Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft
File:                     Th1cISsoF0fIw-xuhm4Vs5TFu98.mft (raw, json)
Hash identifier:          RYiRe3p6RhiMwrKPwuRPIzw9/GpVIWQ8hykzCv8nvQ8=
Subject key identifier:   C0:15:49:A2:EB:6C:06:70:56:39:1B:96:4A:46:03:78:80:0B:05:48
Authority key identifier: 4E:1D:5C:21:2B:28:17:47:C8:C3:EC:6E:86:6E:15:B3:94:C5:BB:DF
Certificate issuer:       /CN=4e1d5c212b281747c8c3ec6e866e15b394c5bbdf
Certificate serial:       019A4F9910573A0D2DA68EE49B66E2E425C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Th1cISsoF0fIw-xuhm4Vs5TFu98.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft
Manifest number:          0E45
Signing time:             Tue 04 Nov 2025 16:00:22 +0000
Manifest this update:     Tue 04 Nov 2025 16:00:22 +0000
Manifest next update:     Wed 05 Nov 2025 16:00:22 +0000
Files and hashes:         1: Th1cISsoF0fIw-xuhm4Vs5TFu98.crl (hash: VlCsqmQAv8PejXv5r4/np0d5R9OThq/zBYs4X3Z6gh4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Th1cISsoF0fIw-xuhm4Vs5TFu98.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 16:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:99:10:57:3a:0d:2d:a6:8e:e4:9b:66:e2:e4:25:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e1d5c212b281747c8c3ec6e866e15b394c5bbdf
        Validity
            Not Before: Nov  4 16:00:22 2025 GMT
            Not After : Nov  5 16:00:22 2025 GMT
        Subject: CN=c01549a2eb6c067056391b964a460378800b0548
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:62:58:a2:37:95:0d:36:12:a6:87:18:60:a3:
                    79:3a:1f:e3:73:9c:fe:82:c9:d2:19:99:48:de:2f:
                    4f:0f:35:c0:8a:1b:44:13:c3:09:f1:b2:27:0e:e9:
                    c1:6d:09:4e:f7:00:14:80:f7:0e:15:ce:65:3c:e7:
                    a3:7b:55:da:9e:1e:3d:92:f9:38:5f:a5:1a:79:67:
                    47:68:5c:37:69:6e:4c:f2:13:0c:b8:f2:e4:68:d5:
                    14:c2:c9:e5:94:be:aa:14:97:fa:1c:d2:25:23:79:
                    f7:e2:a8:1f:54:ac:06:1b:1f:3c:05:4e:d5:4d:31:
                    6c:e0:e6:4f:18:4f:1a:73:3d:dc:f9:3c:44:df:8a:
                    7e:66:33:6e:c4:eb:42:20:c5:3f:24:db:35:34:cd:
                    d3:1e:cb:04:2c:a5:58:6b:f2:a4:ff:96:a1:ee:95:
                    96:5f:31:31:ae:03:af:a7:1d:33:94:2c:e9:a1:5c:
                    36:54:0f:99:94:86:0f:0a:81:01:f0:2d:dd:4c:af:
                    51:db:26:06:ba:10:28:a7:cb:fa:4d:9c:08:d3:85:
                    95:2d:16:34:82:5b:8b:89:bb:48:1d:0e:e6:7a:36:
                    a7:4d:17:b8:cd:04:bf:9a:71:d2:88:f4:77:92:81:
                    99:fb:19:67:a1:d0:77:5a:f7:4e:14:24:87:c0:c3:
                    83:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:15:49:A2:EB:6C:06:70:56:39:1B:96:4A:46:03:78:80:0B:05:48
            X509v3 Authority Key Identifier:
                keyid:4E:1D:5C:21:2B:28:17:47:C8:C3:EC:6E:86:6E:15:B3:94:C5:BB:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Th1cISsoF0fIw-xuhm4Vs5TFu98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:16:1f:6e:30:70:bf:95:31:a8:9b:35:6f:b6:ba:72:0d:12:
         6c:4b:ae:83:e8:2d:a9:eb:60:e6:33:f1:25:b7:44:71:f0:2a:
         e4:dd:86:00:c5:6d:fa:78:ce:c9:88:32:ff:b3:b8:79:c5:d7:
         cd:a0:b6:42:bc:64:c1:57:6c:05:c8:66:1f:b0:63:65:db:3c:
         92:79:af:8c:d2:d9:10:cc:b5:66:cd:bc:8f:03:f6:3d:1f:18:
         4d:2c:d9:eb:5d:75:9c:dd:55:0d:f6:83:bc:9f:47:ee:01:ac:
         1c:36:1b:b5:1e:70:3e:d3:1f:25:54:02:e9:a1:8f:e9:92:68:
         be:62:8d:1a:7c:8c:d1:7e:0a:fd:94:47:d0:d7:12:fd:dd:b7:
         0d:a5:9f:fc:a5:15:44:7c:29:f1:69:e9:a1:a7:d7:ca:75:d6:
         08:9d:b7:79:d6:cb:21:75:29:1b:42:fe:6b:9c:65:08:e5:32:
         19:d5:65:37:e0:6d:4f:16:13:94:da:25:10:c5:e9:28:42:d1:
         10:2f:57:46:a7:50:e9:ae:5c:ca:64:83:01:12:d4:de:2a:19:
         f8:c5:3d:98:1d:f6:3b:83:26:29:28:97:82:6e:3b:7f:92:39:
         c7:8a:8b:9e:90:c2:b5:3c:40:70:8f:1e:b0:7c:09:7d:97:5b:
         00:8e:17:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPmRBXOg0tpo7km2bi5CXJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMWQ1YzIxMmIyODE3NDdjOGMzZWM2ZTg2NmUxNWIzOTRj
NWJiZGYwHhcNMjUxMTA0MTYwMDIyWhcNMjUxMTA1MTYwMDIyWjAzMTEwLwYDVQQD
EyhjMDE1NDlhMmViNmMwNjcwNTYzOTFiOTY0YTQ2MDM3ODgwMGIwNTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWJYojeVDTYSpocYYKN5Oh/jc5z+
gsnSGZlI3i9PDzXAihtEE8MJ8bInDunBbQlO9wAUgPcOFc5lPOeje1Xanh49kvk4
X6UaeWdHaFw3aW5M8hMMuPLkaNUUwsnllL6qFJf6HNIlI3n34qgfVKwGGx88BU7V
TTFs4OZPGE8acz3c+TxE34p+ZjNuxOtCIMU/JNs1NM3THssELKVYa/Kk/5ah7pWW
XzExrgOvpx0zlCzpoVw2VA+ZlIYPCoEB8C3dTK9R2yYGuhAop8v6TZwI04WVLRY0
gluLibtIHQ7mejanTRe4zQS/mnHSiPR3koGZ+xlnodB3WvdOFCSHwMODtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMAVSaLrbAZwVjkblkpGA3iACwVIMB8GA1UdIwQY
MBaAFE4dXCErKBdHyMPsboZuFbOUxbvfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGgxY0lTc29GMGZJdy14dWhtNFZzNVRGdTk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8yNzc1MDMtODJlMy00YzE3LTk2OTkt
NzEyZTI3NjFkYWY1LzEvVGgxY0lTc29GMGZJdy14dWhtNFZzNVRGdTk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8yNzc1MDMtODJlMy00YzE3LTk2OTktNzEyZTI3NjFkYWY1
LzEvVGgxY0lTc29GMGZJdy14dWhtNFZzNVRGdTk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeRYfbjBw
v5UxqJs1b7a6cg0SbEuug+gtqetg5jPxJbdEcfAq5N2GAMVt+njOyYgy/7O4ecXX
zaC2QrxkwVdsBchmH7BjZds8knmvjNLZEMy1Zs28jwP2PR8YTSzZ6111nN1VDfaD
vJ9H7gGsHDYbtR5wPtMfJVQC6aGP6ZJovmKNGnyM0X4K/ZRH0NcS/d23DaWf/KUV
RHwp8WnpoafXynXWCJ23edbLIXUpG0L+a5xlCOUyGdVlN+BtTxYTlNolEMXpKELR
EC9XRqdQ6a5cymSDARLU3ioZ+MU9mB32O4MmKSiXgm47f5I5x4qLnpDCtTxAcI8e
sHwJfZdbAI4XnQ==
-----END CERTIFICATE-----