Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/6fd3ef-d558-4e70-a214-52aefb6568ae/1/cLqzJoCFMIofjVcIS52qHr-V4Nw.mft
File:                     cLqzJoCFMIofjVcIS52qHr-V4Nw.mft (raw, json)
Hash identifier:          y+JBUUmXISyChYAioDHbmbpasUhrrehFhOYqO8/nlLA=
Subject key identifier:   02:AE:EC:91:64:E1:3A:9C:F7:85:EA:C9:2E:AD:23:A1:4B:F8:BA:1E
Authority key identifier: 70:BA:B3:26:80:85:30:8A:1F:8D:57:08:4B:9D:AA:1E:BF:95:E0:DC
Certificate issuer:       /CN=70bab3268085308a1f8d57084b9daa1ebf95e0dc
Certificate serial:       019A4EF5417021CCDD3D8B45E566A49FDD4E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cLqzJoCFMIofjVcIS52qHr-V4Nw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/6fd3ef-d558-4e70-a214-52aefb6568ae/1/cLqzJoCFMIofjVcIS52qHr-V4Nw.mft
Manifest number:          1707
Signing time:             Tue 04 Nov 2025 13:01:27 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:27 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:27 +0000
Files and hashes:         1: cLqzJoCFMIofjVcIS52qHr-V4Nw.crl (hash: 4K+mH/VUjgobPd9R+qcPrsxgRnHlJvep5OFbd0yBZWI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/6fd3ef-d558-4e70-a214-52aefb6568ae/1/cLqzJoCFMIofjVcIS52qHr-V4Nw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/6fd3ef-d558-4e70-a214-52aefb6568ae/1/cLqzJoCFMIofjVcIS52qHr-V4Nw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cLqzJoCFMIofjVcIS52qHr-V4Nw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 13:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:41:70:21:cc:dd:3d:8b:45:e5:66:a4:9f:dd:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70bab3268085308a1f8d57084b9daa1ebf95e0dc
        Validity
            Not Before: Nov  4 13:01:27 2025 GMT
            Not After : Nov  5 13:01:27 2025 GMT
        Subject: CN=02aeec9164e13a9cf785eac92ead23a14bf8ba1e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:6f:70:52:dc:f1:97:e8:ec:3b:80:39:38:a1:
                    0a:ba:ca:2c:b1:fc:41:42:b6:52:06:cf:75:dd:68:
                    20:75:69:c0:79:e8:9e:95:fa:0b:88:60:54:8c:46:
                    a5:fc:69:83:49:07:77:21:25:5f:b8:66:17:cf:bf:
                    38:c8:7b:5a:8e:50:a6:09:ec:2d:7c:8a:54:0e:ed:
                    fb:5f:af:82:b2:ff:0b:de:c1:25:8a:5d:3c:56:28:
                    d3:f1:71:f6:2b:20:6d:aa:3a:4e:e4:a8:ae:e2:f3:
                    87:ce:68:36:a3:24:09:3d:71:51:fd:2f:a1:c3:42:
                    8b:57:83:5a:a3:43:76:27:71:19:5e:d0:89:0d:4a:
                    2b:cd:48:96:a7:25:60:dd:77:f0:b6:59:ff:12:1f:
                    e4:86:5a:23:ed:f7:48:c9:b7:1d:f2:d1:2f:53:fb:
                    26:20:49:38:f3:1b:87:a2:a1:50:ec:be:f2:70:3c:
                    10:6d:43:8b:9c:e3:a6:d7:bc:79:a9:a6:bd:69:09:
                    9f:a6:db:33:0e:dd:c7:0b:43:48:80:90:33:85:f2:
                    aa:68:c7:9c:3a:e8:ae:22:b0:c8:2f:6d:40:6c:61:
                    61:15:f5:43:ea:39:dc:b5:39:15:45:9d:b0:2a:05:
                    c4:60:7d:48:c8:4d:99:25:69:45:55:58:77:1f:48:
                    42:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:AE:EC:91:64:E1:3A:9C:F7:85:EA:C9:2E:AD:23:A1:4B:F8:BA:1E
            X509v3 Authority Key Identifier:
                keyid:70:BA:B3:26:80:85:30:8A:1F:8D:57:08:4B:9D:AA:1E:BF:95:E0:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cLqzJoCFMIofjVcIS52qHr-V4Nw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/6fd3ef-d558-4e70-a214-52aefb6568ae/1/cLqzJoCFMIofjVcIS52qHr-V4Nw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/6fd3ef-d558-4e70-a214-52aefb6568ae/1/cLqzJoCFMIofjVcIS52qHr-V4Nw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:3d:09:5d:99:96:22:1d:c6:7f:77:fa:85:8d:74:06:cc:74:
         57:18:c7:8d:e9:67:d6:39:85:db:b7:a2:70:16:75:c9:37:a8:
         9f:70:52:82:b1:f1:ac:48:18:02:b8:2e:26:22:a1:98:12:94:
         b6:e9:ac:37:ee:bd:70:f0:5c:6c:73:17:05:a7:42:78:b0:a9:
         a8:ba:75:8c:97:37:77:06:3d:4a:7a:1e:3d:48:de:6c:a7:2a:
         bc:73:82:2c:bd:23:32:9c:f1:83:2d:b7:cf:05:41:33:be:84:
         20:1d:84:a5:d4:50:bf:e8:b2:84:83:90:16:71:70:25:87:9b:
         22:90:6f:aa:83:92:36:19:8b:57:cc:84:19:db:eb:3b:aa:aa:
         5f:92:04:bd:cb:93:78:e6:a1:f3:19:99:c3:c8:9c:f0:c3:2c:
         06:03:5a:89:23:1b:ee:a7:f6:1c:64:c5:35:7d:d5:ad:b2:39:
         a1:3c:c9:fe:79:4d:21:7b:f9:eb:44:99:45:c9:2b:ec:0b:8e:
         7b:2e:1d:00:bb:e6:04:3a:f0:29:7a:c9:d2:8b:60:76:cc:11:
         03:64:66:11:25:5f:52:cd:a2:cc:05:93:4d:4f:c6:e8:50:bb:
         c8:03:ad:f9:84:1b:59:26:59:72:5d:5e:8a:0c:ff:5b:6f:4e:
         73:ed:22:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9UFwIczdPYtF5Wakn91OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYmFiMzI2ODA4NTMwOGExZjhkNTcwODRiOWRhYTFlYmY5
NWUwZGMwHhcNMjUxMTA0MTMwMTI3WhcNMjUxMTA1MTMwMTI3WjAzMTEwLwYDVQQD
EygwMmFlZWM5MTY0ZTEzYTljZjc4NWVhYzkyZWFkMjNhMTRiZjhiYTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA329wUtzxl+jsO4A5OKEKusossfxB
QrZSBs913WggdWnAeeielfoLiGBUjEal/GmDSQd3ISVfuGYXz784yHtajlCmCewt
fIpUDu37X6+Csv8L3sElil08VijT8XH2KyBtqjpO5Kiu4vOHzmg2oyQJPXFR/S+h
w0KLV4Nao0N2J3EZXtCJDUorzUiWpyVg3Xfwtln/Eh/khloj7fdIybcd8tEvU/sm
IEk48xuHoqFQ7L7ycDwQbUOLnOOm17x5qaa9aQmfptszDt3HC0NIgJAzhfKqaMec
OuiuIrDIL21AbGFhFfVD6jnctTkVRZ2wKgXEYH1IyE2ZJWlFVVh3H0hCCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAKu7JFk4Tqc94XqyS6tI6FL+LoeMB8GA1UdIwQY
MBaAFHC6syaAhTCKH41XCEudqh6/leDcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0xxekpvQ0ZNSW9malZjSVM1MnFIci1WNE53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS82ZmQzZWYtZDU1OC00ZTcwLWEyMTQt
NTJhZWZiNjU2OGFlLzEvY0xxekpvQ0ZNSW9malZjSVM1MnFIci1WNE53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS82ZmQzZWYtZDU1OC00ZTcwLWEyMTQtNTJhZWZiNjU2OGFl
LzEvY0xxekpvQ0ZNSW9malZjSVM1MnFIci1WNE53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcj0JXZmW
Ih3Gf3f6hY10Bsx0VxjHjeln1jmF27eicBZ1yTeon3BSgrHxrEgYArguJiKhmBKU
tumsN+69cPBcbHMXBadCeLCpqLp1jJc3dwY9SnoePUjebKcqvHOCLL0jMpzxgy23
zwVBM76EIB2EpdRQv+iyhIOQFnFwJYebIpBvqoOSNhmLV8yEGdvrO6qqX5IEvcuT
eOah8xmZw8ic8MMsBgNaiSMb7qf2HGTFNX3VrbI5oTzJ/nlNIXv560SZRckr7AuO
ey4dALvmBDrwKXrJ0otgdswRA2RmESVfUs2izAWTTU/G6FC7yAOt+YQbWSZZcl1e
igz/W29Oc+0ihg==
-----END CERTIFICATE-----