Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/3ec64b-d3a1-4331-9252-d4f83380a9c5/1/v-5TEVVgcUYwTcZd1Xb77p8Nbk4.mft
File:                     v-5TEVVgcUYwTcZd1Xb77p8Nbk4.mft (raw, json)
Hash identifier:          J0buxFH03eo/W7/HZU6rLwXpBaUITzsi78Wqr92n0RM=
Subject key identifier:   44:4F:EB:D3:CE:43:F8:2E:2C:FD:96:2F:C5:E0:34:80:6D:D5:C1:44
Authority key identifier: BF:EE:53:11:55:60:71:46:30:4D:C6:5D:D5:76:FB:EE:9F:0D:6E:4E
Certificate issuer:       /CN=bfee531155607146304dc65dd576fbee9f0d6e4e
Certificate serial:       019A4F2B29FF684572CE273657BB1360A030
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v-5TEVVgcUYwTcZd1Xb77p8Nbk4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/3ec64b-d3a1-4331-9252-d4f83380a9c5/1/v-5TEVVgcUYwTcZd1Xb77p8Nbk4.mft
Manifest number:          052F
Signing time:             Tue 04 Nov 2025 14:00:20 +0000
Manifest this update:     Tue 04 Nov 2025 14:00:20 +0000
Manifest next update:     Wed 05 Nov 2025 14:00:20 +0000
Files and hashes:         1: v-5TEVVgcUYwTcZd1Xb77p8Nbk4.crl (hash: 0RTt9kdoHykB2nIzyda6dSIjAEErgYmdc5Du1lozJh0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/3ec64b-d3a1-4331-9252-d4f83380a9c5/1/v-5TEVVgcUYwTcZd1Xb77p8Nbk4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/3ec64b-d3a1-4331-9252-d4f83380a9c5/1/v-5TEVVgcUYwTcZd1Xb77p8Nbk4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/v-5TEVVgcUYwTcZd1Xb77p8Nbk4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 14:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:2b:29:ff:68:45:72:ce:27:36:57:bb:13:60:a0:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfee531155607146304dc65dd576fbee9f0d6e4e
        Validity
            Not Before: Nov  4 14:00:20 2025 GMT
            Not After : Nov  5 14:00:20 2025 GMT
        Subject: CN=444febd3ce43f82e2cfd962fc5e034806dd5c144
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:6d:bb:1c:4e:93:a1:38:ea:73:f6:07:fb:7c:
                    f2:d1:71:f0:78:3b:a4:97:96:f8:0d:a0:b7:31:c2:
                    53:89:29:5f:41:1c:5b:cc:43:14:6a:4d:bb:b0:15:
                    19:50:af:2c:5f:8f:1c:f5:67:37:ac:66:46:2a:a1:
                    cc:41:7f:5b:b5:f7:a0:98:d4:b5:6e:bf:fd:95:ba:
                    d0:d1:e7:a4:8e:76:14:5a:c3:67:9a:3e:c8:fb:cc:
                    be:51:4a:b1:4a:ad:be:0d:49:a5:cc:82:8b:51:63:
                    4e:8d:be:73:7a:0e:99:a8:fa:f3:f2:af:5a:23:77:
                    c3:47:ff:5f:ad:cf:d0:ee:d3:6b:9a:a0:f5:70:2a:
                    78:16:72:fa:bb:a9:a0:9e:c9:c7:df:ea:96:17:9f:
                    15:56:a3:00:45:3d:99:ee:8f:95:71:4c:f4:79:fe:
                    b7:12:b4:f6:00:5e:5d:7a:48:20:7f:1f:f1:a4:35:
                    6f:3a:de:67:4a:bf:18:73:e8:a2:90:c8:93:b3:38:
                    dc:b8:d3:05:d7:c6:58:c2:84:03:ec:1d:17:d0:4a:
                    9f:3c:f5:c0:e6:0c:0e:5f:6b:19:b8:ad:ba:7e:02:
                    d2:ce:79:d4:66:ca:ef:30:09:e0:15:bf:bb:b1:d2:
                    e0:d7:e6:d2:be:e7:58:46:52:9b:00:e8:11:38:f4:
                    d2:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:4F:EB:D3:CE:43:F8:2E:2C:FD:96:2F:C5:E0:34:80:6D:D5:C1:44
            X509v3 Authority Key Identifier:
                keyid:BF:EE:53:11:55:60:71:46:30:4D:C6:5D:D5:76:FB:EE:9F:0D:6E:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v-5TEVVgcUYwTcZd1Xb77p8Nbk4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3ec64b-d3a1-4331-9252-d4f83380a9c5/1/v-5TEVVgcUYwTcZd1Xb77p8Nbk4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3ec64b-d3a1-4331-9252-d4f83380a9c5/1/v-5TEVVgcUYwTcZd1Xb77p8Nbk4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:15:ad:12:af:a5:b1:14:e7:09:eb:1d:39:e4:ac:60:86:12:
         92:9e:52:bc:15:96:82:a9:43:59:e0:2a:af:7f:4a:5c:93:b9:
         fd:2b:45:77:ed:b6:1e:4d:e0:1b:57:c8:57:ef:47:9b:7c:9d:
         c2:04:51:13:28:06:eb:6b:17:85:45:27:4f:d9:06:d9:16:f6:
         22:eb:93:d4:5c:dc:cf:72:bd:f9:51:3f:28:5f:e5:50:10:67:
         a7:43:73:6c:3e:c4:48:9f:27:0e:93:75:d8:20:de:51:33:35:
         9f:6f:8c:b3:ea:81:6a:7f:8d:8c:22:29:2a:52:b0:45:a0:d5:
         58:c1:de:6d:a8:5d:94:52:c6:00:09:53:92:0a:d4:90:57:b9:
         59:eb:29:fb:51:c9:84:8c:cc:76:18:0f:48:d8:03:80:a8:7b:
         9d:ca:ad:9b:60:4c:24:cb:db:6c:a3:84:64:63:63:28:16:04:
         2a:55:a7:29:5f:98:4a:7c:1b:c6:cd:c9:8c:c0:ab:15:1d:d6:
         70:79:d2:94:99:f5:0b:85:4a:d6:81:fb:92:70:e4:36:0e:00:
         39:d9:fe:f4:0e:88:5c:76:fd:ee:18:06:13:9e:1d:1f:b1:a0:
         da:16:4d:01:96:35:fb:5e:f5:2e:60:03:71:61:6f:9c:3d:d9:
         80:8c:f4:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPKyn/aEVyzic2V7sTYKAwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZWU1MzExNTU2MDcxNDYzMDRkYzY1ZGQ1NzZmYmVlOWYw
ZDZlNGUwHhcNMjUxMTA0MTQwMDIwWhcNMjUxMTA1MTQwMDIwWjAzMTEwLwYDVQQD
Eyg0NDRmZWJkM2NlNDNmODJlMmNmZDk2MmZjNWUwMzQ4MDZkZDVjMTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApm27HE6ToTjqc/YH+3zy0XHweDuk
l5b4DaC3McJTiSlfQRxbzEMUak27sBUZUK8sX48c9Wc3rGZGKqHMQX9btfegmNS1
br/9lbrQ0eekjnYUWsNnmj7I+8y+UUqxSq2+DUmlzIKLUWNOjb5zeg6ZqPrz8q9a
I3fDR/9frc/Q7tNrmqD1cCp4FnL6u6mgnsnH3+qWF58VVqMART2Z7o+VcUz0ef63
ErT2AF5dekggfx/xpDVvOt5nSr8Yc+iikMiTszjcuNMF18ZYwoQD7B0X0EqfPPXA
5gwOX2sZuK26fgLSznnUZsrvMAngFb+7sdLg1+bSvudYRlKbAOgROPTSJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFERP69POQ/guLP2WL8XgNIBt1cFEMB8GA1UdIwQY
MBaAFL/uUxFVYHFGME3GXdV2++6fDW5OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdi01VEVWVmdjVVl3VGNaZDFYYjc3cDhOYms0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zZWM2NGItZDNhMS00MzMxLTkyNTIt
ZDRmODMzODBhOWM1LzEvdi01VEVWVmdjVVl3VGNaZDFYYjc3cDhOYms0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8zZWM2NGItZDNhMS00MzMxLTkyNTItZDRmODMzODBhOWM1
LzEvdi01VEVWVmdjVVl3VGNaZDFYYjc3cDhOYms0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmxWtEq+l
sRTnCesdOeSsYIYSkp5SvBWWgqlDWeAqr39KXJO5/StFd+22Hk3gG1fIV+9Hm3yd
wgRREygG62sXhUUnT9kG2Rb2IuuT1Fzcz3K9+VE/KF/lUBBnp0NzbD7ESJ8nDpN1
2CDeUTM1n2+Ms+qBan+NjCIpKlKwRaDVWMHebahdlFLGAAlTkgrUkFe5Wesp+1HJ
hIzMdhgPSNgDgKh7ncqtm2BMJMvbbKOEZGNjKBYEKlWnKV+YSnwbxs3JjMCrFR3W
cHnSlJn1C4VK1oH7knDkNg4AOdn+9A6IXHb97hgGE54dH7Gg2hZNAZY1+171LmAD
cWFvnD3ZgIz0pA==
-----END CERTIFICATE-----