Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/b711d7-ea06-4e42-98f7-63a4caedb38e/1/FAd8W3ds23z3vDXWtELjZ3arDG4.mft
File:                     FAd8W3ds23z3vDXWtELjZ3arDG4.mft (raw, json)
Hash identifier:          mQKkNvqIaF7jLj4CxP6ywJdlT/H9ure+tU+942utZ/c=
Subject key identifier:   B1:1F:3F:B4:74:89:2A:30:F8:93:DA:F8:98:E8:EB:7B:25:CA:0E:B6
Authority key identifier: 14:07:7C:5B:77:6C:DB:7C:F7:BC:35:D6:B4:42:E3:67:76:AB:0C:6E
Certificate issuer:       /CN=14077c5b776cdb7cf7bc35d6b442e36776ab0c6e
Certificate serial:       019A4EF463FF73F2D2D2ADC3FE3EFB6CF806
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FAd8W3ds23z3vDXWtELjZ3arDG4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/b711d7-ea06-4e42-98f7-63a4caedb38e/1/FAd8W3ds23z3vDXWtELjZ3arDG4.mft
Manifest number:          170A
Signing time:             Tue 04 Nov 2025 13:00:30 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:30 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:30 +0000
Files and hashes:         1: FAd8W3ds23z3vDXWtELjZ3arDG4.crl (hash: syFWuBuBtgBPiKr6tBVr1bs3fTY+yQgfyZYwQg66cio=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/b711d7-ea06-4e42-98f7-63a4caedb38e/1/FAd8W3ds23z3vDXWtELjZ3arDG4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/b711d7-ea06-4e42-98f7-63a4caedb38e/1/FAd8W3ds23z3vDXWtELjZ3arDG4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FAd8W3ds23z3vDXWtELjZ3arDG4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:63:ff:73:f2:d2:d2:ad:c3:fe:3e:fb:6c:f8:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14077c5b776cdb7cf7bc35d6b442e36776ab0c6e
        Validity
            Not Before: Nov  4 13:00:30 2025 GMT
            Not After : Nov  5 13:00:30 2025 GMT
        Subject: CN=b11f3fb474892a30f893daf898e8eb7b25ca0eb6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:89:23:ca:8d:ac:13:33:f4:04:3e:dc:88:25:
                    59:46:a2:4a:29:66:2c:d5:a4:1e:8f:67:21:08:b2:
                    34:b5:26:35:ec:9e:6a:0c:9f:bb:00:3c:09:a4:42:
                    1b:6f:00:b7:b9:b0:57:38:ab:4c:2a:c6:2c:5e:52:
                    3b:0d:4a:2f:35:32:b9:e8:92:2b:82:d6:c7:d8:19:
                    53:72:cc:90:4e:ad:f2:bb:6b:7a:de:62:ad:79:4d:
                    8b:47:09:bf:13:ad:5e:70:74:e9:2c:d1:e9:4d:e1:
                    90:00:e1:41:4d:7f:8c:b8:e1:01:8f:d1:e2:a3:50:
                    81:88:9c:8c:0c:25:75:ff:58:89:70:d1:05:ce:96:
                    cf:d2:43:9e:22:fe:10:ae:7b:c5:71:e3:47:79:b5:
                    6c:f2:e4:6d:22:0b:0a:e0:fc:fb:c2:17:e2:8e:76:
                    6b:e5:1a:ec:5d:0a:66:6c:31:d9:97:a9:9b:46:25:
                    f0:b6:e5:f0:15:fd:3e:7a:ad:fc:5b:4e:bd:5a:86:
                    53:4c:3b:ca:4b:66:eb:dc:21:60:a5:0f:8e:e1:0f:
                    1d:cb:ab:aa:c2:18:cc:e2:b1:98:eb:55:70:c2:5e:
                    21:56:b2:7c:4a:d4:15:91:b1:61:df:52:e6:d1:b6:
                    d0:05:47:41:9e:94:b0:62:a7:da:86:14:d6:41:3c:
                    92:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:1F:3F:B4:74:89:2A:30:F8:93:DA:F8:98:E8:EB:7B:25:CA:0E:B6
            X509v3 Authority Key Identifier:
                keyid:14:07:7C:5B:77:6C:DB:7C:F7:BC:35:D6:B4:42:E3:67:76:AB:0C:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FAd8W3ds23z3vDXWtELjZ3arDG4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/b711d7-ea06-4e42-98f7-63a4caedb38e/1/FAd8W3ds23z3vDXWtELjZ3arDG4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/b711d7-ea06-4e42-98f7-63a4caedb38e/1/FAd8W3ds23z3vDXWtELjZ3arDG4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:5f:d3:6b:99:1c:d4:6b:32:4a:66:45:fd:14:6f:34:ad:62:
         50:9b:11:af:99:17:2c:2c:8f:54:d6:55:2c:f7:b3:98:fc:03:
         2b:af:34:c3:75:8b:b2:b1:33:6d:64:bc:06:4b:7f:f5:18:6f:
         7e:f2:d5:2c:ed:e2:57:79:35:6c:5b:75:da:b3:e8:10:b4:73:
         94:73:61:7c:6e:39:9c:61:de:d4:91:89:9b:68:e8:ab:2c:7b:
         84:51:50:a9:57:d1:f9:5a:18:b7:ce:d6:80:87:5f:27:8a:22:
         78:2a:ec:13:66:c9:78:51:17:b1:4d:ee:63:2c:42:c5:aa:87:
         c1:7c:b4:5c:bb:5e:f2:0f:70:9b:5d:e5:fd:18:0a:5d:89:8e:
         9e:1e:69:3b:3d:b5:46:58:26:8f:cb:e2:6a:63:b2:19:3f:76:
         c9:fe:76:45:62:df:74:a1:dd:d0:54:62:ec:52:1a:69:f0:41:
         09:17:b4:96:6a:d1:8b:f3:91:97:03:29:8d:39:9f:e9:40:1b:
         bc:78:19:0e:38:03:52:cb:29:24:cb:20:5f:e9:a8:3f:41:20:
         9c:3d:ed:b9:0e:01:07:a8:44:5e:02:ef:d5:5a:3c:d8:ac:77:
         95:e1:bd:48:56:4d:93:64:46:15:40:3d:7f:59:00:9a:31:bb:
         16:93:8f:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9GP/c/LS0q3D/j77bPgGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0MDc3YzViNzc2Y2RiN2NmN2JjMzVkNmI0NDJlMzY3NzZh
YjBjNmUwHhcNMjUxMTA0MTMwMDMwWhcNMjUxMTA1MTMwMDMwWjAzMTEwLwYDVQQD
EyhiMTFmM2ZiNDc0ODkyYTMwZjg5M2RhZjg5OGU4ZWI3YjI1Y2EwZWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIkjyo2sEzP0BD7ciCVZRqJKKWYs
1aQej2chCLI0tSY17J5qDJ+7ADwJpEIbbwC3ubBXOKtMKsYsXlI7DUovNTK56JIr
gtbH2BlTcsyQTq3yu2t63mKteU2LRwm/E61ecHTpLNHpTeGQAOFBTX+MuOEBj9Hi
o1CBiJyMDCV1/1iJcNEFzpbP0kOeIv4QrnvFceNHebVs8uRtIgsK4Pz7whfijnZr
5RrsXQpmbDHZl6mbRiXwtuXwFf0+eq38W069WoZTTDvKS2br3CFgpQ+O4Q8dy6uq
whjM4rGY61Vwwl4hVrJ8StQVkbFh31Lm0bbQBUdBnpSwYqfahhTWQTySnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLEfP7R0iSow+JPa+Jjo63slyg62MB8GA1UdIwQY
MBaAFBQHfFt3bNt897w11rRC42d2qwxuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkFkOFczZHMyM3ozdkRYV3RFTGpaM2FyREc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9iNzExZDctZWEwNi00ZTQyLTk4Zjct
NjNhNGNhZWRiMzhlLzEvRkFkOFczZHMyM3ozdkRYV3RFTGpaM2FyREc0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9iNzExZDctZWEwNi00ZTQyLTk4ZjctNjNhNGNhZWRiMzhl
LzEvRkFkOFczZHMyM3ozdkRYV3RFTGpaM2FyREc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl1/Ta5kc
1GsySmZF/RRvNK1iUJsRr5kXLCyPVNZVLPezmPwDK680w3WLsrEzbWS8Bkt/9Rhv
fvLVLO3iV3k1bFt12rPoELRzlHNhfG45nGHe1JGJm2joqyx7hFFQqVfR+VoYt87W
gIdfJ4oieCrsE2bJeFEXsU3uYyxCxaqHwXy0XLte8g9wm13l/RgKXYmOnh5pOz21
Rlgmj8viamOyGT92yf52RWLfdKHd0FRi7FIaafBBCRe0lmrRi/ORlwMpjTmf6UAb
vHgZDjgDUsspJMsgX+moP0EgnD3tuQ4BB6hEXgLv1Vo82Kx3leG9SFZNk2RGFUA9
f1kAmjG7FpOPDA==
-----END CERTIFICATE-----