Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/fb6270-0353-46fc-b9f5-7e8e6e888dac/1/iSWuMjSiyXwn9171HT_zJr4GDiw.mft
File:                     iSWuMjSiyXwn9171HT_zJr4GDiw.mft (raw, json)
Hash identifier:          xWJrbtI92WxlLABz7OL9e4p/tKi3EsSDdo42v6grtAQ=
Subject key identifier:   26:49:4B:BD:A3:2A:3C:11:5D:54:CB:72:C4:26:DD:4C:28:DA:1D:EB
Authority key identifier: 89:25:AE:32:34:A2:C9:7C:27:F7:5E:F5:1D:3F:F3:26:BE:06:0E:2C
Certificate issuer:       /CN=8925ae3234a2c97c27f75ef51d3ff326be060e2c
Certificate serial:       019A4F9905E9C6225D1E90382EB2902A74C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iSWuMjSiyXwn9171HT_zJr4GDiw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/fb6270-0353-46fc-b9f5-7e8e6e888dac/1/iSWuMjSiyXwn9171HT_zJr4GDiw.mft
Manifest number:          1709
Signing time:             Tue 04 Nov 2025 16:00:19 +0000
Manifest this update:     Tue 04 Nov 2025 16:00:19 +0000
Manifest next update:     Wed 05 Nov 2025 16:00:19 +0000
Files and hashes:         1: iSWuMjSiyXwn9171HT_zJr4GDiw.crl (hash: GIBtO+ztQ3JK1uLGkxCnXqAfVl3PaBOT5/Y0Vvqr1lY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/fb6270-0353-46fc-b9f5-7e8e6e888dac/1/iSWuMjSiyXwn9171HT_zJr4GDiw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/fb6270-0353-46fc-b9f5-7e8e6e888dac/1/iSWuMjSiyXwn9171HT_zJr4GDiw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iSWuMjSiyXwn9171HT_zJr4GDiw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:99:05:e9:c6:22:5d:1e:90:38:2e:b2:90:2a:74:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8925ae3234a2c97c27f75ef51d3ff326be060e2c
        Validity
            Not Before: Nov  4 16:00:19 2025 GMT
            Not After : Nov  5 16:00:19 2025 GMT
        Subject: CN=26494bbda32a3c115d54cb72c426dd4c28da1deb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:e7:b1:29:bb:98:58:ea:7d:3d:c7:3b:6e:26:
                    75:7a:d9:f2:ac:dc:7c:65:3d:8e:41:14:dc:7f:bc:
                    7e:51:13:49:b1:13:df:19:63:bc:05:2b:c6:c2:c8:
                    03:5a:67:6f:b5:d1:07:0a:ca:37:93:28:26:51:3d:
                    25:75:6a:82:b4:60:ee:0c:f4:73:05:d4:bb:c9:29:
                    cf:28:cf:66:46:0f:e0:da:b8:01:d7:5a:66:c6:e1:
                    22:c1:c2:df:b8:23:6e:5a:01:3e:f2:c5:68:9a:20:
                    fb:3f:82:32:45:40:f5:fe:d2:e1:50:fc:d6:4f:11:
                    98:9c:f9:56:a1:67:79:be:e4:b4:b0:29:7c:f7:68:
                    c2:72:45:b5:a7:78:f7:d8:8f:14:77:ec:88:a9:e5:
                    e0:2e:cd:e5:41:57:ed:06:9d:54:15:0d:9f:8c:bd:
                    d8:74:ff:24:3c:d0:99:a1:0a:ef:d0:32:a1:cc:78:
                    55:0d:00:3d:bf:99:92:c5:cb:54:08:22:88:ee:fc:
                    6b:a5:29:04:85:c7:f0:a1:ca:bd:00:a7:68:74:cd:
                    1e:f8:b2:3f:a8:5e:b6:c0:ce:e0:0f:f2:f0:da:31:
                    89:7a:84:f4:92:f9:f9:63:33:30:15:2c:b1:53:09:
                    22:bc:f8:76:52:43:c3:93:fe:e3:80:20:8d:77:0a:
                    d8:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:49:4B:BD:A3:2A:3C:11:5D:54:CB:72:C4:26:DD:4C:28:DA:1D:EB
            X509v3 Authority Key Identifier:
                keyid:89:25:AE:32:34:A2:C9:7C:27:F7:5E:F5:1D:3F:F3:26:BE:06:0E:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iSWuMjSiyXwn9171HT_zJr4GDiw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/fb6270-0353-46fc-b9f5-7e8e6e888dac/1/iSWuMjSiyXwn9171HT_zJr4GDiw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/fb6270-0353-46fc-b9f5-7e8e6e888dac/1/iSWuMjSiyXwn9171HT_zJr4GDiw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:d8:06:29:f4:ef:19:b6:da:b4:ac:ff:bb:05:aa:57:d7:a2:
         8e:0f:bf:45:75:8f:af:4d:fa:9a:d5:d7:96:c8:66:a6:2e:17:
         6e:d4:39:a5:4d:8b:de:dd:02:00:bc:56:eb:c4:c9:38:51:ac:
         7d:3a:58:8c:7f:87:2b:04:df:a5:f6:00:5b:f9:0c:b1:95:d3:
         68:6b:69:72:8a:4a:a3:17:10:ab:b5:f3:2a:b6:81:ab:4c:cc:
         ad:51:42:bf:e4:24:37:60:c4:d3:09:8b:41:3f:32:37:e0:7c:
         e4:e9:15:93:dc:51:2d:d7:b8:db:aa:3a:05:e6:b1:ca:66:f5:
         86:4a:6f:5b:7f:51:13:29:a5:c7:be:da:46:b6:45:f7:ab:8e:
         d5:76:d4:4a:1c:5a:f9:d8:a3:61:41:b8:9f:df:10:00:df:ff:
         f1:cf:23:50:61:8a:e5:f9:07:d5:75:46:cb:18:0f:e6:58:29:
         f7:aa:99:15:cb:a7:26:e9:65:26:7e:62:2b:fc:05:7a:9f:92:
         6f:0b:d7:70:70:2a:fe:8c:d0:5a:a2:f2:53:8b:26:db:52:3b:
         67:98:e9:68:f2:63:12:49:fb:53:9a:9a:19:0b:08:a8:1e:6e:
         70:25:f4:70:29:0f:43:29:79:76:7d:e3:9f:62:43:fe:8c:4c:
         0f:7f:57:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPmQXpxiJdHpA4LrKQKnTAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MjVhZTMyMzRhMmM5N2MyN2Y3NWVmNTFkM2ZmMzI2YmUw
NjBlMmMwHhcNMjUxMTA0MTYwMDE5WhcNMjUxMTA1MTYwMDE5WjAzMTEwLwYDVQQD
EygyNjQ5NGJiZGEzMmEzYzExNWQ1NGNiNzJjNDI2ZGQ0YzI4ZGExZGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteexKbuYWOp9Pcc7biZ1etnyrNx8
ZT2OQRTcf7x+URNJsRPfGWO8BSvGwsgDWmdvtdEHCso3kygmUT0ldWqCtGDuDPRz
BdS7ySnPKM9mRg/g2rgB11pmxuEiwcLfuCNuWgE+8sVomiD7P4IyRUD1/tLhUPzW
TxGYnPlWoWd5vuS0sCl892jCckW1p3j32I8Ud+yIqeXgLs3lQVftBp1UFQ2fjL3Y
dP8kPNCZoQrv0DKhzHhVDQA9v5mSxctUCCKI7vxrpSkEhcfwocq9AKdodM0e+LI/
qF62wM7gD/Lw2jGJeoT0kvn5YzMwFSyxUwkivPh2UkPDk/7jgCCNdwrYewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCZJS72jKjwRXVTLcsQm3Uwo2h3rMB8GA1UdIwQY
MBaAFIklrjI0osl8J/de9R0/8ya+Bg4sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVNXdU1qU2l5WHduOTE3MUhUX3pKcjRHRGl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9mYjYyNzAtMDM1My00NmZjLWI5ZjUt
N2U4ZTZlODg4ZGFjLzEvaVNXdU1qU2l5WHduOTE3MUhUX3pKcjRHRGl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9mYjYyNzAtMDM1My00NmZjLWI5ZjUtN2U4ZTZlODg4ZGFj
LzEvaVNXdU1qU2l5WHduOTE3MUhUX3pKcjRHRGl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAftgGKfTv
GbbatKz/uwWqV9eijg+/RXWPr036mtXXlshmpi4XbtQ5pU2L3t0CALxW68TJOFGs
fTpYjH+HKwTfpfYAW/kMsZXTaGtpcopKoxcQq7XzKraBq0zMrVFCv+QkN2DE0wmL
QT8yN+B85OkVk9xRLde426o6Beaxymb1hkpvW39REymlx77aRrZF96uO1XbUShxa
+dijYUG4n98QAN//8c8jUGGK5fkH1XVGyxgP5lgp96qZFcunJullJn5iK/wFep+S
bwvXcHAq/ozQWqLyU4sm21I7Z5jpaPJjEkn7U5qaGQsIqB5ucCX0cCkPQyl5dn3j
n2JD/oxMD39Xbg==
-----END CERTIFICATE-----