Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
File:                     5LDTY6ChegaEUahRRc5PpGTX-hs.mft (raw, json)
Hash identifier:          /IIut2WMQhwLpJb3L2x9yCCIjf+NERBUXIHMBaj9/DQ=
Subject key identifier:   2D:70:99:79:67:CA:CF:CF:93:4F:35:59:83:E3:AD:4C:0B:84:9E:4F
Authority key identifier: E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B
Certificate issuer:       /CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
Certificate serial:       019A52D2AF784A0E0E273EB786AF7CBB28C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
Manifest number:          1040
Signing time:             Wed 05 Nov 2025 07:02:10 +0000
Manifest this update:     Wed 05 Nov 2025 07:02:10 +0000
Manifest next update:     Thu 06 Nov 2025 07:02:10 +0000
Files and hashes:         1: 5LDTY6ChegaEUahRRc5PpGTX-hs.crl (hash: ZTwVfR3iBr7chy5Bb0f88y+CVfjoJvOTqa7USUldX6w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 03:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:52:d2:af:78:4a:0e:0e:27:3e:b7:86:af:7c:bb:28:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
        Validity
            Not Before: Nov  5 07:02:10 2025 GMT
            Not After : Nov  6 07:02:10 2025 GMT
        Subject: CN=2d70997967cacfcf934f355983e3ad4c0b849e4f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:d0:34:d6:e1:81:ff:79:aa:79:b0:3e:c0:4e:
                    e0:70:2b:cf:69:db:68:cd:2c:9d:af:dc:00:ae:c8:
                    a4:42:c3:20:62:95:c5:3f:50:e2:31:84:c8:ab:bf:
                    a3:17:d2:68:f8:3d:49:d2:81:ea:e2:3a:d5:97:b7:
                    28:40:15:20:cd:dd:80:21:ad:8a:a1:93:92:b3:b1:
                    10:d0:0c:8e:42:6e:20:70:5d:02:d7:2b:d1:0c:c4:
                    e0:2c:0f:19:94:45:85:cd:ce:26:20:a9:3f:53:bb:
                    de:a3:9b:91:67:34:23:10:06:10:f5:67:32:8d:8e:
                    1c:ab:36:e6:49:ba:9e:c9:71:1d:fb:ff:ec:08:71:
                    bb:a3:27:7d:e7:79:4c:b7:e5:82:03:24:c0:6c:64:
                    45:b7:be:c4:b1:60:a9:9c:60:e8:0a:5f:28:51:b1:
                    b7:d8:7c:68:3f:8e:36:35:f3:16:87:00:43:4e:68:
                    31:e1:46:c6:5c:80:41:28:24:cf:c7:a0:11:78:65:
                    46:45:c1:29:fd:d5:bc:54:ca:46:2a:35:34:d5:f5:
                    b9:51:60:ba:b2:02:ce:55:89:14:b7:ae:0a:d2:3b:
                    19:df:ff:cf:73:32:dd:79:64:0d:bf:4e:35:42:c4:
                    42:34:13:41:29:2b:ec:e2:93:b4:9f:69:33:fa:57:
                    59:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:70:99:79:67:CA:CF:CF:93:4F:35:59:83:E3:AD:4C:0B:84:9E:4F
            X509v3 Authority Key Identifier:
                keyid:E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:3b:9e:95:6c:9d:cc:eb:04:d9:49:3b:10:de:e8:07:9c:a8:
         c9:2f:8f:b7:e1:ff:0c:ab:34:cc:8a:57:cd:fe:cc:e0:2e:c6:
         43:8e:c1:a6:1e:51:ec:03:84:61:77:49:65:c8:a6:d0:ff:ad:
         b0:61:ec:f1:e2:26:97:de:dc:87:8c:ef:e7:2e:b8:3e:cc:c8:
         d8:2c:1f:4b:60:c2:60:9e:f0:27:3f:1f:44:f3:4a:e8:1b:67:
         2f:c1:88:fc:3f:84:1a:57:f4:64:46:09:5d:0d:85:f9:df:ec:
         43:bc:75:74:8c:1d:55:34:86:b4:b2:49:0b:27:d5:34:56:0c:
         95:88:6d:a1:68:97:45:6d:03:a0:1d:92:fc:1a:2b:70:d2:f5:
         c5:29:8c:4c:d6:3c:a6:e5:6e:82:4c:f4:b6:c5:48:5c:a6:1f:
         6a:90:f4:40:17:a2:cc:8f:46:eb:0c:44:a1:25:4d:5f:83:3d:
         e8:48:6c:94:ee:54:6f:8a:23:28:8d:54:fd:0b:1a:4f:2e:70:
         d3:55:9d:1f:34:92:a5:ec:25:7c:4a:fc:e9:db:5e:8a:20:61:
         a3:06:a3:1e:cf:93:bd:dc:fd:3e:82:9a:aa:6f:7f:65:33:63:
         67:b9:b0:22:7c:60:41:ab:20:c1:9f:6e:1b:58:5a:db:02:e4:
         14:77:32:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0q94Sg4OJz63hq98uyjGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YjBkMzYzYTBhMTdhMDY4NDUxYTg1MTQ1Y2U0ZmE0NjRk
N2ZhMWIwHhcNMjUxMTA1MDcwMjEwWhcNMjUxMTA2MDcwMjEwWjAzMTEwLwYDVQQD
EygyZDcwOTk3OTY3Y2FjZmNmOTM0ZjM1NTk4M2UzYWQ0YzBiODQ5ZTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9A01uGB/3mqebA+wE7gcCvPadto
zSydr9wArsikQsMgYpXFP1DiMYTIq7+jF9Jo+D1J0oHq4jrVl7coQBUgzd2AIa2K
oZOSs7EQ0AyOQm4gcF0C1yvRDMTgLA8ZlEWFzc4mIKk/U7veo5uRZzQjEAYQ9Wcy
jY4cqzbmSbqeyXEd+//sCHG7oyd953lMt+WCAyTAbGRFt77EsWCpnGDoCl8oUbG3
2HxoP442NfMWhwBDTmgx4UbGXIBBKCTPx6AReGVGRcEp/dW8VMpGKjU01fW5UWC6
sgLOVYkUt64K0jsZ3//PczLdeWQNv041QsRCNBNBKSvs4pO0n2kz+ldZ3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC1wmXlnys/Pk081WYPjrUwLhJ5PMB8GA1UdIwQY
MBaAFOSw02OgoXoGhFGoUUXOT6Rk1/obMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS80NzUzZDMtYTFlOS00ZmQ1LWFlZmUt
N2M3ZDhhNzhhOTYzLzEvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS80NzUzZDMtYTFlOS00ZmQ1LWFlZmUtN2M3ZDhhNzhhOTYz
LzEvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFTuelWyd
zOsE2Uk7EN7oB5yoyS+Pt+H/DKs0zIpXzf7M4C7GQ47Bph5R7AOEYXdJZcim0P+t
sGHs8eIml97ch4zv5y64PszI2CwfS2DCYJ7wJz8fRPNK6BtnL8GI/D+EGlf0ZEYJ
XQ2F+d/sQ7x1dIwdVTSGtLJJCyfVNFYMlYhtoWiXRW0DoB2S/BorcNL1xSmMTNY8
puVugkz0tsVIXKYfapD0QBeizI9G6wxEoSVNX4M96EhslO5Ub4ojKI1U/QsaTy5w
01WdHzSSpewlfEr86dteiiBhowajHs+Tvdz9PoKaqm9/ZTNjZ7mwInxgQasgwZ9u
G1ha2wLkFHcyoA==
-----END CERTIFICATE-----