Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
File:                     U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft (raw, json)
Hash identifier:          uv1j+kuOtrrqWuO3bx1muxfRZKNBnLc4KM+M6Xu7fHo=
Subject key identifier:   88:0E:C6:65:4D:7B:8F:49:48:83:70:DA:2A:C6:8F:9B:4A:C1:1D:17
Authority key identifier: 53:8B:06:2C:B5:42:6F:00:E6:53:73:EE:F4:E4:CD:8A:1C:27:F6:8E
Certificate issuer:       /CN=538b062cb5426f00e65373eef4e4cd8a1c27f68e
Certificate serial:       019A71B8A7C66648D0139F69FD33B4419D27
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
Manifest number:          171C
Signing time:             Tue 11 Nov 2025 07:01:58 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:58 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:58 +0000
Files and hashes:         1: U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl (hash: Sti2gcM3FwoHwd33JV704koMCLL5sOxmHcMy76ujmfQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:a7:c6:66:48:d0:13:9f:69:fd:33:b4:41:9d:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=538b062cb5426f00e65373eef4e4cd8a1c27f68e
        Validity
            Not Before: Nov 11 07:01:58 2025 GMT
            Not After : Nov 12 07:01:58 2025 GMT
        Subject: CN=880ec6654d7b8f49488370da2ac68f9b4ac11d17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:47:4d:6d:69:a7:b5:5b:2a:85:56:50:64:cc:
                    7f:45:eb:1a:54:46:37:4a:81:b5:e0:50:ac:f8:f8:
                    15:2f:1d:2d:ba:59:49:c4:33:95:74:6e:2f:ba:55:
                    2a:ce:d7:24:0c:8c:99:b4:43:15:53:06:b6:7a:79:
                    58:7d:b8:d0:1d:2b:be:77:65:a0:e6:61:7b:64:30:
                    b8:a6:eb:f1:51:19:57:d1:19:f4:42:ec:67:4d:e1:
                    1a:db:95:c3:cd:ee:04:3b:ef:1c:f6:af:8a:ea:27:
                    98:19:04:a7:e5:89:96:45:e8:f3:cb:1e:c2:3b:a0:
                    c4:ff:b7:26:8e:67:a3:46:8b:29:a6:ea:fe:6b:b8:
                    43:22:30:ba:12:87:ee:aa:a7:c6:a5:be:80:77:51:
                    6f:ed:af:4d:ee:24:8d:3d:11:24:d9:07:28:63:6e:
                    96:0c:b8:72:b7:48:d2:b1:81:d9:64:7f:d1:9b:c0:
                    b6:29:03:4f:24:fe:b3:ce:5d:c0:7a:c1:57:65:d0:
                    49:d0:74:bb:11:bf:89:9d:a0:e5:9f:a4:c4:02:3b:
                    32:df:41:63:bc:17:00:f2:3d:94:34:31:de:88:25:
                    a0:4f:bc:b2:b0:af:78:94:6a:a2:31:cb:8e:af:57:
                    22:a4:6f:fb:ca:6b:f9:fc:4e:fe:30:c1:7d:70:e4:
                    dd:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:0E:C6:65:4D:7B:8F:49:48:83:70:DA:2A:C6:8F:9B:4A:C1:1D:17
            X509v3 Authority Key Identifier:
                keyid:53:8B:06:2C:B5:42:6F:00:E6:53:73:EE:F4:E4:CD:8A:1C:27:F6:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:49:8f:89:10:ac:c9:f9:4b:9c:13:ee:54:11:d3:b1:51:13:
         3c:50:99:15:7b:11:6d:7c:fc:66:37:f4:1b:58:3e:95:bb:35:
         70:a1:cb:3f:af:29:39:a4:09:35:3a:45:b0:f4:21:b3:78:45:
         17:90:ea:ed:74:64:28:8f:98:be:1a:e3:7d:40:aa:61:aa:be:
         fb:3f:16:09:92:ef:52:65:53:20:ef:4b:34:c8:e5:b4:b5:e7:
         6b:ba:f1:ee:1d:9c:28:ab:a6:80:ce:56:e6:a4:ea:49:bd:60:
         e0:e6:1a:b3:86:39:e9:d8:fe:e3:c8:5f:f1:cb:b5:2d:ac:0f:
         2e:21:f2:69:c2:36:31:32:86:6e:d9:7a:19:56:24:f9:7e:be:
         33:fd:59:f9:f4:b0:29:3c:9c:6e:b4:68:d0:33:ff:95:15:1c:
         06:26:18:0d:83:d5:ce:ba:b3:50:40:86:05:cb:e6:2a:36:e5:
         44:49:ad:26:5d:4c:e2:17:77:6d:e0:7c:15:13:8c:6a:12:4a:
         d9:ba:31:e8:cb:df:9b:ff:6c:ba:d6:dd:9b:5f:32:5a:c8:d5:
         98:a4:8b:48:6e:84:60:0b:50:1a:1c:12:33:e9:dc:85:58:47:
         c3:c8:c9:f6:aa:f2:61:31:84:ef:b9:47:90:66:fd:94:7e:1b:
         1b:8e:6d:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuKfGZkjQE59p/TO0QZ0nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzOGIwNjJjYjU0MjZmMDBlNjUzNzNlZWY0ZTRjZDhhMWMy
N2Y2OGUwHhcNMjUxMTExMDcwMTU4WhcNMjUxMTEyMDcwMTU4WjAzMTEwLwYDVQQD
Eyg4ODBlYzY2NTRkN2I4ZjQ5NDg4MzcwZGEyYWM2OGY5YjRhYzExZDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyEdNbWmntVsqhVZQZMx/ResaVEY3
SoG14FCs+PgVLx0tullJxDOVdG4vulUqztckDIyZtEMVUwa2enlYfbjQHSu+d2Wg
5mF7ZDC4puvxURlX0Rn0QuxnTeEa25XDze4EO+8c9q+K6ieYGQSn5YmWRejzyx7C
O6DE/7cmjmejRosppur+a7hDIjC6EofuqqfGpb6Ad1Fv7a9N7iSNPREk2QcoY26W
DLhyt0jSsYHZZH/Rm8C2KQNPJP6zzl3AesFXZdBJ0HS7Eb+JnaDln6TEAjsy30Fj
vBcA8j2UNDHeiCWgT7yysK94lGqiMcuOr1cipG/7ymv5/E7+MMF9cOTdkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIgOxmVNe49JSINw2irGj5tKwR0XMB8GA1UdIwQY
MBaAFFOLBiy1Qm8A5lNz7vTkzYocJ/aOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8xZDQ1N2ItNDBiZC00NDhmLWE5MTUt
MjBjOGFiOTI2OTZmLzEvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8xZDQ1N2ItNDBiZC00NDhmLWE5MTUtMjBjOGFiOTI2OTZm
LzEvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhkmPiRCs
yflLnBPuVBHTsVETPFCZFXsRbXz8Zjf0G1g+lbs1cKHLP68pOaQJNTpFsPQhs3hF
F5Dq7XRkKI+YvhrjfUCqYaq++z8WCZLvUmVTIO9LNMjltLXna7rx7h2cKKumgM5W
5qTqSb1g4OYas4Y56dj+48hf8cu1LawPLiHyacI2MTKGbtl6GVYk+X6+M/1Z+fSw
KTycbrRo0DP/lRUcBiYYDYPVzrqzUECGBcvmKjblREmtJl1M4hd3beB8FROMahJK
2box6Mvfm/9sutbdm18yWsjVmKSLSG6EYAtQGhwSM+nchVhHw8jJ9qryYTGE77lH
kGb9lH4bG45tkQ==
-----END CERTIFICATE-----