Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft
File:                     gEFPcG9s0sh68PYGstE3a4a1-mY.mft (raw, json)
Hash identifier:          bf+ctouC+sayjUZv5ICQEylFF13oCAqSQoAEwnz2YNU=
Subject key identifier:   D3:AF:7A:2E:BE:C8:E1:52:72:4B:37:17:9B:A9:F3:06:AD:3E:E4:52
Authority key identifier: 80:41:4F:70:6F:6C:D2:C8:7A:F0:F6:06:B2:D1:37:6B:86:B5:FA:66
Certificate issuer:       /CN=80414f706f6cd2c87af0f606b2d1376b86b5fa66
Certificate serial:       019A71B8779BBC25EC0ED7E025B9A9C5CD7A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gEFPcG9s0sh68PYGstE3a4a1-mY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft
Manifest number:          171C
Signing time:             Tue 11 Nov 2025 07:01:45 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:45 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:45 +0000
Files and hashes:         1: gEFPcG9s0sh68PYGstE3a4a1-mY.crl (hash: TVKoeFpDj29ncUfePexXx9qhAeek6SA3cXIDkbPGOzA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gEFPcG9s0sh68PYGstE3a4a1-mY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:77:9b:bc:25:ec:0e:d7:e0:25:b9:a9:c5:cd:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=80414f706f6cd2c87af0f606b2d1376b86b5fa66
        Validity
            Not Before: Nov 11 07:01:45 2025 GMT
            Not After : Nov 12 07:01:45 2025 GMT
        Subject: CN=d3af7a2ebec8e152724b37179ba9f306ad3ee452
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:c4:3d:48:d6:5e:45:a3:e7:8c:6f:1e:52:52:
                    07:4d:a9:e8:02:08:6a:a0:7e:54:fc:24:ab:b0:20:
                    2a:ff:7e:eb:4d:7d:88:9f:8f:59:e5:fe:37:f3:e6:
                    a7:63:35:9c:1e:75:05:90:6a:ea:cb:a5:76:4d:9b:
                    f4:49:62:d1:89:fe:85:5a:5e:16:68:ae:09:ce:f9:
                    b5:e0:52:dc:74:b8:a1:68:e9:71:35:0a:0c:3d:98:
                    46:9e:ff:62:06:9e:1c:df:82:b0:66:d7:c5:e8:12:
                    22:8e:d4:24:04:40:51:e4:0f:cd:05:2c:b8:65:2d:
                    e0:b6:99:24:5f:5a:a1:5b:07:6f:21:6c:37:f4:f3:
                    49:5e:f7:44:2a:fe:4a:cb:85:ab:5c:dd:b7:f8:b7:
                    80:0d:4e:8b:7f:1a:99:6f:5b:49:12:5e:c6:55:53:
                    10:02:50:fa:95:6c:c6:01:5a:a2:71:57:87:9e:cb:
                    6f:62:11:a5:1f:e3:a8:8a:d5:44:fb:0e:33:bc:86:
                    99:0e:b3:45:68:42:c4:b0:8b:e8:6c:7b:44:56:83:
                    63:6a:0e:ce:af:f1:c2:46:b5:ea:92:8b:d3:9e:a8:
                    af:92:d1:ed:cc:cb:e9:1a:b3:82:3a:a3:68:63:ee:
                    47:d2:af:ce:cc:6d:cb:43:1b:7f:eb:8a:06:f7:3c:
                    dd:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:AF:7A:2E:BE:C8:E1:52:72:4B:37:17:9B:A9:F3:06:AD:3E:E4:52
            X509v3 Authority Key Identifier:
                keyid:80:41:4F:70:6F:6C:D2:C8:7A:F0:F6:06:B2:D1:37:6B:86:B5:FA:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gEFPcG9s0sh68PYGstE3a4a1-mY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:d3:39:4c:69:2c:fc:cc:6a:41:4e:45:f3:79:9b:fb:29:0f:
         57:fd:d9:74:9a:a7:bb:99:e4:fb:d5:24:80:f8:eb:80:ad:e6:
         6a:2b:1d:c0:61:18:d7:6d:1c:7f:cc:ab:d2:41:41:2e:99:1e:
         49:5d:e2:eb:8e:4f:16:b5:75:b4:4c:16:29:55:5c:29:df:53:
         3c:fe:22:85:57:56:aa:ac:60:57:f6:7e:e1:b9:e6:ba:e1:70:
         15:ac:a4:5b:29:68:c9:e6:07:da:12:4c:74:d9:82:ed:76:c7:
         32:80:99:04:86:13:04:be:49:e9:89:6e:1a:f6:fe:26:35:78:
         4d:31:29:91:45:70:4d:aa:9f:a1:d8:82:16:68:4c:99:a8:fd:
         1f:83:87:a0:af:29:0a:fc:d3:54:da:c0:ce:a1:a3:c4:ea:ec:
         f1:be:ca:b0:e5:37:8d:b3:62:2c:23:48:4a:a9:d4:74:74:fe:
         60:3d:b6:a1:ee:2a:15:58:30:b2:7e:33:41:91:10:7a:f1:33:
         41:8c:2d:f1:15:30:5c:df:b5:8c:ac:62:08:53:2f:f5:2c:14:
         dd:1c:35:e8:55:81:4d:64:31:ba:31:e1:bc:77:05:33:0a:fc:
         d6:1f:02:34:a9:2d:6a:01:55:f9:27:67:af:1a:61:4d:44:3f:
         83:6c:b4:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuHebvCXsDtfgJbmpxc16MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNDE0ZjcwNmY2Y2QyYzg3YWYwZjYwNmIyZDEzNzZiODZi
NWZhNjYwHhcNMjUxMTExMDcwMTQ1WhcNMjUxMTEyMDcwMTQ1WjAzMTEwLwYDVQQD
EyhkM2FmN2EyZWJlYzhlMTUyNzI0YjM3MTc5YmE5ZjMwNmFkM2VlNDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8Q9SNZeRaPnjG8eUlIHTanoAghq
oH5U/CSrsCAq/37rTX2In49Z5f438+anYzWcHnUFkGrqy6V2TZv0SWLRif6FWl4W
aK4Jzvm14FLcdLihaOlxNQoMPZhGnv9iBp4c34KwZtfF6BIijtQkBEBR5A/NBSy4
ZS3gtpkkX1qhWwdvIWw39PNJXvdEKv5Ky4WrXN23+LeADU6LfxqZb1tJEl7GVVMQ
AlD6lWzGAVqicVeHnstvYhGlH+OoitVE+w4zvIaZDrNFaELEsIvobHtEVoNjag7O
r/HCRrXqkovTnqivktHtzMvpGrOCOqNoY+5H0q/OzG3LQxt/64oG9zzdYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNOvei6+yOFScks3F5up8watPuRSMB8GA1UdIwQY
MBaAFIBBT3BvbNLIevD2BrLRN2uGtfpmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0VGUGNHOXMwc2g2OFBZR3N0RTNhNGExLW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy84MWU1YmQtZjdhYi00Mjg3LWJiYjUt
NmQ4NTZmODRhODEzLzEvZ0VGUGNHOXMwc2g2OFBZR3N0RTNhNGExLW1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy84MWU1YmQtZjdhYi00Mjg3LWJiYjUtNmQ4NTZmODRhODEz
LzEvZ0VGUGNHOXMwc2g2OFBZR3N0RTNhNGExLW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkdM5TGks
/MxqQU5F83mb+ykPV/3ZdJqnu5nk+9UkgPjrgK3maisdwGEY120cf8yr0kFBLpke
SV3i645PFrV1tEwWKVVcKd9TPP4ihVdWqqxgV/Z+4bnmuuFwFaykWyloyeYH2hJM
dNmC7XbHMoCZBIYTBL5J6YluGvb+JjV4TTEpkUVwTaqfodiCFmhMmaj9H4OHoK8p
CvzTVNrAzqGjxOrs8b7KsOU3jbNiLCNISqnUdHT+YD22oe4qFVgwsn4zQZEQevEz
QYwt8RUwXN+1jKxiCFMv9SwU3Rw16FWBTWQxujHhvHcFMwr81h8CNKktagFV+Sdn
rxphTUQ/g2y0mQ==
-----END CERTIFICATE-----