Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/d29d3f-1696-4ed4-96d2-e7eb817ede30/1/Da7a5Z2cmvUe9UivsMlkOM73IRw.mft
File:                     Da7a5Z2cmvUe9UivsMlkOM73IRw.mft (raw, json)
Hash identifier:          mtyBGaJieKKK5qBp0ExU0nA5ZZesJASxSbE6jV8EhOs=
Subject key identifier:   46:3A:A1:4B:73:1D:99:83:F4:7A:2B:F3:C8:78:68:07:DF:79:AE:75
Authority key identifier: 0D:AE:DA:E5:9D:9C:9A:F5:1E:F5:48:AF:B0:C9:64:38:CE:F7:21:1C
Certificate issuer:       /CN=0daedae59d9c9af51ef548afb0c96438cef7211c
Certificate serial:       019A706E56F0B9F960EDB429BF8E662E2EA7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Da7a5Z2cmvUe9UivsMlkOM73IRw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/d29d3f-1696-4ed4-96d2-e7eb817ede30/1/Da7a5Z2cmvUe9UivsMlkOM73IRw.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 01:01:10 +0000
Manifest this update:     Tue 11 Nov 2025 01:01:10 +0000
Manifest next update:     Wed 12 Nov 2025 01:01:10 +0000
Files and hashes:         1: Da7a5Z2cmvUe9UivsMlkOM73IRw.crl (hash: YRMycChQmB3FaYgxI3WLaTbesKZ16TXaB/Gtre7m4L4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/d29d3f-1696-4ed4-96d2-e7eb817ede30/1/Da7a5Z2cmvUe9UivsMlkOM73IRw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/d29d3f-1696-4ed4-96d2-e7eb817ede30/1/Da7a5Z2cmvUe9UivsMlkOM73IRw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Da7a5Z2cmvUe9UivsMlkOM73IRw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 01:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:6e:56:f0:b9:f9:60:ed:b4:29:bf:8e:66:2e:2e:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0daedae59d9c9af51ef548afb0c96438cef7211c
        Validity
            Not Before: Nov 11 01:01:10 2025 GMT
            Not After : Nov 12 01:01:10 2025 GMT
        Subject: CN=463aa14b731d9983f47a2bf3c8786807df79ae75
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:f7:d0:41:75:ad:83:5c:bc:19:89:7a:0c:1c:
                    ae:58:0c:a0:35:a7:0f:95:1a:82:7b:c3:59:2a:f9:
                    52:4d:4f:51:d5:37:44:d2:2a:6d:11:6a:18:8e:45:
                    37:e9:6f:7a:27:aa:d4:0c:92:89:dc:4e:59:35:b7:
                    de:0c:8f:ed:ae:54:9e:44:5f:cd:cc:51:93:d6:1a:
                    88:20:66:1a:51:95:2f:b5:a7:90:1e:3f:0c:1f:d5:
                    27:71:89:14:a7:ec:96:f8:b5:cb:99:c2:a1:aa:51:
                    5e:d3:e4:97:e1:87:3a:0a:27:17:83:70:82:79:49:
                    06:ed:a5:1c:22:d0:a6:f5:90:4e:1c:e9:fd:52:9a:
                    c3:4f:5b:e3:b5:7d:44:e3:dc:39:f6:ac:d4:c0:4b:
                    bd:d6:c3:f4:4d:20:80:fc:62:b0:68:99:79:c0:e8:
                    26:51:b9:7a:52:fa:6b:2d:e8:b3:8b:31:27:a3:a7:
                    0a:09:f0:a0:d0:be:83:55:c0:d8:0d:80:e4:53:3b:
                    d5:46:03:4a:be:59:3c:47:bf:24:e2:64:36:93:3d:
                    0d:71:e5:88:83:89:08:3e:55:8b:bf:b2:c9:e1:17:
                    2f:95:ce:72:f1:d3:41:8f:93:93:b3:31:db:26:eb:
                    5d:13:60:fa:2c:44:33:ff:e4:28:92:70:0a:49:a3:
                    3a:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:3A:A1:4B:73:1D:99:83:F4:7A:2B:F3:C8:78:68:07:DF:79:AE:75
            X509v3 Authority Key Identifier:
                keyid:0D:AE:DA:E5:9D:9C:9A:F5:1E:F5:48:AF:B0:C9:64:38:CE:F7:21:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Da7a5Z2cmvUe9UivsMlkOM73IRw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d29d3f-1696-4ed4-96d2-e7eb817ede30/1/Da7a5Z2cmvUe9UivsMlkOM73IRw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d29d3f-1696-4ed4-96d2-e7eb817ede30/1/Da7a5Z2cmvUe9UivsMlkOM73IRw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:6e:aa:55:4c:c4:c5:b9:36:5f:2b:b7:5d:f3:77:ab:1b:f5:
         91:5f:6f:1c:09:28:fc:0e:51:82:ee:3b:0e:0b:cc:24:9d:8a:
         c0:1d:1e:0e:b3:a0:2d:c9:82:83:07:ed:de:65:c1:9e:fb:8c:
         56:87:a2:0f:f5:1f:85:82:5a:46:84:03:15:d4:e8:97:95:bd:
         53:47:5b:4d:ca:f5:82:0e:6a:c5:dc:42:41:eb:3f:77:aa:94:
         1f:49:4c:f9:57:da:c0:1a:7e:c1:52:11:92:32:61:f3:7c:3a:
         49:fa:a0:64:fa:5f:2d:c4:ce:57:a6:1f:3c:25:30:5c:99:c8:
         42:75:b9:69:b6:8e:e5:3b:70:2f:e5:31:a4:7c:45:7c:18:69:
         98:00:9c:fc:06:cc:0c:50:90:0d:3f:54:94:07:d0:f6:51:15:
         34:ba:d6:1d:a4:f2:f9:a4:f8:a0:10:89:9e:b5:b7:b6:bf:f2:
         b7:25:23:46:1a:9f:fe:bd:7b:04:da:a3:88:75:ee:57:90:8c:
         30:26:64:b3:3d:10:fc:97:86:71:32:6a:ac:2d:2f:e2:3b:7c:
         4d:6f:fd:9b:b4:cd:26:cf:bb:a3:a5:b5:b9:dc:76:e0:51:f6:
         68:68:e3:63:c4:08:f8:66:7f:60:0a:57:25:27:a7:9b:39:7f:
         ca:4a:0e:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwblbwuflg7bQpv45mLi6nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYWVkYWU1OWQ5YzlhZjUxZWY1NDhhZmIwYzk2NDM4Y2Vm
NzIxMWMwHhcNMjUxMTExMDEwMTEwWhcNMjUxMTEyMDEwMTEwWjAzMTEwLwYDVQQD
Eyg0NjNhYTE0YjczMWQ5OTgzZjQ3YTJiZjNjODc4NjgwN2RmNzlhZTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8PfQQXWtg1y8GYl6DByuWAygNacP
lRqCe8NZKvlSTU9R1TdE0iptEWoYjkU36W96J6rUDJKJ3E5ZNbfeDI/trlSeRF/N
zFGT1hqIIGYaUZUvtaeQHj8MH9UncYkUp+yW+LXLmcKhqlFe0+SX4Yc6CicXg3CC
eUkG7aUcItCm9ZBOHOn9UprDT1vjtX1E49w59qzUwEu91sP0TSCA/GKwaJl5wOgm
Ubl6UvprLeizizEno6cKCfCg0L6DVcDYDYDkUzvVRgNKvlk8R78k4mQ2kz0NceWI
g4kIPlWLv7LJ4Rcvlc5y8dNBj5OTszHbJutdE2D6LEQz/+QoknAKSaM6OQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEY6oUtzHZmD9Hor88h4aAffea51MB8GA1UdIwQY
MBaAFA2u2uWdnJr1HvVIr7DJZDjO9yEcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGE3YTVaMmNtdlVlOVVpdnNNbGtPTTczSVJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kMjlkM2YtMTY5Ni00ZWQ0LTk2ZDIt
ZTdlYjgxN2VkZTMwLzEvRGE3YTVaMmNtdlVlOVVpdnNNbGtPTTczSVJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kMjlkM2YtMTY5Ni00ZWQ0LTk2ZDItZTdlYjgxN2VkZTMw
LzEvRGE3YTVaMmNtdlVlOVVpdnNNbGtPTTczSVJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXm6qVUzE
xbk2Xyu3XfN3qxv1kV9vHAko/A5Rgu47DgvMJJ2KwB0eDrOgLcmCgwft3mXBnvuM
VoeiD/UfhYJaRoQDFdTol5W9U0dbTcr1gg5qxdxCQes/d6qUH0lM+VfawBp+wVIR
kjJh83w6SfqgZPpfLcTOV6YfPCUwXJnIQnW5abaO5TtwL+UxpHxFfBhpmACc/AbM
DFCQDT9UlAfQ9lEVNLrWHaTy+aT4oBCJnrW3tr/ytyUjRhqf/r17BNqjiHXuV5CM
MCZksz0Q/JeGcTJqrC0v4jt8TW/9m7TNJs+7o6W1udx24FH2aGjjY8QI+GZ/YApX
JSenmzl/ykoOPg==
-----END CERTIFICATE-----