Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/feb7e0-2b7e-426c-b037-2091cca8bc48/1/rl81puj7U5sZVMtDps516X-q4XU.mft
File:                     rl81puj7U5sZVMtDps516X-q4XU.mft (raw, json)
Hash identifier:          mvfzyWg/Yg+AMmY/tfBxHgwi8IvEdV9H2Po70P+fsVA=
Subject key identifier:   B2:45:07:1A:E3:D4:C9:CC:54:9A:8C:60:7C:06:B9:53:9D:D6:91:8C
Authority key identifier: AE:5F:35:A6:E8:FB:53:9B:19:54:CB:43:A6:CE:75:E9:7F:AA:E1:75
Certificate issuer:       /CN=ae5f35a6e8fb539b1954cb43a6ce75e97faae175
Certificate serial:       019A73A674EAC9ECBE08A2AB17F203E05387
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rl81puj7U5sZVMtDps516X-q4XU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/feb7e0-2b7e-426c-b037-2091cca8bc48/1/rl81puj7U5sZVMtDps516X-q4XU.mft
Manifest number:          0B17
Signing time:             Tue 11 Nov 2025 16:01:19 +0000
Manifest this update:     Tue 11 Nov 2025 16:01:19 +0000
Manifest next update:     Wed 12 Nov 2025 16:01:19 +0000
Files and hashes:         1: rl81puj7U5sZVMtDps516X-q4XU.crl (hash: fQqB/cwEKrfGrpoyJNFOXcDi/spcOrW7acfRNSm45nM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/feb7e0-2b7e-426c-b037-2091cca8bc48/1/rl81puj7U5sZVMtDps516X-q4XU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/feb7e0-2b7e-426c-b037-2091cca8bc48/1/rl81puj7U5sZVMtDps516X-q4XU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rl81puj7U5sZVMtDps516X-q4XU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:a6:74:ea:c9:ec:be:08:a2:ab:17:f2:03:e0:53:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae5f35a6e8fb539b1954cb43a6ce75e97faae175
        Validity
            Not Before: Nov 11 16:01:19 2025 GMT
            Not After : Nov 12 16:01:19 2025 GMT
        Subject: CN=b245071ae3d4c9cc549a8c607c06b9539dd6918c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:da:eb:a8:d6:d0:5a:ad:b6:67:8a:dd:7a:98:
                    10:7f:0a:74:53:ee:c2:5b:f7:7a:06:cc:42:7f:3c:
                    fa:a8:49:c2:85:30:f9:c4:21:a9:c3:18:b1:f2:14:
                    65:a7:ed:fa:c1:44:c5:61:76:e4:f3:e4:93:3c:63:
                    f8:82:92:05:2a:5b:53:fb:4a:9f:0b:c6:7e:2e:b0:
                    2e:e9:ce:81:1d:eb:34:c8:80:bb:ce:19:28:d6:ef:
                    55:b8:42:d6:62:f9:19:cc:b1:b1:8e:f3:14:85:78:
                    9a:3b:69:64:ba:2b:52:60:16:b5:56:54:fc:dd:b3:
                    63:e5:9c:c0:03:d0:11:7e:f9:32:8f:ca:fb:b6:6d:
                    64:b4:94:0c:3a:0b:15:ad:50:9a:dd:dc:ef:3e:f1:
                    80:ad:b2:63:e9:b7:70:a3:11:3e:37:ac:c9:ee:e3:
                    71:88:69:e3:86:bf:4e:6e:a0:02:1e:b8:ea:1f:3f:
                    3d:23:1d:ac:eb:e2:c7:3a:17:b4:32:f5:50:46:14:
                    cf:f8:0a:38:e3:40:76:e2:ed:a6:f6:33:81:eb:fa:
                    f0:76:79:4a:65:64:96:e4:72:8a:f8:31:79:d9:7b:
                    07:9f:9c:d9:a4:0e:64:c9:e5:62:b3:53:d2:f0:ce:
                    f9:ca:29:8b:97:97:1d:09:e9:35:88:1e:9d:f1:de:
                    97:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:45:07:1A:E3:D4:C9:CC:54:9A:8C:60:7C:06:B9:53:9D:D6:91:8C
            X509v3 Authority Key Identifier:
                keyid:AE:5F:35:A6:E8:FB:53:9B:19:54:CB:43:A6:CE:75:E9:7F:AA:E1:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rl81puj7U5sZVMtDps516X-q4XU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/feb7e0-2b7e-426c-b037-2091cca8bc48/1/rl81puj7U5sZVMtDps516X-q4XU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/feb7e0-2b7e-426c-b037-2091cca8bc48/1/rl81puj7U5sZVMtDps516X-q4XU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:71:1b:68:ec:4c:fb:55:ed:40:4e:11:92:44:df:40:bc:ee:
         3a:91:0d:c6:4a:c6:ba:a4:2e:da:a2:63:9d:3d:c2:d7:6e:70:
         c5:3f:08:65:e3:d6:a6:3f:59:7c:92:8e:16:42:01:5d:49:2d:
         d4:0d:62:e6:27:48:54:df:cc:91:07:ef:01:1e:f5:f7:48:c9:
         69:3b:50:e0:9b:67:e9:c0:c4:1c:1d:a5:e0:35:d6:8c:39:f9:
         7e:4d:53:82:92:51:92:d7:92:d1:3d:d1:c3:06:eb:5b:10:f1:
         f6:19:3e:78:6d:d1:ea:5b:fe:85:4e:d9:9a:cc:82:4e:31:48:
         da:2d:5d:39:51:f1:f5:96:ff:b6:9f:80:90:5a:d1:d1:f2:90:
         06:f7:d2:c6:84:0a:79:b8:70:c3:73:10:77:c4:9f:db:23:ad:
         a1:ed:2b:34:7c:48:f2:be:d4:61:ff:1c:da:4b:88:84:d7:69:
         39:1a:e6:8a:da:ac:9b:c4:15:3d:5b:7b:98:96:14:61:2e:5d:
         0c:04:5d:f4:62:45:ff:11:90:ba:91:16:44:a7:45:80:e4:77:
         53:22:9b:73:99:f8:0a:88:41:2d:4c:48:8c:91:1a:b5:81:a6:
         d2:22:c5:94:fd:e2:61:03:7d:d5:b4:aa:9d:57:ce:0e:3b:f5:
         c8:80:31:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzpnTqyey+CKKrF/ID4FOHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNWYzNWE2ZThmYjUzOWIxOTU0Y2I0M2E2Y2U3NWU5N2Zh
YWUxNzUwHhcNMjUxMTExMTYwMTE5WhcNMjUxMTEyMTYwMTE5WjAzMTEwLwYDVQQD
EyhiMjQ1MDcxYWUzZDRjOWNjNTQ5YThjNjA3YzA2Yjk1MzlkZDY5MThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9rrqNbQWq22Z4rdepgQfwp0U+7C
W/d6BsxCfzz6qEnChTD5xCGpwxix8hRlp+36wUTFYXbk8+STPGP4gpIFKltT+0qf
C8Z+LrAu6c6BHes0yIC7zhko1u9VuELWYvkZzLGxjvMUhXiaO2lkuitSYBa1VlT8
3bNj5ZzAA9ARfvkyj8r7tm1ktJQMOgsVrVCa3dzvPvGArbJj6bdwoxE+N6zJ7uNx
iGnjhr9ObqACHrjqHz89Ix2s6+LHOhe0MvVQRhTP+Ao440B24u2m9jOB6/rwdnlK
ZWSW5HKK+DF52XsHn5zZpA5kyeVis1PS8M75yimLl5cdCek1iB6d8d6XfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLJFBxrj1MnMVJqMYHwGuVOd1pGMMB8GA1UdIwQY
MBaAFK5fNabo+1ObGVTLQ6bOdel/quF1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmw4MXB1ajdVNXNaVk10RHBzNTE2WC1xNFhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9mZWI3ZTAtMmI3ZS00MjZjLWIwMzct
MjA5MWNjYThiYzQ4LzEvcmw4MXB1ajdVNXNaVk10RHBzNTE2WC1xNFhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9mZWI3ZTAtMmI3ZS00MjZjLWIwMzctMjA5MWNjYThiYzQ4
LzEvcmw4MXB1ajdVNXNaVk10RHBzNTE2WC1xNFhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAinEbaOxM
+1XtQE4RkkTfQLzuOpENxkrGuqQu2qJjnT3C125wxT8IZePWpj9ZfJKOFkIBXUkt
1A1i5idIVN/MkQfvAR7190jJaTtQ4Jtn6cDEHB2l4DXWjDn5fk1TgpJRkteS0T3R
wwbrWxDx9hk+eG3R6lv+hU7ZmsyCTjFI2i1dOVHx9Zb/tp+AkFrR0fKQBvfSxoQK
ebhww3MQd8Sf2yOtoe0rNHxI8r7UYf8c2kuIhNdpORrmitqsm8QVPVt7mJYUYS5d
DARd9GJF/xGQupEWRKdFgOR3UyKbc5n4CohBLUxIjJEatYGm0iLFlP3iYQN91bSq
nVfODjv1yIAxlA==
-----END CERTIFICATE-----