Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/15fb8a-9261-462d-a5ac-d5a1ea9edb08/1/0IpNevM5v1JVcjk3VdHPszzdta0.mft
File:                     0IpNevM5v1JVcjk3VdHPszzdta0.mft (raw, json)
Hash identifier:          ojwmKFBocEYYXnkczgGo2kqJa1zK/8MysOwKNqIltdQ=
Subject key identifier:   AA:E8:2D:11:1B:5C:8D:D0:9F:14:19:8B:D5:48:E0:41:43:B6:E4:57
Authority key identifier: D0:8A:4D:7A:F3:39:BF:52:55:72:39:37:55:D1:CF:B3:3C:DD:B5:AD
Certificate issuer:       /CN=d08a4d7af339bf525572393755d1cfb33cddb5ad
Certificate serial:       019A7112DA07EEC66D6915843A60F3DF4C6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0IpNevM5v1JVcjk3VdHPszzdta0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/15fb8a-9261-462d-a5ac-d5a1ea9edb08/1/0IpNevM5v1JVcjk3VdHPszzdta0.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 04:00:52 +0000
Manifest this update:     Tue 11 Nov 2025 04:00:52 +0000
Manifest next update:     Wed 12 Nov 2025 04:00:52 +0000
Files and hashes:         1: 0IpNevM5v1JVcjk3VdHPszzdta0.crl (hash: WF2HHBay3MnzcLgsBASRzJsg5/z/4+Nw+gxQ2ygGBgY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/15fb8a-9261-462d-a5ac-d5a1ea9edb08/1/0IpNevM5v1JVcjk3VdHPszzdta0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/15fb8a-9261-462d-a5ac-d5a1ea9edb08/1/0IpNevM5v1JVcjk3VdHPszzdta0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0IpNevM5v1JVcjk3VdHPszzdta0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:12:da:07:ee:c6:6d:69:15:84:3a:60:f3:df:4c:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d08a4d7af339bf525572393755d1cfb33cddb5ad
        Validity
            Not Before: Nov 11 04:00:52 2025 GMT
            Not After : Nov 12 04:00:52 2025 GMT
        Subject: CN=aae82d111b5c8dd09f14198bd548e04143b6e457
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:0f:39:86:1c:06:4f:35:69:d7:e9:bc:49:ad:
                    4a:44:69:11:c4:97:da:79:95:a3:f6:a7:db:37:f3:
                    85:4e:ea:75:13:d9:62:58:38:44:bf:b0:11:ed:22:
                    c0:ba:c1:1f:f8:7e:6e:84:ac:37:b8:41:3a:31:36:
                    46:cb:81:b0:fd:6e:12:57:f5:a0:2b:ae:37:df:49:
                    66:48:15:36:2a:de:dd:8d:7e:6c:b1:f9:48:8c:50:
                    28:e7:e7:0c:9d:ce:13:53:64:a3:79:37:e4:5f:28:
                    68:39:b8:7a:d0:3b:a4:e4:bd:0e:88:7f:05:d6:cf:
                    34:82:d9:b7:5a:cd:2e:48:18:6a:57:8f:03:fa:ee:
                    44:d7:67:08:40:3c:ed:0e:94:f0:7f:d1:85:e0:d6:
                    f5:48:1b:54:ce:5a:69:49:50:d7:ba:bb:c1:8f:65:
                    df:63:5b:4e:b7:b5:e1:29:25:20:84:53:0c:90:05:
                    7c:86:73:f5:3f:72:a2:b2:d7:5a:65:b9:c2:8f:fe:
                    87:9f:87:c8:6b:39:3d:4b:69:61:c7:97:9e:0a:e2:
                    c4:fc:11:b0:63:c4:14:06:f8:64:2b:b2:57:c2:39:
                    73:b5:78:65:cb:c9:95:e4:c2:6e:53:98:13:20:93:
                    ef:9a:2b:5c:ef:81:77:e6:da:06:7e:00:24:18:5b:
                    80:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:E8:2D:11:1B:5C:8D:D0:9F:14:19:8B:D5:48:E0:41:43:B6:E4:57
            X509v3 Authority Key Identifier:
                keyid:D0:8A:4D:7A:F3:39:BF:52:55:72:39:37:55:D1:CF:B3:3C:DD:B5:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0IpNevM5v1JVcjk3VdHPszzdta0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/15fb8a-9261-462d-a5ac-d5a1ea9edb08/1/0IpNevM5v1JVcjk3VdHPszzdta0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/15fb8a-9261-462d-a5ac-d5a1ea9edb08/1/0IpNevM5v1JVcjk3VdHPszzdta0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:e3:06:db:1f:88:69:df:69:17:16:71:22:96:ed:2a:57:f9:
         38:6e:7f:e2:dd:6c:94:39:8b:ff:68:39:50:99:e7:42:0e:8b:
         d5:af:5a:36:41:03:bd:b6:15:48:d6:68:f7:eb:6c:d0:d4:c1:
         09:96:c1:6e:3f:a8:30:5e:2a:39:ed:2b:df:29:b0:1a:26:0a:
         1a:fb:56:10:2d:d8:2e:01:62:58:4a:c8:1e:8b:ee:42:59:94:
         5a:0b:00:71:99:48:01:36:c9:3a:92:9b:2c:76:24:a2:6e:49:
         1c:8a:e5:10:c1:41:e4:2f:25:3e:6f:f8:78:01:59:d0:f1:0e:
         08:61:5d:6a:66:f8:71:da:f9:5a:eb:ef:f9:ab:32:89:91:4a:
         15:47:c9:a0:41:7c:f4:39:d0:77:85:ff:b3:e7:5c:2c:b8:18:
         ce:60:d0:ac:65:1f:72:0b:69:62:51:d6:dd:36:90:ef:1f:b7:
         70:62:b7:6f:af:ba:1c:35:21:62:48:74:fe:ae:c9:f9:35:a2:
         59:eb:8a:3a:44:c5:8d:f4:b3:3e:ee:ca:71:40:7a:c3:1d:99:
         05:0d:74:18:ac:36:c6:1e:d5:96:47:b4:c6:a5:95:4f:db:5d:
         ad:0d:89:0d:5e:54:d5:85:82:f3:38:ea:99:10:e7:5c:d6:27:
         07:84:b7:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEtoH7sZtaRWEOmDz30xqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGE0ZDdhZjMzOWJmNTI1NTcyMzkzNzU1ZDFjZmIzM2Nk
ZGI1YWQwHhcNMjUxMTExMDQwMDUyWhcNMjUxMTEyMDQwMDUyWjAzMTEwLwYDVQQD
EyhhYWU4MmQxMTFiNWM4ZGQwOWYxNDE5OGJkNTQ4ZTA0MTQzYjZlNDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArg85hhwGTzVp1+m8Sa1KRGkRxJfa
eZWj9qfbN/OFTup1E9liWDhEv7AR7SLAusEf+H5uhKw3uEE6MTZGy4Gw/W4SV/Wg
K64330lmSBU2Kt7djX5ssflIjFAo5+cMnc4TU2SjeTfkXyhoObh60Duk5L0OiH8F
1s80gtm3Ws0uSBhqV48D+u5E12cIQDztDpTwf9GF4Nb1SBtUzlppSVDXurvBj2Xf
Y1tOt7XhKSUghFMMkAV8hnP1P3KistdaZbnCj/6Hn4fIazk9S2lhx5eeCuLE/BGw
Y8QUBvhkK7JXwjlztXhly8mV5MJuU5gTIJPvmitc74F35toGfgAkGFuALwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKroLREbXI3QnxQZi9VI4EFDtuRXMB8GA1UdIwQY
MBaAFNCKTXrzOb9SVXI5N1XRz7M83bWtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMElwTmV2TTV2MUpWY2prM1ZkSFBzenpkdGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8xNWZiOGEtOTI2MS00NjJkLWE1YWMt
ZDVhMWVhOWVkYjA4LzEvMElwTmV2TTV2MUpWY2prM1ZkSFBzenpkdGEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8xNWZiOGEtOTI2MS00NjJkLWE1YWMtZDVhMWVhOWVkYjA4
LzEvMElwTmV2TTV2MUpWY2prM1ZkSFBzenpkdGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASOMG2x+I
ad9pFxZxIpbtKlf5OG5/4t1slDmL/2g5UJnnQg6L1a9aNkEDvbYVSNZo9+ts0NTB
CZbBbj+oMF4qOe0r3ymwGiYKGvtWEC3YLgFiWErIHovuQlmUWgsAcZlIATbJOpKb
LHYkom5JHIrlEMFB5C8lPm/4eAFZ0PEOCGFdamb4cdr5Wuvv+asyiZFKFUfJoEF8
9DnQd4X/s+dcLLgYzmDQrGUfcgtpYlHW3TaQ7x+3cGK3b6+6HDUhYkh0/q7J+TWi
WeuKOkTFjfSzPu7KcUB6wx2ZBQ10GKw2xh7Vlke0xqWVT9tdrQ2JDV5U1YWC8zjq
mRDnXNYnB4S35A==
-----END CERTIFICATE-----