Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft
File:                     ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft (raw, json)
Hash identifier:          dETXh+6Bb7mQ08VbJg7J7TchlZa+ShXPDWHak8Yt524=
Subject key identifier:   37:5B:72:B9:CC:72:7A:56:95:9C:81:82:F4:0F:59:B8:34:42:74:73
Authority key identifier: B9:F1:D5:B0:6F:57:01:55:5F:F5:88:81:54:DD:14:1B:48:89:61:17
Certificate issuer:       /CN=b9f1d5b06f5701555ff5888154dd141b48896117
Certificate serial:       019A71B943F5E35402A03BD5F97F899886AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft
Manifest number:          1736
Signing time:             Tue 11 Nov 2025 07:02:38 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:38 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:38 +0000
Files and hashes:         1: ufHVsG9XAVVf9YiBVN0UG0iJYRc.crl (hash: zPS7H/BsWz6DkY/5frO7unqCy/I4gsX+k1PqA/NoPiM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:43:f5:e3:54:02:a0:3b:d5:f9:7f:89:98:86:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9f1d5b06f5701555ff5888154dd141b48896117
        Validity
            Not Before: Nov 11 07:02:38 2025 GMT
            Not After : Nov 12 07:02:38 2025 GMT
        Subject: CN=375b72b9cc727a56959c8182f40f59b834427473
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:bc:2a:a4:be:48:fa:04:cd:27:08:45:03:3a:
                    4d:06:2b:8f:ad:01:d3:ba:9a:90:4a:38:bf:14:58:
                    a5:54:d1:8c:b8:60:93:57:3a:c9:85:18:86:e1:06:
                    71:5b:a2:3a:7a:9e:c4:e4:1b:4c:70:e5:92:7e:36:
                    88:a0:e1:fd:42:6c:34:c9:e6:d5:9b:39:0c:30:fc:
                    be:bc:20:13:be:2c:34:55:e2:d9:95:ee:bf:e8:26:
                    f5:18:12:56:8b:a9:a0:10:92:2a:a9:59:31:3f:06:
                    1c:03:ca:eb:18:d4:67:d6:38:2a:0a:80:f1:21:c2:
                    8f:73:d7:4e:36:d8:c9:1e:d4:da:3a:cf:5d:1f:b2:
                    0e:e6:eb:54:34:f3:47:b7:a6:ca:22:ce:f8:39:3f:
                    70:85:25:86:98:e5:f2:b2:83:ef:76:29:ef:e5:56:
                    75:37:a0:60:36:1a:d4:44:7b:da:aa:4a:11:c7:5d:
                    26:b7:b3:9b:08:fc:e8:6c:68:73:98:e4:cc:01:de:
                    3d:de:b6:36:61:9f:5a:55:5e:fb:57:66:2a:44:2b:
                    be:f9:23:5e:b3:e1:d4:a5:eb:23:81:b8:a9:25:db:
                    d2:61:f9:9f:a5:ba:f1:71:44:93:91:44:b2:66:be:
                    2d:b1:03:9b:4f:3f:66:26:53:c4:c2:5b:1a:ee:14:
                    52:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:5B:72:B9:CC:72:7A:56:95:9C:81:82:F4:0F:59:B8:34:42:74:73
            X509v3 Authority Key Identifier:
                keyid:B9:F1:D5:B0:6F:57:01:55:5F:F5:88:81:54:DD:14:1B:48:89:61:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:bc:31:7f:80:f1:19:b0:38:bc:03:40:d7:9a:69:cd:10:04:
         82:10:61:a6:20:a9:f3:8b:e6:77:aa:7f:97:b0:5a:a3:53:8e:
         87:ba:fe:fd:e1:bc:f9:56:2b:85:bc:c9:05:1e:9d:d7:86:14:
         ae:3c:14:32:34:79:b3:6b:62:24:46:00:fe:38:3a:34:d4:ff:
         b6:fe:26:6f:a4:f4:f8:8f:29:0f:0c:8d:58:0b:89:9d:f5:65:
         2a:8f:8f:d1:c5:dc:e2:78:2e:f8:b8:09:60:31:ae:e6:7f:19:
         bb:9d:67:19:61:e0:ac:d4:ac:0d:54:e2:1a:f0:2b:1f:db:35:
         b9:14:e9:96:92:45:58:6b:f5:33:bb:b8:50:1b:ff:c6:dd:66:
         10:61:fb:40:73:70:4b:7f:b5:2f:7a:42:35:43:20:f9:20:15:
         7c:46:81:81:e7:51:92:8e:f8:44:08:5b:8c:75:cd:79:d9:64:
         99:20:e3:93:81:57:02:d1:fc:ae:10:00:c3:99:a0:8e:27:08:
         55:96:48:db:f7:72:c9:ea:e6:6a:12:4a:ef:fe:78:90:8e:5b:
         f8:ca:30:27:5c:cd:9f:c4:42:de:f6:8d:ca:fd:46:7f:6b:37:
         e6:65:b9:66:ed:9a:87:c0:a5:db:76:c3:60:53:cf:74:1f:c7:
         0e:d6:6d:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuUP141QCoDvV+X+JmIasMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZjFkNWIwNmY1NzAxNTU1ZmY1ODg4MTU0ZGQxNDFiNDg4
OTYxMTcwHhcNMjUxMTExMDcwMjM4WhcNMjUxMTEyMDcwMjM4WjAzMTEwLwYDVQQD
EygzNzViNzJiOWNjNzI3YTU2OTU5YzgxODJmNDBmNTliODM0NDI3NDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrwqpL5I+gTNJwhFAzpNBiuPrQHT
upqQSji/FFilVNGMuGCTVzrJhRiG4QZxW6I6ep7E5BtMcOWSfjaIoOH9Qmw0yebV
mzkMMPy+vCATviw0VeLZle6/6Cb1GBJWi6mgEJIqqVkxPwYcA8rrGNRn1jgqCoDx
IcKPc9dONtjJHtTaOs9dH7IO5utUNPNHt6bKIs74OT9whSWGmOXysoPvdinv5VZ1
N6BgNhrURHvaqkoRx10mt7ObCPzobGhzmOTMAd493rY2YZ9aVV77V2YqRCu++SNe
s+HUpesjgbipJdvSYfmfpbrxcUSTkUSyZr4tsQObTz9mJlPEwlsa7hRSfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDdbcrnMcnpWlZyBgvQPWbg0QnRzMB8GA1UdIwQY
MBaAFLnx1bBvVwFVX/WIgVTdFBtIiWEXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9jYWY1ZWEtNjI2ZS00NTVhLTg3MDgt
ZjVjYThmYTcyNzBkLzEvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9jYWY1ZWEtNjI2ZS00NTVhLTg3MDgtZjVjYThmYTcyNzBk
LzEvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX7wxf4Dx
GbA4vANA15ppzRAEghBhpiCp84vmd6p/l7Bao1OOh7r+/eG8+VYrhbzJBR6d14YU
rjwUMjR5s2tiJEYA/jg6NNT/tv4mb6T0+I8pDwyNWAuJnfVlKo+P0cXc4ngu+LgJ
YDGu5n8Zu51nGWHgrNSsDVTiGvArH9s1uRTplpJFWGv1M7u4UBv/xt1mEGH7QHNw
S3+1L3pCNUMg+SAVfEaBgedRko74RAhbjHXNedlkmSDjk4FXAtH8rhAAw5mgjicI
VZZI2/dyyermahJK7/54kI5b+MowJ1zNn8RC3vaNyv1Gf2s35mW5Zu2ah8Cl23bD
YFPPdB/HDtZtCQ==
-----END CERTIFICATE-----