Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft
File:                     ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft (raw, json)
Hash identifier:          xq4C/FSVoQuBgvmLHc2iexRtd12bury9b4iwI1Y7++0=
Subject key identifier:   60:F9:BC:0C:01:2D:23:B5:FE:A7:3B:DC:D2:C8:27:FC:D9:8C:10:84
Authority key identifier: 8A:41:E2:F2:D1:45:2E:7C:4C:C0:7D:BF:A7:83:9D:58:DF:57:F2:18
Certificate issuer:       /CN=8a41e2f2d1452e7c4cc07dbfa7839d58df57f218
Certificate serial:       019A50E28653470BD43709A8B500E9F636AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ikHi8tFFLnxMwH2_p4OdWN9X8hg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft
Manifest number:          170A
Signing time:             Tue 04 Nov 2025 22:00:14 +0000
Manifest this update:     Tue 04 Nov 2025 22:00:14 +0000
Manifest next update:     Wed 05 Nov 2025 22:00:14 +0000
Files and hashes:         1: ikHi8tFFLnxMwH2_p4OdWN9X8hg.crl (hash: w4zuxi71Y24qyN/iAqIU3f+WrwyIFE/N3iO5hKYM5eA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ikHi8tFFLnxMwH2_p4OdWN9X8hg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 22:00:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:e2:86:53:47:0b:d4:37:09:a8:b5:00:e9:f6:36:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8a41e2f2d1452e7c4cc07dbfa7839d58df57f218
        Validity
            Not Before: Nov  4 22:00:14 2025 GMT
            Not After : Nov  5 22:00:14 2025 GMT
        Subject: CN=60f9bc0c012d23b5fea73bdcd2c827fcd98c1084
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:28:c7:03:f7:d3:af:3c:06:c5:09:1b:2f:d4:
                    56:53:9b:6e:7f:22:a6:da:e1:95:76:5c:3d:42:af:
                    f3:cd:5d:f8:be:09:37:ba:4a:fa:cc:98:63:1f:90:
                    8f:6c:78:5d:dc:92:a4:b0:d2:a6:e0:00:f2:bc:b0:
                    55:a0:74:2d:d4:54:f9:1c:6d:84:71:24:ef:50:01:
                    05:85:c5:70:6c:01:90:41:d9:54:74:5c:d3:8e:c8:
                    c9:08:24:cd:93:e6:01:38:52:9a:99:94:54:71:d9:
                    5e:a8:83:7e:56:6b:75:66:81:09:4f:10:5b:ee:93:
                    b1:14:93:82:8c:9b:79:a0:81:b4:fc:a3:a4:78:23:
                    f9:21:55:9d:4f:61:33:5f:62:8e:ff:16:2d:43:37:
                    b0:dd:f6:e2:27:23:2c:8b:fa:00:71:4d:d8:bf:c2:
                    18:e1:be:0d:44:43:e7:a0:52:96:82:1d:9d:32:6b:
                    63:d1:bb:8f:ae:90:94:65:d2:7d:b5:b9:a0:60:4a:
                    49:c4:db:72:a3:19:06:ff:b4:ca:64:09:0b:30:07:
                    26:90:5d:fb:f1:d5:58:72:2d:72:ab:02:fe:52:7e:
                    0b:22:be:d6:ce:98:28:b5:19:19:5f:aa:1e:67:93:
                    0b:04:63:36:8f:d7:c0:ef:69:e9:85:4b:46:3d:0e:
                    6a:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:F9:BC:0C:01:2D:23:B5:FE:A7:3B:DC:D2:C8:27:FC:D9:8C:10:84
            X509v3 Authority Key Identifier:
                keyid:8A:41:E2:F2:D1:45:2E:7C:4C:C0:7D:BF:A7:83:9D:58:DF:57:F2:18

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ikHi8tFFLnxMwH2_p4OdWN9X8hg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:d5:77:8c:27:0d:53:ac:9b:a9:3a:68:76:cd:aa:91:52:28:
         d5:18:e4:95:ae:f9:dc:9a:bd:19:68:42:1c:d0:23:72:98:d2:
         a1:07:25:0d:a5:f8:9a:db:32:8f:ec:54:0e:a9:bc:56:74:72:
         f8:7d:15:7d:8a:48:9f:af:db:a8:df:f9:78:d9:f5:f8:1c:e7:
         25:fa:76:66:6d:9f:32:88:89:0e:4c:10:04:9e:91:ba:6e:0b:
         b4:a2:23:09:9b:96:c2:4d:c3:79:9a:29:53:b7:f4:d9:b2:a4:
         23:4e:27:5a:d2:26:a1:54:8e:16:f1:8b:29:12:76:fc:23:cb:
         13:ec:98:84:0c:48:78:81:44:58:eb:5a:5f:b7:0b:1b:03:54:
         c3:4f:cb:12:5a:e6:0c:69:a6:b9:72:8e:ac:cb:fb:80:40:c4:
         04:22:c1:86:6d:2a:84:56:43:21:2a:ef:1f:7d:b9:6a:e1:8a:
         f3:41:8b:3e:a1:73:a9:67:da:aa:5a:ff:d7:8d:d0:65:14:16:
         ef:f6:7b:f6:c0:87:30:b2:20:0b:e8:00:3a:24:9a:3f:26:ef:
         7d:b6:ff:3e:41:11:94:e9:92:91:cd:04:4a:bb:58:ee:14:35:
         38:fc:57:5a:85:92:cd:bc:ae:67:f1:48:c5:a7:3f:d9:3e:61:
         7a:da:57:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ4oZTRwvUNwmotQDp9jarMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNDFlMmYyZDE0NTJlN2M0Y2MwN2RiZmE3ODM5ZDU4ZGY1
N2YyMTgwHhcNMjUxMTA0MjIwMDE0WhcNMjUxMTA1MjIwMDE0WjAzMTEwLwYDVQQD
Eyg2MGY5YmMwYzAxMmQyM2I1ZmVhNzNiZGNkMmM4MjdmY2Q5OGMxMDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCjHA/fTrzwGxQkbL9RWU5tufyKm
2uGVdlw9Qq/zzV34vgk3ukr6zJhjH5CPbHhd3JKksNKm4ADyvLBVoHQt1FT5HG2E
cSTvUAEFhcVwbAGQQdlUdFzTjsjJCCTNk+YBOFKamZRUcdleqIN+Vmt1ZoEJTxBb
7pOxFJOCjJt5oIG0/KOkeCP5IVWdT2EzX2KO/xYtQzew3fbiJyMsi/oAcU3Yv8IY
4b4NREPnoFKWgh2dMmtj0buPrpCUZdJ9tbmgYEpJxNtyoxkG/7TKZAkLMAcmkF37
8dVYci1yqwL+Un4LIr7WzpgotRkZX6oeZ5MLBGM2j9fA72nphUtGPQ5qlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGD5vAwBLSO1/qc73NLIJ/zZjBCEMB8GA1UdIwQY
MBaAFIpB4vLRRS58TMB9v6eDnVjfV/IYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWtIaTh0RkZMbnhNd0gyX3A0T2RXTjlYOGhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iZjY5YzQtZDY0YS00MzQwLTliZjEt
MzY0ODU0Y2JjMGU4LzEvaWtIaTh0RkZMbnhNd0gyX3A0T2RXTjlYOGhnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iZjY5YzQtZDY0YS00MzQwLTliZjEtMzY0ODU0Y2JjMGU4
LzEvaWtIaTh0RkZMbnhNd0gyX3A0T2RXTjlYOGhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW9V3jCcN
U6ybqTpods2qkVIo1Rjkla753Jq9GWhCHNAjcpjSoQclDaX4mtsyj+xUDqm8VnRy
+H0VfYpIn6/bqN/5eNn1+BznJfp2Zm2fMoiJDkwQBJ6Rum4LtKIjCZuWwk3DeZop
U7f02bKkI04nWtImoVSOFvGLKRJ2/CPLE+yYhAxIeIFEWOtaX7cLGwNUw0/LElrm
DGmmuXKOrMv7gEDEBCLBhm0qhFZDISrvH325auGK80GLPqFzqWfaqlr/143QZRQW
7/Z79sCHMLIgC+gAOiSaPybvfbb/PkERlOmSkc0ESrtY7hQ1OPxXWoWSzbyuZ/FI
xac/2T5hetpXfg==
-----END CERTIFICATE-----