Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/ab8055-389c-43ed-abde-bf0de2bb1c3c/1/eH0Q8i5f-ksg99W3goxVuVCal1k.mft
File:                     eH0Q8i5f-ksg99W3goxVuVCal1k.mft (raw, json)
Hash identifier:          aUl/bXE01vF8dAlYmczqyfq2ikV3RjC2e2jrr13cxKY=
Subject key identifier:   EC:28:BD:3F:B0:8F:5F:61:15:E8:42:FD:9C:C4:14:CA:A8:A4:46:76
Authority key identifier: 78:7D:10:F2:2E:5F:FA:4B:20:F7:D5:B7:82:8C:55:B9:50:9A:97:59
Certificate issuer:       /CN=787d10f22e5ffa4b20f7d5b7828c55b9509a9759
Certificate serial:       019A725C909B2A5D5F074BE946B9F8FDD814
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eH0Q8i5f-ksg99W3goxVuVCal1k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/ab8055-389c-43ed-abde-bf0de2bb1c3c/1/eH0Q8i5f-ksg99W3goxVuVCal1k.mft
Manifest number:          171D
Signing time:             Tue 11 Nov 2025 10:01:00 +0000
Manifest this update:     Tue 11 Nov 2025 10:01:00 +0000
Manifest next update:     Wed 12 Nov 2025 10:01:00 +0000
Files and hashes:         1: eH0Q8i5f-ksg99W3goxVuVCal1k.crl (hash: 3Q8ncMUa/hA57SIMe/ccgByYtBBKVBvooaPxaaFXQO8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/ab8055-389c-43ed-abde-bf0de2bb1c3c/1/eH0Q8i5f-ksg99W3goxVuVCal1k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/ab8055-389c-43ed-abde-bf0de2bb1c3c/1/eH0Q8i5f-ksg99W3goxVuVCal1k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eH0Q8i5f-ksg99W3goxVuVCal1k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:90:9b:2a:5d:5f:07:4b:e9:46:b9:f8:fd:d8:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=787d10f22e5ffa4b20f7d5b7828c55b9509a9759
        Validity
            Not Before: Nov 11 10:01:00 2025 GMT
            Not After : Nov 12 10:01:00 2025 GMT
        Subject: CN=ec28bd3fb08f5f6115e842fd9cc414caa8a44676
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:cb:8b:8b:5f:e9:6a:22:be:0a:4c:86:d6:bb:
                    a5:11:60:76:49:79:90:41:52:64:bf:65:db:7b:50:
                    53:65:6b:27:94:3a:24:d0:46:00:6d:cb:19:9e:12:
                    e2:8c:ab:5d:5d:1c:20:d0:fe:4e:9b:ef:b2:f7:d7:
                    d3:dc:da:5a:b2:c8:f3:c0:b8:70:e5:30:b8:40:e2:
                    be:57:1d:7e:6e:70:de:71:5c:7a:30:a3:42:7d:a0:
                    16:7f:5e:6d:b5:7a:53:31:1e:39:f4:e4:0d:d6:bf:
                    bf:10:36:bd:7e:70:ac:0f:2a:0b:fb:6b:f4:41:eb:
                    5c:08:42:99:f5:8b:f0:5a:86:4a:86:05:c5:03:45:
                    e4:16:39:06:35:ea:c7:1b:b5:ed:10:9d:45:0c:26:
                    ce:b0:39:d5:57:f7:6d:76:58:f1:56:40:b3:fa:5a:
                    e4:bd:4b:fc:fe:94:99:ee:8c:bc:a7:a1:8c:3c:34:
                    49:0e:73:68:e5:7a:d8:10:96:bc:02:9b:3d:48:90:
                    aa:ba:b4:c9:16:5c:b5:dd:9c:e7:12:4d:3b:1c:ac:
                    a6:36:e1:87:65:4e:04:9f:18:62:1e:8d:3c:bc:51:
                    03:e8:6e:5f:e5:72:16:77:e8:78:4f:ff:7c:b3:e2:
                    ca:b7:e6:bf:74:6b:a1:59:49:28:a6:ad:e0:29:da:
                    62:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:28:BD:3F:B0:8F:5F:61:15:E8:42:FD:9C:C4:14:CA:A8:A4:46:76
            X509v3 Authority Key Identifier:
                keyid:78:7D:10:F2:2E:5F:FA:4B:20:F7:D5:B7:82:8C:55:B9:50:9A:97:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eH0Q8i5f-ksg99W3goxVuVCal1k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/ab8055-389c-43ed-abde-bf0de2bb1c3c/1/eH0Q8i5f-ksg99W3goxVuVCal1k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/ab8055-389c-43ed-abde-bf0de2bb1c3c/1/eH0Q8i5f-ksg99W3goxVuVCal1k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:ac:bf:78:0b:b7:f4:2e:12:56:82:04:eb:b6:a7:fb:41:ce:
         b9:6b:f2:9f:99:29:ab:7b:11:64:85:06:2a:dd:0c:79:cd:2c:
         a8:b6:11:50:25:3e:af:eb:7c:5d:1f:ed:97:c1:d2:5f:43:d2:
         17:b3:7d:82:07:52:71:f5:9b:81:4a:05:f7:cb:af:fb:75:a2:
         33:84:06:27:d5:76:f0:62:af:a0:46:d7:42:bf:61:25:a7:9f:
         f0:7c:bf:b7:40:8c:31:1f:2c:87:18:c7:21:24:38:22:8f:14:
         f4:87:c1:c9:42:ec:be:f1:e8:69:3b:0b:b6:ab:30:da:8e:16:
         98:91:44:f0:b5:0e:7b:4f:2d:07:0b:0e:51:af:6e:be:85:e6:
         93:9a:42:71:b3:d9:e7:ff:ca:c8:aa:03:75:90:b6:e1:82:fe:
         d9:7a:5e:d5:72:2b:31:46:82:70:41:a1:87:7c:cb:22:1b:e4:
         65:4f:40:b0:a1:f8:13:a4:b7:e8:f7:b0:3d:08:bb:81:fe:76:
         78:2a:93:df:17:2d:8f:67:89:51:bd:61:15:51:b0:3e:f8:82:
         6c:97:c1:83:72:62:9f:3b:48:ef:c6:ec:8a:8f:d8:89:62:af:
         e4:91:b0:8d:77:00:c6:2c:49:47:df:bc:25:ea:e7:5a:cc:03:
         34:a7:47:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXJCbKl1fB0vpRrn4/dgUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4N2QxMGYyMmU1ZmZhNGIyMGY3ZDViNzgyOGM1NWI5NTA5
YTk3NTkwHhcNMjUxMTExMTAwMTAwWhcNMjUxMTEyMTAwMTAwWjAzMTEwLwYDVQQD
EyhlYzI4YmQzZmIwOGY1ZjYxMTVlODQyZmQ5Y2M0MTRjYWE4YTQ0Njc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5MuLi1/paiK+CkyG1rulEWB2SXmQ
QVJkv2Xbe1BTZWsnlDok0EYAbcsZnhLijKtdXRwg0P5Om++y99fT3NpassjzwLhw
5TC4QOK+Vx1+bnDecVx6MKNCfaAWf15ttXpTMR459OQN1r+/EDa9fnCsDyoL+2v0
QetcCEKZ9YvwWoZKhgXFA0XkFjkGNerHG7XtEJ1FDCbOsDnVV/dtdljxVkCz+lrk
vUv8/pSZ7oy8p6GMPDRJDnNo5XrYEJa8Aps9SJCqurTJFly13ZznEk07HKymNuGH
ZU4EnxhiHo08vFED6G5f5XIWd+h4T/98s+LKt+a/dGuhWUkopq3gKdpidwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOwovT+wj19hFehC/ZzEFMqopEZ2MB8GA1UdIwQY
MBaAFHh9EPIuX/pLIPfVt4KMVblQmpdZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUgwUThpNWYta3NnOTlXM2dveFZ1VkNhbDFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9hYjgwNTUtMzg5Yy00M2VkLWFiZGUt
YmYwZGUyYmIxYzNjLzEvZUgwUThpNWYta3NnOTlXM2dveFZ1VkNhbDFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9hYjgwNTUtMzg5Yy00M2VkLWFiZGUtYmYwZGUyYmIxYzNj
LzEvZUgwUThpNWYta3NnOTlXM2dveFZ1VkNhbDFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbay/eAu3
9C4SVoIE67an+0HOuWvyn5kpq3sRZIUGKt0Mec0sqLYRUCU+r+t8XR/tl8HSX0PS
F7N9ggdScfWbgUoF98uv+3WiM4QGJ9V28GKvoEbXQr9hJaef8Hy/t0CMMR8shxjH
ISQ4Io8U9IfByULsvvHoaTsLtqsw2o4WmJFE8LUOe08tBwsOUa9uvoXmk5pCcbPZ
5//KyKoDdZC24YL+2Xpe1XIrMUaCcEGhh3zLIhvkZU9AsKH4E6S36PewPQi7gf52
eCqT3xctj2eJUb1hFVGwPviCbJfBg3JinztI78bsio/YiWKv5JGwjXcAxixJR9+8
JernWswDNKdHyg==
-----END CERTIFICATE-----