Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft
File:                     xLxp1Co7FePOy5HHcrpkM8URvpk.mft (raw, json)
Hash identifier:          KYFpu4gCOxNKQpbRMDIQrpDAkjE8mUisjekx4FHTAbA=
Subject key identifier:   CD:A2:30:CA:87:90:29:E9:D2:AD:E7:A4:05:E9:29:5A:4F:5A:F2:16
Authority key identifier: C4:BC:69:D4:2A:3B:15:E3:CE:CB:91:C7:72:BA:64:33:C5:11:BE:99
Certificate issuer:       /CN=c4bc69d42a3b15e3cecb91c772ba6433c511be99
Certificate serial:       019A5006ED3F46A101F699E479546B34F77B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xLxp1Co7FePOy5HHcrpkM8URvpk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft
Manifest number:          1709
Signing time:             Tue 04 Nov 2025 18:00:22 +0000
Manifest this update:     Tue 04 Nov 2025 18:00:22 +0000
Manifest next update:     Wed 05 Nov 2025 18:00:22 +0000
Files and hashes:         1: xLxp1Co7FePOy5HHcrpkM8URvpk.crl (hash: CTyXRV6ZcTPIITl9jz02qsPI6Ep98RGwxDBUOPOvRPM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xLxp1Co7FePOy5HHcrpkM8URvpk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:06:ed:3f:46:a1:01:f6:99:e4:79:54:6b:34:f7:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c4bc69d42a3b15e3cecb91c772ba6433c511be99
        Validity
            Not Before: Nov  4 18:00:22 2025 GMT
            Not After : Nov  5 18:00:22 2025 GMT
        Subject: CN=cda230ca879029e9d2ade7a405e9295a4f5af216
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:e8:a1:4e:50:3d:ae:c6:34:9e:1a:d7:4a:1d:
                    52:ca:4c:75:2a:5c:57:28:15:6a:ee:ec:7a:cc:09:
                    49:48:bf:9d:c8:1e:2c:6a:27:71:63:fa:b3:63:a9:
                    bb:c1:4d:44:99:93:76:8d:07:19:5e:bc:73:db:51:
                    30:57:16:c6:61:22:bb:0e:79:18:2f:be:a4:8d:d2:
                    59:51:02:e4:d4:c3:a0:5c:d0:12:23:1c:50:49:d8:
                    d5:74:56:24:33:c9:86:65:ac:a8:46:8d:f6:1a:b4:
                    6d:a5:0e:04:6c:d3:ce:c8:65:2a:9c:9b:b6:05:3b:
                    37:4b:a3:d5:3c:62:a0:04:67:24:45:6d:61:32:d9:
                    f3:e6:ac:4b:99:0d:1d:bd:a9:1c:30:f5:b5:69:90:
                    ee:10:7b:ec:c1:2e:90:cc:47:78:10:15:0e:27:7e:
                    7f:dd:ec:3e:81:12:1f:6c:13:d8:4d:f2:50:25:86:
                    dd:01:cd:7a:2a:4c:74:6b:13:3c:a9:87:8e:db:fa:
                    cd:60:17:f0:75:66:9e:32:df:e7:52:27:d3:87:66:
                    6f:fd:b5:0d:4c:26:27:9a:03:6a:6b:11:99:43:87:
                    fa:25:22:33:47:e5:7f:e4:dd:a1:22:0a:49:29:1d:
                    f5:63:75:c1:06:32:92:9c:48:82:a2:6c:58:01:06:
                    9b:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:A2:30:CA:87:90:29:E9:D2:AD:E7:A4:05:E9:29:5A:4F:5A:F2:16
            X509v3 Authority Key Identifier:
                keyid:C4:BC:69:D4:2A:3B:15:E3:CE:CB:91:C7:72:BA:64:33:C5:11:BE:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xLxp1Co7FePOy5HHcrpkM8URvpk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:a6:9c:bd:de:4c:4d:53:5c:45:6e:1a:f0:18:e8:0f:2c:04:
         0d:c0:8c:5c:12:35:53:32:5b:bd:fd:3d:d6:8a:57:0d:1d:e4:
         d3:15:6f:0b:9d:8f:89:e8:ef:45:d0:75:e0:54:4e:3c:30:c9:
         2a:84:39:05:55:99:41:1f:f2:28:2a:7a:86:70:eb:a8:2d:58:
         11:3f:03:65:e3:08:13:f1:6d:6d:d0:e2:35:50:c3:29:e5:87:
         7d:3e:ac:75:8c:e1:79:1f:fa:a4:a5:75:28:88:a0:82:a2:5c:
         3e:e4:cc:71:59:bb:14:0a:2f:1f:4d:8e:7c:40:a6:3b:fe:41:
         23:58:9b:12:01:16:02:18:75:8b:94:e5:cb:d3:2c:09:54:11:
         21:f8:66:7d:ea:cf:29:fa:c3:05:ba:4c:9d:a6:e0:23:ab:f7:
         d6:97:1c:a5:08:ef:59:6f:a2:49:35:43:b5:90:34:ef:e4:77:
         88:cd:ad:80:2c:bc:c6:25:a3:7c:be:ca:8a:8e:f3:51:29:75:
         d3:87:28:9d:a1:46:94:4a:2a:c8:41:58:cc:f2:c8:f6:80:b9:
         28:8b:e8:cb:2a:36:75:66:67:9f:31:d3:93:19:53:e0:ea:ce:
         fd:e8:17:a9:ce:83:49:1d:43:e8:19:db:76:af:61:1d:b4:56:
         2e:69:8b:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQBu0/RqEB9pnkeVRrNPd7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0YmM2OWQ0MmEzYjE1ZTNjZWNiOTFjNzcyYmE2NDMzYzUx
MWJlOTkwHhcNMjUxMTA0MTgwMDIyWhcNMjUxMTA1MTgwMDIyWjAzMTEwLwYDVQQD
EyhjZGEyMzBjYTg3OTAyOWU5ZDJhZGU3YTQwNWU5Mjk1YTRmNWFmMjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+OihTlA9rsY0nhrXSh1Sykx1KlxX
KBVq7ux6zAlJSL+dyB4saidxY/qzY6m7wU1EmZN2jQcZXrxz21EwVxbGYSK7DnkY
L76kjdJZUQLk1MOgXNASIxxQSdjVdFYkM8mGZayoRo32GrRtpQ4EbNPOyGUqnJu2
BTs3S6PVPGKgBGckRW1hMtnz5qxLmQ0dvakcMPW1aZDuEHvswS6QzEd4EBUOJ35/
3ew+gRIfbBPYTfJQJYbdAc16Kkx0axM8qYeO2/rNYBfwdWaeMt/nUifTh2Zv/bUN
TCYnmgNqaxGZQ4f6JSIzR+V/5N2hIgpJKR31Y3XBBjKSnEiComxYAQabVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM2iMMqHkCnp0q3npAXpKVpPWvIWMB8GA1UdIwQY
MBaAFMS8adQqOxXjzsuRx3K6ZDPFEb6ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEx4cDFDbzdGZVBPeTVISGNycGtNOFVSdnBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9kOGMyMWItZmUzNi00YTJlLWFjMmUt
ZDE3Zjk4MTE0MDcwLzEveEx4cDFDbzdGZVBPeTVISGNycGtNOFVSdnBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9kOGMyMWItZmUzNi00YTJlLWFjMmUtZDE3Zjk4MTE0MDcw
LzEveEx4cDFDbzdGZVBPeTVISGNycGtNOFVSdnBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgKacvd5M
TVNcRW4a8BjoDywEDcCMXBI1UzJbvf091opXDR3k0xVvC52PiejvRdB14FROPDDJ
KoQ5BVWZQR/yKCp6hnDrqC1YET8DZeMIE/FtbdDiNVDDKeWHfT6sdYzheR/6pKV1
KIiggqJcPuTMcVm7FAovH02OfECmO/5BI1ibEgEWAhh1i5Tly9MsCVQRIfhmferP
KfrDBbpMnabgI6v31pccpQjvWW+iSTVDtZA07+R3iM2tgCy8xiWjfL7Kio7zUSl1
04conaFGlEoqyEFYzPLI9oC5KIvoyyo2dWZnnzHTkxlT4OrO/egXqc6DSR1D6Bnb
dq9hHbRWLmmLRA==
-----END CERTIFICATE-----