Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/993364-d85f-4007-96ec-49ac28142318/1/iXlCagvNkDpVJkksxa97TysO2wQ.mft
File:                     iXlCagvNkDpVJkksxa97TysO2wQ.mft (raw, json)
Hash identifier:          SxqMoyg51tUPTA9QQS2iuzgdIM1Uc/zAqJ6Mc5fnsYc=
Subject key identifier:   55:C0:C3:6F:85:AE:EC:3E:E5:00:53:09:A9:89:D1:51:58:CA:21:B0
Authority key identifier: 89:79:42:6A:0B:CD:90:3A:55:26:49:2C:C5:AF:7B:4F:2B:0E:DB:04
Certificate issuer:       /CN=8979426a0bcd903a5526492cc5af7b4f2b0edb04
Certificate serial:       019A4E18DBEEC803380DBAD543BB1F45F9E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iXlCagvNkDpVJkksxa97TysO2wQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/993364-d85f-4007-96ec-49ac28142318/1/iXlCagvNkDpVJkksxa97TysO2wQ.mft
Manifest number:          068E
Signing time:             Tue 04 Nov 2025 09:00:43 +0000
Manifest this update:     Tue 04 Nov 2025 09:00:43 +0000
Manifest next update:     Wed 05 Nov 2025 09:00:43 +0000
Files and hashes:         1: iXlCagvNkDpVJkksxa97TysO2wQ.crl (hash: i7kxaJiVJZoDi1ycUt1/AUekp7L35y1Tg+IVywx+Q8g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/993364-d85f-4007-96ec-49ac28142318/1/iXlCagvNkDpVJkksxa97TysO2wQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/993364-d85f-4007-96ec-49ac28142318/1/iXlCagvNkDpVJkksxa97TysO2wQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iXlCagvNkDpVJkksxa97TysO2wQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:18:db:ee:c8:03:38:0d:ba:d5:43:bb:1f:45:f9:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8979426a0bcd903a5526492cc5af7b4f2b0edb04
        Validity
            Not Before: Nov  4 09:00:43 2025 GMT
            Not After : Nov  5 09:00:43 2025 GMT
        Subject: CN=55c0c36f85aeec3ee5005309a989d15158ca21b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:b7:02:25:47:09:72:c9:37:92:a2:ef:19:b7:
                    04:48:82:f6:6f:47:00:a3:9c:c7:03:3d:d4:e3:32:
                    73:d1:2a:f4:df:70:c4:ed:21:36:8f:62:bb:2f:4e:
                    e5:42:29:c0:68:5d:f1:af:27:a8:d6:69:6f:e6:d4:
                    46:4c:a8:ac:ea:a4:5a:e5:b0:53:7d:23:8c:3d:b0:
                    47:63:de:b8:b8:75:82:c8:cf:c7:de:8b:17:9c:ae:
                    82:a4:65:3c:e6:6e:38:f0:68:30:4a:8e:4f:a9:52:
                    1e:bf:63:bd:d7:97:45:9e:98:c8:d6:05:0b:1c:2c:
                    47:40:2f:30:34:0b:76:4d:a2:a7:df:e1:d0:ed:8e:
                    2e:0c:4f:cd:13:f0:ed:84:0f:67:67:c8:b2:7c:d0:
                    bf:35:d5:60:86:57:41:6d:9b:91:a3:a7:fd:19:b4:
                    75:48:ce:9a:fd:c5:b9:b2:c9:e1:70:02:e4:93:70:
                    ac:98:de:65:84:9c:73:85:61:60:9d:20:7a:53:b1:
                    cc:9c:e3:ef:85:d9:c4:19:2d:8e:5a:ac:28:3e:61:
                    8e:b3:46:9c:1a:ef:cc:6b:0e:2a:45:9f:3d:ef:8b:
                    a2:e7:14:80:1c:a7:41:42:e2:df:15:9a:23:2a:93:
                    7e:1c:fc:b2:51:41:59:e8:38:b5:58:f6:0f:a8:30:
                    b6:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:C0:C3:6F:85:AE:EC:3E:E5:00:53:09:A9:89:D1:51:58:CA:21:B0
            X509v3 Authority Key Identifier:
                keyid:89:79:42:6A:0B:CD:90:3A:55:26:49:2C:C5:AF:7B:4F:2B:0E:DB:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iXlCagvNkDpVJkksxa97TysO2wQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/993364-d85f-4007-96ec-49ac28142318/1/iXlCagvNkDpVJkksxa97TysO2wQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/993364-d85f-4007-96ec-49ac28142318/1/iXlCagvNkDpVJkksxa97TysO2wQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:5f:70:31:46:7f:1b:0b:ac:46:52:5f:a7:eb:af:cc:66:28:
         7b:cd:a1:19:9b:de:9b:29:bc:04:ae:18:bb:16:01:97:8a:6e:
         13:dc:41:94:72:a0:67:9b:e4:e7:2d:2b:e8:1b:c2:26:83:44:
         04:cb:f5:7f:3e:86:5e:ae:78:5c:f9:5e:bb:e9:f9:77:d6:1d:
         04:9f:9a:b8:d8:ad:05:43:d4:0a:41:f5:18:6d:e2:06:2c:dd:
         24:92:46:04:8f:af:60:9e:96:d8:b4:99:e5:9d:33:d3:6e:50:
         c9:7b:71:59:ac:98:cc:77:3b:a3:28:47:6b:fc:b1:e4:33:06:
         fd:17:50:14:62:c7:a8:8b:ab:25:87:13:94:29:50:9d:52:d1:
         12:5a:75:ed:23:24:7f:f1:7f:95:9a:ab:b7:34:e3:f6:c1:ac:
         b1:56:bd:e9:01:80:04:a5:31:69:b0:4a:4c:77:c0:36:24:67:
         e6:c3:1e:f5:ca:01:3a:b8:6d:1a:ac:2c:fc:e8:01:0c:0b:3f:
         d2:12:e4:eb:a1:47:79:3e:62:44:6e:b7:52:8a:d8:c2:3f:70:
         0c:20:5e:6c:ba:13:b3:9e:94:ab:b5:ab:cc:e8:8c:d4:82:4a:
         07:4c:f6:31:58:9c:2b:64:43:d7:01:39:cf:95:65:b4:7d:a5:
         ce:75:2d:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGNvuyAM4DbrVQ7sfRfnoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5Nzk0MjZhMGJjZDkwM2E1NTI2NDkyY2M1YWY3YjRmMmIw
ZWRiMDQwHhcNMjUxMTA0MDkwMDQzWhcNMjUxMTA1MDkwMDQzWjAzMTEwLwYDVQQD
Eyg1NWMwYzM2Zjg1YWVlYzNlZTUwMDUzMDlhOTg5ZDE1MTU4Y2EyMWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7cCJUcJcsk3kqLvGbcESIL2b0cA
o5zHAz3U4zJz0Sr033DE7SE2j2K7L07lQinAaF3xryeo1mlv5tRGTKis6qRa5bBT
fSOMPbBHY964uHWCyM/H3osXnK6CpGU85m448GgwSo5PqVIev2O915dFnpjI1gUL
HCxHQC8wNAt2TaKn3+HQ7Y4uDE/NE/DthA9nZ8iyfNC/NdVghldBbZuRo6f9GbR1
SM6a/cW5ssnhcALkk3CsmN5lhJxzhWFgnSB6U7HMnOPvhdnEGS2OWqwoPmGOs0ac
Gu/Maw4qRZ8974ui5xSAHKdBQuLfFZojKpN+HPyyUUFZ6Di1WPYPqDC2vwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFXAw2+Fruw+5QBTCamJ0VFYyiGwMB8GA1UdIwQY
MBaAFIl5QmoLzZA6VSZJLMWve08rDtsEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVhsQ2Fndk5rRHBWSmtrc3hhOTdUeXNPMndRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi85OTMzNjQtZDg1Zi00MDA3LTk2ZWMt
NDlhYzI4MTQyMzE4LzEvaVhsQ2Fndk5rRHBWSmtrc3hhOTdUeXNPMndRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi85OTMzNjQtZDg1Zi00MDA3LTk2ZWMtNDlhYzI4MTQyMzE4
LzEvaVhsQ2Fndk5rRHBWSmtrc3hhOTdUeXNPMndRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJF9wMUZ/
GwusRlJfp+uvzGYoe82hGZvemym8BK4YuxYBl4puE9xBlHKgZ5vk5y0r6BvCJoNE
BMv1fz6GXq54XPleu+n5d9YdBJ+auNitBUPUCkH1GG3iBizdJJJGBI+vYJ6W2LSZ
5Z0z025QyXtxWayYzHc7oyhHa/yx5DMG/RdQFGLHqIurJYcTlClQnVLRElp17SMk
f/F/lZqrtzTj9sGssVa96QGABKUxabBKTHfANiRn5sMe9coBOrhtGqws/OgBDAs/
0hLk66FHeT5iRG63UorYwj9wDCBebLoTs56Uq7WrzOiM1IJKB0z2MVicK2RD1wE5
z5VltH2lznUttw==
-----END CERTIFICATE-----