Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/a40bbb-556a-40c5-b97c-32b2be06222c/1/iFeQ87X0pUUjTzIwv4lmOFbge8c.mft
File:                     iFeQ87X0pUUjTzIwv4lmOFbge8c.mft (raw, json)
Hash identifier:          Oc6PhmV1PqG20dIumn5BpqJMLBK7qZhOPURFmuKz8p0=
Subject key identifier:   97:E9:D3:AF:BB:E7:0D:82:A8:78:83:25:63:E8:1D:14:32:4A:5C:8A
Authority key identifier: 88:57:90:F3:B5:F4:A5:45:23:4F:32:30:BF:89:66:38:56:E0:7B:C7
Certificate issuer:       /CN=885790f3b5f4a545234f3230bf89663856e07bc7
Certificate serial:       019A71B8277945F64E7F46560581EC758C29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iFeQ87X0pUUjTzIwv4lmOFbge8c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/a40bbb-556a-40c5-b97c-32b2be06222c/1/iFeQ87X0pUUjTzIwv4lmOFbge8c.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 07:01:25 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:25 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:25 +0000
Files and hashes:         1: iFeQ87X0pUUjTzIwv4lmOFbge8c.crl (hash: c4SDXMO9eeMRlvsHJiljLzIO74IQ6cawwlZeK7vKHhQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/a40bbb-556a-40c5-b97c-32b2be06222c/1/iFeQ87X0pUUjTzIwv4lmOFbge8c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/a40bbb-556a-40c5-b97c-32b2be06222c/1/iFeQ87X0pUUjTzIwv4lmOFbge8c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iFeQ87X0pUUjTzIwv4lmOFbge8c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:27:79:45:f6:4e:7f:46:56:05:81:ec:75:8c:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=885790f3b5f4a545234f3230bf89663856e07bc7
        Validity
            Not Before: Nov 11 07:01:25 2025 GMT
            Not After : Nov 12 07:01:25 2025 GMT
        Subject: CN=97e9d3afbbe70d82a878832563e81d14324a5c8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:e3:38:4c:bd:98:4b:1d:ef:14:f7:76:00:a3:
                    9f:0d:ec:48:2c:85:72:26:41:8d:b0:18:32:94:99:
                    f7:b9:65:b6:f1:7f:17:88:bc:02:f4:fa:5b:30:73:
                    81:0a:e6:a2:d0:e7:ed:0b:9c:31:65:82:1d:20:45:
                    98:f9:18:3f:7e:af:53:46:8a:ff:d7:c5:ab:46:7c:
                    0b:4d:71:0a:a3:7c:42:d3:bc:14:d8:ca:28:f4:48:
                    42:d6:20:f2:8f:c8:ad:6a:bd:91:4d:e7:ef:20:c7:
                    b5:0c:32:14:4d:bb:90:6d:30:d0:aa:80:d1:99:9e:
                    65:b9:03:35:63:a0:27:bb:8c:c8:63:01:7e:ef:28:
                    c9:f3:71:62:8d:c6:bf:21:69:3b:14:8b:f1:b9:fc:
                    8f:fa:0d:af:52:81:b3:0f:de:99:5b:e8:ac:f0:16:
                    23:d0:23:de:8b:68:ac:fa:cc:69:18:cf:c3:09:cf:
                    a5:7d:97:4b:41:e1:80:5e:90:03:74:97:7a:36:a8:
                    24:32:72:b5:83:8b:15:0f:9b:72:01:db:f6:13:b4:
                    9c:c1:57:e6:b6:19:f9:67:18:67:8b:4a:f2:1c:5b:
                    5a:2e:b7:0c:82:2d:67:2f:33:9c:bd:3b:ab:0f:03:
                    2d:14:3e:2b:72:8b:ed:99:be:b6:6a:44:fe:f0:5e:
                    40:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:E9:D3:AF:BB:E7:0D:82:A8:78:83:25:63:E8:1D:14:32:4A:5C:8A
            X509v3 Authority Key Identifier:
                keyid:88:57:90:F3:B5:F4:A5:45:23:4F:32:30:BF:89:66:38:56:E0:7B:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFeQ87X0pUUjTzIwv4lmOFbge8c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/a40bbb-556a-40c5-b97c-32b2be06222c/1/iFeQ87X0pUUjTzIwv4lmOFbge8c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/a40bbb-556a-40c5-b97c-32b2be06222c/1/iFeQ87X0pUUjTzIwv4lmOFbge8c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:f1:8e:84:4d:6d:f5:ba:38:6c:95:ad:6b:22:fd:db:7a:f2:
         ec:b5:10:b9:52:fb:55:9f:e7:72:5b:41:89:04:69:fb:9f:9f:
         79:fe:9d:19:e3:87:47:a7:63:e2:31:96:04:7c:39:06:dc:ec:
         08:61:3b:29:bd:77:54:37:d0:eb:2b:a6:9f:4f:cd:7f:88:f5:
         88:98:5e:70:a4:74:d3:6e:18:16:9b:22:be:20:c0:d9:1a:23:
         3f:9f:c7:3c:77:1b:e5:f7:24:d3:b7:e5:7d:85:1c:c0:f2:4f:
         46:1d:84:88:34:a2:b1:13:13:ae:d3:22:dd:24:fe:ac:d4:d9:
         f4:6a:12:1b:3b:dd:a8:72:3c:ea:4f:53:4f:a8:1b:c8:3b:5e:
         95:1e:88:08:9d:db:55:47:86:50:cf:61:8b:7f:e9:86:5e:8e:
         a9:66:2a:d5:01:d6:59:51:6f:64:1f:b2:94:93:76:c1:80:de:
         4f:e0:1e:eb:cc:69:2c:77:21:24:5e:d4:7f:67:db:c2:36:86:
         8c:0c:b6:0f:5f:67:b3:cb:eb:f1:0f:f4:09:59:3a:a9:47:29:
         0f:bc:54:9e:f2:5a:b0:0f:d2:20:bf:44:c1:16:17:ae:a8:1c:
         89:73:35:ac:db:a2:55:9f:33:31:b6:82:29:f3:8f:7f:2e:03:
         0f:5c:6b:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuCd5RfZOf0ZWBYHsdYwpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NTc5MGYzYjVmNGE1NDUyMzRmMzIzMGJmODk2NjM4NTZl
MDdiYzcwHhcNMjUxMTExMDcwMTI1WhcNMjUxMTEyMDcwMTI1WjAzMTEwLwYDVQQD
Eyg5N2U5ZDNhZmJiZTcwZDgyYTg3ODgzMjU2M2U4MWQxNDMyNGE1YzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruM4TL2YSx3vFPd2AKOfDexILIVy
JkGNsBgylJn3uWW28X8XiLwC9PpbMHOBCuai0OftC5wxZYIdIEWY+Rg/fq9TRor/
18WrRnwLTXEKo3xC07wU2Moo9EhC1iDyj8itar2RTefvIMe1DDIUTbuQbTDQqoDR
mZ5luQM1Y6Anu4zIYwF+7yjJ83Fijca/IWk7FIvxufyP+g2vUoGzD96ZW+is8BYj
0CPei2is+sxpGM/DCc+lfZdLQeGAXpADdJd6NqgkMnK1g4sVD5tyAdv2E7ScwVfm
thn5Zxhni0ryHFtaLrcMgi1nLzOcvTurDwMtFD4rcovtmb62akT+8F5AgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJfp06+75w2CqHiDJWPoHRQySlyKMB8GA1UdIwQY
MBaAFIhXkPO19KVFI08yML+JZjhW4HvHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZlUTg3WDBwVVVqVHpJd3Y0bG1PRmJnZThjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9hNDBiYmItNTU2YS00MGM1LWI5N2Mt
MzJiMmJlMDYyMjJjLzEvaUZlUTg3WDBwVVVqVHpJd3Y0bG1PRmJnZThjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9hNDBiYmItNTU2YS00MGM1LWI5N2MtMzJiMmJlMDYyMjJj
LzEvaUZlUTg3WDBwVVVqVHpJd3Y0bG1PRmJnZThjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABPGOhE1t
9bo4bJWtayL923ry7LUQuVL7VZ/ncltBiQRp+5+fef6dGeOHR6dj4jGWBHw5Btzs
CGE7Kb13VDfQ6yumn0/Nf4j1iJhecKR0024YFpsiviDA2RojP5/HPHcb5fck07fl
fYUcwPJPRh2EiDSisRMTrtMi3ST+rNTZ9GoSGzvdqHI86k9TT6gbyDtelR6ICJ3b
VUeGUM9hi3/phl6OqWYq1QHWWVFvZB+ylJN2wYDeT+Ae68xpLHchJF7Uf2fbwjaG
jAy2D19ns8vr8Q/0CVk6qUcpD7xUnvJasA/SIL9EwRYXrqgciXM1rNuiVZ8zMbaC
KfOPfy4DD1xrHw==
-----END CERTIFICATE-----