Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/ba81b6-1282-455f-8c59-d0e24f017088/1/cM7mK3lHLcrlHq1NjqBpI4cPUZc.mft
File:                     cM7mK3lHLcrlHq1NjqBpI4cPUZc.mft (raw, json)
Hash identifier:          42bf3hiTzx2CGK3LNUnleoSMpcfDy1drPUQSUIk04zE=
Subject key identifier:   B1:5F:4D:94:67:20:7C:15:33:20:6F:AC:44:84:55:91:9E:FC:DF:C4
Authority key identifier: 70:CE:E6:2B:79:47:2D:CA:E5:1E:AD:4D:8E:A0:69:23:87:0F:51:97
Certificate issuer:       /CN=70cee62b79472dcae51ead4d8ea06923870f5197
Certificate serial:       019A722622AD78A3E7F94D3815FE8B5BCB78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cM7mK3lHLcrlHq1NjqBpI4cPUZc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/ba81b6-1282-455f-8c59-d0e24f017088/1/cM7mK3lHLcrlHq1NjqBpI4cPUZc.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 09:01:33 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:33 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:33 +0000
Files and hashes:         1: cM7mK3lHLcrlHq1NjqBpI4cPUZc.crl (hash: lTb3B+wCr9OlgZK//MvIYnFkjGTAYERBpaNAPOBs4ec=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/ba81b6-1282-455f-8c59-d0e24f017088/1/cM7mK3lHLcrlHq1NjqBpI4cPUZc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/ba81b6-1282-455f-8c59-d0e24f017088/1/cM7mK3lHLcrlHq1NjqBpI4cPUZc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cM7mK3lHLcrlHq1NjqBpI4cPUZc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:22:ad:78:a3:e7:f9:4d:38:15:fe:8b:5b:cb:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70cee62b79472dcae51ead4d8ea06923870f5197
        Validity
            Not Before: Nov 11 09:01:33 2025 GMT
            Not After : Nov 12 09:01:33 2025 GMT
        Subject: CN=b15f4d9467207c1533206fac448455919efcdfc4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:04:5b:49:d4:cf:0d:b8:30:a3:e8:50:66:f6:
                    15:88:1c:9d:70:8a:c3:5f:01:07:88:e8:d7:50:c9:
                    98:94:a1:e3:97:0a:e9:e6:39:1a:e8:da:38:10:4f:
                    d1:e8:1c:b5:2d:01:ee:3d:b7:61:11:05:97:13:a3:
                    1b:e5:b0:18:71:c1:06:91:81:3a:bc:8e:fe:4d:a5:
                    5e:21:7f:43:f5:3d:ae:06:d7:11:09:d3:bb:ed:7b:
                    08:6e:cf:0e:44:3d:09:dd:3b:43:6d:f8:5e:b5:5c:
                    77:da:80:35:cb:e1:10:d0:ce:d2:8e:37:46:55:fd:
                    00:36:2d:60:bd:0e:63:3d:b8:ae:e9:af:03:2d:04:
                    5f:87:f5:2e:aa:79:b9:eb:30:42:12:3c:c4:29:aa:
                    b1:1c:4a:de:4d:45:ff:90:d8:93:e1:fb:1e:f4:e4:
                    3b:77:13:86:f0:74:42:24:f0:87:b4:41:dd:b9:fd:
                    03:0b:e2:5f:7c:b5:e0:3d:57:38:1e:71:25:0c:a3:
                    ea:2d:df:49:a4:a8:ff:bc:fc:f8:38:32:35:d9:94:
                    ff:91:fe:92:a9:9f:0e:58:a7:16:13:c4:ab:01:68:
                    7f:8e:e3:b3:e0:44:c0:0a:67:84:05:10:14:63:8e:
                    03:45:24:fd:c3:7a:7e:e5:54:3f:aa:72:11:79:a5:
                    e7:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:5F:4D:94:67:20:7C:15:33:20:6F:AC:44:84:55:91:9E:FC:DF:C4
            X509v3 Authority Key Identifier:
                keyid:70:CE:E6:2B:79:47:2D:CA:E5:1E:AD:4D:8E:A0:69:23:87:0F:51:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cM7mK3lHLcrlHq1NjqBpI4cPUZc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/ba81b6-1282-455f-8c59-d0e24f017088/1/cM7mK3lHLcrlHq1NjqBpI4cPUZc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/ba81b6-1282-455f-8c59-d0e24f017088/1/cM7mK3lHLcrlHq1NjqBpI4cPUZc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:9b:b1:85:1b:15:63:40:74:fb:38:a3:3e:70:26:2d:ad:61:
         68:d9:49:91:23:43:1b:59:19:08:31:9b:09:2c:94:40:9d:53:
         a9:68:90:20:ae:1c:d4:68:a9:be:1b:65:17:73:98:41:d5:03:
         35:f8:3a:8e:10:40:7b:f0:92:39:13:f1:ff:3b:a5:ec:a0:b4:
         67:ea:ed:af:d8:66:e7:77:b6:9e:e2:63:a0:db:f8:04:44:78:
         5a:77:9e:a3:9b:0e:a5:30:31:dd:5c:bb:04:82:4a:21:ae:16:
         fd:76:58:ae:d2:26:4f:70:1a:87:99:c1:0e:80:23:8c:f4:3f:
         a3:4a:44:4c:03:ca:3f:81:c6:38:e7:6b:ec:95:ad:cf:41:7a:
         9c:9f:71:b4:65:44:bb:91:db:20:31:27:dc:3f:76:f9:7e:a3:
         de:e9:ef:d1:ee:89:6a:cd:dc:78:b5:1b:ed:9f:b7:81:4a:e9:
         77:9e:c5:e4:5c:45:e1:d8:f2:c6:cb:54:d9:6a:6f:e7:33:80:
         21:63:44:5b:11:d5:bf:c8:37:d7:90:2c:f5:ac:f6:96:dd:a0:
         d5:f6:44:86:8a:51:db:6f:b0:97:77:fe:71:12:d1:c0:a2:5e:
         d4:71:7c:3b:45:27:ee:8e:0d:ed:27:88:9d:de:b6:fe:3f:60:
         53:af:7d:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJiKteKPn+U04Ff6LW8t4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwY2VlNjJiNzk0NzJkY2FlNTFlYWQ0ZDhlYTA2OTIzODcw
ZjUxOTcwHhcNMjUxMTExMDkwMTMzWhcNMjUxMTEyMDkwMTMzWjAzMTEwLwYDVQQD
EyhiMTVmNGQ5NDY3MjA3YzE1MzMyMDZmYWM0NDg0NTU5MTllZmNkZmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgRbSdTPDbgwo+hQZvYViBydcIrD
XwEHiOjXUMmYlKHjlwrp5jka6No4EE/R6By1LQHuPbdhEQWXE6Mb5bAYccEGkYE6
vI7+TaVeIX9D9T2uBtcRCdO77XsIbs8ORD0J3TtDbfhetVx32oA1y+EQ0M7SjjdG
Vf0ANi1gvQ5jPbiu6a8DLQRfh/Uuqnm56zBCEjzEKaqxHEreTUX/kNiT4fse9OQ7
dxOG8HRCJPCHtEHduf0DC+JffLXgPVc4HnElDKPqLd9JpKj/vPz4ODI12ZT/kf6S
qZ8OWKcWE8SrAWh/juOz4ETACmeEBRAUY44DRST9w3p+5VQ/qnIReaXnpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLFfTZRnIHwVMyBvrESEVZGe/N/EMB8GA1UdIwQY
MBaAFHDO5it5Ry3K5R6tTY6gaSOHD1GXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY003bUszbEhMY3JsSHExTmpxQnBJNGNQVVpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9iYTgxYjYtMTI4Mi00NTVmLThjNTkt
ZDBlMjRmMDE3MDg4LzEvY003bUszbEhMY3JsSHExTmpxQnBJNGNQVVpjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9iYTgxYjYtMTI4Mi00NTVmLThjNTktZDBlMjRmMDE3MDg4
LzEvY003bUszbEhMY3JsSHExTmpxQnBJNGNQVVpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApZuxhRsV
Y0B0+zijPnAmLa1haNlJkSNDG1kZCDGbCSyUQJ1TqWiQIK4c1GipvhtlF3OYQdUD
Nfg6jhBAe/CSORPx/zul7KC0Z+rtr9hm53e2nuJjoNv4BER4Wneeo5sOpTAx3Vy7
BIJKIa4W/XZYrtImT3Aah5nBDoAjjPQ/o0pETAPKP4HGOOdr7JWtz0F6nJ9xtGVE
u5HbIDEn3D92+X6j3unv0e6Jas3ceLUb7Z+3gUrpd57F5FxF4djyxstU2Wpv5zOA
IWNEWxHVv8g315As9az2lt2g1fZEhopR22+wl3f+cRLRwKJe1HF8O0Un7o4N7SeI
nd62/j9gU699uQ==
-----END CERTIFICATE-----