Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.mft
File:                     xwy87PJahmXDWnjIIdEes6ZCNiE.mft (raw, json)
Hash identifier:          HT+Rwq/n0UwYNDoEmaO6BMJnY6Ifpz60xuMPyFITMEM=
Subject key identifier:   B2:05:E1:8A:8F:88:AF:0E:4D:A4:ED:31:AE:29:37:75:26:90:52:FD
Authority key identifier: C7:0C:BC:EC:F2:5A:86:65:C3:5A:78:C8:21:D1:1E:B3:A6:42:36:21
Certificate issuer:       /CN=c70cbcecf25a8665c35a78c821d11eb3a6423621
Certificate serial:       019A522C90820887B8A7243C133D5B46B265
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xwy87PJahmXDWnjIIdEes6ZCNiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.mft
Manifest number:          170C
Signing time:             Wed 05 Nov 2025 04:00:43 +0000
Manifest this update:     Wed 05 Nov 2025 04:00:43 +0000
Manifest next update:     Thu 06 Nov 2025 04:00:43 +0000
Files and hashes:         1: xwy87PJahmXDWnjIIdEes6ZCNiE.crl (hash: kPyjebN4mxT+EsFg3wPIr2/oR3gmJ4C86weGnr0oQ8g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xwy87PJahmXDWnjIIdEes6ZCNiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 03:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:52:2c:90:82:08:87:b8:a7:24:3c:13:3d:5b:46:b2:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c70cbcecf25a8665c35a78c821d11eb3a6423621
        Validity
            Not Before: Nov  5 04:00:43 2025 GMT
            Not After : Nov  6 04:00:43 2025 GMT
        Subject: CN=b205e18a8f88af0e4da4ed31ae293775269052fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:7c:00:fb:a7:50:c0:b5:82:57:35:e7:e1:d8:
                    c3:48:cb:ce:a8:fb:35:ab:23:6c:5a:1e:ec:ea:86:
                    33:76:84:12:18:29:86:e8:53:30:81:ca:f6:e4:51:
                    46:76:e2:55:af:50:68:b6:5a:ee:ef:4e:96:0a:d8:
                    bd:ff:5e:70:b9:d0:22:7b:59:75:9f:f9:e4:68:c2:
                    97:39:1c:64:23:bd:fb:99:8e:8f:8a:64:41:bc:83:
                    23:39:a3:b7:dd:af:88:e3:44:38:19:9b:74:de:0c:
                    71:45:ea:b5:9d:fa:f9:fc:67:3c:d3:dd:23:04:7d:
                    0d:e6:c0:6f:e4:c0:1d:84:84:91:12:66:ee:31:cd:
                    7b:be:09:e7:2b:e8:3d:4b:87:47:cd:51:48:42:99:
                    20:3a:4c:02:c3:3c:65:49:ed:32:78:7f:4a:ff:33:
                    aa:ba:e1:f0:a6:d9:31:5c:89:29:c9:0c:57:c4:0f:
                    f5:6d:ee:e7:57:8b:e5:31:d7:61:ae:31:a0:c9:cd:
                    b0:53:a1:67:cc:1c:ae:07:b6:24:6b:a9:e2:45:e3:
                    2e:69:c7:48:24:eb:bf:b7:63:8a:f1:1a:7e:75:c1:
                    13:c5:77:c9:78:8b:07:68:46:ad:61:19:b8:5c:54:
                    86:6f:ac:a7:79:3c:54:de:1a:03:5e:dd:e3:14:9b:
                    52:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:05:E1:8A:8F:88:AF:0E:4D:A4:ED:31:AE:29:37:75:26:90:52:FD
            X509v3 Authority Key Identifier:
                keyid:C7:0C:BC:EC:F2:5A:86:65:C3:5A:78:C8:21:D1:1E:B3:A6:42:36:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xwy87PJahmXDWnjIIdEes6ZCNiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:34:fa:28:f3:ff:33:42:84:cc:df:42:01:fc:0d:7b:04:5d:
         35:e2:b6:a7:2f:18:2d:35:ca:14:93:c2:f1:b8:2f:e8:cf:c2:
         4c:d5:58:39:0e:71:9a:6b:ba:81:66:88:54:40:77:86:9e:da:
         48:94:03:03:df:f8:a5:17:b4:3d:f0:73:3d:37:d9:13:83:d7:
         d5:ef:fb:26:05:0c:59:e9:7c:3f:15:4d:1e:95:83:1c:e6:70:
         25:86:cd:4e:3b:d0:fc:9d:d2:d0:0e:93:14:ee:15:ae:0c:af:
         d2:fa:87:f9:eb:55:63:21:86:6a:59:c9:8e:de:88:6e:5a:81:
         0a:b6:34:1c:d9:90:04:e9:8c:f4:0c:2e:ba:01:6d:5c:43:47:
         76:2f:7d:0c:29:b8:a9:be:4c:b4:e4:52:90:ee:1f:28:63:1b:
         87:b7:5f:0c:09:16:3d:c4:54:ff:f7:32:09:31:55:42:27:05:
         16:37:ef:6c:a4:6c:e6:89:5e:47:a1:7e:72:2c:dd:ac:20:b5:
         64:59:c6:5f:d5:74:92:37:b8:91:d2:f9:1a:9e:c5:d5:b3:b2:
         b1:f7:21:86:a3:fe:fc:6a:85:32:1a:a4:ce:ab:82:c3:35:97:
         24:f9:78:46:9c:1a:15:e3:db:11:b3:cd:c6:6e:eb:94:14:6d:
         64:aa:f5:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpSLJCCCIe4pyQ8Ez1bRrJlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3MGNiY2VjZjI1YTg2NjVjMzVhNzhjODIxZDExZWIzYTY0
MjM2MjEwHhcNMjUxMTA1MDQwMDQzWhcNMjUxMTA2MDQwMDQzWjAzMTEwLwYDVQQD
EyhiMjA1ZTE4YThmODhhZjBlNGRhNGVkMzFhZTI5Mzc3NTI2OTA1MmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXwA+6dQwLWCVzXn4djDSMvOqPs1
qyNsWh7s6oYzdoQSGCmG6FMwgcr25FFGduJVr1Botlru706WCti9/15wudAie1l1
n/nkaMKXORxkI737mY6PimRBvIMjOaO33a+I40Q4GZt03gxxReq1nfr5/Gc8090j
BH0N5sBv5MAdhISREmbuMc17vgnnK+g9S4dHzVFIQpkgOkwCwzxlSe0yeH9K/zOq
uuHwptkxXIkpyQxXxA/1be7nV4vlMddhrjGgyc2wU6FnzByuB7Yka6niReMuacdI
JOu/t2OK8Rp+dcETxXfJeIsHaEatYRm4XFSGb6yneTxU3hoDXt3jFJtSfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLIF4YqPiK8OTaTtMa4pN3UmkFL9MB8GA1UdIwQY
MBaAFMcMvOzyWoZlw1p4yCHRHrOmQjYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHd5ODdQSmFobVhEV25qSUlkRWVzNlpDTmlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy82OGU2NTMtMThjNS00NDllLTk1ZDgt
ZTY5N2JiNTc2NGMzLzEveHd5ODdQSmFobVhEV25qSUlkRWVzNlpDTmlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy82OGU2NTMtMThjNS00NDllLTk1ZDgtZTY5N2JiNTc2NGMz
LzEveHd5ODdQSmFobVhEV25qSUlkRWVzNlpDTmlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMjT6KPP/
M0KEzN9CAfwNewRdNeK2py8YLTXKFJPC8bgv6M/CTNVYOQ5xmmu6gWaIVEB3hp7a
SJQDA9/4pRe0PfBzPTfZE4PX1e/7JgUMWel8PxVNHpWDHOZwJYbNTjvQ/J3S0A6T
FO4Vrgyv0vqH+etVYyGGalnJjt6IblqBCrY0HNmQBOmM9AwuugFtXENHdi99DCm4
qb5MtORSkO4fKGMbh7dfDAkWPcRU//cyCTFVQicFFjfvbKRs5oleR6F+cizdrCC1
ZFnGX9V0kje4kdL5Gp7F1bOysfchhqP+/GqFMhqkzquCwzWXJPl4RpwaFePbEbPN
xm7rlBRtZKr1fw==
-----END CERTIFICATE-----