Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
File:                     a5HhwatXAlaAjt-5y3VZxV3PrWE.mft (raw, json)
Hash identifier:          rEqr/baYSp4mzZdT048vhJ4L1yCeUTY1hpKPUH7G/cg=
Subject key identifier:   B5:93:CB:40:03:1F:9F:0F:0E:4B:7F:CB:C7:37:FB:F0:70:DE:AF:1B
Authority key identifier: 6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61
Certificate issuer:       /CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61
Certificate serial:       019A503D9033D0573D72F3DE44ADC990FCFD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
Manifest number:          0ACD
Signing time:             Tue 04 Nov 2025 19:00:03 +0000
Manifest this update:     Tue 04 Nov 2025 19:00:03 +0000
Manifest next update:     Wed 05 Nov 2025 19:00:03 +0000
Files and hashes:         1: a5HhwatXAlaAjt-5y3VZxV3PrWE.crl (hash: 74W3JVUEo8LXQ/S/8CSh9UKA33JJGpGXRH0NIfbxQ4g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 16:49:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:3d:90:33:d0:57:3d:72:f3:de:44:ad:c9:90:fc:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61
        Validity
            Not Before: Nov  4 19:00:03 2025 GMT
            Not After : Nov  5 19:00:03 2025 GMT
        Subject: CN=b593cb40031f9f0f0e4b7fcbc737fbf070deaf1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:64:50:1c:4e:80:2a:99:bf:a4:02:1c:c6:e4:
                    1f:fb:81:d1:2f:a0:f3:d4:77:77:51:62:f8:f0:9b:
                    8e:9f:05:b2:8e:3d:e1:f7:a4:83:ba:7d:24:4c:3e:
                    7f:df:76:c5:c4:ab:26:23:3c:09:a0:6e:88:da:cb:
                    06:d1:dc:1d:0f:de:86:61:8c:98:ab:65:ed:fb:53:
                    32:41:c2:24:56:ca:03:02:11:1b:72:62:59:a6:41:
                    21:5b:14:05:db:73:5b:ed:a4:30:cf:2a:d0:c5:d5:
                    0b:d7:f7:16:0a:3e:d1:3d:f6:11:b2:1d:5c:87:70:
                    1a:2f:7a:ac:81:56:ea:33:3d:72:1c:c8:01:11:a4:
                    8f:36:60:97:4c:82:bd:98:d2:7c:38:07:24:bb:1f:
                    c7:15:c0:6e:54:3b:88:b6:3d:a0:a7:de:30:c2:78:
                    83:96:b7:51:80:cc:db:cf:81:d4:01:b0:87:52:eb:
                    be:16:30:e0:e5:c6:11:b9:63:91:6f:8f:82:6d:99:
                    f3:ed:79:17:bb:03:fa:70:0e:e1:d3:a6:96:5f:dc:
                    a4:eb:ef:4c:e3:14:df:cf:12:0d:15:94:cc:91:59:
                    64:f0:60:db:56:1e:aa:c6:76:e0:23:02:02:61:23:
                    ab:c8:21:57:41:4d:3e:00:38:4f:fb:9c:87:1d:80:
                    22:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:93:CB:40:03:1F:9F:0F:0E:4B:7F:CB:C7:37:FB:F0:70:DE:AF:1B
            X509v3 Authority Key Identifier:
                keyid:6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:a8:38:a1:f8:50:43:18:35:91:87:6b:3a:4c:62:9f:db:6a:
         1a:12:42:a3:5b:d8:31:21:cf:6e:fa:f9:2d:81:ca:f6:78:39:
         c9:21:5a:7a:ba:89:3b:2c:af:f7:14:63:fe:60:18:a6:75:2b:
         89:69:13:39:74:e8:a9:e3:8f:6c:1f:1c:dd:7c:db:a7:b1:c1:
         ea:f7:e2:9c:6e:81:8a:39:5b:8d:1f:28:ee:c9:9f:ef:8f:c2:
         4d:7c:81:70:d4:87:6c:89:17:e9:8b:43:bf:f9:d6:fc:1e:ff:
         4e:26:1a:b2:5e:b5:ea:69:c0:e5:7a:0f:77:2d:8a:09:ad:aa:
         1d:bd:1b:21:f5:d6:60:7a:0f:7a:ab:39:e3:fb:48:fc:10:df:
         3b:66:41:5b:db:55:f3:f2:a2:05:17:95:cd:18:dc:2c:0d:bd:
         29:a8:20:59:55:7c:44:a3:81:b8:ed:8c:59:7b:00:45:09:84:
         e1:77:fc:e1:71:a0:3c:e0:01:74:42:88:99:3b:3b:aa:92:45:
         78:af:59:4f:10:27:8c:62:86:49:e3:d1:b2:7f:10:cd:f3:7c:
         8c:cf:aa:e3:0f:2e:c7:fe:77:56:b2:a8:09:01:a1:01:54:2e:
         48:b3:01:8e:27:fd:af:e5:fe:54:e5:42:aa:53:da:04:6b:a7:
         69:99:f3:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQPZAz0Fc9cvPeRK3JkPz9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiOTFlMWMxYWI1NzAyNTY4MDhlZGZiOWNiNzU1OWM1NWRj
ZmFkNjEwHhcNMjUxMTA0MTkwMDAzWhcNMjUxMTA1MTkwMDAzWjAzMTEwLwYDVQQD
EyhiNTkzY2I0MDAzMWY5ZjBmMGU0YjdmY2JjNzM3ZmJmMDcwZGVhZjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WRQHE6AKpm/pAIcxuQf+4HRL6Dz
1Hd3UWL48JuOnwWyjj3h96SDun0kTD5/33bFxKsmIzwJoG6I2ssG0dwdD96GYYyY
q2Xt+1MyQcIkVsoDAhEbcmJZpkEhWxQF23Nb7aQwzyrQxdUL1/cWCj7RPfYRsh1c
h3AaL3qsgVbqMz1yHMgBEaSPNmCXTIK9mNJ8OAckux/HFcBuVDuItj2gp94wwniD
lrdRgMzbz4HUAbCHUuu+FjDg5cYRuWORb4+CbZnz7XkXuwP6cA7h06aWX9yk6+9M
4xTfzxINFZTMkVlk8GDbVh6qxnbgIwICYSOryCFXQU0+ADhP+5yHHYAiCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLWTy0ADH58PDkt/y8c3+/Bw3q8bMB8GA1UdIwQY
MBaAFGuR4cGrVwJWgI7fuct1WcVdz61hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMt
MDk4YTAyOTI5MDg5LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMtMDk4YTAyOTI5MDg5
LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiqg4ofhQ
Qxg1kYdrOkxin9tqGhJCo1vYMSHPbvr5LYHK9ng5ySFaerqJOyyv9xRj/mAYpnUr
iWkTOXToqeOPbB8c3Xzbp7HB6vfinG6BijlbjR8o7smf74/CTXyBcNSHbIkX6YtD
v/nW/B7/TiYasl616mnA5XoPdy2KCa2qHb0bIfXWYHoPeqs54/tI/BDfO2ZBW9tV
8/KiBReVzRjcLA29KaggWVV8RKOBuO2MWXsARQmE4Xf84XGgPOABdEKImTs7qpJF
eK9ZTxAnjGKGSePRsn8QzfN8jM+q4w8ux/53VrKoCQGhAVQuSLMBjif9r+X+VOVC
qlPaBGunaZnzeQ==
-----END CERTIFICATE-----