Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.mft
File:                     7PXVEvkQRLeGoVWJpiSo2MuSnkg.mft (raw, json)
Hash identifier:          Nyh2WkLSwVNQTSfhd7Ol12twdFFwAZUF48EUxOGg3uA=
Subject key identifier:   17:6E:E3:AF:6D:D4:EF:72:22:69:2F:0A:2F:4B:28:54:71:58:83:69
Authority key identifier: EC:F5:D5:12:F9:10:44:B7:86:A1:55:89:A6:24:A8:D8:CB:92:9E:48
Certificate issuer:       /CN=ecf5d512f91044b786a15589a624a8d8cb929e48
Certificate serial:       019A71B8553849BC8A58B334E2E5B79FA25E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7PXVEvkQRLeGoVWJpiSo2MuSnkg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.mft
Manifest number:          13D1
Signing time:             Tue 11 Nov 2025 07:01:37 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:37 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:37 +0000
Files and hashes:         1: 7PXVEvkQRLeGoVWJpiSo2MuSnkg.crl (hash: xKjV0JMkJlnK4Sg40TBGpvk9BQYcNamWywILjREN+oc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7PXVEvkQRLeGoVWJpiSo2MuSnkg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:55:38:49:bc:8a:58:b3:34:e2:e5:b7:9f:a2:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ecf5d512f91044b786a15589a624a8d8cb929e48
        Validity
            Not Before: Nov 11 07:01:37 2025 GMT
            Not After : Nov 12 07:01:37 2025 GMT
        Subject: CN=176ee3af6dd4ef7222692f0a2f4b285471588369
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:54:fe:d9:8c:4f:82:b0:7e:2a:84:85:16:56:
                    4b:0d:0f:8f:7d:bc:21:e0:1f:35:53:f2:04:2c:5c:
                    b5:2b:59:b8:a5:23:83:f3:a7:1f:8a:7e:c3:cd:10:
                    5c:1f:70:bf:08:42:95:ff:a7:34:3d:cb:93:92:92:
                    5d:06:6a:7d:2d:4e:9a:f4:d6:2b:e9:78:ca:89:51:
                    fb:cd:9f:47:f2:bf:49:fe:06:fd:c1:68:ef:ec:11:
                    ef:17:5d:4f:4d:7d:0b:4a:d2:b7:f6:9a:f4:ca:97:
                    d2:67:d1:ac:a8:cb:c9:c1:dd:83:ce:1c:86:5f:66:
                    d0:91:f2:36:1b:d6:63:b6:71:e9:76:c7:d4:ec:29:
                    fe:c9:ed:3a:a9:7e:9a:a1:69:7e:30:5f:d6:dc:b7:
                    a5:24:8e:4f:ff:f8:8d:74:e3:6d:48:4e:cb:90:8a:
                    f0:76:31:dc:c8:73:0a:5d:3d:1c:94:21:aa:39:d8:
                    9a:e4:f6:e4:7f:b0:63:f2:0f:c3:aa:65:84:57:76:
                    bc:d6:a6:a5:7b:9c:26:0d:ef:7c:db:62:f6:66:65:
                    fa:11:39:36:72:97:fb:55:82:f0:a3:75:7e:d0:be:
                    db:b2:93:36:68:ea:82:04:24:26:76:b2:51:3d:a1:
                    37:6b:b8:1d:a9:be:fb:d7:6c:23:d0:c2:74:87:52:
                    45:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:6E:E3:AF:6D:D4:EF:72:22:69:2F:0A:2F:4B:28:54:71:58:83:69
            X509v3 Authority Key Identifier:
                keyid:EC:F5:D5:12:F9:10:44:B7:86:A1:55:89:A6:24:A8:D8:CB:92:9E:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7PXVEvkQRLeGoVWJpiSo2MuSnkg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:cd:08:51:9d:8d:24:14:91:12:f8:65:f3:4e:be:41:1c:ab:
         f1:fd:c8:f0:99:58:b1:be:79:2f:b2:98:3b:47:a4:37:f0:29:
         38:86:d0:4b:e0:78:18:9e:e6:8b:30:93:02:11:8d:e6:ac:96:
         9c:8d:c9:e2:ca:3b:9e:6e:27:27:61:0d:59:37:3c:3f:f1:8f:
         6d:06:ce:8b:68:54:f1:87:03:2b:5f:2e:da:14:2a:1f:e1:3c:
         03:b1:a7:ce:bc:a0:ac:c0:99:13:33:0e:1d:57:4a:fd:65:b9:
         8f:b2:0d:9a:9d:88:cb:e6:08:5b:84:d5:1a:49:f0:51:26:e5:
         f0:96:01:51:be:f8:e9:6e:fd:a1:0d:b2:f8:60:10:59:26:8a:
         ce:35:63:f8:bc:bc:36:88:93:e1:fd:9b:37:87:d1:56:95:c0:
         f5:e0:71:e6:0d:b0:c4:38:25:e1:e2:95:f1:c6:97:c4:56:24:
         ab:08:35:2b:51:c7:47:68:26:d2:ed:9e:89:20:9c:c1:be:9d:
         9b:f4:08:5b:79:24:38:0a:2f:a6:33:b5:5b:6c:6a:da:d4:8b:
         ca:90:37:92:b3:e3:b2:3b:b2:6f:5e:33:ab:ab:ba:f5:12:f0:
         51:35:2f:db:5e:a6:95:5c:5f:f0:88:a8:8f:33:c1:17:7f:88:
         5c:a0:0b:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuFU4SbyKWLM04uW3n6JeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjZjVkNTEyZjkxMDQ0Yjc4NmExNTU4OWE2MjRhOGQ4Y2I5
MjllNDgwHhcNMjUxMTExMDcwMTM3WhcNMjUxMTEyMDcwMTM3WjAzMTEwLwYDVQQD
EygxNzZlZTNhZjZkZDRlZjcyMjI2OTJmMGEyZjRiMjg1NDcxNTg4MzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFT+2YxPgrB+KoSFFlZLDQ+Pfbwh
4B81U/IELFy1K1m4pSOD86cfin7DzRBcH3C/CEKV/6c0PcuTkpJdBmp9LU6a9NYr
6XjKiVH7zZ9H8r9J/gb9wWjv7BHvF11PTX0LStK39pr0ypfSZ9GsqMvJwd2DzhyG
X2bQkfI2G9ZjtnHpdsfU7Cn+ye06qX6aoWl+MF/W3LelJI5P//iNdONtSE7LkIrw
djHcyHMKXT0clCGqOdia5Pbkf7Bj8g/DqmWEV3a81qale5wmDe9822L2ZmX6ETk2
cpf7VYLwo3V+0L7bspM2aOqCBCQmdrJRPaE3a7gdqb7712wj0MJ0h1JFLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBdu469t1O9yImkvCi9LKFRxWINpMB8GA1UdIwQY
MBaAFOz11RL5EES3hqFViaYkqNjLkp5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1BYVkV2a1FSTGVHb1ZXSnBpU28yTXVTbmtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zZDRkZmEtZmU0YS00NTYzLThjYmUt
YzE0ODFkZjdkYTQxLzEvN1BYVkV2a1FSTGVHb1ZXSnBpU28yTXVTbmtnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zZDRkZmEtZmU0YS00NTYzLThjYmUtYzE0ODFkZjdkYTQx
LzEvN1BYVkV2a1FSTGVHb1ZXSnBpU28yTXVTbmtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcs0IUZ2N
JBSREvhl806+QRyr8f3I8JlYsb55L7KYO0ekN/ApOIbQS+B4GJ7mizCTAhGN5qyW
nI3J4so7nm4nJ2ENWTc8P/GPbQbOi2hU8YcDK18u2hQqH+E8A7GnzrygrMCZEzMO
HVdK/WW5j7INmp2Iy+YIW4TVGknwUSbl8JYBUb746W79oQ2y+GAQWSaKzjVj+Ly8
NoiT4f2bN4fRVpXA9eBx5g2wxDgl4eKV8caXxFYkqwg1K1HHR2gm0u2eiSCcwb6d
m/QIW3kkOAovpjO1W2xq2tSLypA3krPjsjuyb14zq6u69RLwUTUv216mlVxf8Iio
jzPBF3+IXKAL3g==
-----END CERTIFICATE-----