Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/439275-30bf-4f61-b4d5-80930b284a69/1/ROzt5-D_vTCKy5ESE2jfjWyy6WE.mft
File:                     ROzt5-D_vTCKy5ESE2jfjWyy6WE.mft (raw, json)
Hash identifier:          ptfZGAJRgV3r8AqWbkL/1qvxzP3GcrpYzH2MKt6WEiw=
Subject key identifier:   35:E2:88:3B:41:1B:AB:15:3D:2A:98:CD:1A:17:5C:46:22:DB:98:E4
Authority key identifier: 44:EC:ED:E7:E0:FF:BD:30:8A:CB:91:12:13:68:DF:8D:6C:B2:E9:61
Certificate issuer:       /CN=44ecede7e0ffbd308acb91121368df8d6cb2e961
Certificate serial:       019A7225F9FBBF181E4AC356F900A93805FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ROzt5-D_vTCKy5ESE2jfjWyy6WE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/439275-30bf-4f61-b4d5-80930b284a69/1/ROzt5-D_vTCKy5ESE2jfjWyy6WE.mft
Manifest number:          171D
Signing time:             Tue 11 Nov 2025 09:01:22 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:22 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:22 +0000
Files and hashes:         1: ROzt5-D_vTCKy5ESE2jfjWyy6WE.crl (hash: 4tJ77rK0YOS4BlGaG9TEnWgPHOe+TiNFdsTEILwnNVM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/439275-30bf-4f61-b4d5-80930b284a69/1/ROzt5-D_vTCKy5ESE2jfjWyy6WE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/439275-30bf-4f61-b4d5-80930b284a69/1/ROzt5-D_vTCKy5ESE2jfjWyy6WE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ROzt5-D_vTCKy5ESE2jfjWyy6WE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:f9:fb:bf:18:1e:4a:c3:56:f9:00:a9:38:05:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44ecede7e0ffbd308acb91121368df8d6cb2e961
        Validity
            Not Before: Nov 11 09:01:22 2025 GMT
            Not After : Nov 12 09:01:22 2025 GMT
        Subject: CN=35e2883b411bab153d2a98cd1a175c4622db98e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:fe:db:36:d1:8e:ba:00:ed:56:67:cd:84:34:
                    58:d9:2a:ed:dd:ff:cf:a5:dc:07:a6:1e:ff:ef:7a:
                    44:31:1e:b1:54:d0:1e:5f:00:60:c0:ab:c7:b6:6d:
                    fc:21:c1:5b:cd:ea:0b:49:8d:40:7b:3e:f6:9c:2f:
                    e2:31:c0:a1:d1:80:eb:c6:b4:17:4f:c7:e9:5e:43:
                    11:9f:ea:d0:d5:59:72:12:7c:d0:97:b7:e9:3b:f9:
                    b4:f5:9d:65:36:1b:42:86:0e:4b:95:e9:8f:6d:8b:
                    ea:ea:bc:bc:ee:6a:9f:78:62:c7:ad:f4:7c:23:66:
                    8e:ca:c6:e9:50:ab:c3:4c:8b:9b:fa:87:f1:89:4c:
                    67:d0:a2:a0:a9:02:e5:32:13:03:c2:d6:6e:62:da:
                    00:c3:4c:f4:7c:ed:74:c4:31:bf:5e:ca:db:ed:ad:
                    be:1c:6c:fe:13:3a:3d:83:57:e7:e2:db:ff:62:1b:
                    40:7e:51:3a:20:48:83:d9:5b:28:cb:ed:bd:2e:cf:
                    a1:45:30:7b:32:e3:38:c6:a1:d8:49:09:ec:d3:dc:
                    ec:55:45:ce:6b:66:99:85:08:fd:c3:bf:94:97:64:
                    07:05:96:aa:4f:7f:c5:84:f3:67:3d:c5:25:e4:06:
                    1b:ab:54:7b:8a:ac:48:ae:1f:09:38:24:08:99:0a:
                    21:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:E2:88:3B:41:1B:AB:15:3D:2A:98:CD:1A:17:5C:46:22:DB:98:E4
            X509v3 Authority Key Identifier:
                keyid:44:EC:ED:E7:E0:FF:BD:30:8A:CB:91:12:13:68:DF:8D:6C:B2:E9:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ROzt5-D_vTCKy5ESE2jfjWyy6WE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/439275-30bf-4f61-b4d5-80930b284a69/1/ROzt5-D_vTCKy5ESE2jfjWyy6WE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/439275-30bf-4f61-b4d5-80930b284a69/1/ROzt5-D_vTCKy5ESE2jfjWyy6WE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:c9:3f:0b:d0:ae:d0:d8:38:56:1a:4e:c1:e1:73:1a:98:e5:
         d0:29:34:44:dd:2f:66:2e:55:a0:4a:6a:82:90:fb:85:55:13:
         fa:9e:82:19:d1:d1:cd:64:c3:4f:d0:a2:e2:e8:8b:76:9a:25:
         ab:a0:13:b5:91:97:29:f6:0a:83:4e:1b:08:a2:a8:1b:1b:1f:
         29:21:f6:ce:51:c3:68:57:fe:25:a0:1a:a9:99:bf:05:7a:bb:
         8a:aa:24:57:7e:be:04:6a:2f:2e:53:db:c1:ef:95:8d:d0:ad:
         7c:c2:55:c2:5e:1f:d9:d3:13:0d:d8:0e:61:84:54:be:82:22:
         d6:32:47:46:41:f1:f4:bc:50:df:2f:3c:75:0f:95:d0:e8:ab:
         a1:56:4a:c4:31:6b:3f:c5:e0:ee:c6:df:7a:5b:4b:b8:09:2e:
         4b:9f:80:e6:67:39:e9:75:a3:0f:a7:df:1e:f7:31:ce:ab:79:
         aa:cf:30:15:ac:83:7f:9a:2b:96:0f:ff:09:9f:27:ce:6a:86:
         da:b3:21:01:68:0d:74:f3:5b:3f:dc:05:89:73:77:de:7e:88:
         5c:8f:f0:5e:da:43:df:c5:94:da:02:f2:92:f9:91:b6:4e:a2:
         ed:47:eb:3c:66:a3:39:af:d6:6b:b5:2b:a2:4a:56:f6:15:07:
         4c:2c:a1:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJfn7vxgeSsNW+QCpOAX6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZWNlZGU3ZTBmZmJkMzA4YWNiOTExMjEzNjhkZjhkNmNi
MmU5NjEwHhcNMjUxMTExMDkwMTIyWhcNMjUxMTEyMDkwMTIyWjAzMTEwLwYDVQQD
EygzNWUyODgzYjQxMWJhYjE1M2QyYTk4Y2QxYTE3NWM0NjIyZGI5OGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3v7bNtGOugDtVmfNhDRY2Srt3f/P
pdwHph7/73pEMR6xVNAeXwBgwKvHtm38IcFbzeoLSY1Aez72nC/iMcCh0YDrxrQX
T8fpXkMRn+rQ1VlyEnzQl7fpO/m09Z1lNhtChg5LlemPbYvq6ry87mqfeGLHrfR8
I2aOysbpUKvDTIub+ofxiUxn0KKgqQLlMhMDwtZuYtoAw0z0fO10xDG/Xsrb7a2+
HGz+Ezo9g1fn4tv/YhtAflE6IEiD2Vsoy+29Ls+hRTB7MuM4xqHYSQns09zsVUXO
a2aZhQj9w7+Ul2QHBZaqT3/FhPNnPcUl5AYbq1R7iqxIrh8JOCQImQohkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDXiiDtBG6sVPSqYzRoXXEYi25jkMB8GA1UdIwQY
MBaAFETs7efg/70wisuREhNo341ssulhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk96dDUtRF92VENLeTVFU0UyamZqV3l5NldFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy80MzkyNzUtMzBiZi00ZjYxLWI0ZDUt
ODA5MzBiMjg0YTY5LzEvUk96dDUtRF92VENLeTVFU0UyamZqV3l5NldFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy80MzkyNzUtMzBiZi00ZjYxLWI0ZDUtODA5MzBiMjg0YTY5
LzEvUk96dDUtRF92VENLeTVFU0UyamZqV3l5NldFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV8k/C9Cu
0Ng4VhpOweFzGpjl0Ck0RN0vZi5VoEpqgpD7hVUT+p6CGdHRzWTDT9Ci4uiLdpol
q6ATtZGXKfYKg04bCKKoGxsfKSH2zlHDaFf+JaAaqZm/BXq7iqokV36+BGovLlPb
we+VjdCtfMJVwl4f2dMTDdgOYYRUvoIi1jJHRkHx9LxQ3y88dQ+V0OiroVZKxDFr
P8Xg7sbfeltLuAkuS5+A5mc56XWjD6ffHvcxzqt5qs8wFayDf5orlg//CZ8nzmqG
2rMhAWgNdPNbP9wFiXN33n6IXI/wXtpD38WU2gLykvmRtk6i7UfrPGajOa/Wa7Ur
okpW9hUHTCyhWw==
-----END CERTIFICATE-----