Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/b5f591-d5ea-47e2-9e69-04d12f2d070a/1/wtVzsWdwcfL9bUS4QBthISBZjM8.mft
File:                     wtVzsWdwcfL9bUS4QBthISBZjM8.mft (raw, json)
Hash identifier:          jEe/i4S2A9I5foj7swmQF9Gr3F8V0ePTNWBpmicHsLo=
Subject key identifier:   51:F9:9D:D9:3E:86:2D:BF:3D:8A:69:0F:52:FD:87:F5:E0:81:F2:FE
Authority key identifier: C2:D5:73:B1:67:70:71:F2:FD:6D:44:B8:40:1B:61:21:20:59:8C:CF
Certificate issuer:       /CN=c2d573b1677071f2fd6d44b8401b612120598ccf
Certificate serial:       019A71B91A78059EF05A1C66EBC963A3A7F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wtVzsWdwcfL9bUS4QBthISBZjM8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/b5f591-d5ea-47e2-9e69-04d12f2d070a/1/wtVzsWdwcfL9bUS4QBthISBZjM8.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 07:02:27 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:27 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:27 +0000
Files and hashes:         1: wtVzsWdwcfL9bUS4QBthISBZjM8.crl (hash: Qrb6YPmac/9BayXQCx+cdT68FqfXGQQ3I6tdGDt4Hho=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/b5f591-d5ea-47e2-9e69-04d12f2d070a/1/wtVzsWdwcfL9bUS4QBthISBZjM8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/b5f591-d5ea-47e2-9e69-04d12f2d070a/1/wtVzsWdwcfL9bUS4QBthISBZjM8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wtVzsWdwcfL9bUS4QBthISBZjM8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:1a:78:05:9e:f0:5a:1c:66:eb:c9:63:a3:a7:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2d573b1677071f2fd6d44b8401b612120598ccf
        Validity
            Not Before: Nov 11 07:02:27 2025 GMT
            Not After : Nov 12 07:02:27 2025 GMT
        Subject: CN=51f99dd93e862dbf3d8a690f52fd87f5e081f2fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:57:0d:3f:50:b7:d6:2b:5c:a5:16:72:26:8b:
                    32:ce:6a:47:09:85:11:cd:91:a2:2f:e0:36:28:00:
                    c8:b9:37:33:49:e9:c9:63:57:a7:df:68:0b:31:6a:
                    c3:f0:ca:c6:ba:6d:80:cf:87:7a:34:49:a2:a5:25:
                    0a:89:a3:77:32:f5:de:4d:4c:53:cc:0a:b2:4b:d4:
                    35:1f:89:18:74:75:2c:4e:5d:f6:b0:a2:a2:58:3b:
                    e1:48:25:a5:d5:b7:0f:65:5e:bd:12:78:78:d7:ff:
                    39:0d:22:ce:42:2a:0a:10:8e:06:ee:f9:9a:96:d8:
                    4c:a2:42:12:85:85:5e:b3:bd:31:04:40:63:d0:17:
                    85:37:00:0a:04:2c:55:7c:be:80:b3:be:4f:56:8f:
                    c4:ed:68:bd:2f:f6:7c:f0:f2:8d:9c:b4:c9:68:49:
                    d1:97:10:fd:f2:22:cf:0f:6f:c3:af:e7:86:05:97:
                    83:57:d7:04:d1:9f:a5:02:61:05:04:ee:61:e8:45:
                    72:bb:63:02:6a:fc:21:41:25:c6:6b:5f:31:fa:03:
                    0c:7a:f2:2e:54:66:1e:ec:a0:af:77:3c:6d:38:d0:
                    1d:b3:74:91:ee:e5:a7:3c:6f:80:df:a7:95:c8:00:
                    b7:dd:b8:7f:1a:44:83:33:24:34:45:65:6f:89:c0:
                    bf:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:F9:9D:D9:3E:86:2D:BF:3D:8A:69:0F:52:FD:87:F5:E0:81:F2:FE
            X509v3 Authority Key Identifier:
                keyid:C2:D5:73:B1:67:70:71:F2:FD:6D:44:B8:40:1B:61:21:20:59:8C:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtVzsWdwcfL9bUS4QBthISBZjM8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/b5f591-d5ea-47e2-9e69-04d12f2d070a/1/wtVzsWdwcfL9bUS4QBthISBZjM8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/b5f591-d5ea-47e2-9e69-04d12f2d070a/1/wtVzsWdwcfL9bUS4QBthISBZjM8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:40:f1:a8:56:30:cf:42:92:f0:05:b6:b4:1f:6e:70:9a:98:
         04:86:e6:77:6a:c4:98:21:22:0c:ca:e6:60:2a:cc:28:3d:c0:
         24:b6:8f:f7:61:12:47:ad:68:f7:6a:11:76:7d:d4:de:46:8f:
         9b:8e:72:14:12:13:c4:51:1a:88:45:da:0e:0d:c0:2c:35:f7:
         23:0b:50:0d:0f:95:04:48:a6:cd:21:13:52:27:f7:d8:e8:de:
         7f:de:19:4f:a6:58:ff:73:ec:81:9e:50:ac:6f:66:d0:83:5f:
         79:3c:fb:a2:72:c4:38:63:12:fa:b6:23:14:0f:08:16:5f:6d:
         8b:f6:42:84:9f:36:ca:de:8b:61:ee:37:01:93:68:f4:27:9f:
         2e:81:8d:ab:7f:3f:6b:57:7e:03:eb:d5:fa:d1:8f:72:fd:0a:
         19:17:75:f3:c6:a2:13:53:32:a5:f1:3d:0a:09:77:44:29:40:
         49:d6:bf:0a:0a:b8:52:79:30:7b:90:3e:f2:d6:ae:30:a6:74:
         9b:e7:ed:a7:67:38:df:fc:4b:8e:b0:c8:5a:05:89:ad:da:9e:
         04:9f:e5:72:a3:4f:bf:6c:15:d5:d9:01:5f:72:8e:54:66:ef:
         e0:44:dd:33:25:7c:f8:5b:1c:0c:d5:5e:22:3e:5f:bc:36:e8:
         0e:71:63:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuRp4BZ7wWhxm68ljo6fwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDU3M2IxNjc3MDcxZjJmZDZkNDRiODQwMWI2MTIxMjA1
OThjY2YwHhcNMjUxMTExMDcwMjI3WhcNMjUxMTEyMDcwMjI3WjAzMTEwLwYDVQQD
Eyg1MWY5OWRkOTNlODYyZGJmM2Q4YTY5MGY1MmZkODdmNWUwODFmMmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFcNP1C31itcpRZyJosyzmpHCYUR
zZGiL+A2KADIuTczSenJY1en32gLMWrD8MrGum2Az4d6NEmipSUKiaN3MvXeTUxT
zAqyS9Q1H4kYdHUsTl32sKKiWDvhSCWl1bcPZV69Enh41/85DSLOQioKEI4G7vma
lthMokIShYVes70xBEBj0BeFNwAKBCxVfL6As75PVo/E7Wi9L/Z88PKNnLTJaEnR
lxD98iLPD2/Dr+eGBZeDV9cE0Z+lAmEFBO5h6EVyu2MCavwhQSXGa18x+gMMevIu
VGYe7KCvdzxtONAds3SR7uWnPG+A36eVyAC33bh/GkSDMyQ0RWVvicC/aQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFH5ndk+hi2/PYppD1L9h/XggfL+MB8GA1UdIwQY
MBaAFMLVc7FncHHy/W1EuEAbYSEgWYzPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3RWenNXZHdjZkw5YlVTNFFCdGhJU0Jaak04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9iNWY1OTEtZDVlYS00N2UyLTllNjkt
MDRkMTJmMmQwNzBhLzEvd3RWenNXZHdjZkw5YlVTNFFCdGhJU0Jaak04Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9iNWY1OTEtZDVlYS00N2UyLTllNjktMDRkMTJmMmQwNzBh
LzEvd3RWenNXZHdjZkw5YlVTNFFCdGhJU0Jaak04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXEDxqFYw
z0KS8AW2tB9ucJqYBIbmd2rEmCEiDMrmYCrMKD3AJLaP92ESR61o92oRdn3U3kaP
m45yFBITxFEaiEXaDg3ALDX3IwtQDQ+VBEimzSETUif32Ojef94ZT6ZY/3PsgZ5Q
rG9m0INfeTz7onLEOGMS+rYjFA8IFl9ti/ZChJ82yt6LYe43AZNo9CefLoGNq38/
a1d+A+vV+tGPcv0KGRd188aiE1MypfE9Cgl3RClASda/Cgq4Unkwe5A+8tauMKZ0
m+ftp2c43/xLjrDIWgWJrdqeBJ/lcqNPv2wV1dkBX3KOVGbv4ETdMyV8+FscDNVe
Ij5fvDboDnFjAw==
-----END CERTIFICATE-----