Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft
File:                     I1PVKkAkkfT5n-VHG90aXdb0K7w.mft (raw, json)
Hash identifier:          aQkj5u6/ULB+tpWz61myPqyy99cvcCsuVCAH5Pro+Ng=
Subject key identifier:   16:CE:9D:05:5F:BC:C4:5A:12:1F:A6:10:66:AD:75:FE:D0:DE:6B:03
Authority key identifier: 23:53:D5:2A:40:24:91:F4:F9:9F:E5:47:1B:DD:1A:5D:D6:F4:2B:BC
Certificate issuer:       /CN=2353d52a402491f4f99fe5471bdd1a5dd6f42bbc
Certificate serial:       019A4F6245F8691A217166DFCBA2190D8698
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft
Manifest number:          1707
Signing time:             Tue 04 Nov 2025 15:00:31 +0000
Manifest this update:     Tue 04 Nov 2025 15:00:31 +0000
Manifest next update:     Wed 05 Nov 2025 15:00:31 +0000
Files and hashes:         1: I1PVKkAkkfT5n-VHG90aXdb0K7w.crl (hash: PVIhcRO8VpmKKHI2iOqCPS3I++vv6N0FP6mHh+AXaVo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 15:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:62:45:f8:69:1a:21:71:66:df:cb:a2:19:0d:86:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2353d52a402491f4f99fe5471bdd1a5dd6f42bbc
        Validity
            Not Before: Nov  4 15:00:31 2025 GMT
            Not After : Nov  5 15:00:31 2025 GMT
        Subject: CN=16ce9d055fbcc45a121fa61066ad75fed0de6b03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:a9:25:ef:61:89:6d:53:e9:5f:18:ef:00:a2:
                    18:aa:49:21:1f:eb:5d:b8:14:b3:23:48:3b:3f:45:
                    f1:72:7d:c4:df:66:d0:f3:09:27:17:34:ce:87:91:
                    75:d5:dc:3f:33:78:23:80:ee:16:1a:b2:86:92:61:
                    af:e5:ac:b6:09:a0:a1:a2:7a:61:50:c8:2d:7e:90:
                    1f:e6:cd:83:41:ad:fe:23:28:59:96:11:d7:f6:5d:
                    41:5f:34:14:33:cf:f5:e0:0d:a5:81:23:73:70:c5:
                    ab:cf:c8:12:3b:dd:22:65:54:34:3a:97:99:4c:00:
                    f3:8c:a2:22:58:2c:dd:5b:ca:d3:fa:5d:aa:d9:4b:
                    34:99:7e:c4:09:b6:e8:05:65:cc:03:f9:1e:03:12:
                    19:e3:4b:6d:18:10:aa:3f:cb:39:05:b4:0e:2b:c0:
                    ce:39:14:a2:f5:61:4f:fd:38:72:b0:e9:3a:cf:54:
                    7d:cf:8a:dd:b2:ef:9d:6a:fb:fe:10:4c:e5:70:ce:
                    56:52:a7:39:ce:52:aa:27:f1:95:73:cb:63:a2:0a:
                    86:99:b9:23:10:b1:41:1c:1c:5f:18:cc:5e:8b:bc:
                    3a:c4:aa:14:a0:47:96:07:e0:e5:fa:4a:09:7d:97:
                    86:c7:b1:a1:06:83:20:4c:ed:13:9d:cf:9c:01:46:
                    31:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:CE:9D:05:5F:BC:C4:5A:12:1F:A6:10:66:AD:75:FE:D0:DE:6B:03
            X509v3 Authority Key Identifier:
                keyid:23:53:D5:2A:40:24:91:F4:F9:9F:E5:47:1B:DD:1A:5D:D6:F4:2B:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:63:33:0e:54:ff:c2:f1:7e:f3:9e:f2:86:b5:37:a6:5f:f3:
         d6:81:ea:ce:24:43:1a:df:ab:71:a0:a6:cc:ec:44:1e:0e:4b:
         ba:0f:c2:90:33:59:f3:06:2e:4a:7f:a6:49:22:da:db:f0:82:
         a7:ac:47:4f:32:a2:77:7c:73:1d:04:99:95:a2:e1:b5:9d:5e:
         36:e1:d7:d7:fc:f9:00:b7:3c:a8:07:52:81:c1:ee:92:02:13:
         c9:61:2b:fa:ef:01:af:a4:2c:15:34:db:fb:4d:e1:ab:90:73:
         67:78:42:ba:ba:3b:c3:f1:b7:f6:d3:0e:4c:c8:1e:ec:64:37:
         01:94:53:d8:2a:f7:ac:24:6a:35:35:49:2d:26:0e:36:9d:92:
         9e:3b:77:b2:d6:2c:62:a5:f5:df:a4:85:6f:4a:e7:dc:9d:b1:
         a8:d4:3f:c6:73:81:b4:e4:86:23:77:65:ba:3c:3d:95:77:c3:
         f4:3e:1b:98:d9:13:16:39:71:a6:b5:55:7a:72:99:7b:1e:4a:
         c6:22:c5:fa:53:ad:98:84:00:78:da:3c:22:5f:d2:b2:2d:08:
         8e:0e:14:c1:27:b0:9f:6b:90:8b:9f:5a:09:0f:f2:c6:14:42:
         1c:50:6d:1f:f1:f2:3c:60:03:4a:cf:0e:84:fd:42:e0:99:06:
         a8:8b:2a:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYkX4aRohcWbfy6IZDYaYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNTNkNTJhNDAyNDkxZjRmOTlmZTU0NzFiZGQxYTVkZDZm
NDJiYmMwHhcNMjUxMTA0MTUwMDMxWhcNMjUxMTA1MTUwMDMxWjAzMTEwLwYDVQQD
EygxNmNlOWQwNTVmYmNjNDVhMTIxZmE2MTA2NmFkNzVmZWQwZGU2YjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvakl72GJbVPpXxjvAKIYqkkhH+td
uBSzI0g7P0Xxcn3E32bQ8wknFzTOh5F11dw/M3gjgO4WGrKGkmGv5ay2CaChonph
UMgtfpAf5s2DQa3+IyhZlhHX9l1BXzQUM8/14A2lgSNzcMWrz8gSO90iZVQ0OpeZ
TADzjKIiWCzdW8rT+l2q2Us0mX7ECbboBWXMA/keAxIZ40ttGBCqP8s5BbQOK8DO
ORSi9WFP/ThysOk6z1R9z4rdsu+davv+EEzlcM5WUqc5zlKqJ/GVc8tjogqGmbkj
ELFBHBxfGMxei7w6xKoUoEeWB+Dl+koJfZeGx7GhBoMgTO0Tnc+cAUYxPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBbOnQVfvMRaEh+mEGatdf7Q3msDMB8GA1UdIwQY
MBaAFCNT1SpAJJH0+Z/lRxvdGl3W9Cu8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTFQVktrQWtrZlQ1bi1WSEc5MGFYZGIwSzd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xZjFhZjYtZGQxYi00MTE3LWFjMTct
ZGVhYjg1ODZmMmNlLzEvSTFQVktrQWtrZlQ1bi1WSEc5MGFYZGIwSzd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xZjFhZjYtZGQxYi00MTE3LWFjMTctZGVhYjg1ODZmMmNl
LzEvSTFQVktrQWtrZlQ1bi1WSEc5MGFYZGIwSzd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg2MzDlT/
wvF+857yhrU3pl/z1oHqziRDGt+rcaCmzOxEHg5Lug/CkDNZ8wYuSn+mSSLa2/CC
p6xHTzKid3xzHQSZlaLhtZ1eNuHX1/z5ALc8qAdSgcHukgITyWEr+u8Br6QsFTTb
+03hq5BzZ3hCuro7w/G39tMOTMge7GQ3AZRT2Cr3rCRqNTVJLSYONp2Snjt3stYs
YqX136SFb0rn3J2xqNQ/xnOBtOSGI3dlujw9lXfD9D4bmNkTFjlxprVVenKZex5K
xiLF+lOtmIQAeNo8Il/Ssi0Ijg4UwSewn2uQi59aCQ/yxhRCHFBtH/HyPGADSs8O
hP1C4JkGqIsqBg==
-----END CERTIFICATE-----