Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft
File:                     gEFPcG9s0sh68PYGstE3a4a1-mY.mft (raw, json)
Hash identifier:          E89FCje1LM9AdJcvJYa1oT0CYG4nSdxENyRNOGkRXpQ=
Subject key identifier:   7C:45:58:DB:11:4A:98:19:14:9C:A9:39:61:D0:60:AA:A0:D7:65:D8
Authority key identifier: 80:41:4F:70:6F:6C:D2:C8:7A:F0:F6:06:B2:D1:37:6B:86:B5:FA:66
Certificate issuer:       /CN=80414f706f6cd2c87af0f606b2d1376b86b5fa66
Certificate serial:       019A4EF56DE3352F2699C186BB024C5B2D1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gEFPcG9s0sh68PYGstE3a4a1-mY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft
Manifest number:          170A
Signing time:             Tue 04 Nov 2025 13:01:38 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:38 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:38 +0000
Files and hashes:         1: gEFPcG9s0sh68PYGstE3a4a1-mY.crl (hash: UUxXuuGqk6bmK/6gMJbb+/ImKH12JKquU/cHB9zT7jY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gEFPcG9s0sh68PYGstE3a4a1-mY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:6d:e3:35:2f:26:99:c1:86:bb:02:4c:5b:2d:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=80414f706f6cd2c87af0f606b2d1376b86b5fa66
        Validity
            Not Before: Nov  4 13:01:38 2025 GMT
            Not After : Nov  5 13:01:38 2025 GMT
        Subject: CN=7c4558db114a9819149ca93961d060aaa0d765d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:4d:49:3e:86:1b:68:f4:59:82:b7:df:a6:6b:
                    3c:2d:1d:7d:3c:82:c1:70:03:9f:2d:04:ca:1a:96:
                    1c:e5:9d:94:1c:07:73:73:f0:ea:a5:23:49:33:b3:
                    37:8f:34:62:a8:87:33:09:f4:cf:5c:9c:ce:2b:3c:
                    35:9a:27:84:82:13:6b:5c:b0:d8:d3:38:93:12:e6:
                    67:04:f5:44:ee:db:e6:75:28:07:27:f0:9b:78:6d:
                    a2:3a:32:b3:f8:a8:6c:b8:12:fe:69:0d:85:d7:61:
                    d2:4b:43:52:27:80:9f:62:42:fc:cf:42:11:41:69:
                    fe:6f:a8:fd:e6:f7:0e:c3:b3:40:9e:d7:3d:19:65:
                    11:52:6f:df:ab:f1:26:de:99:c9:ef:6a:e8:28:9d:
                    32:bc:c9:3a:aa:dd:74:e3:b3:e1:dc:3b:22:9a:3e:
                    da:56:3a:dc:7c:4b:c7:e3:c0:57:97:99:56:95:88:
                    98:8c:81:4a:91:09:6c:bf:ff:b1:3c:67:29:1b:5a:
                    1b:e3:c3:8f:34:8f:a1:d7:c4:ee:1e:ff:a8:a4:09:
                    bd:3f:2c:07:7a:73:5e:5a:9b:ca:5d:4b:1c:67:13:
                    52:f2:91:90:ae:26:ee:7b:33:50:76:c2:5d:bc:22:
                    3a:d1:51:ad:39:e6:78:5d:88:f5:4f:38:54:c8:d5:
                    f9:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:45:58:DB:11:4A:98:19:14:9C:A9:39:61:D0:60:AA:A0:D7:65:D8
            X509v3 Authority Key Identifier:
                keyid:80:41:4F:70:6F:6C:D2:C8:7A:F0:F6:06:B2:D1:37:6B:86:B5:FA:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gEFPcG9s0sh68PYGstE3a4a1-mY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:7c:3d:01:11:2b:2b:91:67:cb:60:d3:e4:88:39:77:51:d6:
         6d:5f:32:cb:46:1e:cb:58:25:a0:d7:a6:b1:06:4e:42:d0:5e:
         97:3a:bf:b8:8c:4e:d9:37:34:12:75:20:7b:43:56:13:be:f5:
         05:d0:7f:6c:b9:bc:9e:77:44:74:66:65:64:4c:a8:ef:73:a4:
         1b:1c:de:1b:a9:ea:13:a6:63:40:a7:aa:02:6b:79:4f:21:c1:
         00:82:b8:dd:fb:4c:f4:68:90:cc:61:df:e3:9d:cc:37:6c:4c:
         c0:90:57:bb:32:a3:00:ab:c1:db:54:1f:3a:5a:7b:cc:4c:b8:
         9f:e8:5c:1c:be:9e:63:9c:a9:1d:82:57:72:20:af:0e:d9:e8:
         2f:d1:3e:18:a3:09:49:9f:08:96:01:36:d2:07:36:3e:bf:75:
         1b:2b:a4:48:f9:ab:92:b3:08:35:41:d0:55:56:84:9e:a6:04:
         a5:02:38:1b:85:f6:e3:37:11:19:04:4a:cc:30:1c:7c:29:d8:
         5b:df:5c:3c:6a:8f:4a:c9:fc:0f:f6:1d:82:be:f6:9e:73:6f:
         6f:56:55:20:75:a1:34:95:9c:ab:68:26:c4:30:3c:90:07:6d:
         e6:10:95:8e:9f:f8:bb:a2:d8:92:0a:7d:14:be:26:d9:0c:16:
         ef:a3:29:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9W3jNS8mmcGGuwJMWy0eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNDE0ZjcwNmY2Y2QyYzg3YWYwZjYwNmIyZDEzNzZiODZi
NWZhNjYwHhcNMjUxMTA0MTMwMTM4WhcNMjUxMTA1MTMwMTM4WjAzMTEwLwYDVQQD
Eyg3YzQ1NThkYjExNGE5ODE5MTQ5Y2E5Mzk2MWQwNjBhYWEwZDc2NWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvk1JPoYbaPRZgrffpms8LR19PILB
cAOfLQTKGpYc5Z2UHAdzc/DqpSNJM7M3jzRiqIczCfTPXJzOKzw1mieEghNrXLDY
0ziTEuZnBPVE7tvmdSgHJ/CbeG2iOjKz+KhsuBL+aQ2F12HSS0NSJ4CfYkL8z0IR
QWn+b6j95vcOw7NAntc9GWURUm/fq/Em3pnJ72roKJ0yvMk6qt1047Ph3Dsimj7a
VjrcfEvH48BXl5lWlYiYjIFKkQlsv/+xPGcpG1ob48OPNI+h18TuHv+opAm9PywH
enNeWpvKXUscZxNS8pGQribuezNQdsJdvCI60VGtOeZ4XYj1TzhUyNX5WQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHxFWNsRSpgZFJypOWHQYKqg12XYMB8GA1UdIwQY
MBaAFIBBT3BvbNLIevD2BrLRN2uGtfpmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0VGUGNHOXMwc2g2OFBZR3N0RTNhNGExLW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy84MWU1YmQtZjdhYi00Mjg3LWJiYjUt
NmQ4NTZmODRhODEzLzEvZ0VGUGNHOXMwc2g2OFBZR3N0RTNhNGExLW1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy84MWU1YmQtZjdhYi00Mjg3LWJiYjUtNmQ4NTZmODRhODEz
LzEvZ0VGUGNHOXMwc2g2OFBZR3N0RTNhNGExLW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAknw9AREr
K5Fny2DT5Ig5d1HWbV8yy0Yey1gloNemsQZOQtBelzq/uIxO2Tc0EnUge0NWE771
BdB/bLm8nndEdGZlZEyo73OkGxzeG6nqE6ZjQKeqAmt5TyHBAIK43ftM9GiQzGHf
453MN2xMwJBXuzKjAKvB21QfOlp7zEy4n+hcHL6eY5ypHYJXciCvDtnoL9E+GKMJ
SZ8IlgE20gc2Pr91GyukSPmrkrMINUHQVVaEnqYEpQI4G4X24zcRGQRKzDAcfCnY
W99cPGqPSsn8D/Ydgr72nnNvb1ZVIHWhNJWcq2gmxDA8kAdt5hCVjp/4u6LYkgp9
FL4m2QwW76MpkQ==
-----END CERTIFICATE-----