Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.mft
File:                     XVTR8F5RVk-oGdtyu47dOYeza74.mft (raw, json)
Hash identifier:          DMHSHUjRwCce+rPWYZUlF65iWR0OvSVAh+ITIERZGDg=
Subject key identifier:   9A:0B:F8:E1:CF:FB:C8:66:44:90:B1:6A:DE:33:62:9A:55:40:7A:72
Authority key identifier: 5D:54:D1:F0:5E:51:56:4F:A8:19:DB:72:BB:8E:DD:39:87:B3:6B:BE
Certificate issuer:       /CN=5d54d1f05e51564fa819db72bb8edd3987b36bbe
Certificate serial:       019A72937B94624FCC05D0368B86AD3FBFD4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XVTR8F5RVk-oGdtyu47dOYeza74.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.mft
Manifest number:          169F
Signing time:             Tue 11 Nov 2025 11:00:59 +0000
Manifest this update:     Tue 11 Nov 2025 11:00:59 +0000
Manifest next update:     Wed 12 Nov 2025 11:00:59 +0000
Files and hashes:         1: XVTR8F5RVk-oGdtyu47dOYeza74.crl (hash: bnwtrpcsg8y5eit0NHI2TeRYChOlFlao2DgIOuAAZtc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XVTR8F5RVk-oGdtyu47dOYeza74.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:7b:94:62:4f:cc:05:d0:36:8b:86:ad:3f:bf:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d54d1f05e51564fa819db72bb8edd3987b36bbe
        Validity
            Not Before: Nov 11 11:00:59 2025 GMT
            Not After : Nov 12 11:00:59 2025 GMT
        Subject: CN=9a0bf8e1cffbc8664490b16ade33629a55407a72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:83:f6:e5:ba:91:af:35:7e:91:bf:f0:c3:c3:
                    ae:ce:27:ea:a5:ad:70:5b:d8:cf:cf:6d:84:58:55:
                    69:84:f2:10:44:a6:6f:0e:14:7c:95:eb:d7:08:5d:
                    af:3a:37:20:c2:eb:a4:36:07:1c:1a:5d:a2:b5:92:
                    cb:ce:26:d9:8d:96:f6:42:7a:5b:fb:0f:76:d7:29:
                    63:56:5f:08:80:52:c3:9e:da:27:64:d0:1e:56:68:
                    81:1a:e4:bd:49:d3:e2:f0:08:2d:17:5c:ad:b2:f9:
                    ed:55:16:01:5a:b6:c3:00:a2:83:a4:e9:58:5b:d4:
                    e8:ea:af:2a:03:ca:31:66:9b:42:8f:2d:a2:a9:ce:
                    08:39:c5:6f:25:a4:bc:b3:49:14:43:f1:03:19:12:
                    7b:4f:09:f7:87:a6:7a:40:5f:ea:30:0e:3f:36:fc:
                    8a:7b:22:d2:50:4f:4c:1b:dd:9f:2e:d2:c4:7e:d6:
                    e3:d9:59:ca:cb:e3:69:45:47:0b:66:36:1b:da:9c:
                    15:94:cd:77:81:ff:10:b7:45:b5:03:9c:5f:e8:36:
                    dc:99:b4:36:a2:92:76:a0:59:7a:ca:e5:f1:19:85:
                    b5:89:d9:d8:67:09:b1:03:7d:02:5f:bd:45:a5:6c:
                    1e:2a:a2:d4:44:a0:67:9c:aa:4a:eb:c3:71:64:93:
                    fc:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:0B:F8:E1:CF:FB:C8:66:44:90:B1:6A:DE:33:62:9A:55:40:7A:72
            X509v3 Authority Key Identifier:
                keyid:5D:54:D1:F0:5E:51:56:4F:A8:19:DB:72:BB:8E:DD:39:87:B3:6B:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XVTR8F5RVk-oGdtyu47dOYeza74.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:e9:a1:84:29:fd:14:cf:35:f3:06:22:8d:15:a6:db:49:9e:
         51:e9:85:7f:f4:ef:25:a9:83:db:52:a6:f8:aa:0f:44:89:66:
         32:51:7d:bf:41:9c:29:fd:6e:27:d5:55:55:58:0f:8e:a5:ed:
         85:22:a0:37:21:20:a5:ce:0f:d3:d3:09:12:27:33:a8:9a:e4:
         b6:12:bf:50:9d:ac:7b:d7:90:31:ee:4e:8e:66:47:fb:7b:92:
         53:09:b9:b7:7c:85:c6:c0:9b:d0:0c:2a:69:d5:0c:2d:46:f4:
         19:a1:70:9c:7e:d9:e4:1a:2b:de:a5:dc:65:ff:fc:29:ba:33:
         ea:bf:7e:c6:d7:53:95:cd:b2:ed:47:f8:90:9c:fd:55:f7:73:
         64:07:4a:8d:27:4d:80:d4:2f:7f:e7:33:3b:2f:d5:d0:34:48:
         10:73:5e:60:c3:ee:9b:c8:13:52:f3:87:71:81:f5:a9:8b:5b:
         57:0f:49:60:f4:d8:06:59:26:18:c4:1f:42:18:77:fb:89:32:
         48:89:24:a0:d4:79:8f:d5:e7:06:37:4a:82:4d:84:8e:de:8b:
         8d:99:50:fa:b5:c8:cf:77:d7:5f:f0:aa:1d:0c:90:4f:76:bf:
         e5:b2:0c:37:d0:84:60:9d:7a:08:a1:03:9b:1e:bf:d1:db:87:
         d6:f4:fd:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk3uUYk/MBdA2i4atP7/UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkNTRkMWYwNWU1MTU2NGZhODE5ZGI3MmJiOGVkZDM5ODdi
MzZiYmUwHhcNMjUxMTExMTEwMDU5WhcNMjUxMTEyMTEwMDU5WjAzMTEwLwYDVQQD
Eyg5YTBiZjhlMWNmZmJjODY2NDQ5MGIxNmFkZTMzNjI5YTU1NDA3YTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0oP25bqRrzV+kb/ww8Ouzifqpa1w
W9jPz22EWFVphPIQRKZvDhR8levXCF2vOjcgwuukNgccGl2itZLLzibZjZb2Qnpb
+w921yljVl8IgFLDntonZNAeVmiBGuS9SdPi8AgtF1ytsvntVRYBWrbDAKKDpOlY
W9To6q8qA8oxZptCjy2iqc4IOcVvJaS8s0kUQ/EDGRJ7Twn3h6Z6QF/qMA4/NvyK
eyLSUE9MG92fLtLEftbj2VnKy+NpRUcLZjYb2pwVlM13gf8Qt0W1A5xf6DbcmbQ2
opJ2oFl6yuXxGYW1idnYZwmxA30CX71FpWweKqLURKBnnKpK68NxZJP8swIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJoL+OHP+8hmRJCxat4zYppVQHpyMB8GA1UdIwQY
MBaAFF1U0fBeUVZPqBnbcruO3TmHs2u+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFZUUjhGNVJWay1vR2R0eXU0N2RPWWV6YTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9iMjU0NWEtNmFlOS00MjdmLTgzYWUt
Y2UzZjg1MTVhNjliLzEvWFZUUjhGNVJWay1vR2R0eXU0N2RPWWV6YTc0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9iMjU0NWEtNmFlOS00MjdmLTgzYWUtY2UzZjg1MTVhNjli
LzEvWFZUUjhGNVJWay1vR2R0eXU0N2RPWWV6YTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFOmhhCn9
FM818wYijRWm20meUemFf/TvJamD21Km+KoPRIlmMlF9v0GcKf1uJ9VVVVgPjqXt
hSKgNyEgpc4P09MJEiczqJrkthK/UJ2se9eQMe5OjmZH+3uSUwm5t3yFxsCb0Awq
adUMLUb0GaFwnH7Z5Bor3qXcZf/8Kboz6r9+xtdTlc2y7Uf4kJz9VfdzZAdKjSdN
gNQvf+czOy/V0DRIEHNeYMPum8gTUvOHcYH1qYtbVw9JYPTYBlkmGMQfQhh3+4ky
SIkkoNR5j9XnBjdKgk2Ejt6LjZlQ+rXIz3fXX/CqHQyQT3a/5bIMN9CEYJ16CKED
mx6/0duH1vT9Ng==
-----END CERTIFICATE-----