Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.mft
File:                     XqhfHdTQNGSA8AmHSo9WcOMQhcI.mft (raw, json)
Hash identifier:          ZK3SnfJBUQxtBpzjFpPEv+DfXqGOpDob/6kNNghWteM=
Subject key identifier:   26:8C:E1:B0:8F:2E:65:83:C9:57:4C:C0:30:EC:79:B1:BA:7F:FB:64
Authority key identifier: 5E:A8:5F:1D:D4:D0:34:64:80:F0:09:87:4A:8F:56:70:E3:10:85:C2
Certificate issuer:       /CN=5ea85f1dd4d0346480f009874a8f5670e31085c2
Certificate serial:       019A71134AAEC9A1C2B2C1902469DBBDB1D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XqhfHdTQNGSA8AmHSo9WcOMQhcI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.mft
Manifest number:          171D
Signing time:             Tue 11 Nov 2025 04:01:20 +0000
Manifest this update:     Tue 11 Nov 2025 04:01:20 +0000
Manifest next update:     Wed 12 Nov 2025 04:01:20 +0000
Files and hashes:         1: XqhfHdTQNGSA8AmHSo9WcOMQhcI.crl (hash: VcCPvqGwVfEUa/LgxrlpJuYuH+jP6aCS4+hUQXXaPDw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XqhfHdTQNGSA8AmHSo9WcOMQhcI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:13:4a:ae:c9:a1:c2:b2:c1:90:24:69:db:bd:b1:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ea85f1dd4d0346480f009874a8f5670e31085c2
        Validity
            Not Before: Nov 11 04:01:20 2025 GMT
            Not After : Nov 12 04:01:20 2025 GMT
        Subject: CN=268ce1b08f2e6583c9574cc030ec79b1ba7ffb64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:1a:14:43:98:d8:7f:b2:8f:d9:3b:d7:bd:e8:
                    d1:c7:d9:d3:ae:90:2d:92:4c:16:31:83:19:b0:8f:
                    c0:50:fb:c5:76:51:09:c5:3a:d7:3d:9c:b7:c8:dd:
                    73:66:09:7e:0d:00:58:a2:8f:bc:c0:89:43:28:a8:
                    aa:e3:07:4d:42:71:1f:91:2e:77:91:89:22:84:68:
                    a8:1e:f7:73:93:97:19:83:8b:6a:09:14:c1:dc:9d:
                    bb:4d:97:6b:df:52:08:97:04:4c:ed:7b:a6:a2:0b:
                    44:1e:7a:ba:bb:0e:9e:66:9c:e4:57:1f:2a:49:db:
                    a9:2d:91:cf:54:70:06:25:fd:48:c5:50:20:35:07:
                    16:f5:96:31:9d:86:dd:e0:6f:ec:d0:72:75:16:74:
                    c2:17:2c:9e:25:8e:28:f9:24:4a:6a:d9:51:bb:b4:
                    e1:35:cc:a4:e2:13:e1:1a:ce:bf:fe:a4:f4:20:17:
                    bc:0c:3f:22:c0:5f:ac:dc:94:87:07:e2:3d:03:1b:
                    1e:c8:bc:fd:b6:81:12:03:58:a5:72:de:82:91:27:
                    28:be:6c:20:07:c0:1f:8b:25:de:dc:ab:0c:8d:9a:
                    69:f9:92:37:ae:80:df:e8:e2:8c:ff:4c:9d:17:b6:
                    96:ae:d7:14:a6:87:c0:f8:6b:28:a6:52:dd:bd:d3:
                    19:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:8C:E1:B0:8F:2E:65:83:C9:57:4C:C0:30:EC:79:B1:BA:7F:FB:64
            X509v3 Authority Key Identifier:
                keyid:5E:A8:5F:1D:D4:D0:34:64:80:F0:09:87:4A:8F:56:70:E3:10:85:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XqhfHdTQNGSA8AmHSo9WcOMQhcI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:64:5f:94:8b:b6:bf:73:49:a8:6a:38:da:f2:5b:9d:50:b8:
         63:b3:dc:8f:08:af:aa:9e:4b:3b:ff:4c:bf:79:79:de:e7:65:
         28:67:33:0c:81:4f:fe:a9:2b:87:9c:07:9c:03:1b:bf:b2:ce:
         c2:b9:01:ff:7e:e5:4d:94:3d:88:de:79:47:22:06:80:48:ae:
         1d:6d:60:a8:60:48:65:30:f3:af:20:26:b6:44:d4:2f:9d:3c:
         0c:53:2f:05:31:a3:2b:ea:de:e7:2e:d7:39:69:f6:0e:62:03:
         2f:80:f3:bc:52:1d:8f:53:4b:fd:5a:fb:9f:be:61:9f:1f:94:
         72:99:82:54:d4:d2:80:70:3d:91:4f:40:32:71:98:f6:54:a9:
         6e:21:9d:fc:9c:73:4a:62:e5:ba:11:e2:85:bb:e8:92:df:66:
         cd:9b:e8:5f:2d:76:a9:55:61:89:e3:cb:f1:cf:da:12:68:82:
         26:fd:ac:9b:27:2d:fc:14:61:4a:1d:01:1e:93:26:fc:f9:7a:
         16:5c:ab:29:ad:b1:45:50:78:dc:5f:1a:3b:58:bf:6c:4f:33:
         23:5c:ba:7d:8f:81:80:6d:f5:8c:5e:84:f0:df:e8:69:7d:ad:
         df:ef:f8:0d:0a:5d:03:f4:66:ef:4f:46:c7:95:0b:d4:43:c6:
         1c:f0:19:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxE0quyaHCssGQJGnbvbHYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYTg1ZjFkZDRkMDM0NjQ4MGYwMDk4NzRhOGY1NjcwZTMx
MDg1YzIwHhcNMjUxMTExMDQwMTIwWhcNMjUxMTEyMDQwMTIwWjAzMTEwLwYDVQQD
EygyNjhjZTFiMDhmMmU2NTgzYzk1NzRjYzAzMGVjNzliMWJhN2ZmYjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphoUQ5jYf7KP2TvXvejRx9nTrpAt
kkwWMYMZsI/AUPvFdlEJxTrXPZy3yN1zZgl+DQBYoo+8wIlDKKiq4wdNQnEfkS53
kYkihGioHvdzk5cZg4tqCRTB3J27TZdr31IIlwRM7XumogtEHnq6uw6eZpzkVx8q
SdupLZHPVHAGJf1IxVAgNQcW9ZYxnYbd4G/s0HJ1FnTCFyyeJY4o+SRKatlRu7Th
Ncyk4hPhGs6//qT0IBe8DD8iwF+s3JSHB+I9AxseyLz9toESA1ilct6CkScovmwg
B8AfiyXe3KsMjZpp+ZI3roDf6OKM/0ydF7aWrtcUpofA+GsoplLdvdMZCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCaM4bCPLmWDyVdMwDDsebG6f/tkMB8GA1UdIwQY
MBaAFF6oXx3U0DRkgPAJh0qPVnDjEIXCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHFoZkhkVFFOR1NBOEFtSFNvOVdjT01RaGNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9lZjc4MDgtMTIyYi00Yjg5LTkzNTgt
NTkwYzVmMWIwMWIzLzEvWHFoZkhkVFFOR1NBOEFtSFNvOVdjT01RaGNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9lZjc4MDgtMTIyYi00Yjg5LTkzNTgtNTkwYzVmMWIwMWIz
LzEvWHFoZkhkVFFOR1NBOEFtSFNvOVdjT01RaGNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaGRflIu2
v3NJqGo42vJbnVC4Y7Pcjwivqp5LO/9Mv3l53udlKGczDIFP/qkrh5wHnAMbv7LO
wrkB/37lTZQ9iN55RyIGgEiuHW1gqGBIZTDzryAmtkTUL508DFMvBTGjK+re5y7X
OWn2DmIDL4DzvFIdj1NL/Vr7n75hnx+UcpmCVNTSgHA9kU9AMnGY9lSpbiGd/Jxz
SmLluhHihbvokt9mzZvoXy12qVVhiePL8c/aEmiCJv2smyct/BRhSh0BHpMm/Pl6
FlyrKa2xRVB43F8aO1i/bE8zI1y6fY+BgG31jF6E8N/oaX2t3+/4DQpdA/Rm709G
x5UL1EPGHPAZdQ==
-----END CERTIFICATE-----