Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/b680af-d5ab-4b2f-a837-0d41a64e90ec/1/EDfew086MutlAvFmKoKiD4teohw.mft
File:                     EDfew086MutlAvFmKoKiD4teohw.mft (raw, json)
Hash identifier:          ZHB0jL6JIPIXS+X8d/wTle5N8wGFP3gMQUIsYV4GLwI=
Subject key identifier:   DA:D2:04:91:17:50:82:2D:73:6B:FC:AC:75:9E:19:F3:82:C1:CE:7E
Authority key identifier: 10:37:DE:C3:4F:3A:32:EB:65:02:F1:66:2A:82:A2:0F:8B:5E:A2:1C
Certificate issuer:       /CN=1037dec34f3a32eb6502f1662a82a20f8b5ea21c
Certificate serial:       019A4D74448EF68B07A5AA641A0628B6B697
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EDfew086MutlAvFmKoKiD4teohw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/b680af-d5ab-4b2f-a837-0d41a64e90ec/1/EDfew086MutlAvFmKoKiD4teohw.mft
Manifest number:          170A
Signing time:             Tue 04 Nov 2025 06:00:56 +0000
Manifest this update:     Tue 04 Nov 2025 06:00:56 +0000
Manifest next update:     Wed 05 Nov 2025 06:00:56 +0000
Files and hashes:         1: EDfew086MutlAvFmKoKiD4teohw.crl (hash: rhNC3fZhVqB473aAzSVjU/7KHt2Os8VinCTVVK2GviQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/b680af-d5ab-4b2f-a837-0d41a64e90ec/1/EDfew086MutlAvFmKoKiD4teohw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/b680af-d5ab-4b2f-a837-0d41a64e90ec/1/EDfew086MutlAvFmKoKiD4teohw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EDfew086MutlAvFmKoKiD4teohw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 06:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:74:44:8e:f6:8b:07:a5:aa:64:1a:06:28:b6:b6:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1037dec34f3a32eb6502f1662a82a20f8b5ea21c
        Validity
            Not Before: Nov  4 06:00:56 2025 GMT
            Not After : Nov  5 06:00:56 2025 GMT
        Subject: CN=dad204911750822d736bfcac759e19f382c1ce7e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:02:c6:74:d8:7e:c0:e9:fb:15:30:f0:9d:5b:
                    d2:0b:f7:56:40:3c:ae:69:d9:e3:79:f0:b8:c7:83:
                    13:64:56:bb:3e:3d:c5:28:c8:d1:1b:7f:00:c4:f8:
                    42:48:a5:05:98:48:62:3e:26:27:90:19:04:ba:33:
                    9a:54:0c:6e:d3:e0:4c:ab:1d:aa:08:f0:37:e2:27:
                    40:98:04:31:c7:91:3e:eb:9d:ef:59:13:6c:13:36:
                    cc:f4:5c:a6:e3:6d:ae:20:98:6a:5a:2f:c2:38:5c:
                    00:e9:f4:d2:d8:9b:03:af:14:40:79:fd:94:40:76:
                    02:71:c0:32:ac:60:1d:54:5a:40:b2:92:bd:c8:67:
                    ae:04:46:1a:82:8f:2b:d4:b9:5e:49:88:39:84:45:
                    f6:0f:4a:36:4f:55:d7:3a:d8:ba:77:e9:50:95:32:
                    43:f6:c8:c4:a8:9a:a2:03:28:0f:f7:55:09:40:4e:
                    b9:dc:40:45:69:9b:d4:3c:67:f5:7d:a7:fa:bd:73:
                    4d:d2:0f:9c:b5:89:c3:f0:b8:fc:ff:75:21:eb:a7:
                    e9:5e:01:e5:0d:27:3f:04:12:d4:0a:c7:4e:6b:23:
                    90:0a:21:b1:e2:c0:74:cc:4f:ef:09:10:21:08:ec:
                    47:fb:79:13:10:fb:ba:98:7d:64:c2:dc:ad:47:b1:
                    05:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:D2:04:91:17:50:82:2D:73:6B:FC:AC:75:9E:19:F3:82:C1:CE:7E
            X509v3 Authority Key Identifier:
                keyid:10:37:DE:C3:4F:3A:32:EB:65:02:F1:66:2A:82:A2:0F:8B:5E:A2:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EDfew086MutlAvFmKoKiD4teohw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/b680af-d5ab-4b2f-a837-0d41a64e90ec/1/EDfew086MutlAvFmKoKiD4teohw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/b680af-d5ab-4b2f-a837-0d41a64e90ec/1/EDfew086MutlAvFmKoKiD4teohw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cb:3e:3b:32:a3:fb:ef:85:89:d9:13:da:1f:07:07:21:4b:3e:
         c6:ef:32:cb:83:b2:ca:3c:1b:d8:ba:76:69:44:5c:1c:b5:88:
         91:bc:e5:95:05:35:5a:cf:53:37:36:57:ba:12:87:b5:32:a8:
         45:1d:ee:ef:63:1e:5a:e4:05:2f:27:94:7d:20:33:29:57:b6:
         ca:5e:61:d2:77:0c:8c:80:77:a8:85:00:0b:0f:88:50:bc:1d:
         6e:cf:66:6c:22:df:d3:35:cc:32:6f:2c:cf:5a:dc:8e:a6:9c:
         c0:cb:f3:19:a7:c6:68:dd:28:8d:e9:b8:45:50:f2:e2:26:d4:
         6f:39:4d:a1:45:f5:a1:eb:b5:ac:2a:67:31:fb:0c:71:e5:fe:
         dc:da:c7:37:e7:57:af:d4:98:2e:66:f1:e6:0f:e1:c0:6a:78:
         14:8a:b6:a8:cc:f4:bf:90:b6:80:c2:f0:db:ce:4c:d1:5d:2b:
         08:d6:60:f1:75:b7:dd:77:90:38:c2:18:cc:3c:c9:8d:fc:9c:
         c0:8b:dc:e5:88:27:44:6f:dd:1c:59:f3:ae:14:e5:a7:e3:10:
         75:69:97:29:08:ba:81:36:ca:50:a0:b1:1a:f4:58:91:9a:de:
         5e:80:9f:14:0f:28:fc:02:9f:ef:8e:28:d0:4a:32:00:44:13:
         d3:49:9f:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNdESO9osHpapkGgYotraXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMzdkZWMzNGYzYTMyZWI2NTAyZjE2NjJhODJhMjBmOGI1
ZWEyMWMwHhcNMjUxMTA0MDYwMDU2WhcNMjUxMTA1MDYwMDU2WjAzMTEwLwYDVQQD
EyhkYWQyMDQ5MTE3NTA4MjJkNzM2YmZjYWM3NTllMTlmMzgyYzFjZTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ALGdNh+wOn7FTDwnVvSC/dWQDyu
adnjefC4x4MTZFa7Pj3FKMjRG38AxPhCSKUFmEhiPiYnkBkEujOaVAxu0+BMqx2q
CPA34idAmAQxx5E+653vWRNsEzbM9Fym422uIJhqWi/COFwA6fTS2JsDrxRAef2U
QHYCccAyrGAdVFpAspK9yGeuBEYago8r1LleSYg5hEX2D0o2T1XXOti6d+lQlTJD
9sjEqJqiAygP91UJQE653EBFaZvUPGf1faf6vXNN0g+ctYnD8Lj8/3Uh66fpXgHl
DSc/BBLUCsdOayOQCiGx4sB0zE/vCRAhCOxH+3kTEPu6mH1kwtytR7EFswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNrSBJEXUIItc2v8rHWeGfOCwc5+MB8GA1UdIwQY
MBaAFBA33sNPOjLrZQLxZiqCog+LXqIcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRURmZXcwODZNdXRsQXZGbUtvS2lENHRlb2h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9iNjgwYWYtZDVhYi00YjJmLWE4Mzct
MGQ0MWE2NGU5MGVjLzEvRURmZXcwODZNdXRsQXZGbUtvS2lENHRlb2h3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9iNjgwYWYtZDVhYi00YjJmLWE4MzctMGQ0MWE2NGU5MGVj
LzEvRURmZXcwODZNdXRsQXZGbUtvS2lENHRlb2h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyz47MqP7
74WJ2RPaHwcHIUs+xu8yy4Oyyjwb2Lp2aURcHLWIkbzllQU1Ws9TNzZXuhKHtTKo
RR3u72MeWuQFLyeUfSAzKVe2yl5h0ncMjIB3qIUACw+IULwdbs9mbCLf0zXMMm8s
z1rcjqacwMvzGafGaN0ojem4RVDy4ibUbzlNoUX1oeu1rCpnMfsMceX+3NrHN+dX
r9SYLmbx5g/hwGp4FIq2qMz0v5C2gMLw285M0V0rCNZg8XW33XeQOMIYzDzJjfyc
wIvc5YgnRG/dHFnzrhTlp+MQdWmXKQi6gTbKUKCxGvRYkZreXoCfFA8o/AKf744o
0EoyAEQT00mfyw==
-----END CERTIFICATE-----