Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.mft
File:                     XHOCiOHdRuIcmgORGXJEtHjQqyY.mft (raw, json)
Hash identifier:          1Zj4PybSepiIq/XljIHSuSc+gs0QcYqqpFRvYF/NeO0=
Subject key identifier:   B0:2E:EA:F2:37:3D:60:72:B7:30:52:73:7E:8E:91:39:86:0F:48:8B
Authority key identifier: 5C:73:82:88:E1:DD:46:E2:1C:9A:03:91:19:72:44:B4:78:D0:AB:26
Certificate issuer:       /CN=5c738288e1dd46e21c9a0391197244b478d0ab26
Certificate serial:       019A71B9182620563161707F6E0314883985
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XHOCiOHdRuIcmgORGXJEtHjQqyY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 07:02:26 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:26 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:26 +0000
Files and hashes:         1: XHOCiOHdRuIcmgORGXJEtHjQqyY.crl (hash: yjoK+vR1hvhAtQ3KEv3flbji7oKxQPBybdBfThyzkKs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XHOCiOHdRuIcmgORGXJEtHjQqyY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:18:26:20:56:31:61:70:7f:6e:03:14:88:39:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c738288e1dd46e21c9a0391197244b478d0ab26
        Validity
            Not Before: Nov 11 07:02:26 2025 GMT
            Not After : Nov 12 07:02:26 2025 GMT
        Subject: CN=b02eeaf2373d6072b73052737e8e9139860f488b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:19:24:9f:ed:5d:ce:c8:c5:cb:96:42:c9:a0:
                    12:6e:af:af:7b:08:ad:ee:68:51:d2:9c:ee:74:e3:
                    1e:47:9d:54:83:f1:da:a9:6b:00:f2:fc:f7:71:06:
                    27:99:99:bc:7d:25:f8:3d:a6:d0:a5:e7:97:a0:40:
                    63:5a:61:da:59:73:79:be:5e:41:05:f0:97:32:60:
                    b6:b3:58:ac:40:98:36:20:a6:10:27:bf:08:e8:7a:
                    5f:b3:23:6f:31:be:07:ff:45:a7:a5:ff:0c:83:5e:
                    1e:b1:f4:41:8a:7e:0d:7d:36:ae:4d:94:34:4c:6b:
                    e1:f3:c7:85:6d:4e:9c:b7:94:2e:26:04:a7:68:40:
                    83:95:9e:19:39:1e:e6:e3:d8:a7:70:7a:00:e9:af:
                    f5:ec:09:92:71:63:7d:7b:02:e5:32:8a:1e:ab:09:
                    3a:fd:b5:e5:a4:b4:3a:f8:8d:6d:fb:04:09:45:e8:
                    ec:c0:ca:98:b0:82:0b:ac:79:e6:e2:b1:ce:5f:aa:
                    02:51:21:04:5c:c8:a7:73:74:13:b9:cc:0b:0e:e5:
                    3c:e8:61:0d:a5:c7:29:08:c4:36:43:d7:ad:69:09:
                    59:79:7b:1f:a1:d7:cf:ef:b3:3a:36:c5:fe:27:e3:
                    e6:9f:c7:48:aa:14:cb:d4:02:44:39:4f:fb:cc:67:
                    13:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:2E:EA:F2:37:3D:60:72:B7:30:52:73:7E:8E:91:39:86:0F:48:8B
            X509v3 Authority Key Identifier:
                keyid:5C:73:82:88:E1:DD:46:E2:1C:9A:03:91:19:72:44:B4:78:D0:AB:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XHOCiOHdRuIcmgORGXJEtHjQqyY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:a5:c8:1b:39:17:a4:8b:da:61:19:66:9b:67:58:ad:45:d7:
         d9:4c:2d:64:0c:14:f7:ad:6d:85:22:76:c7:33:33:6e:6c:45:
         82:fc:4c:85:40:89:5b:4c:cc:67:92:1b:ff:96:33:f4:ce:10:
         b1:d2:75:70:d1:49:cb:28:c4:7e:67:0b:dd:84:eb:2c:d1:24:
         09:ec:40:15:61:66:79:c1:17:6e:a5:f9:23:4d:01:f4:c6:80:
         e1:36:f1:3a:6e:90:48:48:cc:70:7f:5b:59:3b:37:f3:fd:68:
         9a:bc:bb:e7:dd:8a:98:1b:16:b5:7f:c5:2c:54:43:e3:0a:fb:
         07:4f:64:cc:74:ec:c5:5c:e9:71:67:bd:14:0d:df:2d:a1:1c:
         9b:d1:7f:ba:bc:93:f6:44:2b:cc:6b:e1:20:35:c6:6f:b2:eb:
         f1:98:66:1b:76:b9:56:19:3e:d2:68:f7:80:47:06:e9:5f:cb:
         0c:9d:b8:b2:4e:95:6b:d0:b5:2a:08:cc:37:37:08:a3:b4:c3:
         70:ab:68:eb:64:33:2f:09:84:2d:c9:09:17:09:be:a0:cd:30:
         1d:ad:9f:39:37:13:aa:f3:c8:93:cd:3c:a0:32:d7:ad:84:50:
         15:a2:f7:54:fb:88:7b:b7:1f:86:57:d5:9d:18:ea:b1:c5:46:
         d3:fe:f9:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuRgmIFYxYXB/bgMUiDmFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNzM4Mjg4ZTFkZDQ2ZTIxYzlhMDM5MTE5NzI0NGI0Nzhk
MGFiMjYwHhcNMjUxMTExMDcwMjI2WhcNMjUxMTEyMDcwMjI2WjAzMTEwLwYDVQQD
EyhiMDJlZWFmMjM3M2Q2MDcyYjczMDUyNzM3ZThlOTEzOTg2MGY0ODhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRkkn+1dzsjFy5ZCyaASbq+vewit
7mhR0pzudOMeR51Ug/HaqWsA8vz3cQYnmZm8fSX4PabQpeeXoEBjWmHaWXN5vl5B
BfCXMmC2s1isQJg2IKYQJ78I6HpfsyNvMb4H/0Wnpf8Mg14esfRBin4NfTauTZQ0
TGvh88eFbU6ct5QuJgSnaECDlZ4ZOR7m49incHoA6a/17AmScWN9ewLlMooeqwk6
/bXlpLQ6+I1t+wQJRejswMqYsIILrHnm4rHOX6oCUSEEXMinc3QTucwLDuU86GEN
pccpCMQ2Q9etaQlZeXsfodfP77M6NsX+J+Pmn8dIqhTL1AJEOU/7zGcTTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLAu6vI3PWBytzBSc36OkTmGD0iLMB8GA1UdIwQY
MBaAFFxzgojh3UbiHJoDkRlyRLR40KsmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEhPQ2lPSGRSdUljbWdPUkdYSkV0SGpRcXlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9lMzUxMjEtOWQxNi00YTI2LWE3Yjct
NTAxNDBjNjgxYWNhLzEvWEhPQ2lPSGRSdUljbWdPUkdYSkV0SGpRcXlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9lMzUxMjEtOWQxNi00YTI2LWE3YjctNTAxNDBjNjgxYWNh
LzEvWEhPQ2lPSGRSdUljbWdPUkdYSkV0SGpRcXlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg6XIGzkX
pIvaYRlmm2dYrUXX2UwtZAwU961thSJ2xzMzbmxFgvxMhUCJW0zMZ5Ib/5Yz9M4Q
sdJ1cNFJyyjEfmcL3YTrLNEkCexAFWFmecEXbqX5I00B9MaA4TbxOm6QSEjMcH9b
WTs38/1omry7592KmBsWtX/FLFRD4wr7B09kzHTsxVzpcWe9FA3fLaEcm9F/uryT
9kQrzGvhIDXGb7Lr8ZhmG3a5Vhk+0mj3gEcG6V/LDJ24sk6Va9C1KgjMNzcIo7TD
cKto62QzLwmELckJFwm+oM0wHa2fOTcTqvPIk808oDLXrYRQFaL3VPuIe7cfhlfV
nRjqscVG0/75MA==
-----END CERTIFICATE-----