Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft
File:                     s9nxe5jDqWQThWY7jNW3X-HwpJg.mft (raw, json)
Hash identifier:          U2EJucw5kRpOW518fC+MvjhHAEYx4en1/quMZI1G9CA=
Subject key identifier:   2B:77:4F:D5:56:F7:8C:E3:23:B2:4D:1D:A7:4E:5A:84:7C:1F:54:40
Authority key identifier: B3:D9:F1:7B:98:C3:A9:64:13:85:66:3B:8C:D5:B7:5F:E1:F0:A4:98
Certificate issuer:       /CN=b3d9f17b98c3a9641385663b8cd5b75fe1f0a498
Certificate serial:       019A4EBD4C24ED8598B542D2303C57338EDF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s9nxe5jDqWQThWY7jNW3X-HwpJg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft
Manifest number:          1708
Signing time:             Tue 04 Nov 2025 12:00:19 +0000
Manifest this update:     Tue 04 Nov 2025 12:00:19 +0000
Manifest next update:     Wed 05 Nov 2025 12:00:19 +0000
Files and hashes:         1: s9nxe5jDqWQThWY7jNW3X-HwpJg.crl (hash: PlXc9NApstGdfGGWP4cifv+Nad0NUMarq3zz0wLtT/U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s9nxe5jDqWQThWY7jNW3X-HwpJg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:bd:4c:24:ed:85:98:b5:42:d2:30:3c:57:33:8e:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3d9f17b98c3a9641385663b8cd5b75fe1f0a498
        Validity
            Not Before: Nov  4 12:00:19 2025 GMT
            Not After : Nov  5 12:00:19 2025 GMT
        Subject: CN=2b774fd556f78ce323b24d1da74e5a847c1f5440
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:81:b8:e4:01:24:73:57:ee:5d:05:46:42:6f:
                    44:b8:15:1d:d5:46:cc:06:d0:1e:7d:5c:d0:c6:17:
                    a1:d6:31:28:87:ac:6d:14:6d:7a:52:bd:29:f6:5c:
                    4e:bf:04:52:ea:ca:54:40:86:62:ca:a5:a0:a3:65:
                    eb:ea:61:3f:e6:c3:9a:c3:1e:90:8f:14:f6:ff:ad:
                    62:3a:79:0a:08:2d:b1:9a:5c:07:df:a3:c5:c9:2f:
                    55:2e:f4:72:ff:e0:0f:64:ff:09:4a:98:51:4d:88:
                    51:7f:af:a9:26:0c:06:57:68:fe:f8:57:ee:d8:9e:
                    31:ea:bc:20:bb:97:d8:78:b9:5c:4e:31:d7:de:52:
                    b2:5c:5f:21:fc:28:78:b6:39:f5:0c:a2:d0:5f:4b:
                    0d:84:b9:be:b8:39:ce:db:67:83:96:00:88:1f:1c:
                    cd:f0:2e:6f:a9:df:54:59:b0:07:40:65:a2:ba:0b:
                    53:92:85:81:f2:c8:60:4a:17:5c:45:c2:e6:e9:f3:
                    a0:59:42:cf:86:8e:69:26:87:98:14:da:1c:68:01:
                    2c:17:3e:c7:05:26:aa:15:04:1f:c4:6d:cb:75:90:
                    4b:67:bf:1b:8a:ba:7f:bd:66:3d:9d:b7:53:99:c3:
                    2d:f9:3b:84:5a:f9:65:86:f3:aa:b0:40:5a:2d:e1:
                    0d:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:77:4F:D5:56:F7:8C:E3:23:B2:4D:1D:A7:4E:5A:84:7C:1F:54:40
            X509v3 Authority Key Identifier:
                keyid:B3:D9:F1:7B:98:C3:A9:64:13:85:66:3B:8C:D5:B7:5F:E1:F0:A4:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9nxe5jDqWQThWY7jNW3X-HwpJg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:92:96:4e:f5:39:91:5f:1e:b1:9f:97:54:0a:11:83:12:79:
         9c:a4:d1:c5:26:59:67:10:8d:4d:10:cc:a2:58:17:34:90:a2:
         8f:eb:d7:69:54:5b:44:58:16:30:22:38:32:fd:36:3e:ab:36:
         7a:bc:5c:cd:c5:00:be:4c:87:a9:56:99:9e:f2:1c:fa:a4:1f:
         0a:20:87:1c:cf:31:95:a1:df:6d:4a:2e:b3:f8:0d:37:cd:47:
         1b:d8:34:94:c4:ea:15:ff:5d:df:1a:18:22:c5:fa:5c:ab:e7:
         de:bc:b0:2e:9b:20:ac:94:d1:18:80:be:35:6e:0f:20:f0:73:
         65:c0:8c:38:bb:61:87:b1:4b:4b:0b:6a:03:1b:69:f9:5b:de:
         3d:5a:f0:44:aa:8d:fa:af:2a:07:fb:f0:66:ef:de:62:fe:26:
         ee:92:ea:82:96:a5:b8:da:76:c5:11:f9:0c:32:a9:bd:68:cf:
         f2:39:82:3a:ce:c0:4d:1d:c8:9c:04:69:27:88:48:02:ef:d8:
         a8:df:a3:fa:20:cc:cc:1b:27:c8:ad:54:a9:a7:13:f2:6d:72:
         4f:91:fa:89:b1:c7:ce:e6:f6:cf:75:da:cd:bf:fd:c4:4e:a3:
         8b:1c:5d:ef:28:4a:09:00:47:49:93:eb:b1:55:55:a7:6e:1f:
         77:ab:ea:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOvUwk7YWYtULSMDxXM47fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZDlmMTdiOThjM2E5NjQxMzg1NjYzYjhjZDViNzVmZTFm
MGE0OTgwHhcNMjUxMTA0MTIwMDE5WhcNMjUxMTA1MTIwMDE5WjAzMTEwLwYDVQQD
EygyYjc3NGZkNTU2Zjc4Y2UzMjNiMjRkMWRhNzRlNWE4NDdjMWY1NDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4G45AEkc1fuXQVGQm9EuBUd1UbM
BtAefVzQxheh1jEoh6xtFG16Ur0p9lxOvwRS6spUQIZiyqWgo2Xr6mE/5sOawx6Q
jxT2/61iOnkKCC2xmlwH36PFyS9VLvRy/+APZP8JSphRTYhRf6+pJgwGV2j++Ffu
2J4x6rwgu5fYeLlcTjHX3lKyXF8h/Ch4tjn1DKLQX0sNhLm+uDnO22eDlgCIHxzN
8C5vqd9UWbAHQGWiugtTkoWB8shgShdcRcLm6fOgWULPho5pJoeYFNocaAEsFz7H
BSaqFQQfxG3LdZBLZ78birp/vWY9nbdTmcMt+TuEWvllhvOqsEBaLeENMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCt3T9VW94zjI7JNHadOWoR8H1RAMB8GA1UdIwQY
MBaAFLPZ8XuYw6lkE4VmO4zVt1/h8KSYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczlueGU1akRxV1FUaFdZN2pOVzNYLUh3cEpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi81ZmU1ZTYtMWE2Zi00NmYxLWE5OTkt
MThlYzZhMDA4YzU2LzEvczlueGU1akRxV1FUaFdZN2pOVzNYLUh3cEpnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi81ZmU1ZTYtMWE2Zi00NmYxLWE5OTktMThlYzZhMDA4YzU2
LzEvczlueGU1akRxV1FUaFdZN2pOVzNYLUh3cEpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAApKWTvU5
kV8esZ+XVAoRgxJ5nKTRxSZZZxCNTRDMolgXNJCij+vXaVRbRFgWMCI4Mv02Pqs2
erxczcUAvkyHqVaZnvIc+qQfCiCHHM8xlaHfbUous/gNN81HG9g0lMTqFf9d3xoY
IsX6XKvn3rywLpsgrJTRGIC+NW4PIPBzZcCMOLthh7FLSwtqAxtp+VvePVrwRKqN
+q8qB/vwZu/eYv4m7pLqgpaluNp2xRH5DDKpvWjP8jmCOs7ATR3InARpJ4hIAu/Y
qN+j+iDMzBsnyK1UqacT8m1yT5H6ibHHzub2z3Xazb/9xE6jixxd7yhKCQBHSZPr
sVVVp24fd6vq+g==
-----END CERTIFICATE-----