Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/5c765c-83f3-45d1-8930-8d04f8779423/1/kVijd10MXrOPIPDvmjYRBhpRlbM.mft
File:                     kVijd10MXrOPIPDvmjYRBhpRlbM.mft (raw, json)
Hash identifier:          M6P4UlUDt7dfqJvjIh9+DVmapgIbKbyrE+/OzqsTaWs=
Subject key identifier:   67:DA:5E:EA:18:B8:62:8E:E9:16:E2:8B:70:65:54:6A:1F:CD:32:D4
Authority key identifier: 91:58:A3:77:5D:0C:5E:B3:8F:20:F0:EF:9A:36:11:06:1A:51:95:B3
Certificate issuer:       /CN=9158a3775d0c5eb38f20f0ef9a3611061a5195b3
Certificate serial:       019A503DD8D77BE263D669C4EA0D0094AB22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kVijd10MXrOPIPDvmjYRBhpRlbM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/5c765c-83f3-45d1-8930-8d04f8779423/1/kVijd10MXrOPIPDvmjYRBhpRlbM.mft
Manifest number:          170B
Signing time:             Tue 04 Nov 2025 19:00:21 +0000
Manifest this update:     Tue 04 Nov 2025 19:00:21 +0000
Manifest next update:     Wed 05 Nov 2025 19:00:21 +0000
Files and hashes:         1: kVijd10MXrOPIPDvmjYRBhpRlbM.crl (hash: ImrRgmITuYWhVfrjwc+NpvhjYPwDclpoyUIhSce4lgM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/5c765c-83f3-45d1-8930-8d04f8779423/1/kVijd10MXrOPIPDvmjYRBhpRlbM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/5c765c-83f3-45d1-8930-8d04f8779423/1/kVijd10MXrOPIPDvmjYRBhpRlbM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kVijd10MXrOPIPDvmjYRBhpRlbM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 16:49:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:3d:d8:d7:7b:e2:63:d6:69:c4:ea:0d:00:94:ab:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9158a3775d0c5eb38f20f0ef9a3611061a5195b3
        Validity
            Not Before: Nov  4 19:00:21 2025 GMT
            Not After : Nov  5 19:00:21 2025 GMT
        Subject: CN=67da5eea18b8628ee916e28b7065546a1fcd32d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:45:7d:ac:e1:a0:d6:c3:7a:a8:2d:1e:75:2c:
                    5e:3a:6f:e4:24:b5:c0:08:5a:84:1f:21:93:3d:f5:
                    85:24:5f:16:6a:85:fb:51:d6:2b:bd:d6:2a:76:fc:
                    6f:0e:0a:33:ab:5e:b2:72:63:4c:41:30:0a:59:14:
                    38:6c:c1:39:cb:11:36:d6:17:ba:a7:ec:12:7c:14:
                    09:13:94:67:a2:2d:8b:47:c1:90:2d:31:88:1f:fd:
                    28:28:49:a1:0a:2b:40:20:fd:32:fc:46:1c:5b:2f:
                    c8:76:b3:34:e0:bc:48:45:12:4a:2c:2b:e1:be:4e:
                    f3:2d:46:fc:e2:12:bc:18:df:07:a3:54:ba:11:d0:
                    5c:d2:18:4d:fd:96:04:b0:37:09:fb:24:7a:b5:f7:
                    97:6c:bb:02:4a:25:e2:6e:41:4e:2b:3e:b0:7b:68:
                    5f:65:86:62:b6:12:a0:02:1c:eb:ae:9d:f5:bc:58:
                    76:ca:29:fd:61:3b:d8:2e:05:bb:f3:27:d0:7b:ed:
                    7f:6f:4b:26:41:37:28:71:39:38:85:66:b0:6a:1f:
                    72:10:6f:32:0c:9c:ca:3a:45:28:74:92:3e:21:de:
                    a0:0b:4c:d4:93:c8:9e:94:3d:e1:f7:59:4e:d5:da:
                    f8:57:ee:2c:1d:e4:38:92:23:fb:b0:94:0a:b7:ea:
                    3f:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:DA:5E:EA:18:B8:62:8E:E9:16:E2:8B:70:65:54:6A:1F:CD:32:D4
            X509v3 Authority Key Identifier:
                keyid:91:58:A3:77:5D:0C:5E:B3:8F:20:F0:EF:9A:36:11:06:1A:51:95:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kVijd10MXrOPIPDvmjYRBhpRlbM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/5c765c-83f3-45d1-8930-8d04f8779423/1/kVijd10MXrOPIPDvmjYRBhpRlbM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/5c765c-83f3-45d1-8930-8d04f8779423/1/kVijd10MXrOPIPDvmjYRBhpRlbM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:e3:bf:fb:f5:61:87:7b:ed:6e:92:a3:d4:c1:34:51:e6:c9:
         be:65:38:a7:c3:67:33:a5:7c:ea:e4:03:57:52:43:74:ce:12:
         0f:00:6e:4e:3a:5b:26:ae:a1:a2:51:cb:05:96:86:02:f5:b5:
         c7:6f:56:7e:a4:ac:7b:1f:f3:7e:ee:8b:1d:33:ea:7b:f9:69:
         3d:96:1d:ce:53:e6:8a:2d:70:ee:a1:bb:ec:9d:28:4c:b7:4b:
         7f:d9:ac:c4:68:85:1d:13:e8:05:ed:9f:57:ef:19:9e:9d:fd:
         41:70:8e:78:c2:0b:d5:48:88:71:5d:f8:e8:88:e7:6f:6b:04:
         73:27:90:a6:a8:69:3a:5f:9a:b9:b2:ac:45:3e:0b:f1:76:28:
         2e:95:4d:15:56:42:bc:4a:e1:4c:e5:27:32:ba:b0:c5:55:fa:
         23:0b:0a:61:7e:dd:c7:2c:cb:05:3a:e4:50:a3:74:09:45:11:
         dd:43:5b:23:40:71:3e:dc:d6:1a:ac:4a:eb:13:09:1c:e8:b2:
         3d:0e:37:b0:7f:71:1b:78:c9:0e:7a:79:c6:21:dd:c1:f2:7e:
         22:d3:d2:4d:fa:c1:05:4d:42:c4:81:c1:0d:04:3f:ac:55:14:
         75:ad:4c:0f:0e:0b:97:dc:b8:45:60:9a:83:0a:08:31:76:83:
         f5:97:bd:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQPdjXe+Jj1mnE6g0AlKsiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNThhMzc3NWQwYzVlYjM4ZjIwZjBlZjlhMzYxMTA2MWE1
MTk1YjMwHhcNMjUxMTA0MTkwMDIxWhcNMjUxMTA1MTkwMDIxWjAzMTEwLwYDVQQD
Eyg2N2RhNWVlYTE4Yjg2MjhlZTkxNmUyOGI3MDY1NTQ2YTFmY2QzMmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUV9rOGg1sN6qC0edSxeOm/kJLXA
CFqEHyGTPfWFJF8WaoX7UdYrvdYqdvxvDgozq16ycmNMQTAKWRQ4bME5yxE21he6
p+wSfBQJE5Rnoi2LR8GQLTGIH/0oKEmhCitAIP0y/EYcWy/IdrM04LxIRRJKLCvh
vk7zLUb84hK8GN8Ho1S6EdBc0hhN/ZYEsDcJ+yR6tfeXbLsCSiXibkFOKz6we2hf
ZYZithKgAhzrrp31vFh2yin9YTvYLgW78yfQe+1/b0smQTcocTk4hWawah9yEG8y
DJzKOkUodJI+Id6gC0zUk8ielD3h91lO1dr4V+4sHeQ4kiP7sJQKt+o/lwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGfaXuoYuGKO6Rbii3BlVGofzTLUMB8GA1UdIwQY
MBaAFJFYo3ddDF6zjyDw75o2EQYaUZWzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1ZpamQxME1Yck9QSVBEdm1qWVJCaHBSbGJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC81Yzc2NWMtODNmMy00NWQxLTg5MzAt
OGQwNGY4Nzc5NDIzLzEva1ZpamQxME1Yck9QSVBEdm1qWVJCaHBSbGJNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC81Yzc2NWMtODNmMy00NWQxLTg5MzAtOGQwNGY4Nzc5NDIz
LzEva1ZpamQxME1Yck9QSVBEdm1qWVJCaHBSbGJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASeO/+/Vh
h3vtbpKj1ME0UebJvmU4p8NnM6V86uQDV1JDdM4SDwBuTjpbJq6holHLBZaGAvW1
x29WfqSsex/zfu6LHTPqe/lpPZYdzlPmii1w7qG77J0oTLdLf9msxGiFHRPoBe2f
V+8Znp39QXCOeMIL1UiIcV346Ijnb2sEcyeQpqhpOl+aubKsRT4L8XYoLpVNFVZC
vErhTOUnMrqwxVX6IwsKYX7dxyzLBTrkUKN0CUUR3UNbI0BxPtzWGqxK6xMJHOiy
PQ43sH9xG3jJDnp5xiHdwfJ+ItPSTfrBBU1CxIHBDQQ/rFUUda1MDw4Ll9y4RWCa
gwoIMXaD9Ze93w==
-----END CERTIFICATE-----