Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/47d692-dd40-4bf2-893f-d38dd0b78909/1/0NxXC8HJZLq37VbGc6pAUY-FRXg.mft
File:                     0NxXC8HJZLq37VbGc6pAUY-FRXg.mft (raw, json)
Hash identifier:          RD8B4/HnfFRhg8X1ROwPO/yKv6gNhNRIbrUliSfKCuQ=
Subject key identifier:   76:75:F5:39:71:BA:E4:14:B1:AF:16:5D:91:FF:C1:D9:ED:75:99:6E
Authority key identifier: D0:DC:57:0B:C1:C9:64:BA:B7:ED:56:C6:73:AA:40:51:8F:85:45:78
Certificate issuer:       /CN=d0dc570bc1c964bab7ed56c673aa40518f854578
Certificate serial:       019A50E27F441F9C8509C5004A101222753D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0NxXC8HJZLq37VbGc6pAUY-FRXg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/47d692-dd40-4bf2-893f-d38dd0b78909/1/0NxXC8HJZLq37VbGc6pAUY-FRXg.mft
Manifest number:          170C
Signing time:             Tue 04 Nov 2025 22:00:11 +0000
Manifest this update:     Tue 04 Nov 2025 22:00:11 +0000
Manifest next update:     Wed 05 Nov 2025 22:00:11 +0000
Files and hashes:         1: 0NxXC8HJZLq37VbGc6pAUY-FRXg.crl (hash: uG+zrr1oTMouLdHM/sba19t9xZw2vVJpbVvu2H5P7vs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/47d692-dd40-4bf2-893f-d38dd0b78909/1/0NxXC8HJZLq37VbGc6pAUY-FRXg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/47d692-dd40-4bf2-893f-d38dd0b78909/1/0NxXC8HJZLq37VbGc6pAUY-FRXg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0NxXC8HJZLq37VbGc6pAUY-FRXg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:e2:7f:44:1f:9c:85:09:c5:00:4a:10:12:22:75:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d0dc570bc1c964bab7ed56c673aa40518f854578
        Validity
            Not Before: Nov  4 22:00:11 2025 GMT
            Not After : Nov  5 22:00:11 2025 GMT
        Subject: CN=7675f53971bae414b1af165d91ffc1d9ed75996e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:51:78:15:25:c2:0b:80:be:98:d6:a6:0f:74:
                    1a:cd:3c:c7:0a:56:bc:14:16:73:2a:99:a3:db:db:
                    55:70:63:2e:c7:ba:5f:a5:85:c1:d6:23:00:fe:3c:
                    3e:7e:4e:a5:0a:65:2c:ce:d2:e6:9e:5b:61:ad:10:
                    78:d2:0d:d4:ce:94:a6:65:b7:77:ca:f4:e9:c6:2d:
                    4a:27:22:fc:c3:96:e0:ef:05:97:22:41:3c:48:b8:
                    c3:f4:c7:9d:e6:6a:a6:af:68:19:ed:1a:69:97:be:
                    5b:f2:2f:f0:99:1b:12:95:26:d5:b1:80:3a:21:70:
                    20:a4:26:6b:4b:ff:22:22:19:18:29:ce:87:ed:67:
                    60:58:b1:42:c3:5e:67:25:5a:62:16:fe:ea:1b:a7:
                    1e:e5:b2:a1:c5:c5:f5:3d:b3:7b:3a:ea:6f:2a:b4:
                    97:58:77:db:e0:6a:d8:83:c8:ee:5e:cc:f9:bd:1e:
                    8d:f7:c1:2c:a1:18:2e:be:44:8c:36:60:a9:f1:fb:
                    30:96:87:74:b8:ab:90:f9:a9:c9:69:3b:a4:b0:99:
                    e9:81:5c:dd:f9:7b:24:c9:ea:5e:79:33:85:e1:91:
                    35:dc:26:e3:bb:99:a5:14:9a:c3:9c:da:06:f7:60:
                    b0:c9:a0:2a:b5:c8:79:c5:9d:e3:61:95:c3:02:02:
                    c2:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:75:F5:39:71:BA:E4:14:B1:AF:16:5D:91:FF:C1:D9:ED:75:99:6E
            X509v3 Authority Key Identifier:
                keyid:D0:DC:57:0B:C1:C9:64:BA:B7:ED:56:C6:73:AA:40:51:8F:85:45:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0NxXC8HJZLq37VbGc6pAUY-FRXg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/47d692-dd40-4bf2-893f-d38dd0b78909/1/0NxXC8HJZLq37VbGc6pAUY-FRXg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/47d692-dd40-4bf2-893f-d38dd0b78909/1/0NxXC8HJZLq37VbGc6pAUY-FRXg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:47:98:a9:1e:20:a8:c8:da:71:61:01:b4:8b:05:55:9f:5a:
         21:4a:ff:8e:63:71:43:03:53:d3:51:c5:60:5f:46:7a:7a:c7:
         0c:3a:d6:ca:a9:b7:1b:16:e2:2b:97:c1:97:a8:86:61:0b:f8:
         32:ae:9e:aa:3c:8b:04:21:d2:23:8c:96:22:a5:a2:39:a2:e1:
         9c:34:f4:c7:2a:ef:4f:c6:c9:ee:f3:29:cd:8c:1d:f7:90:56:
         eb:d6:e4:16:f6:ae:20:63:46:c8:55:9c:31:aa:ef:49:72:23:
         cd:ac:2a:7a:d0:1b:a0:3b:34:70:94:b7:4f:21:af:69:0f:63:
         bf:e9:1e:79:88:69:68:16:a2:38:d4:3e:3e:60:35:7e:40:cf:
         4a:c4:61:89:cf:20:75:31:61:cb:10:08:0b:28:ed:db:23:c9:
         1d:0c:79:ca:e1:cd:47:1d:eb:48:9b:d6:4c:12:cf:d0:95:b4:
         bb:91:76:81:42:20:2c:6b:e6:43:48:a4:95:22:9f:37:bc:52:
         7f:6c:a8:4f:1e:ad:de:ab:3b:9c:18:28:f5:35:85:f6:da:2a:
         17:ea:89:b6:3d:3b:f0:5f:05:50:13:10:e2:6e:95:56:d3:b4:
         09:84:bc:1e:71:90:9a:10:fa:7d:79:e7:bf:fa:97:f9:c9:e1:
         cb:77:82:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ4n9EH5yFCcUAShASInU9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwZGM1NzBiYzFjOTY0YmFiN2VkNTZjNjczYWE0MDUxOGY4
NTQ1NzgwHhcNMjUxMTA0MjIwMDExWhcNMjUxMTA1MjIwMDExWjAzMTEwLwYDVQQD
Eyg3Njc1ZjUzOTcxYmFlNDE0YjFhZjE2NWQ5MWZmYzFkOWVkNzU5OTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVF4FSXCC4C+mNamD3QazTzHCla8
FBZzKpmj29tVcGMux7pfpYXB1iMA/jw+fk6lCmUsztLmnlthrRB40g3UzpSmZbd3
yvTpxi1KJyL8w5bg7wWXIkE8SLjD9Med5mqmr2gZ7Rppl75b8i/wmRsSlSbVsYA6
IXAgpCZrS/8iIhkYKc6H7WdgWLFCw15nJVpiFv7qG6ce5bKhxcX1PbN7OupvKrSX
WHfb4GrYg8juXsz5vR6N98EsoRguvkSMNmCp8fswlod0uKuQ+anJaTuksJnpgVzd
+XskyepeeTOF4ZE13Cbju5mlFJrDnNoG92CwyaAqtch5xZ3jYZXDAgLCVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHZ19TlxuuQUsa8WXZH/wdntdZluMB8GA1UdIwQY
MBaAFNDcVwvByWS6t+1WxnOqQFGPhUV4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvME54WEM4SEpaTHEzN1ZiR2M2cEFVWS1GUlhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi80N2Q2OTItZGQ0MC00YmYyLTg5M2Yt
ZDM4ZGQwYjc4OTA5LzEvME54WEM4SEpaTHEzN1ZiR2M2cEFVWS1GUlhnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi80N2Q2OTItZGQ0MC00YmYyLTg5M2YtZDM4ZGQwYjc4OTA5
LzEvME54WEM4SEpaTHEzN1ZiR2M2cEFVWS1GUlhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkUeYqR4g
qMjacWEBtIsFVZ9aIUr/jmNxQwNT01HFYF9GenrHDDrWyqm3GxbiK5fBl6iGYQv4
Mq6eqjyLBCHSI4yWIqWiOaLhnDT0xyrvT8bJ7vMpzYwd95BW69bkFvauIGNGyFWc
MarvSXIjzawqetAboDs0cJS3TyGvaQ9jv+keeYhpaBaiONQ+PmA1fkDPSsRhic8g
dTFhyxAICyjt2yPJHQx5yuHNRx3rSJvWTBLP0JW0u5F2gUIgLGvmQ0iklSKfN7xS
f2yoTx6t3qs7nBgo9TWF9toqF+qJtj078F8FUBMQ4m6VVtO0CYS8HnGQmhD6fXnn
v/qX+cnhy3eCrw==
-----END CERTIFICATE-----