Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft
File:                     5D7dxEvG9TRFds9ZrwATXGtiwB0.mft (raw, json)
Hash identifier:          eWQ9Nwx8X0dgRrvTTKzSVRm44FJA8Q4TF93EyE2nTIg=
Subject key identifier:   C3:47:B3:23:E9:72:15:C6:21:95:37:9F:A0:70:27:37:CC:14:B0:96
Authority key identifier: E4:3E:DD:C4:4B:C6:F5:34:45:76:CF:59:AF:00:13:5C:6B:62:C0:1D
Certificate issuer:       /CN=e43eddc44bc6f5344576cf59af00135c6b62c01d
Certificate serial:       019A4F622E848BF110EDB45C78FAC053DBB3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft
Manifest number:          0D74
Signing time:             Tue 04 Nov 2025 15:00:25 +0000
Manifest this update:     Tue 04 Nov 2025 15:00:25 +0000
Manifest next update:     Wed 05 Nov 2025 15:00:25 +0000
Files and hashes:         1: 5D7dxEvG9TRFds9ZrwATXGtiwB0.crl (hash: +FwD07KDWu91VFJtzVKhjR/KMN/IQo/QwpobGdWwtnU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:62:2e:84:8b:f1:10:ed:b4:5c:78:fa:c0:53:db:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e43eddc44bc6f5344576cf59af00135c6b62c01d
        Validity
            Not Before: Nov  4 15:00:25 2025 GMT
            Not After : Nov  5 15:00:25 2025 GMT
        Subject: CN=c347b323e97215c62195379fa0702737cc14b096
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:e5:bc:cb:10:d7:b7:38:82:3a:b2:7a:aa:11:
                    e8:bc:b1:42:1c:94:f6:86:91:c5:f9:13:7e:9c:cb:
                    07:8c:a6:97:e7:05:d3:93:a2:54:b6:bf:82:d6:3e:
                    5f:45:9b:07:d7:59:cb:d1:c0:c6:bd:0e:6e:5b:9d:
                    f1:10:37:cf:a9:d3:e9:01:4e:a6:d0:f9:b7:03:e2:
                    4e:80:77:f5:35:05:5d:01:df:d6:7a:fa:d5:86:2a:
                    b5:1f:9e:94:1a:b8:b1:5d:fa:23:ab:00:62:ee:67:
                    57:a8:d9:25:cc:c6:32:c1:5b:bd:06:d8:a0:fa:51:
                    34:bb:26:5d:f0:9c:30:f9:d4:10:fa:71:9a:bc:24:
                    c2:ba:77:3b:4e:d3:8d:fc:db:c0:69:2b:d5:dd:9f:
                    6a:34:07:67:eb:d4:96:a4:05:c3:93:89:fb:9d:a6:
                    99:07:40:d5:ce:3a:62:78:17:6c:cf:f3:82:13:6e:
                    79:ad:c2:d4:48:28:9c:d2:d4:c6:e6:b7:66:11:d8:
                    2f:0f:49:ce:b3:62:ce:1f:32:b3:45:be:a8:45:c4:
                    49:80:72:11:da:57:05:0e:86:1f:29:b1:c9:c4:4f:
                    1d:3d:9a:01:7f:7a:9b:49:98:f8:bf:47:76:d4:5e:
                    5a:13:51:e3:f7:c0:5b:29:7d:24:f8:43:73:5a:b0:
                    e7:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:47:B3:23:E9:72:15:C6:21:95:37:9F:A0:70:27:37:CC:14:B0:96
            X509v3 Authority Key Identifier:
                keyid:E4:3E:DD:C4:4B:C6:F5:34:45:76:CF:59:AF:00:13:5C:6B:62:C0:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:41:14:9b:77:0e:23:34:27:91:0e:c1:28:66:6a:d0:67:3f:
         e2:1d:14:31:d0:76:f7:2c:f0:98:bc:c0:d1:d2:f7:20:20:8d:
         d0:13:d6:f7:48:1e:90:22:a2:ee:69:be:75:d6:35:22:7d:b8:
         ae:4e:9f:82:a4:f8:83:d1:f3:ec:de:41:ef:76:dd:ec:d9:0f:
         36:57:fd:66:6f:1b:96:05:48:0b:87:eb:54:87:49:99:68:ed:
         cd:2f:7c:52:dd:5d:fd:e2:b9:2d:02:80:90:11:6d:b1:c3:cc:
         1b:a3:d9:c1:c3:ae:4b:61:f1:87:e4:1a:4e:e8:b1:84:4d:2c:
         3e:eb:d5:cf:4b:24:69:a7:97:98:7e:38:8b:6b:9c:d7:18:83:
         0a:02:dd:29:af:19:c2:77:fc:9c:13:2e:de:be:6f:29:6b:b5:
         89:ed:1c:3f:4e:d3:00:2f:1f:09:1a:ce:bf:63:72:8a:dc:18:
         5d:9d:5f:60:4e:27:db:58:74:38:6c:b3:0b:4f:44:12:fe:1a:
         aa:3a:dc:41:57:db:5a:e6:b7:48:d1:5d:92:6a:19:2a:e1:38:
         fb:43:84:ec:b0:eb:97:b6:58:29:ee:42:dc:3b:e9:dd:33:e7:
         90:fc:d2:99:5e:fc:b4:07:80:af:04:fc:89:82:07:e6:44:98:
         8d:0c:4d:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYi6Ei/EQ7bRcePrAU9uzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0M2VkZGM0NGJjNmY1MzQ0NTc2Y2Y1OWFmMDAxMzVjNmI2
MmMwMWQwHhcNMjUxMTA0MTUwMDI1WhcNMjUxMTA1MTUwMDI1WjAzMTEwLwYDVQQD
EyhjMzQ3YjMyM2U5NzIxNWM2MjE5NTM3OWZhMDcwMjczN2NjMTRiMDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjeW8yxDXtziCOrJ6qhHovLFCHJT2
hpHF+RN+nMsHjKaX5wXTk6JUtr+C1j5fRZsH11nL0cDGvQ5uW53xEDfPqdPpAU6m
0Pm3A+JOgHf1NQVdAd/WevrVhiq1H56UGrixXfojqwBi7mdXqNklzMYywVu9Btig
+lE0uyZd8Jww+dQQ+nGavCTCunc7TtON/NvAaSvV3Z9qNAdn69SWpAXDk4n7naaZ
B0DVzjpieBdsz/OCE255rcLUSCic0tTG5rdmEdgvD0nOs2LOHzKzRb6oRcRJgHIR
2lcFDoYfKbHJxE8dPZoBf3qbSZj4v0d21F5aE1Hj98BbKX0k+ENzWrDnswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMNHsyPpchXGIZU3n6BwJzfMFLCWMB8GA1UdIwQY
MBaAFOQ+3cRLxvU0RXbPWa8AE1xrYsAdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yZGFhNzItMDMxNC00NmM1LWJlNWIt
OWE2OTMwNDI1OGEwLzEvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8yZGFhNzItMDMxNC00NmM1LWJlNWItOWE2OTMwNDI1OGEw
LzEvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALkEUm3cO
IzQnkQ7BKGZq0Gc/4h0UMdB29yzwmLzA0dL3ICCN0BPW90gekCKi7mm+ddY1In24
rk6fgqT4g9Hz7N5B73bd7NkPNlf9Zm8blgVIC4frVIdJmWjtzS98Ut1d/eK5LQKA
kBFtscPMG6PZwcOuS2Hxh+QaTuixhE0sPuvVz0skaaeXmH44i2uc1xiDCgLdKa8Z
wnf8nBMu3r5vKWu1ie0cP07TAC8fCRrOv2NyitwYXZ1fYE4n21h0OGyzC09EEv4a
qjrcQVfbWua3SNFdkmoZKuE4+0OE7LDrl7ZYKe5C3Dvp3TPnkPzSmV78tAeArwT8
iYIH5kSYjQxNKw==
-----END CERTIFICATE-----