Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.mft
File:                     tIO8CnGlLQzzmJUiNnV1lZ69zvU.mft (raw, json)
Hash identifier:          UHw+6IdyrW4xPgbhaVsxEHXdGxY3EYcL069CF6hh4PI=
Subject key identifier:   FB:52:16:BE:C5:EE:DE:26:69:83:DE:9C:43:89:CB:48:3D:07:C9:C3
Authority key identifier: B4:83:BC:0A:71:A5:2D:0C:F3:98:95:22:36:75:75:95:9E:BD:CE:F5
Certificate issuer:       /CN=b483bc0a71a52d0cf3989522367575959ebdcef5
Certificate serial:       019A51505B8F0AEB521570DAE8FA68234782
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tIO8CnGlLQzzmJUiNnV1lZ69zvU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.mft
Manifest number:          169C
Signing time:             Wed 05 Nov 2025 00:00:12 +0000
Manifest this update:     Wed 05 Nov 2025 00:00:12 +0000
Manifest next update:     Thu 06 Nov 2025 00:00:12 +0000
Files and hashes:         1: tIO8CnGlLQzzmJUiNnV1lZ69zvU.crl (hash: 6WC8doDMD9h6j6aSP7K+WP1YFGZ3nccnlu3hnsYxlxM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tIO8CnGlLQzzmJUiNnV1lZ69zvU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 22:37:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:51:50:5b:8f:0a:eb:52:15:70:da:e8:fa:68:23:47:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b483bc0a71a52d0cf3989522367575959ebdcef5
        Validity
            Not Before: Nov  5 00:00:12 2025 GMT
            Not After : Nov  6 00:00:12 2025 GMT
        Subject: CN=fb5216bec5eede266983de9c4389cb483d07c9c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:47:61:b2:fc:12:b1:86:46:3e:f7:c2:ce:61:
                    e1:a8:e8:a1:f2:b8:c0:0a:b7:41:76:32:41:38:04:
                    21:63:c3:f0:3e:a0:06:bd:b2:25:19:97:51:8b:87:
                    89:27:ac:2a:92:fb:31:2b:28:a5:a0:55:00:ac:6b:
                    51:2b:32:e4:88:0c:68:3f:c5:16:06:19:25:b8:7c:
                    43:71:de:7e:bb:37:83:b5:bf:74:11:4d:10:d5:85:
                    39:d8:35:92:7a:39:e6:38:52:f5:7c:2c:83:a7:0a:
                    fd:de:82:0e:73:4d:3e:59:0b:97:76:51:47:7f:57:
                    2e:05:be:70:5d:f8:a4:dd:73:31:af:c5:94:0b:08:
                    9f:ce:5a:47:3a:d1:1b:76:23:ac:fd:8e:5a:7d:19:
                    71:f2:b6:a4:b6:c8:bb:26:9b:3b:93:16:6d:42:bf:
                    3b:0d:f3:d5:0b:7f:27:fb:58:b2:51:60:c5:e7:31:
                    69:41:1a:d0:f3:e9:62:fa:f2:ec:ce:a6:26:c3:51:
                    77:67:bf:88:f3:65:0f:ff:89:c2:41:d4:16:55:a9:
                    f2:18:bd:cc:5e:7e:cb:79:0f:5e:b9:ae:8a:63:d4:
                    26:cf:76:35:e7:bc:15:8a:25:76:32:e4:5d:4a:4e:
                    03:ec:33:ce:f9:f4:c7:ee:4b:f5:72:98:dd:86:3a:
                    31:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:52:16:BE:C5:EE:DE:26:69:83:DE:9C:43:89:CB:48:3D:07:C9:C3
            X509v3 Authority Key Identifier:
                keyid:B4:83:BC:0A:71:A5:2D:0C:F3:98:95:22:36:75:75:95:9E:BD:CE:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tIO8CnGlLQzzmJUiNnV1lZ69zvU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:57:48:54:d8:58:d2:f4:90:83:2f:8d:fc:19:0a:02:c9:5a:
         d7:81:5d:47:16:e7:ab:10:97:f9:6d:34:6d:b2:25:b0:95:fe:
         76:b0:5b:e0:8e:20:44:c9:cc:72:f8:e6:f5:5b:3b:60:cb:25:
         74:10:d0:55:25:66:e9:fb:0d:31:01:10:a1:6d:e9:ab:f4:8f:
         3a:20:c2:72:a0:10:b4:02:f8:10:bc:6d:2f:69:ed:20:45:45:
         22:7a:b2:99:85:71:c5:4f:06:ad:d7:dc:46:54:52:76:34:2f:
         d3:56:94:17:39:64:ce:25:b2:3b:04:ef:73:88:02:b8:0a:ac:
         ac:07:17:0b:20:dc:c8:f3:43:aa:72:85:92:00:06:6e:0f:14:
         1a:bb:d8:db:57:e8:1a:15:8c:61:f6:54:ad:07:5e:b7:1e:e8:
         97:7d:bd:c2:49:62:a6:cb:8b:eb:5e:d7:42:c3:a1:e9:cf:2b:
         46:78:a3:1a:e7:e8:39:f6:20:ce:55:b0:47:90:e3:2c:22:90:
         2d:e0:9e:d1:da:45:2a:50:b0:03:9a:5b:0b:18:9e:2d:31:62:
         81:94:6d:77:a1:00:a7:98:6d:e1:2f:97:66:e6:ab:2f:4d:0c:
         3a:e9:c3:d8:61:f0:6a:72:13:53:cf:a4:0c:43:34:a9:a9:0a:
         3a:37:9e:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRUFuPCutSFXDa6PpoI0eCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ODNiYzBhNzFhNTJkMGNmMzk4OTUyMjM2NzU3NTk1OWVi
ZGNlZjUwHhcNMjUxMTA1MDAwMDEyWhcNMjUxMTA2MDAwMDEyWjAzMTEwLwYDVQQD
EyhmYjUyMTZiZWM1ZWVkZTI2Njk4M2RlOWM0Mzg5Y2I0ODNkMDdjOWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA30dhsvwSsYZGPvfCzmHhqOih8rjA
CrdBdjJBOAQhY8PwPqAGvbIlGZdRi4eJJ6wqkvsxKyiloFUArGtRKzLkiAxoP8UW
BhkluHxDcd5+uzeDtb90EU0Q1YU52DWSejnmOFL1fCyDpwr93oIOc00+WQuXdlFH
f1cuBb5wXfik3XMxr8WUCwifzlpHOtEbdiOs/Y5afRlx8raktsi7Jps7kxZtQr87
DfPVC38n+1iyUWDF5zFpQRrQ8+li+vLszqYmw1F3Z7+I82UP/4nCQdQWVanyGL3M
Xn7LeQ9eua6KY9Qmz3Y157wViiV2MuRdSk4D7DPO+fTH7kv1cpjdhjoxmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPtSFr7F7t4maYPenEOJy0g9B8nDMB8GA1UdIwQY
MBaAFLSDvApxpS0M85iVIjZ1dZWevc71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdElPOENuR2xMUXp6bUpVaU5uVjFsWjY5enZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9mODlmYmQtNTE0Mi00YmNjLWJhYjEt
OTk0ZWY4N2RiM2EzLzEvdElPOENuR2xMUXp6bUpVaU5uVjFsWjY5enZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9mODlmYmQtNTE0Mi00YmNjLWJhYjEtOTk0ZWY4N2RiM2Ez
LzEvdElPOENuR2xMUXp6bUpVaU5uVjFsWjY5enZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEFdIVNhY
0vSQgy+N/BkKAsla14FdRxbnqxCX+W00bbIlsJX+drBb4I4gRMnMcvjm9Vs7YMsl
dBDQVSVm6fsNMQEQoW3pq/SPOiDCcqAQtAL4ELxtL2ntIEVFInqymYVxxU8Grdfc
RlRSdjQv01aUFzlkziWyOwTvc4gCuAqsrAcXCyDcyPNDqnKFkgAGbg8UGrvY21fo
GhWMYfZUrQdetx7ol329wklipsuL617XQsOh6c8rRnijGufoOfYgzlWwR5DjLCKQ
LeCe0dpFKlCwA5pbCxieLTFigZRtd6EAp5ht4S+XZuarL00MOunD2GHwanITU8+k
DEM0qakKOjeexA==
-----END CERTIFICATE-----