbFTc1c=
Subject key identifier:   AC:0B:46:76:FB:B7:8D:EC:7E:89:2F:40:90:E8:CC:66:BA:99:78:D2
Authority key identifier: FF:D6:1A:C8:C5:6E:38:FD:F6:12:38:03:6C:73:54:72:70:03:46:31
Certificate issuer:       /CN=ffd61ac8c56e38fdf61238036c73547270034631
Certificate serial:       019A70DC793D6584F7C87E5ABF6F9ACDE237
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_9YayMVuOP32EjgDbHNUcnADRjE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/14d7b8-afce-45a1-b272-04d96fa83d07/1/_9YayMVuOP32EjgDbHNUcnADRjE.mft
Manifest number:          171E
Signing time:             Tue 11 Nov 2025 03:01:28 +0000
Manifest this update:     Tue 11 Nov 2025 03:01:28 +0000
Manifest next update:     Wed 12 Nov 2025 03:01:28 +0000
Files and hashes:         1: _9YayMVuOP32EjgDbHNUcnADRjE.crl (hash: OKz9sPnYc8ed3ecZAZlwmqXyRKROu/lqHjLg0j0tiOE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/14d7b8-afce-45a1-b272-04d96fa83d07/1/_9YayMVuOP32EjgDbHNUcnADRjE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/14d7b8-afce-45a1-b272-04d96fa83d07/1/_9YayMVuOP32EjgDbHNUcnADRjE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_9YayMVuOP32EjgDbHNUcnADRjE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 03:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:dc:79:3d:65:84:f7:c8:7e:5a:bf:6f:9a:cd:e2:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ffd61ac8c56e38fdf61238036c73547270034631
        Validity
            Not Before: Nov 11 03:01:28 2025 GMT
            Not After : Nov 12 03:01:28 2025 GMT
        Subject: CN=ac0b4676fbb78dec7e892f4090e8cc66ba9978d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:a7:15:39:f7:cd:cc:a5:29:32:2b:0b:e5:6e:
                    3e:32:12:26:27:f5:4e:73:0d:dc:65:f9:4c:97:d1:
                    c6:b9:4c:ff:29:c7:7e:78:d6:8e:f4:a6:2b:2a:2f:
                    fe:8b:08:6d:56:98:91:61:d0:51:90:b7:47:c3:42:
                    8e:fa:69:33:5b:f3:35:aa:f7:c9:52:ff:b1:bb:76:
                    e7:97:e7:3c:c2:b6:85:e0:f8:cd:e7:50:77:40:ca:
                    65:51:9d:0a:35:14:fd:1c:9e:74:ff:7b:92:83:aa:
                    b7:60:e8:a2:98:e1:e9:f0:b7:f6:61:f3:3d:33:34:
                    9e:0b:cd:90:22:79:65:65:e9:97:8e:0b:f0:f7:a4:
                    09:f8:6d:31:fc:2a:39:df:09:5c:02:bd:a0:96:b7:
                    31:f0:b2:bf:cd:ec:09:03:89:a4:34:61:87:48:ca:
                    cd:8d:b7:a6:18:0c:5e:f5:3c:7f:ba:ed:56:13:43:
                    7d:29:1b:92:08:71:56:3a:92:d4:1b:4a:34:1b:c2:
                    24:21:f6:3f:23:e7:46:c6:c1:3d:8d:ab:0a:fe:c9:
                    9a:7a:40:79:4f:2b:c8:81:55:02:90:d3:57:41:49:
                    05:96:49:cf:04:1e:83:0d:6a:01:8f:a2:9b:7e:56:
                    fb:af:13:9a:0e:c6:01:37:80:80:73:12:ac:63:c5:
                    57:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:0B:46:76:FB:B7:8D:EC:7E:89:2F:40:90:E8:CC:66:BA:99:78:D2
            X509v3 Authority Key Identifier:
                keyid:FF:D6:1A:C8:C5:6E:38:FD:F6:12:38:03:6C:73:54:72:70:03:46:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_9YayMVuOP32EjgDbHNUcnADRjE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/14d7b8-afce-45a1-b272-04d96fa83d07/1/_9YayMVuOP32EjgDbHNUcnADRjE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/14d7b8-afce-45a1-b272-04d96fa83d07/1/_9YayMVuOP32EjgDbHNUcnADRjE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:07:54:d1:4e:f1:22:0c:dc:54:f5:65:2b:21:fb:59:4e:94:
         04:43:9f:24:0d:4e:ce:fb:ce:4b:06:d8:e7:3f:a0:75:d3:21:
         4c:01:6b:15:84:de:33:93:c7:18:63:1e:26:e2:9b:e7:6e:87:
         07:d6:23:c2:de:dd:9b:da:ba:2f:02:a0:29:18:97:fa:a5:64:
         1f:91:5e:ad:de:c1:3d:56:cd:12:ae:ec:ca:ba:6d:11:ef:2b:
         58:ee:68:22:e8:d1:77:5e:98:a2:2d:76:8e:c7:35:df:fd:60:
         3e:c5:98:31:b1:d3:68:09:0f:9d:9b:5e:ce:08:ac:b2:c3:99:
         cc:3f:82:71:61:69:8d:d9:07:15:4f:33:54:ed:59:ab:fb:bb:
         11:f5:4c:64:d2:82:3d:96:9e:0a:b8:17:ea:25:e4:8f:7b:8c:
         c4:2d:38:49:ce:8e:88:15:47:3f:0c:ab:bf:51:f5:36:49:aa:
         e6:83:10:b0:f3:26:05:67:16:e1:dc:89:2f:db:3f:07:64:ed:
         5b:2a:c7:9c:cf:a1:22:4c:2f:1e:e2:84:24:db:2e:74:5b:33:
         11:b4:11:f1:ca:31:ae:1c:0d:05:0c:b2:e7:74:bd:40:39:1b:
         4f:62:99:de:48:25:29:78:97:43:72:b6:6e:5f:2e:4d:59:5b:
         cd:1e:dc:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3Hk9ZYT3yH5av2+azeI3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmZDYxYWM4YzU2ZTM4ZmRmNjEyMzgwMzZjNzM1NDcyNzAw
MzQ2MzEwHhcNMjUxMTExMDMwMTI4WhcNMjUxMTEyMDMwMTI4WjAzMTEwLwYDVQQD
EyhhYzBiNDY3NmZiYjc4ZGVjN2U4OTJmNDA5MGU4Y2M2NmJhOTk3OGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqcVOffNzKUpMisL5W4+MhImJ/VO
cw3cZflMl9HGuUz/Kcd+eNaO9KYrKi/+iwhtVpiRYdBRkLdHw0KO+mkzW/M1qvfJ
Uv+xu3bnl+c8wraF4PjN51B3QMplUZ0KNRT9HJ50/3uSg6q3YOiimOHp8Lf2YfM9
MzSeC82QInllZemXjgvw96QJ+G0x/Co53wlcAr2glrcx8LK/zewJA4mkNGGHSMrN
jbemGAxe9Tx/uu1WE0N9KRuSCHFWOpLUG0o0G8IkIfY/I+dGxsE9jasK/smaekB5
TyvIgVUCkNNXQUkFlknPBB6DDWoBj6Kbflb7rxOaDsYBN4CAcxKsY8VXqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKwLRnb7t43sfokvQJDozGa6mXjSMB8GA1UdIwQY
MBaAFP/WGsjFbjj99hI4A2xzVHJwA0YxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzlZYXlNVnVPUDMyRWpnRGJITlVjbkFEUmpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8xNGQ3YjgtYWZjZS00NWExLWIyNzIt
MDRkOTZmYTgzZDA3LzEvXzlZYXlNVnVPUDMyRWpnRGJITlVjbkFEUmpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8xNGQ3YjgtYWZjZS00NWExLWIyNzItMDRkOTZmYTgzZDA3
LzEvXzlZYXlNVnVPUDMyRWpnRGJITlVjbkFEUmpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXQdU0U7x
IgzcVPVlKyH7WU6UBEOfJA1OzvvOSwbY5z+gddMhTAFrFYTeM5PHGGMeJuKb526H
B9Yjwt7dm9q6LwKgKRiX+qVkH5Ferd7BPVbNEq7syrptEe8rWO5oIujRd16Yoi12
jsc13/1gPsWYMbHTaAkPnZtezgisssOZzD+CcWFpjdkHFU8zVO1Zq/u7EfVMZNKC
PZaeCrgX6iXkj3uMxC04Sc6OiBVHPwyrv1H1Nkmq5oMQsPMmBWcW4dyJL9s/B2Tt
WyrHnM+hIkwvHuKEJNsudFszEbQR8coxrhwNBQyy53S9QDkbT2KZ3kglKXiXQ3K2
bl8uTVlbzR7cWw==
-----END CERTIFICATE-----