Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/753aa9-a4b0-4f47-8b00-89752e4bf5d3/1/1m3elQ2lbxIDMn5Q4rOVxAIlF5g.mft
File:                     1m3elQ2lbxIDMn5Q4rOVxAIlF5g.mft (raw, json)
Hash identifier:          V1MQTnVHv4rT7LahTASNu4QGA2MdNIEQ6iQPPTwlpwA=
Subject key identifier:   74:51:8C:72:33:0E:D0:86:43:33:50:59:AA:7F:3F:CA:F7:88:D5:93
Authority key identifier: D6:6D:DE:95:0D:A5:6F:12:03:32:7E:50:E2:B3:95:C4:02:25:17:98
Certificate issuer:       /CN=d66dde950da56f1203327e50e2b395c402251798
Certificate serial:       019A4EF4B946E73890E6E700F0A7F2E311F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1m3elQ2lbxIDMn5Q4rOVxAIlF5g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/753aa9-a4b0-4f47-8b00-89752e4bf5d3/1/1m3elQ2lbxIDMn5Q4rOVxAIlF5g.mft
Manifest number:          170A
Signing time:             Tue 04 Nov 2025 13:00:52 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:52 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:52 +0000
Files and hashes:         1: 1m3elQ2lbxIDMn5Q4rOVxAIlF5g.crl (hash: O1rdp5DPl/jBkg4u8ELDQiAE3syH6Pgeg74DpDHOCzs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a5/753aa9-a4b0-4f47-8b00-89752e4bf5d3/1/1m3elQ2lbxIDMn5Q4rOVxAIlF5g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a5/753aa9-a4b0-4f47-8b00-89752e4bf5d3/1/1m3elQ2lbxIDMn5Q4rOVxAIlF5g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1m3elQ2lbxIDMn5Q4rOVxAIlF5g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:b9:46:e7:38:90:e6:e7:00:f0:a7:f2:e3:11:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d66dde950da56f1203327e50e2b395c402251798
        Validity
            Not Before: Nov  4 13:00:52 2025 GMT
            Not After : Nov  5 13:00:52 2025 GMT
        Subject: CN=74518c72330ed08643335059aa7f3fcaf788d593
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:41:16:28:71:0e:23:c7:0a:a1:22:a1:ba:75:
                    53:10:60:fd:82:d8:51:a8:d3:27:0d:03:04:a1:e8:
                    4a:bf:8a:e2:d6:18:55:fc:a2:92:06:b0:d7:14:0a:
                    ea:ee:ad:4d:d8:0e:66:5e:00:8f:76:9f:cd:0f:5f:
                    11:ee:46:38:e5:85:79:14:9f:5d:65:da:c8:d1:ab:
                    be:e4:4a:d0:0e:e4:e5:93:80:97:13:01:d0:29:0b:
                    40:16:e6:a2:11:00:cc:e9:e5:ce:7a:e7:d1:6e:6c:
                    a2:3f:2b:04:8c:b2:a6:91:af:b5:f2:4a:73:e6:9f:
                    0a:aa:6c:f4:e2:b6:25:3a:13:4b:cd:36:9c:7a:30:
                    64:94:57:24:07:55:a8:58:df:1b:e9:76:21:df:34:
                    e8:33:db:cd:c7:ed:79:cc:43:f5:3c:07:4e:23:4e:
                    45:31:70:3c:ec:07:09:42:c9:64:00:f5:31:75:fe:
                    2d:9b:64:c0:23:63:7e:b3:cc:fe:4b:ea:c7:49:60:
                    c7:99:6d:94:d8:4d:f2:28:aa:96:32:df:2f:fd:29:
                    ba:8f:93:09:c1:8a:b6:df:aa:6c:2e:f0:f7:dc:bb:
                    e5:fa:94:47:b1:b5:60:38:43:0a:32:c6:bc:67:3e:
                    a5:ce:15:db:42:47:87:85:64:ab:fe:9b:5a:6e:b1:
                    41:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:51:8C:72:33:0E:D0:86:43:33:50:59:AA:7F:3F:CA:F7:88:D5:93
            X509v3 Authority Key Identifier:
                keyid:D6:6D:DE:95:0D:A5:6F:12:03:32:7E:50:E2:B3:95:C4:02:25:17:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1m3elQ2lbxIDMn5Q4rOVxAIlF5g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/753aa9-a4b0-4f47-8b00-89752e4bf5d3/1/1m3elQ2lbxIDMn5Q4rOVxAIlF5g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/753aa9-a4b0-4f47-8b00-89752e4bf5d3/1/1m3elQ2lbxIDMn5Q4rOVxAIlF5g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:7c:ba:03:52:c3:48:da:f5:27:25:b6:ad:ec:ec:b1:ea:39:
         a6:54:75:d4:ff:4f:91:45:64:7f:62:fd:5f:d3:27:b4:aa:5d:
         4a:c4:42:0c:45:20:8e:67:97:93:3f:8b:6a:7f:5f:3e:f1:5b:
         47:5d:83:b9:71:0b:8a:ed:c2:d8:50:ea:b7:c0:74:8f:ae:e2:
         bf:b3:ea:e9:7b:c8:d0:b4:a6:59:8c:bc:b5:27:b0:02:d3:db:
         04:78:5b:a9:09:0c:67:96:0e:e4:fb:46:58:fe:1f:18:2d:6e:
         73:a0:f4:f4:4e:2c:94:34:a2:bf:2e:f3:04:62:ae:eb:ef:55:
         3f:33:7a:55:d5:3e:01:28:14:6a:2d:3d:04:f5:73:85:2a:63:
         1b:c8:76:42:1f:84:87:83:38:57:6a:6d:53:fb:b0:21:2f:4e:
         80:ad:a4:15:65:eb:eb:f7:cc:13:f2:26:53:de:75:a2:d1:68:
         78:89:5b:8c:9c:68:26:3a:42:1f:e8:07:a1:2c:cc:e4:cb:28:
         8d:32:2b:f4:42:21:3a:3a:dd:28:00:15:e5:00:6a:5c:b7:97:
         52:26:99:1c:ae:5f:39:79:73:dc:01:1e:e0:a4:19:47:1f:2c:
         42:bc:97:74:af:77:0e:b2:66:fc:b6:f9:2f:d7:0c:aa:ee:b4:
         c2:02:d5:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9LlG5ziQ5ucA8Kfy4xHzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2NmRkZTk1MGRhNTZmMTIwMzMyN2U1MGUyYjM5NWM0MDIy
NTE3OTgwHhcNMjUxMTA0MTMwMDUyWhcNMjUxMTA1MTMwMDUyWjAzMTEwLwYDVQQD
Eyg3NDUxOGM3MjMzMGVkMDg2NDMzMzUwNTlhYTdmM2ZjYWY3ODhkNTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUEWKHEOI8cKoSKhunVTEGD9gthR
qNMnDQMEoehKv4ri1hhV/KKSBrDXFArq7q1N2A5mXgCPdp/ND18R7kY45YV5FJ9d
ZdrI0au+5ErQDuTlk4CXEwHQKQtAFuaiEQDM6eXOeufRbmyiPysEjLKmka+18kpz
5p8Kqmz04rYlOhNLzTacejBklFckB1WoWN8b6XYh3zToM9vNx+15zEP1PAdOI05F
MXA87AcJQslkAPUxdf4tm2TAI2N+s8z+S+rHSWDHmW2U2E3yKKqWMt8v/Sm6j5MJ
wYq236psLvD33Lvl+pRHsbVgOEMKMsa8Zz6lzhXbQkeHhWSr/ptabrFBEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHRRjHIzDtCGQzNQWap/P8r3iNWTMB8GA1UdIwQY
MBaAFNZt3pUNpW8SAzJ+UOKzlcQCJReYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMW0zZWxRMmxieElETW41UTRyT1Z4QUlsRjVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS83NTNhYTktYTRiMC00ZjQ3LThiMDAt
ODk3NTJlNGJmNWQzLzEvMW0zZWxRMmxieElETW41UTRyT1Z4QUlsRjVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS83NTNhYTktYTRiMC00ZjQ3LThiMDAtODk3NTJlNGJmNWQz
LzEvMW0zZWxRMmxieElETW41UTRyT1Z4QUlsRjVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEny6A1LD
SNr1JyW2rezsseo5plR11P9PkUVkf2L9X9MntKpdSsRCDEUgjmeXkz+Lan9fPvFb
R12DuXELiu3C2FDqt8B0j67iv7Pq6XvI0LSmWYy8tSewAtPbBHhbqQkMZ5YO5PtG
WP4fGC1uc6D09E4slDSivy7zBGKu6+9VPzN6VdU+ASgUai09BPVzhSpjG8h2Qh+E
h4M4V2ptU/uwIS9OgK2kFWXr6/fME/ImU951otFoeIlbjJxoJjpCH+gHoSzM5Mso
jTIr9EIhOjrdKAAV5QBqXLeXUiaZHK5fOXlz3AEe4KQZRx8sQryXdK93DrJm/Lb5
L9cMqu60wgLVSQ==
-----END CERTIFICATE-----