Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/809cd5-f23f-4720-8c64-59eb384e0967/1/JcUDXdNt8HSfTWKZyPy-1hVcARc.mft
File:                     JcUDXdNt8HSfTWKZyPy-1hVcARc.mft (raw, json)
Hash identifier:          1bV6vI1Sh9gLqOYtFmd/AWiKyOHNhV/VW/C6iytcSf4=
Subject key identifier:   81:EC:D8:0B:70:4D:09:1E:5D:09:DF:8D:E6:29:33:B1:92:37:A3:29
Authority key identifier: 25:C5:03:5D:D3:6D:F0:74:9F:4D:62:99:C8:FC:BE:D6:15:5C:01:17
Certificate issuer:       /CN=25c5035dd36df0749f4d6299c8fcbed6155c0117
Certificate serial:       019A52D1A4A8DF3363511F1C8B1235F77C62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JcUDXdNt8HSfTWKZyPy-1hVcARc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/809cd5-f23f-4720-8c64-59eb384e0967/1/JcUDXdNt8HSfTWKZyPy-1hVcARc.mft
Manifest number:          170B
Signing time:             Wed 05 Nov 2025 07:01:02 +0000
Manifest this update:     Wed 05 Nov 2025 07:01:02 +0000
Manifest next update:     Thu 06 Nov 2025 07:01:02 +0000
Files and hashes:         1: JcUDXdNt8HSfTWKZyPy-1hVcARc.crl (hash: LofXPNg5kWqichWp4XC3zcHs5DS/5kNk55JSmJb+lZ8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/809cd5-f23f-4720-8c64-59eb384e0967/1/JcUDXdNt8HSfTWKZyPy-1hVcARc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/809cd5-f23f-4720-8c64-59eb384e0967/1/JcUDXdNt8HSfTWKZyPy-1hVcARc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JcUDXdNt8HSfTWKZyPy-1hVcARc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 03:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:52:d1:a4:a8:df:33:63:51:1f:1c:8b:12:35:f7:7c:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25c5035dd36df0749f4d6299c8fcbed6155c0117
        Validity
            Not Before: Nov  5 07:01:02 2025 GMT
            Not After : Nov  6 07:01:02 2025 GMT
        Subject: CN=81ecd80b704d091e5d09df8de62933b19237a329
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:e2:04:bb:51:8c:bd:d1:36:1f:23:8e:fd:ec:
                    ab:ee:9c:38:87:10:dd:63:17:dc:3a:8f:1c:79:0e:
                    c3:62:92:69:fe:8d:4b:6e:59:ec:34:92:e9:66:8e:
                    1f:57:38:da:d0:64:2f:7b:60:bb:af:19:d5:03:1f:
                    57:7a:58:07:b4:5b:8c:2c:42:e3:98:26:28:a3:6a:
                    a1:fc:38:1d:28:31:a2:55:8a:d7:fc:a8:30:3a:71:
                    98:18:57:fd:54:68:f6:48:b3:94:e3:06:83:27:7d:
                    62:1f:d9:5f:df:ad:68:d6:df:b0:ec:f3:3a:53:f4:
                    92:e5:7a:14:be:a7:f8:d6:af:0c:66:5c:fc:6e:e3:
                    b2:38:0a:7c:85:33:4c:01:56:03:48:57:fa:ae:65:
                    e0:df:e8:6c:af:1b:11:a2:cd:7d:8c:1a:c6:44:83:
                    69:b7:98:c8:e5:3b:94:07:4f:a8:b7:72:fc:a2:69:
                    24:12:49:92:f2:71:b0:5f:6c:de:19:3e:63:fb:7e:
                    6a:f5:d6:de:62:0f:d6:f3:59:0c:40:67:70:2d:f6:
                    53:c6:7a:95:58:92:56:6c:eb:f5:dd:e7:04:81:4c:
                    d0:1c:f1:1d:76:78:f1:82:bf:14:06:1c:ca:bc:7f:
                    de:de:d1:59:3f:c5:c9:34:63:15:dc:08:cc:d7:68:
                    99:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:EC:D8:0B:70:4D:09:1E:5D:09:DF:8D:E6:29:33:B1:92:37:A3:29
            X509v3 Authority Key Identifier:
                keyid:25:C5:03:5D:D3:6D:F0:74:9F:4D:62:99:C8:FC:BE:D6:15:5C:01:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JcUDXdNt8HSfTWKZyPy-1hVcARc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/809cd5-f23f-4720-8c64-59eb384e0967/1/JcUDXdNt8HSfTWKZyPy-1hVcARc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/809cd5-f23f-4720-8c64-59eb384e0967/1/JcUDXdNt8HSfTWKZyPy-1hVcARc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:21:a4:c2:4f:0f:54:72:57:79:45:f0:68:a9:58:32:c2:2a:
         57:fd:13:4f:22:31:5a:64:fd:8c:f0:1d:dd:45:b8:64:49:55:
         73:2e:f8:ed:f0:91:40:59:17:9d:2c:3c:bd:34:60:68:86:82:
         70:3e:69:0c:ca:ef:9a:a2:f4:ab:f2:b3:bf:31:c7:09:0a:d9:
         48:46:2f:ad:8b:6d:2e:a0:41:6c:ec:c9:06:07:5d:1f:27:b8:
         eb:e3:26:9f:9c:4c:f8:6c:3b:8c:a9:b0:0f:01:45:1e:37:df:
         59:50:29:8b:5a:ef:10:25:f5:53:20:95:59:92:98:4b:0d:62:
         d2:5f:f0:c0:cd:28:a0:af:dc:5b:de:7a:49:cb:4b:dd:56:2e:
         de:58:37:cd:b6:99:42:e4:26:b2:27:6d:91:57:c5:43:7e:14:
         92:d2:26:d3:8b:8c:4a:37:05:01:d0:63:73:67:99:a5:16:83:
         89:00:2e:ab:dd:bc:4e:9d:4a:ff:41:6e:b6:48:45:b4:ed:6c:
         aa:81:97:4e:45:d7:6d:cc:8b:3f:59:1b:dd:97:f7:b5:65:c5:
         f8:e7:b4:e8:d9:dc:c0:c9:e2:37:36:00:1e:98:27:91:d0:5d:
         52:61:db:ff:51:0b:c2:a7:92:9a:38:0f:de:cc:7f:80:59:7e:
         d5:c6:85:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0aSo3zNjUR8cixI193xiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YzUwMzVkZDM2ZGYwNzQ5ZjRkNjI5OWM4ZmNiZWQ2MTU1
YzAxMTcwHhcNMjUxMTA1MDcwMTAyWhcNMjUxMTA2MDcwMTAyWjAzMTEwLwYDVQQD
Eyg4MWVjZDgwYjcwNGQwOTFlNWQwOWRmOGRlNjI5MzNiMTkyMzdhMzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuIEu1GMvdE2HyOO/eyr7pw4hxDd
YxfcOo8ceQ7DYpJp/o1LblnsNJLpZo4fVzja0GQve2C7rxnVAx9XelgHtFuMLELj
mCYoo2qh/DgdKDGiVYrX/KgwOnGYGFf9VGj2SLOU4waDJ31iH9lf361o1t+w7PM6
U/SS5XoUvqf41q8MZlz8buOyOAp8hTNMAVYDSFf6rmXg3+hsrxsRos19jBrGRINp
t5jI5TuUB0+ot3L8omkkEkmS8nGwX2zeGT5j+35q9dbeYg/W81kMQGdwLfZTxnqV
WJJWbOv13ecEgUzQHPEddnjxgr8UBhzKvH/e3tFZP8XJNGMV3AjM12iZ0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIHs2AtwTQkeXQnfjeYpM7GSN6MpMB8GA1UdIwQY
MBaAFCXFA13TbfB0n01imcj8vtYVXAEXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmNVRFhkTnQ4SFNmVFdLWnlQeS0xaFZjQVJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy84MDljZDUtZjIzZi00NzIwLThjNjQt
NTllYjM4NGUwOTY3LzEvSmNVRFhkTnQ4SFNmVFdLWnlQeS0xaFZjQVJjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy84MDljZDUtZjIzZi00NzIwLThjNjQtNTllYjM4NGUwOTY3
LzEvSmNVRFhkTnQ4SFNmVFdLWnlQeS0xaFZjQVJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeSGkwk8P
VHJXeUXwaKlYMsIqV/0TTyIxWmT9jPAd3UW4ZElVcy747fCRQFkXnSw8vTRgaIaC
cD5pDMrvmqL0q/KzvzHHCQrZSEYvrYttLqBBbOzJBgddHye46+Mmn5xM+Gw7jKmw
DwFFHjffWVApi1rvECX1UyCVWZKYSw1i0l/wwM0ooK/cW956SctL3VYu3lg3zbaZ
QuQmsidtkVfFQ34UktIm04uMSjcFAdBjc2eZpRaDiQAuq928Tp1K/0FutkhFtO1s
qoGXTkXXbcyLP1kb3Zf3tWXF+Oe06NncwMniNzYAHpgnkdBdUmHb/1ELwqeSmjgP
3sx/gFl+1caFPQ==
-----END CERTIFICATE-----