Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.mft
File:                     mdXL9__sUlSnHvex7fem12x1liU.mft (raw, json)
Hash identifier:          a3zn7+XloOOudafMk4Nnw+yNpzYAtAWHJJ8BGfCVqzQ=
Subject key identifier:   88:67:5F:72:0F:A1:15:FB:F4:A4:27:FF:30:CF:04:7A:FA:92:FE:41
Authority key identifier: 99:D5:CB:F7:FF:EC:52:54:A7:1E:F7:B1:ED:F7:A6:D7:6C:75:96:25
Certificate issuer:       /CN=99d5cbf7ffec5254a71ef7b1edf7a6d76c759625
Certificate serial:       019A54BFC86FB9E42FD284CB4EAF9C73CAB1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mdXL9__sUlSnHvex7fem12x1liU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.mft
Manifest number:          170D
Signing time:             Wed 05 Nov 2025 16:00:46 +0000
Manifest this update:     Wed 05 Nov 2025 16:00:46 +0000
Manifest next update:     Thu 06 Nov 2025 16:00:46 +0000
Files and hashes:         1: mdXL9__sUlSnHvex7fem12x1liU.crl (hash: 4adpBI5vZhTg3Phau//nbSGv+RHmFG/h8GbLOdP38kE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mdXL9__sUlSnHvex7fem12x1liU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 12:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:54:bf:c8:6f:b9:e4:2f:d2:84:cb:4e:af:9c:73:ca:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99d5cbf7ffec5254a71ef7b1edf7a6d76c759625
        Validity
            Not Before: Nov  5 16:00:46 2025 GMT
            Not After : Nov  6 16:00:46 2025 GMT
        Subject: CN=88675f720fa115fbf4a427ff30cf047afa92fe41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:6e:78:99:e3:45:4f:25:11:e3:d4:52:4a:f2:
                    a6:5a:83:29:fa:e5:ef:ba:c7:a5:c8:c7:fb:8f:cb:
                    0f:4d:36:f0:7a:88:9a:62:47:90:f5:20:58:66:1e:
                    c8:80:63:d3:98:01:41:9b:6c:1e:8e:64:e0:87:fd:
                    85:06:f7:f2:e3:7a:c1:10:44:ed:72:df:80:6a:35:
                    06:81:d0:04:eb:04:b8:25:19:c2:79:4b:ac:0f:bc:
                    ed:9c:7e:ed:f4:a4:8e:0b:94:51:37:32:9d:55:86:
                    c0:4c:8d:70:83:4d:dc:45:a0:a7:f2:a2:ca:a4:17:
                    da:12:06:b6:88:cd:c8:3e:9a:63:48:66:61:04:bd:
                    24:46:ba:d4:ec:dc:30:6a:d0:1f:4a:0b:43:a9:60:
                    dd:fc:65:e9:fc:ab:ef:c1:c0:06:21:84:39:26:1b:
                    b0:c8:6b:1a:b5:9f:53:a3:af:f4:db:fa:d4:44:70:
                    0a:55:2e:63:91:7b:4d:ed:62:90:8d:e2:ad:14:4c:
                    95:2a:89:52:ae:0c:4a:38:10:07:4e:c0:9f:b4:b2:
                    44:58:f3:3a:f2:cb:a1:b6:9c:ca:2e:76:07:8c:9b:
                    47:ee:6a:93:bc:c4:31:60:26:17:3d:5f:5a:a2:69:
                    83:20:f7:15:e1:d3:c0:90:21:8a:00:69:5d:e9:30:
                    16:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:67:5F:72:0F:A1:15:FB:F4:A4:27:FF:30:CF:04:7A:FA:92:FE:41
            X509v3 Authority Key Identifier:
                keyid:99:D5:CB:F7:FF:EC:52:54:A7:1E:F7:B1:ED:F7:A6:D7:6C:75:96:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdXL9__sUlSnHvex7fem12x1liU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:50:0e:37:19:69:1b:93:c4:9d:cd:b5:32:48:cf:5d:e8:c0:
         11:09:ee:cd:e1:ce:bb:82:c1:bb:32:bb:0d:05:8b:46:38:3e:
         64:6b:2f:2f:bd:d5:2d:62:9f:36:b9:c8:bf:c5:5a:a5:0b:5b:
         51:a1:e1:a3:f2:1b:57:b4:60:0d:ab:70:66:84:b0:17:eb:7b:
         bc:6d:d0:9d:81:c9:4a:e9:33:d8:c9:a8:95:7c:4c:2b:82:3f:
         4e:04:fa:72:92:cd:04:1d:40:e1:1c:35:cc:b1:ed:60:ec:bd:
         ca:b2:37:8c:c4:40:b4:6a:a9:e7:ee:32:6f:b4:16:6e:db:59:
         1f:92:80:08:8e:8d:7a:3f:95:7f:a6:b0:c4:83:0f:d5:42:82:
         33:04:f8:f4:01:c3:1c:36:c6:b9:1f:4f:d0:af:02:13:d1:d9:
         b4:1f:08:88:0e:66:18:9f:6e:1a:b6:cf:9f:d4:d8:67:01:85:
         18:2a:be:77:48:92:4a:9d:59:c5:f1:3e:6d:5b:18:a2:68:71:
         1f:46:10:ae:4b:31:9a:94:d1:09:e7:16:42:5b:2c:cf:eb:47:
         c9:cc:34:df:ab:56:fb:80:dd:e9:0b:3d:ca:3b:c2:7c:d7:c2:
         e9:63:d9:74:77:a5:04:ef:e8:51:a5:99:fc:00:58:01:3c:43:
         e1:74:df:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpUv8hvueQv0oTLTq+cc8qxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZDVjYmY3ZmZlYzUyNTRhNzFlZjdiMWVkZjdhNmQ3NmM3
NTk2MjUwHhcNMjUxMTA1MTYwMDQ2WhcNMjUxMTA2MTYwMDQ2WjAzMTEwLwYDVQQD
Eyg4ODY3NWY3MjBmYTExNWZiZjRhNDI3ZmYzMGNmMDQ3YWZhOTJmZTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuW54meNFTyUR49RSSvKmWoMp+uXv
uselyMf7j8sPTTbweoiaYkeQ9SBYZh7IgGPTmAFBm2wejmTgh/2FBvfy43rBEETt
ct+AajUGgdAE6wS4JRnCeUusD7ztnH7t9KSOC5RRNzKdVYbATI1wg03cRaCn8qLK
pBfaEga2iM3IPppjSGZhBL0kRrrU7NwwatAfSgtDqWDd/GXp/KvvwcAGIYQ5Jhuw
yGsatZ9To6/02/rURHAKVS5jkXtN7WKQjeKtFEyVKolSrgxKOBAHTsCftLJEWPM6
8suhtpzKLnYHjJtH7mqTvMQxYCYXPV9aommDIPcV4dPAkCGKAGld6TAWKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIhnX3IPoRX79KQn/zDPBHr6kv5BMB8GA1UdIwQY
MBaAFJnVy/f/7FJUpx73se33ptdsdZYlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWRYTDlfX3NVbFNuSHZleDdmZW0xMngxbGlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi81MjM2ZTktZmY1YS00MDE5LTk0ZDQt
YWVhZTZlMzU5M2E3LzEvbWRYTDlfX3NVbFNuSHZleDdmZW0xMngxbGlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi81MjM2ZTktZmY1YS00MDE5LTk0ZDQtYWVhZTZlMzU5M2E3
LzEvbWRYTDlfX3NVbFNuSHZleDdmZW0xMngxbGlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO1AONxlp
G5PEnc21MkjPXejAEQnuzeHOu4LBuzK7DQWLRjg+ZGsvL73VLWKfNrnIv8VapQtb
UaHho/IbV7RgDatwZoSwF+t7vG3QnYHJSukz2MmolXxMK4I/TgT6cpLNBB1A4Rw1
zLHtYOy9yrI3jMRAtGqp5+4yb7QWbttZH5KACI6Nej+Vf6awxIMP1UKCMwT49AHD
HDbGuR9P0K8CE9HZtB8IiA5mGJ9uGrbPn9TYZwGFGCq+d0iSSp1ZxfE+bVsYomhx
H0YQrksxmpTRCecWQlssz+tHycw036tW+4Dd6Qs9yjvCfNfC6WPZdHelBO/oUaWZ
/ABYATxD4XTfOw==
-----END CERTIFICATE-----