Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft
File:                     9bMQ6dROhHDWzYAJWQZssA8pHvo.mft (raw, json)
Hash identifier:          856XmDMnKWWHuYGCPT7NhS5uvlcdFj9NuajygZCB+X0=
Subject key identifier:   70:66:24:76:95:4F:9F:DD:32:C3:81:F2:CA:71:BE:84:C2:7E:69:0A
Authority key identifier: F5:B3:10:E9:D4:4E:84:70:D6:CD:80:09:59:06:6C:B0:0F:29:1E:FA
Certificate issuer:       /CN=f5b310e9d44e8470d6cd800959066cb00f291efa
Certificate serial:       019A4EF5DFBE80D3ABCEF42FEC59385E94A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft
Manifest number:          1171
Signing time:             Tue 04 Nov 2025 13:02:07 +0000
Manifest this update:     Tue 04 Nov 2025 13:02:07 +0000
Manifest next update:     Wed 05 Nov 2025 13:02:07 +0000
Files and hashes:         1: 9bMQ6dROhHDWzYAJWQZssA8pHvo.crl (hash: 8mQUw+MTAg3+KNA+lv0S0Untw7CzJozgjrvY9ObxyfQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:df:be:80:d3:ab:ce:f4:2f:ec:59:38:5e:94:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5b310e9d44e8470d6cd800959066cb00f291efa
        Validity
            Not Before: Nov  4 13:02:07 2025 GMT
            Not After : Nov  5 13:02:07 2025 GMT
        Subject: CN=70662476954f9fdd32c381f2ca71be84c27e690a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:9d:cb:84:f0:11:c0:a7:2f:0d:55:9e:f0:45:
                    ff:db:de:1b:01:0b:b3:eb:44:3f:ba:bd:49:f4:1a:
                    83:87:81:7b:cc:f2:e2:4c:ce:0e:07:fa:3a:5b:d6:
                    c4:af:31:e1:d8:16:8a:9a:6e:e3:37:ed:54:7e:5b:
                    b5:ef:a4:6c:cd:c1:ae:83:a2:8a:cd:69:7c:80:76:
                    df:23:64:33:40:02:25:2c:f5:e2:39:7a:22:d6:0a:
                    92:d0:17:82:6c:9f:df:1d:8c:d0:f3:97:51:5c:d9:
                    07:e8:b8:8b:50:17:ec:e7:65:ef:6a:0e:01:f0:94:
                    eb:a8:db:48:e3:0a:dc:b7:4f:31:da:49:c7:b6:6e:
                    7e:cb:1d:d6:10:a8:65:0f:24:42:cf:f9:97:0f:6f:
                    ac:80:96:31:9b:06:51:3c:ce:6f:55:81:60:c0:01:
                    6c:c9:1a:c0:51:10:87:16:33:35:c0:4d:a4:58:b4:
                    31:c4:ec:6a:aa:08:9f:70:90:e5:75:5f:78:b2:da:
                    78:c2:58:6d:40:2d:3a:e3:aa:fb:ee:21:21:76:62:
                    69:52:e8:5e:59:41:81:91:35:ad:f1:1b:e1:bf:30:
                    07:1e:e6:8a:18:cc:70:2d:96:b7:58:71:1c:67:ca:
                    c3:ca:4e:b0:93:cf:5e:b9:65:be:ca:57:b8:c6:41:
                    96:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:66:24:76:95:4F:9F:DD:32:C3:81:F2:CA:71:BE:84:C2:7E:69:0A
            X509v3 Authority Key Identifier:
                keyid:F5:B3:10:E9:D4:4E:84:70:D6:CD:80:09:59:06:6C:B0:0F:29:1E:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:fb:23:f1:58:d8:00:9f:aa:32:5f:fb:f8:a6:68:57:9d:6f:
         39:ea:35:31:8d:c2:e6:44:3b:5e:ff:b4:d1:d6:e7:25:b5:0f:
         fc:3b:c4:ca:69:a7:82:75:a9:d4:3d:58:9b:b5:fd:4c:4f:85:
         af:42:56:74:03:be:db:b7:61:ad:c0:d5:ce:ec:c9:51:97:61:
         df:cc:c8:cd:58:a2:7e:19:20:c2:02:74:59:8d:70:03:87:a7:
         48:d4:d3:7a:e6:fe:0b:19:a6:03:8b:2e:dd:ae:6b:94:01:7b:
         95:15:c0:80:ad:a5:08:f7:63:2f:56:68:30:2d:f1:b3:2e:82:
         df:14:38:38:3f:eb:64:78:af:6f:f1:28:b0:fc:3d:d4:8d:82:
         ce:1c:77:1e:8d:38:01:83:14:b2:aa:58:74:d5:91:23:6e:27:
         e9:d5:9c:c8:df:b0:f0:c8:af:c0:03:6f:8b:a5:1b:10:aa:a6:
         ab:c5:d0:fa:9a:da:34:70:3a:6e:67:13:d7:a6:75:8b:41:09:
         bb:3d:a3:fa:aa:cf:0c:45:4f:12:f7:8c:87:1d:10:ce:d7:ee:
         82:58:0f:e7:a5:d2:1b:35:4b:58:f2:6b:0e:44:2c:e7:fe:85:
         ec:3d:83:1b:1a:cc:8e:b3:20:9a:40:2a:e6:20:7e:34:2d:4d:
         f5:f1:f7:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9d++gNOrzvQv7Fk4XpSmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YjMxMGU5ZDQ0ZTg0NzBkNmNkODAwOTU5MDY2Y2IwMGYy
OTFlZmEwHhcNMjUxMTA0MTMwMjA3WhcNMjUxMTA1MTMwMjA3WjAzMTEwLwYDVQQD
Eyg3MDY2MjQ3Njk1NGY5ZmRkMzJjMzgxZjJjYTcxYmU4NGMyN2U2OTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv53LhPARwKcvDVWe8EX/294bAQuz
60Q/ur1J9BqDh4F7zPLiTM4OB/o6W9bErzHh2BaKmm7jN+1Uflu176RszcGug6KK
zWl8gHbfI2QzQAIlLPXiOXoi1gqS0BeCbJ/fHYzQ85dRXNkH6LiLUBfs52Xvag4B
8JTrqNtI4wrct08x2knHtm5+yx3WEKhlDyRCz/mXD2+sgJYxmwZRPM5vVYFgwAFs
yRrAURCHFjM1wE2kWLQxxOxqqgifcJDldV94stp4wlhtQC0646r77iEhdmJpUuhe
WUGBkTWt8RvhvzAHHuaKGMxwLZa3WHEcZ8rDyk6wk89euWW+yle4xkGW9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHBmJHaVT5/dMsOB8spxvoTCfmkKMB8GA1UdIwQY
MBaAFPWzEOnUToRw1s2ACVkGbLAPKR76MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9mNDhkZTEtOWYzMy00ZjBhLTg2NzYt
ZTgzNmViM2QyZjFmLzEvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9mNDhkZTEtOWYzMy00ZjBhLTg2NzYtZTgzNmViM2QyZjFm
LzEvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMvsj8VjY
AJ+qMl/7+KZoV51vOeo1MY3C5kQ7Xv+00dbnJbUP/DvEymmngnWp1D1Ym7X9TE+F
r0JWdAO+27dhrcDVzuzJUZdh38zIzViifhkgwgJ0WY1wA4enSNTTeub+CxmmA4su
3a5rlAF7lRXAgK2lCPdjL1ZoMC3xsy6C3xQ4OD/rZHivb/EosPw91I2Czhx3Ho04
AYMUsqpYdNWRI24n6dWcyN+w8MivwANvi6UbEKqmq8XQ+praNHA6bmcT16Z1i0EJ
uz2j+qrPDEVPEveMhx0QztfuglgP56XSGzVLWPJrDkQs5/6F7D2DGxrMjrMgmkAq
5iB+NC1N9fH3Bg==
-----END CERTIFICATE-----