Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.mft
File:                     ROzsULCd1G04TQgbUH0juv71HJw.mft (raw, json)
Hash identifier:          7quFKGQJpXBaxdjeXnrGQwoW4mFlfdtEvo7xCGVLvbA=
Subject key identifier:   FD:6C:8E:56:5D:C0:D0:2C:5A:BC:61:1E:B0:92:96:38:E2:DC:2D:B5
Authority key identifier: 44:EC:EC:50:B0:9D:D4:6D:38:4D:08:1B:50:7D:23:BA:FE:F5:1C:9C
Certificate issuer:       /CN=44ecec50b09dd46d384d081b507d23bafef51c9c
Certificate serial:       019A4DAB23BD5B1523EDB21919E159E67B74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ROzsULCd1G04TQgbUH0juv71HJw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.mft
Manifest number:          170A
Signing time:             Tue 04 Nov 2025 07:00:52 +0000
Manifest this update:     Tue 04 Nov 2025 07:00:52 +0000
Manifest next update:     Wed 05 Nov 2025 07:00:52 +0000
Files and hashes:         1: ROzsULCd1G04TQgbUH0juv71HJw.crl (hash: ub/70rmM4Z6vOULsJAklaPgnL0FyTAhyqLOxZC1vPJY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ROzsULCd1G04TQgbUH0juv71HJw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 07:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:ab:23:bd:5b:15:23:ed:b2:19:19:e1:59:e6:7b:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44ecec50b09dd46d384d081b507d23bafef51c9c
        Validity
            Not Before: Nov  4 07:00:52 2025 GMT
            Not After : Nov  5 07:00:52 2025 GMT
        Subject: CN=fd6c8e565dc0d02c5abc611eb0929638e2dc2db5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:a7:76:dc:15:0b:7d:12:02:f3:24:23:87:5b:
                    94:08:54:da:ae:77:cc:bc:8b:19:b6:f3:96:24:bf:
                    92:cc:05:d4:54:80:05:25:02:a9:4d:ec:d7:e7:6c:
                    98:c8:f9:ce:41:48:f9:9a:ea:f7:7d:7e:8f:c9:2a:
                    dd:55:09:9d:db:80:bc:7a:82:b4:c5:48:14:3b:fb:
                    52:41:c7:c3:b4:eb:87:33:1a:94:f4:06:f0:58:41:
                    54:2d:3a:04:71:26:bf:62:61:79:9c:c6:c7:18:24:
                    1f:a0:49:43:fe:b8:b1:35:56:34:d4:01:05:b9:2e:
                    f0:2c:a2:84:c9:af:58:e6:19:f0:59:f4:06:9c:29:
                    a4:27:df:32:cf:0a:9a:32:27:41:92:5e:64:7f:11:
                    92:a6:fe:d3:b3:0a:6c:ac:7d:93:f2:87:4d:18:a8:
                    89:39:7d:86:6c:b7:1d:4f:0f:67:00:25:dd:29:ba:
                    57:d9:d7:aa:3f:1d:59:1d:53:c7:d8:4e:ad:d4:80:
                    fd:77:57:16:ec:ae:6d:0a:f0:bc:03:6e:e1:e7:1e:
                    f6:88:47:28:aa:0e:8e:85:c0:7f:35:64:00:bc:7d:
                    15:26:3f:1d:66:a8:08:e5:a3:46:17:e3:6b:88:6d:
                    51:e6:09:cd:b6:b4:02:df:1c:de:bb:24:36:3e:33:
                    b5:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:6C:8E:56:5D:C0:D0:2C:5A:BC:61:1E:B0:92:96:38:E2:DC:2D:B5
            X509v3 Authority Key Identifier:
                keyid:44:EC:EC:50:B0:9D:D4:6D:38:4D:08:1B:50:7D:23:BA:FE:F5:1C:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ROzsULCd1G04TQgbUH0juv71HJw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:eb:53:1b:e0:83:49:1c:89:a7:9c:ff:38:62:c4:f1:77:e9:
         50:e2:a3:92:1e:49:04:75:cb:1b:d8:8b:6f:65:01:4e:4c:1d:
         50:34:c8:bb:9d:a3:dc:53:c1:85:cd:be:e9:40:23:2e:40:80:
         6f:ff:50:fe:f3:f1:99:0b:3c:b2:28:fa:c4:7d:77:6d:d3:0a:
         d2:9d:f8:7d:57:3c:1e:42:4e:ef:35:e7:87:5e:2d:16:3a:df:
         ce:7d:06:a4:5c:d8:5f:61:34:f1:6e:22:ed:40:82:55:84:72:
         25:9f:f1:20:26:47:1f:c2:27:3c:2a:5f:b6:f1:07:80:37:b0:
         99:c2:26:52:dc:b1:98:cf:2e:a1:cf:c6:c0:34:b8:92:46:3b:
         27:3a:b3:8e:ff:da:87:22:07:bf:0c:6a:26:23:b7:df:47:82:
         65:52:34:44:e5:08:ea:bb:6d:fc:37:98:f9:a2:62:53:a0:88:
         31:8e:13:fa:b7:ca:50:5c:33:58:06:20:20:14:1b:ca:78:3e:
         82:35:03:e4:2e:38:2d:a9:2e:cd:21:0b:e0:8d:b6:4a:08:dd:
         cf:40:db:64:d0:24:fd:b8:40:b1:8b:73:be:50:69:94:e3:da:
         e6:0b:ef:42:a3:15:25:8a:fb:80:cf:26:1d:25:51:84:10:d3:
         03:16:b0:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNqyO9WxUj7bIZGeFZ5nt0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZWNlYzUwYjA5ZGQ0NmQzODRkMDgxYjUwN2QyM2JhZmVm
NTFjOWMwHhcNMjUxMTA0MDcwMDUyWhcNMjUxMTA1MDcwMDUyWjAzMTEwLwYDVQQD
EyhmZDZjOGU1NjVkYzBkMDJjNWFiYzYxMWViMDkyOTYzOGUyZGMyZGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKd23BULfRIC8yQjh1uUCFTarnfM
vIsZtvOWJL+SzAXUVIAFJQKpTezX52yYyPnOQUj5mur3fX6PySrdVQmd24C8eoK0
xUgUO/tSQcfDtOuHMxqU9AbwWEFULToEcSa/YmF5nMbHGCQfoElD/rixNVY01AEF
uS7wLKKEya9Y5hnwWfQGnCmkJ98yzwqaMidBkl5kfxGSpv7TswpsrH2T8odNGKiJ
OX2GbLcdTw9nACXdKbpX2deqPx1ZHVPH2E6t1ID9d1cW7K5tCvC8A27h5x72iEco
qg6OhcB/NWQAvH0VJj8dZqgI5aNGF+NriG1R5gnNtrQC3xzeuyQ2PjO1uQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP1sjlZdwNAsWrxhHrCSljji3C21MB8GA1UdIwQY
MBaAFETs7FCwndRtOE0IG1B9I7r+9RycMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk96c1VMQ2QxRzA0VFFnYlVIMGp1djcxSEp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8zMDkxZTgtM2M2MC00MWNjLTg1ZTAt
ZTMyZDZmNmYzY2NjLzEvUk96c1VMQ2QxRzA0VFFnYlVIMGp1djcxSEp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8zMDkxZTgtM2M2MC00MWNjLTg1ZTAtZTMyZDZmNmYzY2Nj
LzEvUk96c1VMQ2QxRzA0VFFnYlVIMGp1djcxSEp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYOtTG+CD
SRyJp5z/OGLE8XfpUOKjkh5JBHXLG9iLb2UBTkwdUDTIu52j3FPBhc2+6UAjLkCA
b/9Q/vPxmQs8sij6xH13bdMK0p34fVc8HkJO7zXnh14tFjrfzn0GpFzYX2E08W4i
7UCCVYRyJZ/xICZHH8InPCpftvEHgDewmcImUtyxmM8uoc/GwDS4kkY7Jzqzjv/a
hyIHvwxqJiO330eCZVI0ROUI6rtt/DeY+aJiU6CIMY4T+rfKUFwzWAYgIBQbyng+
gjUD5C44LakuzSEL4I22Sgjdz0DbZNAk/bhAsYtzvlBplOPa5gvvQqMVJYr7gM8m
HSVRhBDTAxawJg==
-----END CERTIFICATE-----