Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
File:                     5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft (raw, json)
Hash identifier:          wZxXPHouEXUg8/2QQzUovFu1sntkdjuSAN1/0o1iF1A=
Subject key identifier:   6E:A0:3A:34:C2:6F:3F:73:67:C2:94:46:B5:D9:91:FC:30:E4:30:B1
Authority key identifier: E5:2C:B8:5C:A7:93:FA:D5:65:B4:60:8E:26:D8:2A:6A:E2:7D:C2:32
Certificate issuer:       /CN=e52cb85ca793fad565b4608e26d82a6ae27dc232
Certificate serial:       019A4F2B7E610D324095B05A41751292FF13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
Manifest number:          0D92
Signing time:             Tue 04 Nov 2025 14:00:41 +0000
Manifest this update:     Tue 04 Nov 2025 14:00:41 +0000
Manifest next update:     Wed 05 Nov 2025 14:00:41 +0000
Files and hashes:         1: 5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl (hash: hQ+sTnUFeXIs+ybmFjfe4mknCYb7KWf8hLZoly5zcKw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:2b:7e:61:0d:32:40:95:b0:5a:41:75:12:92:ff:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e52cb85ca793fad565b4608e26d82a6ae27dc232
        Validity
            Not Before: Nov  4 14:00:41 2025 GMT
            Not After : Nov  5 14:00:41 2025 GMT
        Subject: CN=6ea03a34c26f3f7367c29446b5d991fc30e430b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fe:e1:5f:ee:ca:7d:45:bd:c5:82:70:11:32:ef:
                    b7:7e:99:2b:9f:5b:c9:1a:06:c2:73:1c:63:91:aa:
                    13:04:66:7c:2f:2a:43:fc:ca:ad:ac:9c:e5:b8:dd:
                    59:fe:e2:95:5c:84:a0:cb:70:f2:f2:c0:08:6c:db:
                    53:d4:00:68:2a:fb:83:67:0a:ea:a3:04:bf:5d:55:
                    42:a1:f5:32:e9:a9:b7:a2:d7:a8:26:ad:c9:96:90:
                    bd:14:56:e8:73:b7:3a:8c:7c:94:07:42:4a:fd:b7:
                    55:c0:03:0f:46:e4:86:dd:46:d2:18:72:85:58:46:
                    d3:19:94:70:78:06:7b:38:f9:be:d0:14:78:56:0c:
                    6c:c0:7e:c1:28:e7:0e:f6:31:6a:10:42:48:69:bc:
                    e5:24:bc:7a:ff:ce:2e:be:2b:a2:c9:a5:99:03:8e:
                    70:c3:c9:5d:09:8e:7b:cc:6c:e5:f8:32:39:58:14:
                    0c:ad:41:de:a4:73:42:e2:a6:49:2e:6a:3c:b3:51:
                    d5:c6:a3:26:17:a4:33:33:8b:36:12:5a:ec:bc:f5:
                    b6:fa:f2:a3:7b:cb:00:69:43:0f:1d:4e:98:3f:6f:
                    3b:1c:eb:74:f0:cb:5a:f7:6f:57:a3:f4:7f:40:74:
                    92:52:64:99:87:ba:b8:11:d6:1c:ae:ef:b9:f5:bd:
                    c6:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:A0:3A:34:C2:6F:3F:73:67:C2:94:46:B5:D9:91:FC:30:E4:30:B1
            X509v3 Authority Key Identifier:
                keyid:E5:2C:B8:5C:A7:93:FA:D5:65:B4:60:8E:26:D8:2A:6A:E2:7D:C2:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:39:39:30:ac:a4:6f:d3:ed:0b:ea:5e:72:ed:17:9b:c7:bf:
         a9:54:81:ec:25:a2:95:90:c4:66:ef:86:41:11:f5:33:60:5e:
         6b:41:12:22:9f:b4:bf:7e:56:6c:09:17:1a:56:8d:93:94:34:
         02:cc:3a:33:ca:53:fb:7c:40:f0:c3:c6:7b:38:2f:21:38:cc:
         73:1e:aa:ad:18:0c:64:29:e3:6a:65:70:f6:0a:0c:4e:0a:08:
         36:6f:c6:43:6e:11:e6:4e:d6:76:c9:7b:4a:e8:09:0a:b1:d5:
         18:55:ad:f9:71:a4:ef:01:00:17:1f:9f:18:51:97:50:7b:e4:
         14:82:a0:d3:72:ff:e1:4f:c6:c3:bf:28:d5:8d:ce:d9:98:67:
         a4:69:bc:db:10:26:da:d6:cf:64:06:5a:46:d7:36:9e:7a:f1:
         04:be:33:5b:66:34:8c:d7:f1:f5:c4:f8:38:f7:fd:02:01:25:
         cb:b9:60:a4:89:25:e8:a0:07:81:a9:56:80:a4:5a:a6:d5:b7:
         54:2a:d0:25:48:05:9f:82:18:16:e0:0c:a8:5c:cc:87:01:ea:
         57:ec:f0:43:57:86:7f:b9:03:8e:e1:ef:a1:eb:b0:75:b8:62:
         dd:87:e5:c4:07:6f:9a:d9:8c:db:73:04:0a:41:00:0d:be:62:
         bf:da:f5:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPK35hDTJAlbBaQXUSkv8TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MmNiODVjYTc5M2ZhZDU2NWI0NjA4ZTI2ZDgyYTZhZTI3
ZGMyMzIwHhcNMjUxMTA0MTQwMDQxWhcNMjUxMTA1MTQwMDQxWjAzMTEwLwYDVQQD
Eyg2ZWEwM2EzNGMyNmYzZjczNjdjMjk0NDZiNWQ5OTFmYzMwZTQzMGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/uFf7sp9Rb3FgnARMu+3fpkrn1vJ
GgbCcxxjkaoTBGZ8LypD/MqtrJzluN1Z/uKVXISgy3Dy8sAIbNtT1ABoKvuDZwrq
owS/XVVCofUy6am3oteoJq3JlpC9FFboc7c6jHyUB0JK/bdVwAMPRuSG3UbSGHKF
WEbTGZRweAZ7OPm+0BR4VgxswH7BKOcO9jFqEEJIabzlJLx6/84uviuiyaWZA45w
w8ldCY57zGzl+DI5WBQMrUHepHNC4qZJLmo8s1HVxqMmF6QzM4s2ElrsvPW2+vKj
e8sAaUMPHU6YP287HOt08Mta929Xo/R/QHSSUmSZh7q4EdYcru+59b3G8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG6gOjTCbz9zZ8KURrXZkfww5DCxMB8GA1UdIwQY
MBaAFOUsuFynk/rVZbRgjibYKmrifcIyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi85NWJhZDktMjBmZS00YjhkLThmMDMt
OWMyOTk5ZDA5YjhmLzEvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi85NWJhZDktMjBmZS00YjhkLThmMDMtOWMyOTk5ZDA5Yjhm
LzEvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANDk5MKyk
b9PtC+pecu0Xm8e/qVSB7CWilZDEZu+GQRH1M2Bea0ESIp+0v35WbAkXGlaNk5Q0
Asw6M8pT+3xA8MPGezgvITjMcx6qrRgMZCnjamVw9goMTgoINm/GQ24R5k7Wdsl7
SugJCrHVGFWt+XGk7wEAFx+fGFGXUHvkFIKg03L/4U/Gw78o1Y3O2ZhnpGm82xAm
2tbPZAZaRtc2nnrxBL4zW2Y0jNfx9cT4OPf9AgEly7lgpIkl6KAHgalWgKRaptW3
VCrQJUgFn4IYFuAMqFzMhwHqV+zwQ1eGf7kDjuHvoeuwdbhi3YflxAdvmtmM23ME
CkEADb5iv9r1Tg==
-----END CERTIFICATE-----