Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
File:                     5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft (raw, json)
Hash identifier:          xlUg2ZAk8ThpiSlGLIoKDYFTpqimiOBCt2AJ4/5Tq74=
Subject key identifier:   AA:93:0A:13:1E:D8:A1:DC:4B:86:E8:97:63:FE:A9:2A:EF:CE:4C:63
Authority key identifier: E5:2C:B8:5C:A7:93:FA:D5:65:B4:60:8E:26:D8:2A:6A:E2:7D:C2:32
Certificate issuer:       /CN=e52cb85ca793fad565b4608e26d82a6ae27dc232
Certificate serial:       0198A083C4852283BC66B002E29032EDA4D2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
Manifest number:          0CB3
Signing time:             Tue 12 Aug 2025 23:00:46 +0000
Manifest this update:     Tue 12 Aug 2025 23:00:46 +0000
Manifest next update:     Wed 13 Aug 2025 23:00:46 +0000
Files and hashes:         1: 5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl (hash: MNxAL+badEKrio8nadcucgNNFXyvljnfmGmYVic52HQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 22:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:a0:83:c4:85:22:83:bc:66:b0:02:e2:90:32:ed:a4:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e52cb85ca793fad565b4608e26d82a6ae27dc232
        Validity
            Not Before: Aug 12 23:00:46 2025 GMT
            Not After : Aug 13 23:00:46 2025 GMT
        Subject: CN=aa930a131ed8a1dc4b86e89763fea92aefce4c63
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:3a:10:b8:87:03:ef:74:83:17:12:6c:fe:36:
                    ac:6a:3e:f7:eb:c1:60:1d:9c:df:d6:a2:eb:83:dd:
                    bd:68:94:4e:86:ad:67:ad:74:67:de:7a:1c:fc:24:
                    96:02:1d:e0:14:31:4a:97:2a:c7:0a:de:5d:94:08:
                    b5:4d:37:df:d2:16:87:9b:3a:46:96:b0:c0:ff:b7:
                    9e:77:e8:eb:25:07:2d:ad:ec:3b:73:72:ea:ba:6e:
                    cd:dd:b9:fe:8d:f4:3e:2c:bc:c3:df:1d:ad:c4:cd:
                    08:ff:ac:5a:ff:59:73:87:86:1c:25:ca:2a:5c:12:
                    f4:dc:33:8e:b1:df:d1:cb:7f:7b:b0:74:e4:58:b6:
                    5c:4d:66:0e:49:86:a9:9f:fd:95:ca:af:cf:20:f5:
                    28:8f:7f:c4:13:b1:83:02:b5:f1:e9:a5:0f:b5:b3:
                    d7:31:02:39:61:2b:47:bf:cf:76:83:ea:cd:d7:49:
                    e4:61:85:08:ea:cd:36:f2:cd:3f:9d:45:a3:8b:47:
                    34:35:a4:76:8c:32:78:6e:1c:57:29:32:96:c7:2e:
                    12:8a:d3:d1:24:fa:3d:c6:5d:b4:0f:18:61:5f:08:
                    37:2c:f2:7c:99:c4:28:b6:b8:f0:3a:ce:c0:54:cd:
                    6e:a6:e4:54:23:dd:06:c6:99:9b:5d:e1:61:51:46:
                    f4:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:93:0A:13:1E:D8:A1:DC:4B:86:E8:97:63:FE:A9:2A:EF:CE:4C:63
            X509v3 Authority Key Identifier:
                keyid:E5:2C:B8:5C:A7:93:FA:D5:65:B4:60:8E:26:D8:2A:6A:E2:7D:C2:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:a6:0a:5e:8b:28:df:5c:74:d2:8e:6b:9a:63:26:ab:61:a5:
         d1:fc:c5:4d:35:9f:1d:63:7f:2d:7a:bf:97:2a:51:f6:e8:9d:
         5d:65:e1:bc:c8:cd:88:2c:33:c5:9d:9f:43:94:3e:d9:2a:87:
         7f:4e:b2:30:76:87:26:53:b3:b8:2b:ba:7c:c8:b0:3b:af:57:
         dc:ae:b5:1e:78:af:23:83:3b:09:98:a4:37:76:0b:71:67:29:
         bb:57:c8:12:da:51:8c:13:05:b7:a2:64:54:f0:bb:ba:de:5a:
         9a:0a:11:aa:04:df:49:ba:d4:e8:07:98:41:42:66:13:a8:78:
         0b:f5:48:54:82:51:64:1a:d8:33:76:1c:13:0b:88:85:86:63:
         58:3e:55:0a:3f:5e:c9:32:c6:3d:0e:5a:02:34:a6:57:b0:8f:
         06:e4:19:9c:ae:31:0e:ea:7c:94:6a:61:7c:02:65:c8:0c:9d:
         62:c2:1b:fe:d1:72:53:3a:b9:04:79:a0:ca:99:d6:0b:6a:3d:
         28:4c:83:1c:ca:29:31:02:6b:9b:34:c7:4c:ed:af:5e:c9:cc:
         ab:d7:38:f0:c3:be:08:70:fb:e2:67:71:e5:b0:ea:64:3a:18:
         cb:7d:6d:51:86:b7:33:c9:31:e6:ba:7b:14:8a:78:f9:3e:b6:
         c1:48:b7:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZigg8SFIoO8ZrAC4pAy7aTSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MmNiODVjYTc5M2ZhZDU2NWI0NjA4ZTI2ZDgyYTZhZTI3
ZGMyMzIwHhcNMjUwODEyMjMwMDQ2WhcNMjUwODEzMjMwMDQ2WjAzMTEwLwYDVQQD
EyhhYTkzMGExMzFlZDhhMWRjNGI4NmU4OTc2M2ZlYTkyYWVmY2U0YzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjToQuIcD73SDFxJs/jasaj7368Fg
HZzf1qLrg929aJROhq1nrXRn3noc/CSWAh3gFDFKlyrHCt5dlAi1TTff0haHmzpG
lrDA/7eed+jrJQctrew7c3Lqum7N3bn+jfQ+LLzD3x2txM0I/6xa/1lzh4YcJcoq
XBL03DOOsd/Ry397sHTkWLZcTWYOSYapn/2Vyq/PIPUoj3/EE7GDArXx6aUPtbPX
MQI5YStHv892g+rN10nkYYUI6s028s0/nUWji0c0NaR2jDJ4bhxXKTKWxy4SitPR
JPo9xl20DxhhXwg3LPJ8mcQotrjwOs7AVM1upuRUI90GxpmbXeFhUUb0vwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKqTChMe2KHcS4bol2P+qSrvzkxjMB8GA1UdIwQY
MBaAFOUsuFynk/rVZbRgjibYKmrifcIyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi85NWJhZDktMjBmZS00YjhkLThmMDMt
OWMyOTk5ZDA5YjhmLzEvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi85NWJhZDktMjBmZS00YjhkLThmMDMtOWMyOTk5ZDA5Yjhm
LzEvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALqYKXoso
31x00o5rmmMmq2Gl0fzFTTWfHWN/LXq/lypR9uidXWXhvMjNiCwzxZ2fQ5Q+2SqH
f06yMHaHJlOzuCu6fMiwO69X3K61HnivI4M7CZikN3YLcWcpu1fIEtpRjBMFt6Jk
VPC7ut5amgoRqgTfSbrU6AeYQUJmE6h4C/VIVIJRZBrYM3YcEwuIhYZjWD5VCj9e
yTLGPQ5aAjSmV7CPBuQZnK4xDup8lGphfAJlyAydYsIb/tFyUzq5BHmgypnWC2o9
KEyDHMopMQJrmzTHTO2vXsnMq9c48MO+CHD74mdx5bDqZDoYy31tUYa3M8kx5rp7
FIp4+T62wUi3hg==
-----END CERTIFICATE-----