Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
File:                     4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft (raw, json)
Hash identifier:          dqYhmWOQRgNVhjVtTei+3yF+ST8bHqvXqgSfchDhWSg=
Subject key identifier:   52:19:5D:AD:1C:31:F1:F6:D2:48:97:65:E4:2E:02:ED:61:D3:F3:6B
Authority key identifier: E0:C4:3C:A4:C4:9C:F6:52:D6:0C:CD:F3:66:E6:01:15:0D:0F:00:B9
Certificate issuer:       /CN=e0c43ca4c49cf652d60ccdf366e601150d0f00b9
Certificate serial:       019A4E862B5CC4B63E5E7702A41BDF2B4C1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
Manifest number:          05E6
Signing time:             Tue 04 Nov 2025 11:00:06 +0000
Manifest this update:     Tue 04 Nov 2025 11:00:06 +0000
Manifest next update:     Wed 05 Nov 2025 11:00:06 +0000
Files and hashes:         1: 4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl (hash: 4CazMNkWC9W6FkufaImRaE2gse7whKjXVExEGZ+mAQc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:86:2b:5c:c4:b6:3e:5e:77:02:a4:1b:df:2b:4c:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0c43ca4c49cf652d60ccdf366e601150d0f00b9
        Validity
            Not Before: Nov  4 11:00:06 2025 GMT
            Not After : Nov  5 11:00:06 2025 GMT
        Subject: CN=52195dad1c31f1f6d2489765e42e02ed61d3f36b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:0b:f6:ff:26:ce:36:78:19:13:76:67:61:d3:
                    1b:8c:8f:20:c7:c6:45:d3:b0:b9:9e:e7:d9:a3:da:
                    78:02:04:55:99:73:c2:5d:bd:95:90:c5:09:e7:3e:
                    c2:52:52:81:dc:fc:72:32:bc:ac:18:64:a9:a7:59:
                    b5:66:d5:cc:cd:2d:16:9b:a9:07:61:de:e7:d3:5d:
                    4e:0b:3e:52:4b:5d:67:b9:a5:45:8f:a8:1a:f9:bd:
                    3a:f6:8f:8f:06:02:55:9c:c0:9e:e6:32:5f:f9:8c:
                    3b:e0:84:d1:d6:0f:9d:cb:cd:eb:ce:d3:ed:23:25:
                    58:82:65:50:89:bb:f4:c7:e9:87:0c:21:94:55:54:
                    7e:c4:d5:1c:28:f9:7d:30:32:4d:d5:5a:47:f3:42:
                    aa:97:b6:ba:7b:86:a7:ed:ae:d6:b3:f9:61:98:f9:
                    30:b8:97:7b:2e:c4:39:44:54:e0:9e:57:3c:06:27:
                    2e:74:f9:02:c0:17:f1:a7:c8:2e:d7:fe:e1:57:da:
                    1e:78:50:93:ff:63:c9:a4:a2:5e:d1:0b:22:f5:7c:
                    42:8b:ce:28:de:1e:25:57:d4:67:9d:0a:55:87:2e:
                    38:a9:87:fe:57:4e:fa:38:b3:fe:c2:57:06:73:fb:
                    85:b1:96:7e:e2:8c:54:30:2e:0f:2b:a7:9a:48:8e:
                    f4:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:19:5D:AD:1C:31:F1:F6:D2:48:97:65:E4:2E:02:ED:61:D3:F3:6B
            X509v3 Authority Key Identifier:
                keyid:E0:C4:3C:A4:C4:9C:F6:52:D6:0C:CD:F3:66:E6:01:15:0D:0F:00:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:71:3b:67:83:5b:64:7d:bf:5e:f1:71:7a:fa:97:63:c1:ce:
         b5:53:70:7d:9b:34:4a:a5:0a:ed:4d:4b:74:36:bc:7f:a9:b0:
         01:09:75:d2:70:d9:6f:9c:82:3f:d5:c6:64:f3:22:f2:cf:ca:
         aa:fe:46:ee:da:d9:a3:0a:19:8a:2c:6b:56:d8:d4:28:54:44:
         00:94:b9:9b:09:25:24:02:48:bd:b4:40:f1:bf:20:99:bd:74:
         a2:27:19:d8:4e:71:b9:dd:e2:5f:f0:e7:ae:0b:28:85:be:9b:
         0c:96:72:47:b7:b4:07:57:0a:57:2d:ba:b3:d0:6d:29:69:81:
         f6:9a:a2:e4:3e:95:d3:bd:d6:f3:90:58:1b:c3:7a:43:21:3b:
         4e:94:38:30:39:72:4d:f9:ff:7f:c3:65:51:8c:58:27:72:fa:
         39:10:05:ea:5a:6f:cc:b5:15:da:c5:07:02:6e:f8:48:06:d6:
         61:93:a1:30:a5:8e:73:57:32:b8:a2:a8:5e:2b:53:65:a9:98:
         31:ab:d7:43:34:83:96:2b:7c:ee:7f:7b:9e:70:bf:6e:28:99:
         db:64:eb:78:97:e0:01:2e:fc:af:3a:fb:87:37:03:86:4b:75:
         b7:95:23:f4:81:1c:b4:90:72:aa:d6:c7:ef:3c:62:09:d8:92:
         ed:f7:13:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOhitcxLY+XncCpBvfK0wdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYzQzY2E0YzQ5Y2Y2NTJkNjBjY2RmMzY2ZTYwMTE1MGQw
ZjAwYjkwHhcNMjUxMTA0MTEwMDA2WhcNMjUxMTA1MTEwMDA2WjAzMTEwLwYDVQQD
Eyg1MjE5NWRhZDFjMzFmMWY2ZDI0ODk3NjVlNDJlMDJlZDYxZDNmMzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5gv2/ybONngZE3ZnYdMbjI8gx8ZF
07C5nufZo9p4AgRVmXPCXb2VkMUJ5z7CUlKB3PxyMrysGGSpp1m1ZtXMzS0Wm6kH
Yd7n011OCz5SS11nuaVFj6ga+b069o+PBgJVnMCe5jJf+Yw74ITR1g+dy83rztPt
IyVYgmVQibv0x+mHDCGUVVR+xNUcKPl9MDJN1VpH80Kql7a6e4an7a7Ws/lhmPkw
uJd7LsQ5RFTgnlc8BicudPkCwBfxp8gu1/7hV9oeeFCT/2PJpKJe0Qsi9XxCi84o
3h4lV9RnnQpVhy44qYf+V076OLP+wlcGc/uFsZZ+4oxUMC4PK6eaSI702QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFIZXa0cMfH20kiXZeQuAu1h0/NrMB8GA1UdIwQY
MBaAFODEPKTEnPZS1gzN82bmARUNDwC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9lODFmOGYtNmRmZi00OTdmLTgxMjUt
MDVmYTQ5MThjNDEwLzEvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9lODFmOGYtNmRmZi00OTdmLTgxMjUtMDVmYTQ5MThjNDEw
LzEvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARnE7Z4Nb
ZH2/XvFxevqXY8HOtVNwfZs0SqUK7U1LdDa8f6mwAQl10nDZb5yCP9XGZPMi8s/K
qv5G7trZowoZiixrVtjUKFREAJS5mwklJAJIvbRA8b8gmb10oicZ2E5xud3iX/Dn
rgsohb6bDJZyR7e0B1cKVy26s9BtKWmB9pqi5D6V073W85BYG8N6QyE7TpQ4MDly
Tfn/f8NlUYxYJ3L6ORAF6lpvzLUV2sUHAm74SAbWYZOhMKWOc1cyuKKoXitTZamY
MavXQzSDlit87n97nnC/biiZ22TreJfgAS78rzr7hzcDhkt1t5Uj9IEctJByqtbH
7zxiCdiS7fcTEA==
-----END CERTIFICATE-----