Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/0e825a-5bb6-4327-9a0a-439f36e1653a/1/2uV2MfYK2xPwrjaGcc4Ph0L1l38.mft
File:                     2uV2MfYK2xPwrjaGcc4Ph0L1l38.mft (raw, json)
Hash identifier:          pHpFboa8SPY5JtTG3k66AUMGetbNk+Y1+pmwZTevsbI=
Subject key identifier:   0A:CF:A7:BB:67:B0:52:40:C9:F9:FF:E4:C0:35:37:3F:4B:EE:BF:67
Authority key identifier: DA:E5:76:31:F6:0A:DB:13:F0:AE:36:86:71:CE:0F:87:42:F5:97:7F
Certificate issuer:       /CN=dae57631f60adb13f0ae368671ce0f8742f5977f
Certificate serial:       019A71EEF6A2DB6FE0C27DE775571E71F74F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2uV2MfYK2xPwrjaGcc4Ph0L1l38.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/0e825a-5bb6-4327-9a0a-439f36e1653a/1/2uV2MfYK2xPwrjaGcc4Ph0L1l38.mft
Manifest number:          171A
Signing time:             Tue 11 Nov 2025 08:01:17 +0000
Manifest this update:     Tue 11 Nov 2025 08:01:17 +0000
Manifest next update:     Wed 12 Nov 2025 08:01:17 +0000
Files and hashes:         1: 2uV2MfYK2xPwrjaGcc4Ph0L1l38.crl (hash: bQK2o0/9mZXdkd+MPxr/HdHD7SjOaukHwl82+z5qAAk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/0e825a-5bb6-4327-9a0a-439f36e1653a/1/2uV2MfYK2xPwrjaGcc4Ph0L1l38.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/0e825a-5bb6-4327-9a0a-439f36e1653a/1/2uV2MfYK2xPwrjaGcc4Ph0L1l38.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2uV2MfYK2xPwrjaGcc4Ph0L1l38.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 08:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:ee:f6:a2:db:6f:e0:c2:7d:e7:75:57:1e:71:f7:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dae57631f60adb13f0ae368671ce0f8742f5977f
        Validity
            Not Before: Nov 11 08:01:17 2025 GMT
            Not After : Nov 12 08:01:17 2025 GMT
        Subject: CN=0acfa7bb67b05240c9f9ffe4c035373f4beebf67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:5b:4b:1a:71:4f:68:06:66:bd:2b:fd:19:b0:
                    f3:1e:ae:2b:b9:87:a7:88:9b:f4:36:e4:07:f5:0f:
                    44:f2:73:2c:bf:67:7c:b6:79:5e:61:0f:c5:69:90:
                    29:83:e7:2d:8e:c8:c3:5b:6f:80:bf:8d:11:2d:c4:
                    ac:ef:bf:aa:17:67:38:d5:f5:37:b2:fb:e7:16:ba:
                    20:5b:6c:62:00:d9:35:90:be:23:05:b6:e8:03:ba:
                    7b:d0:c9:10:7c:1d:73:5e:bb:70:84:22:a2:0e:7b:
                    4a:4f:b3:1e:f9:d4:f7:2d:8d:0d:de:37:39:95:76:
                    8e:80:80:ff:33:4d:75:47:cd:3f:13:c9:12:cc:ef:
                    8f:de:5f:37:ff:56:66:e6:2f:e0:aa:a8:d6:bf:02:
                    33:a5:c1:4d:72:8c:ca:90:50:79:4f:55:2e:32:6d:
                    79:57:b2:f6:6a:ee:bf:f9:d1:4e:0e:ba:d3:61:59:
                    27:20:a0:87:8c:5d:61:e4:6f:96:81:b2:e9:b1:cc:
                    31:39:0f:22:15:0a:27:92:71:4c:4f:ee:d6:01:16:
                    ae:e5:10:67:3a:be:07:44:0e:86:6b:74:b4:29:da:
                    99:56:84:2e:ea:66:09:21:34:53:23:75:62:83:1a:
                    d7:a9:7c:61:6f:1a:c0:39:68:0b:07:bb:a3:be:fc:
                    33:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:CF:A7:BB:67:B0:52:40:C9:F9:FF:E4:C0:35:37:3F:4B:EE:BF:67
            X509v3 Authority Key Identifier:
                keyid:DA:E5:76:31:F6:0A:DB:13:F0:AE:36:86:71:CE:0F:87:42:F5:97:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2uV2MfYK2xPwrjaGcc4Ph0L1l38.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/0e825a-5bb6-4327-9a0a-439f36e1653a/1/2uV2MfYK2xPwrjaGcc4Ph0L1l38.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/0e825a-5bb6-4327-9a0a-439f36e1653a/1/2uV2MfYK2xPwrjaGcc4Ph0L1l38.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:07:af:a6:64:a2:3c:22:7a:21:04:38:1a:94:6d:c2:24:4e:
         ce:3a:ea:44:06:50:c6:2e:3c:27:67:bb:a8:76:4e:b5:5b:6d:
         81:9e:ca:9a:98:59:14:2f:9c:b1:7b:24:09:6e:a6:03:3b:5a:
         d9:bc:cf:aa:0f:ed:78:99:70:31:15:67:5f:06:de:71:98:d6:
         13:9d:a8:cb:0f:fc:ab:a0:3f:a8:3d:1c:60:92:a2:50:ce:bc:
         24:9c:3e:82:58:60:1f:7d:71:63:0e:35:b6:a2:e3:30:36:07:
         de:b6:e6:e4:9a:7c:b4:0a:82:49:c1:96:e9:47:99:1e:4a:be:
         0b:ea:b9:8e:7d:36:4b:e7:01:37:55:43:02:75:75:c4:0e:de:
         0f:c9:24:97:86:ad:ca:41:42:2a:4f:c8:2d:d5:12:17:15:f1:
         be:b6:1e:ff:01:08:b9:ff:2d:5c:06:72:af:02:fc:3f:48:fe:
         20:e2:20:09:02:2d:49:e3:9b:77:6a:34:56:7c:90:7d:0d:f6:
         12:7f:68:b5:49:1c:8f:ca:57:01:dc:72:bf:7d:95:9a:20:5b:
         01:22:32:08:1f:8d:d3:c0:bf:0d:1a:22:3b:62:94:8c:fa:75:
         f8:1d:c2:98:02:7a:ec:5a:05:c0:f6:e8:ef:e5:f0:c4:97:d3:
         0d:3b:e8:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7vai22/gwn3ndVcecfdPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhZTU3NjMxZjYwYWRiMTNmMGFlMzY4NjcxY2UwZjg3NDJm
NTk3N2YwHhcNMjUxMTExMDgwMTE3WhcNMjUxMTEyMDgwMTE3WjAzMTEwLwYDVQQD
EygwYWNmYTdiYjY3YjA1MjQwYzlmOWZmZTRjMDM1MzczZjRiZWViZjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsltLGnFPaAZmvSv9GbDzHq4ruYen
iJv0NuQH9Q9E8nMsv2d8tnleYQ/FaZApg+ctjsjDW2+Av40RLcSs77+qF2c41fU3
svvnFrogW2xiANk1kL4jBbboA7p70MkQfB1zXrtwhCKiDntKT7Me+dT3LY0N3jc5
lXaOgID/M011R80/E8kSzO+P3l83/1Zm5i/gqqjWvwIzpcFNcozKkFB5T1UuMm15
V7L2au6/+dFODrrTYVknIKCHjF1h5G+WgbLpscwxOQ8iFQonknFMT+7WARau5RBn
Or4HRA6Ga3S0KdqZVoQu6mYJITRTI3VigxrXqXxhbxrAOWgLB7ujvvwzuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFArPp7tnsFJAyfn/5MA1Nz9L7r9nMB8GA1UdIwQY
MBaAFNrldjH2CtsT8K42hnHOD4dC9Zd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnVWMk1mWUsyeFB3cmphR2NjNFBoMEwxbDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8wZTgyNWEtNWJiNi00MzI3LTlhMGEt
NDM5ZjM2ZTE2NTNhLzEvMnVWMk1mWUsyeFB3cmphR2NjNFBoMEwxbDM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8wZTgyNWEtNWJiNi00MzI3LTlhMGEtNDM5ZjM2ZTE2NTNh
LzEvMnVWMk1mWUsyeFB3cmphR2NjNFBoMEwxbDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbgevpmSi
PCJ6IQQ4GpRtwiROzjrqRAZQxi48J2e7qHZOtVttgZ7KmphZFC+csXskCW6mAzta
2bzPqg/teJlwMRVnXwbecZjWE52oyw/8q6A/qD0cYJKiUM68JJw+glhgH31xYw41
tqLjMDYH3rbm5Jp8tAqCScGW6UeZHkq+C+q5jn02S+cBN1VDAnV1xA7eD8kkl4at
ykFCKk/ILdUSFxXxvrYe/wEIuf8tXAZyrwL8P0j+IOIgCQItSeObd2o0VnyQfQ32
En9otUkcj8pXAdxyv32VmiBbASIyCB+N08C/DRoiO2KUjPp1+B3CmAJ67FoFwPbo
7+XwxJfTDTvoug==
-----END CERTIFICATE-----