Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/863eee-7714-4bc4-9268-41694202de68/1/gbv0m8K-YG6m9Ivb-WJX3natfMA.mft
File:                     gbv0m8K-YG6m9Ivb-WJX3natfMA.mft (raw, json)
Hash identifier:          6r2dnLWCMZ0vkitA1qk4rk4MONmk27ijkWMRGwEMa2Y=
Subject key identifier:   A1:BC:92:A3:87:49:83:CF:B1:3B:E6:5D:82:65:E9:51:6C:6E:E8:C5
Authority key identifier: 81:BB:F4:9B:C2:BE:60:6E:A6:F4:8B:DB:F9:62:57:DE:76:AD:7C:C0
Certificate issuer:       /CN=81bbf49bc2be606ea6f48bdbf96257de76ad7cc0
Certificate serial:       019A71B7991917B16D735E501ADD6C07D57D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gbv0m8K-YG6m9Ivb-WJX3natfMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/863eee-7714-4bc4-9268-41694202de68/1/gbv0m8K-YG6m9Ivb-WJX3natfMA.mft
Manifest number:          171C
Signing time:             Tue 11 Nov 2025 07:00:48 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:48 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:48 +0000
Files and hashes:         1: gbv0m8K-YG6m9Ivb-WJX3natfMA.crl (hash: ZPSPpss/YFw4k/hxKFjKFsMhid0imdWZ5snN14oTU+A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/863eee-7714-4bc4-9268-41694202de68/1/gbv0m8K-YG6m9Ivb-WJX3natfMA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/863eee-7714-4bc4-9268-41694202de68/1/gbv0m8K-YG6m9Ivb-WJX3natfMA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gbv0m8K-YG6m9Ivb-WJX3natfMA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:99:19:17:b1:6d:73:5e:50:1a:dd:6c:07:d5:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81bbf49bc2be606ea6f48bdbf96257de76ad7cc0
        Validity
            Not Before: Nov 11 07:00:48 2025 GMT
            Not After : Nov 12 07:00:48 2025 GMT
        Subject: CN=a1bc92a3874983cfb13be65d8265e9516c6ee8c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:01:14:5e:1d:60:65:34:ce:cf:57:23:7b:5b:
                    45:79:60:26:59:37:2e:52:dd:be:cf:e3:92:92:ae:
                    92:48:6d:5e:84:cf:8a:35:25:db:e7:b2:d8:c2:8b:
                    9e:8f:68:64:a7:92:5b:f2:f0:ca:bf:6b:9b:11:2e:
                    63:8e:7e:7e:af:2a:9b:6d:84:c7:a3:fb:3d:60:e7:
                    90:95:e7:54:73:3a:18:aa:0d:ab:07:f0:b0:eb:19:
                    94:24:d2:a6:4d:2d:8a:e5:94:24:df:76:c9:1c:76:
                    f6:59:2e:d4:93:60:9b:58:e0:ff:50:20:10:52:63:
                    c5:52:ea:68:28:a3:dc:62:69:35:25:f3:b5:de:03:
                    7f:4e:9a:53:d3:06:30:ff:64:e8:cd:51:3a:c6:97:
                    99:b4:57:88:84:08:62:4f:21:80:2b:8e:99:35:06:
                    87:c4:ae:d1:5c:c5:a3:e6:b5:1d:66:9a:ee:d4:d0:
                    a1:d9:f5:e0:01:db:c1:24:2f:22:b8:5c:33:12:ba:
                    0f:b7:24:8a:d9:d4:e6:bb:cb:c9:ec:d5:4f:73:36:
                    58:ef:34:f5:7a:61:f9:9d:ba:bd:38:fa:46:96:e0:
                    e3:71:f6:a2:74:96:ab:3a:68:67:13:26:30:df:00:
                    7b:2a:fa:48:84:1d:f4:b0:f8:5c:10:71:ba:19:1e:
                    8c:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:BC:92:A3:87:49:83:CF:B1:3B:E6:5D:82:65:E9:51:6C:6E:E8:C5
            X509v3 Authority Key Identifier:
                keyid:81:BB:F4:9B:C2:BE:60:6E:A6:F4:8B:DB:F9:62:57:DE:76:AD:7C:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gbv0m8K-YG6m9Ivb-WJX3natfMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/863eee-7714-4bc4-9268-41694202de68/1/gbv0m8K-YG6m9Ivb-WJX3natfMA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/863eee-7714-4bc4-9268-41694202de68/1/gbv0m8K-YG6m9Ivb-WJX3natfMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:03:5b:23:dc:83:d4:04:13:61:db:8d:c3:e3:45:5f:64:6b:
         b1:45:6f:78:68:e7:e5:19:00:60:89:19:51:33:fb:1d:d9:a0:
         72:72:da:d8:ab:66:a2:42:b2:5a:d3:19:a0:71:48:3d:9b:90:
         d7:44:66:17:3c:09:16:a9:04:c0:61:98:b1:17:cc:92:21:e3:
         67:7a:d3:70:d0:5e:d5:89:48:52:f6:95:2e:e5:0e:07:7a:a8:
         02:a4:e3:6e:99:fe:aa:af:93:e3:7c:80:bb:e9:a4:2d:4f:2d:
         f3:2d:45:18:0f:52:27:63:4e:0f:f7:61:f4:0c:22:0f:82:ac:
         50:85:88:40:70:5c:0d:be:c8:d5:6c:53:13:23:9d:b8:f0:85:
         5c:84:50:1c:77:1b:73:15:c1:40:53:57:74:d8:bd:ae:1a:61:
         1b:38:24:ef:a0:af:f9:74:ed:6f:db:7f:78:14:df:da:55:b1:
         a8:4a:d8:42:7d:d8:30:63:df:d3:67:f5:e6:cc:54:cb:4f:64:
         2d:70:50:3f:b1:c6:d2:f7:bd:26:ff:d4:43:a6:4f:7d:47:0c:
         82:ec:f8:19:4c:d6:c9:cc:b3:b4:bb:8b:6c:ba:f3:54:79:f9:
         b0:69:07:21:a8:e8:2a:f8:62:43:16:74:f1:b4:c7:01:f5:47:
         e4:c7:ac:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt5kZF7Ftc15QGt1sB9V9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYmJmNDliYzJiZTYwNmVhNmY0OGJkYmY5NjI1N2RlNzZh
ZDdjYzAwHhcNMjUxMTExMDcwMDQ4WhcNMjUxMTEyMDcwMDQ4WjAzMTEwLwYDVQQD
EyhhMWJjOTJhMzg3NDk4M2NmYjEzYmU2NWQ4MjY1ZTk1MTZjNmVlOGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwEUXh1gZTTOz1cje1tFeWAmWTcu
Ut2+z+OSkq6SSG1ehM+KNSXb57LYwouej2hkp5Jb8vDKv2ubES5jjn5+ryqbbYTH
o/s9YOeQledUczoYqg2rB/Cw6xmUJNKmTS2K5ZQk33bJHHb2WS7Uk2CbWOD/UCAQ
UmPFUupoKKPcYmk1JfO13gN/TppT0wYw/2TozVE6xpeZtFeIhAhiTyGAK46ZNQaH
xK7RXMWj5rUdZpru1NCh2fXgAdvBJC8iuFwzEroPtySK2dTmu8vJ7NVPczZY7zT1
emH5nbq9OPpGluDjcfaidJarOmhnEyYw3wB7KvpIhB30sPhcEHG6GR6MXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKG8kqOHSYPPsTvmXYJl6VFsbujFMB8GA1UdIwQY
MBaAFIG79JvCvmBupvSL2/liV952rXzAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2J2MG04Sy1ZRzZtOUl2Yi1XSlgzbmF0Zk1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS84NjNlZWUtNzcxNC00YmM0LTkyNjgt
NDE2OTQyMDJkZTY4LzEvZ2J2MG04Sy1ZRzZtOUl2Yi1XSlgzbmF0Zk1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS84NjNlZWUtNzcxNC00YmM0LTkyNjgtNDE2OTQyMDJkZTY4
LzEvZ2J2MG04Sy1ZRzZtOUl2Yi1XSlgzbmF0Zk1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJANbI9yD
1AQTYduNw+NFX2RrsUVveGjn5RkAYIkZUTP7HdmgcnLa2KtmokKyWtMZoHFIPZuQ
10RmFzwJFqkEwGGYsRfMkiHjZ3rTcNBe1YlIUvaVLuUOB3qoAqTjbpn+qq+T43yA
u+mkLU8t8y1FGA9SJ2NOD/dh9AwiD4KsUIWIQHBcDb7I1WxTEyOduPCFXIRQHHcb
cxXBQFNXdNi9rhphGzgk76Cv+XTtb9t/eBTf2lWxqErYQn3YMGPf02f15sxUy09k
LXBQP7HG0ve9Jv/UQ6ZPfUcMguz4GUzWycyztLuLbLrzVHn5sGkHIajoKvhiQxZ0
8bTHAfVH5MesHw==
-----END CERTIFICATE-----