Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.mft
File:                     l37KDVyVbeF79pcQRvLrlc5hXik.mft (raw, json)
Hash identifier:          aMs9IXQEmZE8ZHiqfUNTaH6JMI3qk/oQTwXZ58OaKVA=
Subject key identifier:   B8:03:41:1B:85:76:C1:4C:86:47:70:01:5F:7B:BD:66:F6:12:DF:18
Authority key identifier: 97:7E:CA:0D:5C:95:6D:E1:7B:F6:97:10:46:F2:EB:95:CE:61:5E:29
Certificate issuer:       /CN=977eca0d5c956de17bf6971046f2eb95ce615e29
Certificate serial:       019A4D06249F4C4FF0F2F65CA942816DFCF8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l37KDVyVbeF79pcQRvLrlc5hXik.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.mft
Manifest number:          1709
Signing time:             Tue 04 Nov 2025 04:00:39 +0000
Manifest this update:     Tue 04 Nov 2025 04:00:39 +0000
Manifest next update:     Wed 05 Nov 2025 04:00:39 +0000
Files and hashes:         1: l37KDVyVbeF79pcQRvLrlc5hXik.crl (hash: Mn9smwCQurFJS1LXW4paKSPlsSQ+u40Ayv8irFXC6do=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/l37KDVyVbeF79pcQRvLrlc5hXik.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 04:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:06:24:9f:4c:4f:f0:f2:f6:5c:a9:42:81:6d:fc:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=977eca0d5c956de17bf6971046f2eb95ce615e29
        Validity
            Not Before: Nov  4 04:00:39 2025 GMT
            Not After : Nov  5 04:00:39 2025 GMT
        Subject: CN=b803411b8576c14c864770015f7bbd66f612df18
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:21:45:60:c2:af:90:8c:c5:58:2a:73:af:88:
                    ef:fe:99:5c:10:46:6e:6d:b5:20:83:98:cb:7f:78:
                    15:f9:60:32:eb:5b:7f:e3:f4:0b:22:90:6a:2f:e5:
                    41:74:0d:d3:c9:82:65:27:4e:be:98:6e:67:49:78:
                    16:c3:ec:56:57:b3:8f:9a:64:f7:e4:93:8c:c1:fe:
                    d3:fa:f0:1c:85:7c:99:35:18:f8:ee:3b:04:00:d6:
                    00:94:d5:89:9c:4a:a9:93:4a:55:72:f9:ab:27:94:
                    99:dc:3c:7c:4c:c6:49:fe:3f:45:2b:a3:19:5a:c4:
                    60:ad:ca:3c:e1:56:f4:9f:a9:d5:1f:22:72:c4:26:
                    8b:42:3c:ca:f7:86:4f:4c:aa:2f:97:1d:4b:ff:41:
                    71:15:ab:6d:9d:fd:be:da:23:e5:9c:25:31:8e:65:
                    61:a7:d9:28:05:58:00:7e:1f:66:7d:14:57:90:7e:
                    61:77:8b:6b:2d:56:21:d4:e6:17:57:2d:1e:66:54:
                    cd:2f:84:9b:21:34:cf:b8:10:38:cc:ed:87:0c:67:
                    e0:5c:92:71:4f:d4:9e:5d:2b:c5:c7:3c:7e:63:1c:
                    d6:3a:60:d0:c3:5c:3f:20:3e:69:9b:3e:75:97:a2:
                    90:04:48:33:43:14:fb:66:63:e5:eb:4b:8a:88:55:
                    d5:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:03:41:1B:85:76:C1:4C:86:47:70:01:5F:7B:BD:66:F6:12:DF:18
            X509v3 Authority Key Identifier:
                keyid:97:7E:CA:0D:5C:95:6D:E1:7B:F6:97:10:46:F2:EB:95:CE:61:5E:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l37KDVyVbeF79pcQRvLrlc5hXik.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:09:76:cb:14:47:56:f3:d1:f4:18:ec:c3:8b:6d:bf:68:a5:
         b8:ea:2a:da:50:07:3d:d9:39:43:ef:0b:2b:40:cc:d6:d3:09:
         bd:51:c3:65:56:f3:e5:58:96:c9:f3:32:5d:b6:49:86:f2:30:
         81:52:67:e8:1d:6d:12:73:87:39:c7:e0:87:c0:c3:9a:34:96:
         2b:08:1b:e5:42:28:4b:81:3e:d4:2a:2a:1e:31:4f:42:3d:c2:
         d0:2b:22:44:88:50:ac:61:1d:92:8c:69:e4:e6:64:e8:c0:75:
         2b:11:aa:be:50:50:7d:83:e9:bd:49:8f:6e:e3:ec:61:2c:37:
         cc:97:9d:2a:6c:36:ea:c0:26:f9:29:f0:0d:40:72:9b:2b:d7:
         62:e8:6a:3f:56:1d:de:49:50:a7:98:11:87:35:8a:8a:88:5b:
         00:7e:e9:40:b9:a6:b8:9a:43:79:21:e8:f9:f7:9a:8e:06:da:
         3b:21:ab:11:79:84:4a:c3:40:12:d6:e3:9e:76:63:db:5d:64:
         45:9d:b2:b1:12:52:64:5d:fe:a5:d2:ce:63:4b:f9:07:04:0c:
         73:a2:c7:8a:57:19:0b:fb:8e:3e:2a:5a:84:33:81:f3:a9:75:
         3a:eb:33:13:82:d1:18:a0:35:f9:8f:2d:9f:4b:ae:05:e0:a9:
         25:ba:b5:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNBiSfTE/w8vZcqUKBbfz4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3N2VjYTBkNWM5NTZkZTE3YmY2OTcxMDQ2ZjJlYjk1Y2U2
MTVlMjkwHhcNMjUxMTA0MDQwMDM5WhcNMjUxMTA1MDQwMDM5WjAzMTEwLwYDVQQD
EyhiODAzNDExYjg1NzZjMTRjODY0NzcwMDE1ZjdiYmQ2NmY2MTJkZjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSFFYMKvkIzFWCpzr4jv/plcEEZu
bbUgg5jLf3gV+WAy61t/4/QLIpBqL+VBdA3TyYJlJ06+mG5nSXgWw+xWV7OPmmT3
5JOMwf7T+vAchXyZNRj47jsEANYAlNWJnEqpk0pVcvmrJ5SZ3Dx8TMZJ/j9FK6MZ
WsRgrco84Vb0n6nVHyJyxCaLQjzK94ZPTKovlx1L/0FxFattnf2+2iPlnCUxjmVh
p9koBVgAfh9mfRRXkH5hd4trLVYh1OYXVy0eZlTNL4SbITTPuBA4zO2HDGfgXJJx
T9SeXSvFxzx+YxzWOmDQw1w/ID5pmz51l6KQBEgzQxT7ZmPl60uKiFXV2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLgDQRuFdsFMhkdwAV97vWb2Et8YMB8GA1UdIwQY
MBaAFJd+yg1clW3he/aXEEby65XOYV4pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDM3S0RWeVZiZUY3OXBjUVJ2THJsYzVoWGlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8zMmFiZDgtYmVkYi00YjdkLWE0NjMt
Nzk3MDZiMzQ1YmJiLzEvbDM3S0RWeVZiZUY3OXBjUVJ2THJsYzVoWGlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8zMmFiZDgtYmVkYi00YjdkLWE0NjMtNzk3MDZiMzQ1YmJi
LzEvbDM3S0RWeVZiZUY3OXBjUVJ2THJsYzVoWGlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlQl2yxRH
VvPR9Bjsw4ttv2iluOoq2lAHPdk5Q+8LK0DM1tMJvVHDZVbz5ViWyfMyXbZJhvIw
gVJn6B1tEnOHOcfgh8DDmjSWKwgb5UIoS4E+1CoqHjFPQj3C0CsiRIhQrGEdkoxp
5OZk6MB1KxGqvlBQfYPpvUmPbuPsYSw3zJedKmw26sAm+SnwDUBymyvXYuhqP1Yd
3klQp5gRhzWKiohbAH7pQLmmuJpDeSHo+feajgbaOyGrEXmESsNAEtbjnnZj211k
RZ2ysRJSZF3+pdLOY0v5BwQMc6LHilcZC/uOPipahDOB86l1OuszE4LRGKA1+Y8t
n0uuBeCpJbq1lA==
-----END CERTIFICATE-----