Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft
File:                     Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft (raw, json)
Hash identifier:          1cVQJ7lWojRqdPvzjwJpr4HPR0QA4eMEmMiLBvQ0V/s=
Subject key identifier:   12:46:FB:EE:43:00:64:44:BB:B5:BC:49:E9:BD:C9:3D:6C:F4:52:3B
Authority key identifier: 5D:FD:38:3E:16:8D:2E:C9:FB:C3:90:EA:8D:99:A4:BA:F7:EC:3B:5B
Certificate issuer:       /CN=5dfd383e168d2ec9fbc390ea8d99a4baf7ec3b5b
Certificate serial:       0199FFC7CD29E3BFE1FC1EA32A04679B6090
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xf04PhaNLsn7w5DqjZmkuvfsO1s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft
Manifest number:          017D
Signing time:             Mon 20 Oct 2025 04:01:48 +0000
Manifest this update:     Mon 20 Oct 2025 04:01:48 +0000
Manifest next update:     Tue 21 Oct 2025 04:01:48 +0000
Files and hashes:         1: Xf04PhaNLsn7w5DqjZmkuvfsO1s.crl (hash: 4KhirHOgKAIypgssLFlsekxkfAARnyngEW5y20sMm6M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Xf04PhaNLsn7w5DqjZmkuvfsO1s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c7:cd:29:e3:bf:e1:fc:1e:a3:2a:04:67:9b:60:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5dfd383e168d2ec9fbc390ea8d99a4baf7ec3b5b
        Validity
            Not Before: Oct 20 04:01:48 2025 GMT
            Not After : Oct 21 04:01:48 2025 GMT
        Subject: CN=1246fbee43006444bbb5bc49e9bdc93d6cf4523b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:8d:78:b8:cb:60:5f:1a:bd:f2:06:0e:59:d2:
                    3e:c1:39:31:8c:09:97:d3:f0:a9:0e:3b:48:95:e0:
                    86:04:c1:98:fa:b9:ab:b6:d6:23:c6:0a:61:1c:cc:
                    f6:77:93:13:42:d5:0e:79:0f:eb:5e:bc:35:8b:e0:
                    98:9e:c9:c5:2e:38:e1:c4:77:f2:e5:e0:4d:8e:51:
                    01:af:2c:47:81:81:27:b2:17:6f:4d:b4:af:29:39:
                    f8:05:68:ea:8e:d0:84:6b:6b:55:5f:d0:83:db:8e:
                    dc:2a:d9:7e:95:35:c3:7e:48:3e:fd:5c:ed:8c:35:
                    d9:90:24:7b:e8:38:6f:31:98:35:39:5d:a4:46:48:
                    75:a4:db:48:1f:c9:ac:bd:23:d9:ea:df:23:89:44:
                    96:58:e7:5e:a5:a3:78:fb:81:35:9f:da:f6:17:17:
                    a5:f2:7d:db:a9:01:14:0d:5d:36:0e:26:f6:5f:5a:
                    13:33:ca:36:f4:ae:3e:a0:38:13:9d:91:d2:c9:db:
                    87:b5:8f:4b:0d:9a:9c:9f:d4:c7:f5:fd:e5:c6:55:
                    75:c6:ba:ba:9a:6f:1d:02:c8:ec:86:d0:9e:49:1a:
                    40:9e:b0:2a:48:c9:fa:fe:ab:75:da:92:99:76:b2:
                    8d:ac:72:3a:d9:1d:e2:19:c1:0e:12:fa:9a:c9:9e:
                    5d:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:46:FB:EE:43:00:64:44:BB:B5:BC:49:E9:BD:C9:3D:6C:F4:52:3B
            X509v3 Authority Key Identifier:
                keyid:5D:FD:38:3E:16:8D:2E:C9:FB:C3:90:EA:8D:99:A4:BA:F7:EC:3B:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xf04PhaNLsn7w5DqjZmkuvfsO1s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:21:af:e8:58:36:f3:cb:a6:ff:c4:f7:ac:f9:bd:dd:6a:82:
         95:fe:64:db:d8:01:e5:43:87:7e:40:81:fb:8a:8f:78:30:86:
         2e:31:8e:29:5e:fa:7a:2c:86:e7:a5:49:23:dd:e7:5d:ef:b2:
         dd:53:f1:d5:f8:e2:d7:93:7f:c3:60:d4:4c:90:f1:ac:a8:42:
         88:13:c1:47:0e:9f:af:96:6c:fd:46:0c:e8:fc:e2:69:7a:72:
         d6:1c:5c:da:0d:43:75:9c:22:a8:98:9d:06:a5:66:57:9f:17:
         c2:2c:d4:31:d1:6f:12:2d:df:db:3a:83:30:79:7a:54:cf:43:
         52:23:dc:97:c6:89:da:73:62:ed:83:12:f7:2a:24:c9:06:44:
         4c:38:e9:aa:c4:25:c9:85:59:53:30:9e:a6:cb:54:94:ed:6e:
         00:c1:c1:7b:b8:00:88:41:09:59:6b:94:88:ac:d8:87:ed:e9:
         e2:22:60:31:85:94:19:9b:3f:d0:bd:7e:f7:08:03:31:9a:6f:
         ca:18:cc:0b:55:d5:b6:5b:8b:e2:4c:da:f9:f0:b5:fc:a3:1e:
         3b:d5:01:ce:14:93:2a:1e:11:78:da:c9:6b:25:05:2f:6b:fd:
         f7:19:2c:b5:44:84:18:cc:f4:b6:8f:56:ea:ff:13:97:a9:7a:
         06:75:01:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/x80p47/h/B6jKgRnm2CQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZmQzODNlMTY4ZDJlYzlmYmMzOTBlYThkOTlhNGJhZjdl
YzNiNWIwHhcNMjUxMDIwMDQwMTQ4WhcNMjUxMDIxMDQwMTQ4WjAzMTEwLwYDVQQD
EygxMjQ2ZmJlZTQzMDA2NDQ0YmJiNWJjNDllOWJkYzkzZDZjZjQ1MjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo414uMtgXxq98gYOWdI+wTkxjAmX
0/CpDjtIleCGBMGY+rmrttYjxgphHMz2d5MTQtUOeQ/rXrw1i+CYnsnFLjjhxHfy
5eBNjlEBryxHgYEnshdvTbSvKTn4BWjqjtCEa2tVX9CD247cKtl+lTXDfkg+/Vzt
jDXZkCR76DhvMZg1OV2kRkh1pNtIH8msvSPZ6t8jiUSWWOdepaN4+4E1n9r2Fxel
8n3bqQEUDV02Dib2X1oTM8o29K4+oDgTnZHSyduHtY9LDZqcn9TH9f3lxlV1xrq6
mm8dAsjshtCeSRpAnrAqSMn6/qt12pKZdrKNrHI62R3iGcEOEvqayZ5dFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBJG++5DAGREu7W8Sem9yT1s9FI7MB8GA1UdIwQY
MBaAFF39OD4WjS7J+8OQ6o2ZpLr37DtbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGYwNFBoYU5Mc243dzVEcWpabWt1dmZzTzFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8zNDQwNGEtNDEzMi00ZTgzLThlNDYt
MzkwZTkzNWJlZGEzLzEvWGYwNFBoYU5Mc243dzVEcWpabWt1dmZzTzFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8zNDQwNGEtNDEzMi00ZTgzLThlNDYtMzkwZTkzNWJlZGEz
LzEvWGYwNFBoYU5Mc243dzVEcWpabWt1dmZzTzFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYCGv6Fg2
88um/8T3rPm93WqClf5k29gB5UOHfkCB+4qPeDCGLjGOKV76eiyG56VJI93nXe+y
3VPx1fji15N/w2DUTJDxrKhCiBPBRw6fr5Zs/UYM6PziaXpy1hxc2g1DdZwiqJid
BqVmV58XwizUMdFvEi3f2zqDMHl6VM9DUiPcl8aJ2nNi7YMS9yokyQZETDjpqsQl
yYVZUzCepstUlO1uAMHBe7gAiEEJWWuUiKzYh+3p4iJgMYWUGZs/0L1+9wgDMZpv
yhjMC1XVtluL4kza+fC1/KMeO9UBzhSTKh4ReNrJayUFL2v99xkstUSEGMz0to9W
6v8Tl6l6BnUB1g==
-----END CERTIFICATE-----