Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft
File:                     gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft (raw, json)
Hash identifier:          SUyHvFMrfXcGPE3mI5M4vZlckANYUuxTk1yTvebae9Y=
Subject key identifier:   E8:84:82:52:72:09:0E:9E:69:B9:49:A1:06:21:14:58:C5:DF:EF:6A
Authority key identifier: 80:EB:71:D0:19:A4:83:22:5C:32:4C:88:C6:C4:80:20:EF:9F:11:68
Certificate issuer:       /CN=80eb71d019a483225c324c88c6c48020ef9f1168
Certificate serial:       019A4F9945D7539839892095ACD6B9347499
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gOtx0BmkgyJcMkyIxsSAIO-fEWg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft
Manifest number:          170A
Signing time:             Tue 04 Nov 2025 16:00:36 +0000
Manifest this update:     Tue 04 Nov 2025 16:00:36 +0000
Manifest next update:     Wed 05 Nov 2025 16:00:36 +0000
Files and hashes:         1: gOtx0BmkgyJcMkyIxsSAIO-fEWg.crl (hash: bfTDDMuWAUf1/hWEyxmqyEK/6qTiH1Fz1KidgtDdYAs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gOtx0BmkgyJcMkyIxsSAIO-fEWg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 16:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:99:45:d7:53:98:39:89:20:95:ac:d6:b9:34:74:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=80eb71d019a483225c324c88c6c48020ef9f1168
        Validity
            Not Before: Nov  4 16:00:36 2025 GMT
            Not After : Nov  5 16:00:36 2025 GMT
        Subject: CN=e884825272090e9e69b949a106211458c5dfef6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:34:44:e5:9e:13:a5:19:f7:fe:69:22:cb:db:
                    f7:1c:1a:df:26:c7:f4:cb:63:cb:eb:b8:3f:f2:43:
                    64:61:31:7f:f9:66:87:78:ce:16:3b:9d:f8:22:0a:
                    10:70:56:91:a2:8c:44:2e:46:93:b2:21:3b:91:26:
                    7b:9f:bc:29:9b:21:c4:8c:02:42:f9:f0:bf:e1:7f:
                    07:ce:19:d5:db:01:51:52:74:3a:e8:6f:a8:91:4c:
                    c6:ff:09:fa:54:b6:b1:da:13:37:25:ca:67:d3:9c:
                    ac:4c:e1:2b:dc:33:eb:9a:74:2c:61:90:bc:bc:37:
                    c3:1c:a8:9a:57:dd:ff:7f:d6:91:e8:c3:a1:c3:9c:
                    a5:e4:e9:a5:56:01:92:b7:e4:31:c7:6f:79:f0:fe:
                    45:b0:34:41:9a:d7:dd:f4:db:7e:db:fd:2b:fd:1d:
                    aa:49:54:22:fc:8f:1d:fe:b1:c0:8e:c5:61:38:7f:
                    66:23:e5:72:35:53:45:e6:e7:fe:a1:30:7b:e3:ce:
                    5d:b4:16:76:3b:13:9f:2c:f9:97:32:6c:8e:84:f0:
                    11:dc:d1:59:f4:9a:ab:45:e3:89:db:a0:41:eb:d6:
                    38:2b:00:85:bf:f0:fe:19:33:14:e8:61:5f:b6:1f:
                    07:fa:29:5b:fc:0a:17:97:b0:81:27:6c:d2:09:af:
                    45:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:84:82:52:72:09:0E:9E:69:B9:49:A1:06:21:14:58:C5:DF:EF:6A
            X509v3 Authority Key Identifier:
                keyid:80:EB:71:D0:19:A4:83:22:5C:32:4C:88:C6:C4:80:20:EF:9F:11:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gOtx0BmkgyJcMkyIxsSAIO-fEWg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:be:6d:b4:81:a3:fd:3d:e8:31:f0:08:b4:50:25:00:1e:a6:
         dd:86:fc:ef:5b:ed:a1:17:7e:01:80:c4:10:a0:41:24:58:ff:
         d6:5c:99:8f:21:c9:18:ab:2b:6d:19:22:8b:e6:df:2f:94:ac:
         7c:fa:13:93:6f:f0:b3:cb:9e:59:b8:c5:8b:17:31:53:94:43:
         36:36:d1:80:09:91:26:d1:62:29:72:0b:2a:3a:26:1c:a8:1b:
         dd:ce:fb:ce:fe:d6:e4:ff:d9:06:d2:9f:a9:ab:1c:0e:e6:8f:
         a9:88:6a:1f:a3:48:32:85:40:7b:99:d4:71:ef:d2:1a:8d:2f:
         aa:91:da:be:5f:47:4e:46:a9:8b:d8:22:6e:d4:b7:0b:40:3b:
         4c:1f:ec:4d:07:70:c1:e3:cc:26:7a:94:f1:3e:88:2c:2f:03:
         b2:dd:78:47:a6:f7:23:95:f7:bf:43:46:d1:24:a4:1e:4d:f6:
         b7:24:31:2c:a7:3a:b9:a4:be:5c:16:67:51:a0:91:23:37:67:
         6e:59:c0:2b:63:24:a3:10:81:e0:23:42:07:6d:10:3f:34:b6:
         b2:55:cb:cd:af:d0:13:1b:1e:fd:83:76:e7:90:54:c0:62:ca:
         71:cb:57:65:06:ab:f7:05:3b:61:78:87:30:5a:ed:66:5c:f7:
         86:59:1e:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPmUXXU5g5iSCVrNa5NHSZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZWI3MWQwMTlhNDgzMjI1YzMyNGM4OGM2YzQ4MDIwZWY5
ZjExNjgwHhcNMjUxMTA0MTYwMDM2WhcNMjUxMTA1MTYwMDM2WjAzMTEwLwYDVQQD
EyhlODg0ODI1MjcyMDkwZTllNjliOTQ5YTEwNjIxMTQ1OGM1ZGZlZjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDRE5Z4TpRn3/mkiy9v3HBrfJsf0
y2PL67g/8kNkYTF/+WaHeM4WO534IgoQcFaRooxELkaTsiE7kSZ7n7wpmyHEjAJC
+fC/4X8HzhnV2wFRUnQ66G+okUzG/wn6VLax2hM3Jcpn05ysTOEr3DPrmnQsYZC8
vDfDHKiaV93/f9aR6MOhw5yl5OmlVgGSt+Qxx2958P5FsDRBmtfd9Nt+2/0r/R2q
SVQi/I8d/rHAjsVhOH9mI+VyNVNF5uf+oTB7485dtBZ2OxOfLPmXMmyOhPAR3NFZ
9JqrReOJ26BB69Y4KwCFv/D+GTMU6GFfth8H+ilb/AoXl7CBJ2zSCa9F7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOiEglJyCQ6eablJoQYhFFjF3+9qMB8GA1UdIwQY
MBaAFIDrcdAZpIMiXDJMiMbEgCDvnxFoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ090eDBCbWtneUpjTWt5SXhzU0FJTy1mRVdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8yOTA3ODktMTkyMi00ZWIwLThhZDQt
ZmVkODlkMTcwZGE0LzEvZ090eDBCbWtneUpjTWt5SXhzU0FJTy1mRVdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8yOTA3ODktMTkyMi00ZWIwLThhZDQtZmVkODlkMTcwZGE0
LzEvZ090eDBCbWtneUpjTWt5SXhzU0FJTy1mRVdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApL5ttIGj
/T3oMfAItFAlAB6m3Yb871vtoRd+AYDEEKBBJFj/1lyZjyHJGKsrbRkii+bfL5Ss
fPoTk2/ws8ueWbjFixcxU5RDNjbRgAmRJtFiKXILKjomHKgb3c77zv7W5P/ZBtKf
qascDuaPqYhqH6NIMoVAe5nUce/SGo0vqpHavl9HTkapi9gibtS3C0A7TB/sTQdw
wePMJnqU8T6ILC8Dst14R6b3I5X3v0NG0SSkHk32tyQxLKc6uaS+XBZnUaCRIzdn
blnAK2MkoxCB4CNCB20QPzS2slXLza/QExse/YN255BUwGLKcctXZQar9wU7YXiH
MFrtZlz3hlkeXw==
-----END CERTIFICATE-----