Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft
File:                     4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft (raw, json)
Hash identifier:          WZ1l1/XQC/oWbCbOHtVG4/GZNh+GgrXEACSPu3sTZGU=
Subject key identifier:   E6:88:1B:C9:4E:BD:AE:0A:A8:C5:0A:41:65:AC:B1:3E:AE:87:1E:C8
Authority key identifier: E0:B8:67:13:11:00:C1:5D:E8:90:11:00:63:E6:38:A5:F0:23:67:C4
Certificate issuer:       /CN=e0b867131100c15de890110063e638a5f02367c4
Certificate serial:       019A72939C2753EEB56F586355CE8B7E1B7A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft
Manifest number:          171E
Signing time:             Tue 11 Nov 2025 11:01:07 +0000
Manifest this update:     Tue 11 Nov 2025 11:01:07 +0000
Manifest next update:     Wed 12 Nov 2025 11:01:07 +0000
Files and hashes:         1: 4LhnExEAwV3okBEAY-Y4pfAjZ8Q.crl (hash: x9sYDIucv6UTVQz7po9j71yioIkyoNTuSAG97rRVH/U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:9c:27:53:ee:b5:6f:58:63:55:ce:8b:7e:1b:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0b867131100c15de890110063e638a5f02367c4
        Validity
            Not Before: Nov 11 11:01:07 2025 GMT
            Not After : Nov 12 11:01:07 2025 GMT
        Subject: CN=e6881bc94ebdae0aa8c50a4165acb13eae871ec8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:75:f1:33:1f:bd:f0:a4:94:95:aa:dd:39:04:
                    2d:11:4d:1f:ba:38:34:9f:2c:3f:77:e5:bc:3e:b4:
                    56:8e:63:74:b6:cd:74:b4:f4:39:72:1a:e9:79:d3:
                    e4:8f:6e:64:d3:98:b5:c4:01:f2:e0:6d:e7:3d:1a:
                    5e:be:d0:86:9e:0b:38:87:22:62:a5:35:9a:03:59:
                    14:b3:e2:f8:e0:fb:62:4d:cb:f1:d7:05:81:5d:b7:
                    84:5c:6d:fd:b8:3e:81:88:8c:64:88:97:15:28:5a:
                    c7:b7:6d:87:11:c6:96:60:df:5c:3a:3c:39:4b:ac:
                    1d:5e:ac:e4:44:e0:cd:7d:4a:c9:97:3e:b8:3e:ae:
                    6e:b1:4e:a4:3f:37:02:3e:77:5e:a8:d0:50:de:f3:
                    dc:f9:4f:05:f5:47:80:3b:8e:c0:05:49:e6:27:c5:
                    e9:fe:41:8a:4b:26:77:88:f0:7c:5c:e0:2c:48:1a:
                    85:d8:4c:4e:bf:d0:6b:30:71:c2:95:3f:24:ce:fe:
                    21:6a:d7:56:5e:90:fc:c8:3c:0e:f7:3b:ea:a0:74:
                    c3:cd:97:36:fc:9a:50:7f:a4:b1:4f:ba:6d:94:39:
                    99:1d:a5:12:20:9f:35:23:d6:f9:f4:b7:c5:91:01:
                    75:1a:8e:7e:a9:f5:7c:74:18:de:54:fc:bc:ea:0c:
                    cf:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:88:1B:C9:4E:BD:AE:0A:A8:C5:0A:41:65:AC:B1:3E:AE:87:1E:C8
            X509v3 Authority Key Identifier:
                keyid:E0:B8:67:13:11:00:C1:5D:E8:90:11:00:63:E6:38:A5:F0:23:67:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:f0:30:b4:9a:c0:5a:ec:3a:9c:7d:f3:bd:39:b5:55:71:00:
         f8:1c:76:14:10:5a:ca:4e:c6:86:05:d9:3d:00:ff:1d:98:35:
         a9:92:ea:1c:59:11:0e:b5:5a:2d:59:42:0c:ec:3c:76:80:60:
         ab:f7:6e:74:f6:3e:28:09:ab:d5:28:fe:ab:59:48:79:d0:67:
         9a:3d:38:6d:03:a3:15:d6:86:35:31:0b:f6:ef:1b:ea:dc:d1:
         b3:2e:31:e5:9c:1f:35:4f:b4:bd:16:eb:94:6b:1f:1d:83:ee:
         aa:5d:44:cb:1e:64:76:44:5e:b6:11:c2:bc:46:ef:ab:ec:e4:
         74:9a:28:93:7e:71:f8:33:3c:e7:10:3c:1f:f8:52:aa:73:e1:
         db:3e:71:63:1a:49:90:7d:2c:d2:50:2a:a7:ef:57:f4:e2:43:
         c3:a4:c7:23:65:86:f8:07:cc:5a:8b:ae:dd:9b:b6:75:22:43:
         20:6c:c4:bb:c5:c4:1c:1a:2f:f9:14:82:bb:ec:08:e6:24:ed:
         7d:85:51:eb:18:47:16:4f:0d:17:14:e0:70:3f:c5:63:84:44:
         ce:66:37:60:90:a9:01:e4:ed:b9:21:06:67:9e:ca:3a:fa:09:
         2c:37:7d:6e:c5:2d:f0:4d:53:46:c7:7d:ab:fa:19:4d:6f:bb:
         8e:38:bf:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk5wnU+61b1hjVc6Lfht6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYjg2NzEzMTEwMGMxNWRlODkwMTEwMDYzZTYzOGE1ZjAy
MzY3YzQwHhcNMjUxMTExMTEwMTA3WhcNMjUxMTEyMTEwMTA3WjAzMTEwLwYDVQQD
EyhlNjg4MWJjOTRlYmRhZTBhYThjNTBhNDE2NWFjYjEzZWFlODcxZWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3XxMx+98KSUlardOQQtEU0fujg0
nyw/d+W8PrRWjmN0ts10tPQ5chrpedPkj25k05i1xAHy4G3nPRpevtCGngs4hyJi
pTWaA1kUs+L44PtiTcvx1wWBXbeEXG39uD6BiIxkiJcVKFrHt22HEcaWYN9cOjw5
S6wdXqzkRODNfUrJlz64Pq5usU6kPzcCPndeqNBQ3vPc+U8F9UeAO47ABUnmJ8Xp
/kGKSyZ3iPB8XOAsSBqF2ExOv9BrMHHClT8kzv4hatdWXpD8yDwO9zvqoHTDzZc2
/JpQf6SxT7ptlDmZHaUSIJ81I9b59LfFkQF1Go5+qfV8dBjeVPy86gzPSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOaIG8lOva4KqMUKQWWssT6uhx7IMB8GA1UdIwQY
MBaAFOC4ZxMRAMFd6JARAGPmOKXwI2fEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNExobkV4RUF3VjNva0JFQVktWTRwZkFqWjhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9lZWU1MjEtMjVmYS00MDA2LTk1MzEt
MWUwNDQ4MTQ1MThmLzEvNExobkV4RUF3VjNva0JFQVktWTRwZkFqWjhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9lZWU1MjEtMjVmYS00MDA2LTk1MzEtMWUwNDQ4MTQ1MThm
LzEvNExobkV4RUF3VjNva0JFQVktWTRwZkFqWjhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApPAwtJrA
Wuw6nH3zvTm1VXEA+Bx2FBBayk7GhgXZPQD/HZg1qZLqHFkRDrVaLVlCDOw8doBg
q/dudPY+KAmr1Sj+q1lIedBnmj04bQOjFdaGNTEL9u8b6tzRsy4x5ZwfNU+0vRbr
lGsfHYPuql1Eyx5kdkRethHCvEbvq+zkdJook35x+DM85xA8H/hSqnPh2z5xYxpJ
kH0s0lAqp+9X9OJDw6THI2WG+AfMWouu3Zu2dSJDIGzEu8XEHBov+RSCu+wI5iTt
fYVR6xhHFk8NFxTgcD/FY4REzmY3YJCpAeTtuSEGZ57KOvoJLDd9bsUt8E1TRsd9
q/oZTW+7jji//g==
-----END CERTIFICATE-----