Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/81d56d-1f52-4a9b-9591-720fd3a1eef3/1/jhTxdhHOtBMYStycGa71CKhJubI.mft
File:                     jhTxdhHOtBMYStycGa71CKhJubI.mft (raw, json)
Hash identifier:          Bc5CGN21RPGTKete16WbNNkvLNsS57GxS9rAbyePcFk=
Subject key identifier:   92:05:46:2A:E4:2E:BF:6F:C8:98:8E:12:00:0A:CD:80:C8:66:ED:CC
Authority key identifier: 8E:14:F1:76:11:CE:B4:13:18:4A:DC:9C:19:AE:F5:08:A8:49:B9:B2
Certificate issuer:       /CN=8e14f17611ceb413184adc9c19aef508a849b9b2
Certificate serial:       019A71B8D651E905365727339375F1474EE9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jhTxdhHOtBMYStycGa71CKhJubI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c9/81d56d-1f52-4a9b-9591-720fd3a1eef3/1/jhTxdhHOtBMYStycGa71CKhJubI.mft
Manifest number:          171A
Signing time:             Tue 11 Nov 2025 07:02:10 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:10 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:10 +0000
Files and hashes:         1: jhTxdhHOtBMYStycGa71CKhJubI.crl (hash: iXcnFQbeovz8ul5jAZX0gM8024I5hevE+DIo540oa34=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c9/81d56d-1f52-4a9b-9591-720fd3a1eef3/1/jhTxdhHOtBMYStycGa71CKhJubI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c9/81d56d-1f52-4a9b-9591-720fd3a1eef3/1/jhTxdhHOtBMYStycGa71CKhJubI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jhTxdhHOtBMYStycGa71CKhJubI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:d6:51:e9:05:36:57:27:33:93:75:f1:47:4e:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8e14f17611ceb413184adc9c19aef508a849b9b2
        Validity
            Not Before: Nov 11 07:02:10 2025 GMT
            Not After : Nov 12 07:02:10 2025 GMT
        Subject: CN=9205462ae42ebf6fc8988e12000acd80c866edcc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:71:e0:c4:5d:0c:60:95:d2:22:9e:fc:56:72:
                    2f:e3:f1:c7:7e:bf:90:92:e7:96:5e:cd:bc:42:d8:
                    1e:32:b9:f8:77:84:69:f5:47:82:79:a4:6a:06:ea:
                    f9:0d:f6:8c:31:c9:70:ae:9b:ff:2b:d6:9d:64:e3:
                    1c:2b:88:59:ba:7e:5f:90:ab:b1:0c:cc:3a:9a:a1:
                    9f:23:e3:05:b1:a3:27:a7:b2:54:73:35:f8:95:9a:
                    09:4f:e5:aa:e5:eb:31:4c:bc:80:db:f1:d4:df:10:
                    9e:fa:81:ed:2b:c2:ea:26:0d:63:3e:f5:34:05:cf:
                    22:89:b9:84:ab:73:24:ef:18:e2:e7:1d:b1:b8:74:
                    a7:69:e9:4f:2b:c8:c5:46:3b:bf:81:4c:9a:73:d8:
                    0e:89:c1:43:14:8d:74:2e:ba:41:0d:df:eb:f4:1e:
                    4e:20:bb:cc:fa:ed:ae:04:cf:ce:8a:e1:9d:bd:92:
                    9f:6d:64:bf:6c:29:11:fe:e5:7e:3f:49:f9:01:23:
                    cc:bc:ab:e9:b4:ec:3f:e2:ae:2a:17:a0:15:cc:73:
                    1c:53:4d:a4:63:d0:cc:a8:31:2f:52:71:1c:c5:fc:
                    64:4e:ad:e6:df:02:94:cd:85:f9:7a:72:70:0b:fe:
                    d0:72:a6:04:13:61:67:3e:6d:30:14:b0:96:ef:fe:
                    cd:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:05:46:2A:E4:2E:BF:6F:C8:98:8E:12:00:0A:CD:80:C8:66:ED:CC
            X509v3 Authority Key Identifier:
                keyid:8E:14:F1:76:11:CE:B4:13:18:4A:DC:9C:19:AE:F5:08:A8:49:B9:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhTxdhHOtBMYStycGa71CKhJubI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/81d56d-1f52-4a9b-9591-720fd3a1eef3/1/jhTxdhHOtBMYStycGa71CKhJubI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/81d56d-1f52-4a9b-9591-720fd3a1eef3/1/jhTxdhHOtBMYStycGa71CKhJubI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:89:ac:35:40:b9:44:86:22:17:2e:9c:ce:f9:e9:3b:7d:cd:
         52:ee:f2:1d:c9:4f:ff:76:6a:af:22:ce:a6:a7:d4:0b:20:ee:
         90:0c:3f:1d:25:a8:20:87:98:38:c1:50:de:07:23:92:13:31:
         3f:0b:fb:cc:60:7d:cb:bf:b7:b9:60:2d:65:56:86:86:61:83:
         36:0f:98:2e:59:55:05:97:1a:21:53:14:fe:b0:51:5f:8e:c0:
         43:2a:ba:6b:b8:41:45:ee:ea:04:bc:26:e2:2f:2a:5a:91:b1:
         8d:ff:c3:37:62:02:fb:d3:fb:07:ba:02:b6:e1:01:6e:fa:6c:
         87:df:74:d9:f8:b8:27:b9:84:ce:a8:83:7d:3b:9a:03:10:83:
         7c:cc:12:47:74:d6:38:23:7f:83:24:63:59:9b:34:5c:f8:47:
         42:f5:c6:8b:78:23:0b:aa:ae:de:dc:47:6c:6d:b9:0d:31:29:
         6f:e2:9d:7b:8d:3b:04:05:c0:e3:ed:97:06:b5:3c:32:e8:50:
         60:af:c0:ee:c3:55:4a:d6:1a:0c:50:c6:0a:f3:77:3f:e4:96:
         2f:5b:6f:85:fc:ce:3b:e1:c6:b4:44:58:cf:f0:64:be:4c:89:
         c1:c4:fa:f4:8d:16:1b:41:c5:8c:af:19:08:34:1e:0b:69:c4:
         c1:4b:b8:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuNZR6QU2Vyczk3XxR07pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMTRmMTc2MTFjZWI0MTMxODRhZGM5YzE5YWVmNTA4YTg0
OWI5YjIwHhcNMjUxMTExMDcwMjEwWhcNMjUxMTEyMDcwMjEwWjAzMTEwLwYDVQQD
Eyg5MjA1NDYyYWU0MmViZjZmYzg5ODhlMTIwMDBhY2Q4MGM4NjZlZGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXHgxF0MYJXSIp78VnIv4/HHfr+Q
kueWXs28QtgeMrn4d4Rp9UeCeaRqBur5DfaMMclwrpv/K9adZOMcK4hZun5fkKux
DMw6mqGfI+MFsaMnp7JUczX4lZoJT+Wq5esxTLyA2/HU3xCe+oHtK8LqJg1jPvU0
Bc8iibmEq3Mk7xji5x2xuHSnaelPK8jFRju/gUyac9gOicFDFI10LrpBDd/r9B5O
ILvM+u2uBM/OiuGdvZKfbWS/bCkR/uV+P0n5ASPMvKvptOw/4q4qF6AVzHMcU02k
Y9DMqDEvUnEcxfxkTq3m3wKUzYX5enJwC/7QcqYEE2FnPm0wFLCW7/7NuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJIFRirkLr9vyJiOEgAKzYDIZu3MMB8GA1UdIwQY
MBaAFI4U8XYRzrQTGErcnBmu9QioSbmyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamhUeGRoSE90Qk1ZU3R5Y0dhNzFDS2hKdWJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS84MWQ1NmQtMWY1Mi00YTliLTk1OTEt
NzIwZmQzYTFlZWYzLzEvamhUeGRoSE90Qk1ZU3R5Y0dhNzFDS2hKdWJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS84MWQ1NmQtMWY1Mi00YTliLTk1OTEtNzIwZmQzYTFlZWYz
LzEvamhUeGRoSE90Qk1ZU3R5Y0dhNzFDS2hKdWJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlomsNUC5
RIYiFy6czvnpO33NUu7yHclP/3ZqryLOpqfUCyDukAw/HSWoIIeYOMFQ3gcjkhMx
Pwv7zGB9y7+3uWAtZVaGhmGDNg+YLllVBZcaIVMU/rBRX47AQyq6a7hBRe7qBLwm
4i8qWpGxjf/DN2IC+9P7B7oCtuEBbvpsh9902fi4J7mEzqiDfTuaAxCDfMwSR3TW
OCN/gyRjWZs0XPhHQvXGi3gjC6qu3txHbG25DTEpb+Kde407BAXA4+2XBrU8MuhQ
YK/A7sNVStYaDFDGCvN3P+SWL1tvhfzOO+HGtERYz/BkvkyJwcT69I0WG0HFjK8Z
CDQeC2nEwUu4Lg==
-----END CERTIFICATE-----