Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/f8474b-5aeb-4058-9f4e-0042425bab1a/1/D3l2BSC3wVwuQmAwgnK4SfiO1nc.mft
File:                     D3l2BSC3wVwuQmAwgnK4SfiO1nc.mft (raw, json)
Hash identifier:          n1nIRJItGNaO1Ys6HgzbMm9Zyl/cK5eqMmmokdyJaQM=
Subject key identifier:   41:5F:67:33:C2:D0:44:37:72:EA:8B:03:56:4B:BD:13:83:09:3F:19
Authority key identifier: 0F:79:76:05:20:B7:C1:5C:2E:42:60:30:82:72:B8:49:F8:8E:D6:77
Certificate issuer:       /CN=0f79760520b7c15c2e4260308272b849f88ed677
Certificate serial:       019A71EE7CBCA1335057C4426FE067989F3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D3l2BSC3wVwuQmAwgnK4SfiO1nc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/f8474b-5aeb-4058-9f4e-0042425bab1a/1/D3l2BSC3wVwuQmAwgnK4SfiO1nc.mft
Manifest number:          171E
Signing time:             Tue 11 Nov 2025 08:00:46 +0000
Manifest this update:     Tue 11 Nov 2025 08:00:46 +0000
Manifest next update:     Wed 12 Nov 2025 08:00:46 +0000
Files and hashes:         1: D3l2BSC3wVwuQmAwgnK4SfiO1nc.crl (hash: yohBw3sQ+d1vILwQZdFYf2mmMneoxmTFjqPJS+XjqE8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/f8474b-5aeb-4058-9f4e-0042425bab1a/1/D3l2BSC3wVwuQmAwgnK4SfiO1nc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/f8474b-5aeb-4058-9f4e-0042425bab1a/1/D3l2BSC3wVwuQmAwgnK4SfiO1nc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D3l2BSC3wVwuQmAwgnK4SfiO1nc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 08:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:ee:7c:bc:a1:33:50:57:c4:42:6f:e0:67:98:9f:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f79760520b7c15c2e4260308272b849f88ed677
        Validity
            Not Before: Nov 11 08:00:46 2025 GMT
            Not After : Nov 12 08:00:46 2025 GMT
        Subject: CN=415f6733c2d0443772ea8b03564bbd1383093f19
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:5b:09:0e:05:d3:97:9b:98:ae:9d:ac:f8:11:
                    61:a0:44:5a:49:ab:4c:d1:c2:f3:87:a5:03:56:af:
                    52:d9:86:82:d9:c5:c2:12:d9:5e:63:ca:4b:cc:6e:
                    4e:c4:de:2e:9f:57:b3:5c:f5:88:4b:3c:a2:d1:9e:
                    91:9c:80:cc:50:ed:c4:b3:2b:b9:dd:4e:81:4c:f9:
                    51:da:3a:33:96:a6:01:bf:ac:ef:03:5d:fe:f5:da:
                    5f:19:2b:aa:26:5e:51:c5:63:3c:4e:15:b5:4c:91:
                    3a:ae:ef:c1:67:b3:8b:3d:78:ef:d9:80:15:1f:42:
                    9a:0e:9f:e4:76:54:b7:52:ff:6c:f0:20:0e:a8:92:
                    8b:3f:38:f6:85:b4:fa:0f:6a:1c:f0:25:a9:e1:14:
                    ff:a5:21:bf:22:10:86:e5:f0:9b:97:3b:df:6f:ed:
                    d2:91:4d:50:eb:3d:42:75:74:c8:97:82:db:a1:56:
                    6c:bb:3c:c7:1c:46:b7:c0:07:35:ef:f4:72:14:21:
                    61:29:88:79:30:ee:0c:fb:ef:a6:b2:6e:9d:21:83:
                    b1:57:9c:75:e4:30:af:ff:76:1d:5c:bb:11:92:a3:
                    e8:65:7f:31:40:53:26:ea:1f:a2:37:9d:d2:ff:9a:
                    e3:68:02:51:b0:e9:ea:b1:a0:82:97:b2:b3:9c:e6:
                    03:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:5F:67:33:C2:D0:44:37:72:EA:8B:03:56:4B:BD:13:83:09:3F:19
            X509v3 Authority Key Identifier:
                keyid:0F:79:76:05:20:B7:C1:5C:2E:42:60:30:82:72:B8:49:F8:8E:D6:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D3l2BSC3wVwuQmAwgnK4SfiO1nc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f8474b-5aeb-4058-9f4e-0042425bab1a/1/D3l2BSC3wVwuQmAwgnK4SfiO1nc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f8474b-5aeb-4058-9f4e-0042425bab1a/1/D3l2BSC3wVwuQmAwgnK4SfiO1nc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:85:f7:96:21:69:7f:7f:0f:b1:34:c9:3f:a4:26:94:3d:b6:
         4b:18:34:50:6b:f5:0c:5a:ab:88:77:fc:31:86:54:50:7c:ee:
         30:f6:eb:cb:34:19:a1:e5:1a:e3:69:80:13:21:6a:b0:9a:b0:
         c4:b7:43:31:ce:12:23:32:be:e7:43:a2:f5:ce:9a:01:14:da:
         1c:78:40:a0:13:72:c8:48:d3:dd:5b:d5:4a:f0:d1:14:ea:36:
         3f:b4:36:11:17:11:3b:0e:4c:9c:06:90:d4:73:15:73:96:70:
         7d:2b:af:63:6c:e5:a6:d7:f4:4a:3a:7d:9c:90:7a:a5:c8:49:
         d7:ef:8a:b8:91:ac:20:68:01:a1:e0:e3:77:30:23:fd:c2:81:
         84:79:2c:0b:99:dd:d4:89:44:7b:a4:46:44:20:a8:0b:7b:28:
         2d:4e:99:9d:c1:a1:2d:5d:31:b1:bf:4b:3c:9f:80:ba:13:a5:
         1e:6d:81:6c:54:7c:a8:5d:cb:fd:29:ec:6a:29:2c:f0:b9:d5:
         50:82:81:75:28:59:1f:2d:7e:19:1f:81:3b:1a:2a:c4:0f:1e:
         93:11:f1:53:f4:9b:66:38:14:e9:d0:24:5f:60:4b:24:4b:ef:
         af:ed:53:82:b5:0a:a5:28:90:51:32:17:01:a8:0d:1f:2a:c9:
         38:23:cd:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7ny8oTNQV8RCb+BnmJ87MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNzk3NjA1MjBiN2MxNWMyZTQyNjAzMDgyNzJiODQ5Zjg4
ZWQ2NzcwHhcNMjUxMTExMDgwMDQ2WhcNMjUxMTEyMDgwMDQ2WjAzMTEwLwYDVQQD
Eyg0MTVmNjczM2MyZDA0NDM3NzJlYThiMDM1NjRiYmQxMzgzMDkzZjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1sJDgXTl5uYrp2s+BFhoERaSatM
0cLzh6UDVq9S2YaC2cXCEtleY8pLzG5OxN4un1ezXPWISzyi0Z6RnIDMUO3Esyu5
3U6BTPlR2jozlqYBv6zvA13+9dpfGSuqJl5RxWM8ThW1TJE6ru/BZ7OLPXjv2YAV
H0KaDp/kdlS3Uv9s8CAOqJKLPzj2hbT6D2oc8CWp4RT/pSG/IhCG5fCblzvfb+3S
kU1Q6z1CdXTIl4LboVZsuzzHHEa3wAc17/RyFCFhKYh5MO4M+++msm6dIYOxV5x1
5DCv/3YdXLsRkqPoZX8xQFMm6h+iN53S/5rjaAJRsOnqsaCCl7KznOYDXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEFfZzPC0EQ3cuqLA1ZLvRODCT8ZMB8GA1UdIwQY
MBaAFA95dgUgt8FcLkJgMIJyuEn4jtZ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDNsMkJTQzN3Vnd1UW1Bd2duSzRTZmlPMW5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9mODQ3NGItNWFlYi00MDU4LTlmNGUt
MDA0MjQyNWJhYjFhLzEvRDNsMkJTQzN3Vnd1UW1Bd2duSzRTZmlPMW5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9mODQ3NGItNWFlYi00MDU4LTlmNGUtMDA0MjQyNWJhYjFh
LzEvRDNsMkJTQzN3Vnd1UW1Bd2duSzRTZmlPMW5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEYX3liFp
f38PsTTJP6QmlD22Sxg0UGv1DFqriHf8MYZUUHzuMPbryzQZoeUa42mAEyFqsJqw
xLdDMc4SIzK+50Oi9c6aARTaHHhAoBNyyEjT3VvVSvDRFOo2P7Q2ERcROw5MnAaQ
1HMVc5ZwfSuvY2zlptf0Sjp9nJB6pchJ1++KuJGsIGgBoeDjdzAj/cKBhHksC5nd
1IlEe6RGRCCoC3soLU6ZncGhLV0xsb9LPJ+AuhOlHm2BbFR8qF3L/Snsaiks8LnV
UIKBdShZHy1+GR+BOxoqxA8ekxHxU/SbZjgU6dAkX2BLJEvvr+1TgrUKpSiQUTIX
AagNHyrJOCPNaA==
-----END CERTIFICATE-----