Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/d5383b-10e5-43e9-b320-3234160dbcd4/1/4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.mft
File:                     4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.mft (raw, json)
Hash identifier:          3laWyJhxSldyTAUESSDRHpZdFp5yj3savmuwy/KGnRo=
Subject key identifier:   D6:98:B2:5E:77:19:82:5A:3C:3A:5A:EE:D4:00:94:B8:E7:8D:5D:41
Authority key identifier: E1:F4:3F:3E:61:99:0F:D3:E5:76:7D:EB:E9:8E:51:CC:19:CA:C7:08
Certificate issuer:       /CN=e1f43f3e61990fd3e5767debe98e51cc19cac708
Certificate serial:       019A518773EA67DC71FF8606A88EEABE8F1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/d5383b-10e5-43e9-b320-3234160dbcd4/1/4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.mft
Manifest number:          05C8
Signing time:             Wed 05 Nov 2025 01:00:22 +0000
Manifest this update:     Wed 05 Nov 2025 01:00:22 +0000
Manifest next update:     Thu 06 Nov 2025 01:00:22 +0000
Files and hashes:         1: 4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.crl (hash: lEGcAfDXtO+Ne0ki6O+pJeLmRPcyoyN55sI7xFd3ePo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/d5383b-10e5-43e9-b320-3234160dbcd4/1/4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/d5383b-10e5-43e9-b320-3234160dbcd4/1/4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 22:37:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:51:87:73:ea:67:dc:71:ff:86:06:a8:8e:ea:be:8f:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e1f43f3e61990fd3e5767debe98e51cc19cac708
        Validity
            Not Before: Nov  5 01:00:22 2025 GMT
            Not After : Nov  6 01:00:22 2025 GMT
        Subject: CN=d698b25e7719825a3c3a5aeed40094b8e78d5d41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:84:9b:85:76:f7:75:d2:64:f4:63:d9:0e:f7:
                    53:6c:66:bb:7c:c9:2d:3f:95:8c:25:4c:1d:ce:fc:
                    b3:1b:6c:05:7f:dd:38:38:d3:96:91:2d:ae:09:36:
                    a7:01:b7:7c:d9:02:71:0f:ef:cd:aa:90:43:96:03:
                    01:50:ba:1d:87:44:fb:5a:18:71:bb:28:77:9e:0e:
                    f5:b4:ba:0d:32:15:45:0a:ea:f5:cf:52:79:6c:d0:
                    8c:14:1f:38:c2:f1:a1:ee:e5:6d:94:34:26:ec:10:
                    53:48:8b:c6:83:29:94:bf:64:f0:63:ab:af:3e:82:
                    4a:e4:a0:fe:b4:a1:cf:d6:63:be:c4:0a:62:d4:4e:
                    9f:89:74:65:94:c8:a4:00:9b:05:db:bb:19:07:71:
                    fb:1e:6a:89:fb:e4:a9:24:17:72:42:7f:76:a1:72:
                    5e:01:d7:2e:cf:1b:a5:b8:cb:46:39:3a:d2:4c:c8:
                    87:3e:27:15:5b:b9:3f:fb:43:45:00:cd:34:26:ab:
                    83:94:a5:79:43:ae:41:4b:33:48:4a:f0:00:1c:c8:
                    2a:30:4b:58:42:c5:6a:db:73:63:d5:01:8b:83:17:
                    90:48:da:ae:ed:2a:67:47:10:de:61:b4:e3:3a:e0:
                    c6:60:b0:12:a6:56:88:d2:88:91:98:30:4c:df:5a:
                    4c:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:98:B2:5E:77:19:82:5A:3C:3A:5A:EE:D4:00:94:B8:E7:8D:5D:41
            X509v3 Authority Key Identifier:
                keyid:E1:F4:3F:3E:61:99:0F:D3:E5:76:7D:EB:E9:8E:51:CC:19:CA:C7:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/d5383b-10e5-43e9-b320-3234160dbcd4/1/4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/d5383b-10e5-43e9-b320-3234160dbcd4/1/4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:4e:c5:4f:db:07:82:0a:66:a8:68:57:bd:4e:b8:86:d5:6f:
         65:58:8f:cd:20:8c:e7:07:c3:0e:e7:3a:d4:14:a5:a9:be:0e:
         22:2a:56:ca:89:6c:08:60:f6:f9:fc:9f:f7:d8:e2:54:36:3a:
         d8:9e:59:a3:ab:04:b0:1c:e4:14:04:5a:1c:d0:a6:bc:1e:df:
         1a:20:a3:e7:08:54:0b:f2:d2:37:eb:c7:01:72:32:9c:c1:9d:
         04:ff:8e:ec:fc:9b:b9:d8:9d:da:90:fb:b0:95:96:cd:c0:37:
         e2:db:d5:13:6a:27:c5:9c:97:26:fa:b4:10:38:a4:e0:b8:f8:
         65:c7:94:18:a3:6b:6b:65:00:a6:93:e2:2f:0f:5f:7f:8d:d8:
         29:b1:f1:b1:ea:ff:95:7b:81:e9:9b:e2:79:19:ff:b9:66:79:
         89:a7:3c:f2:c4:f4:63:f5:49:c3:7a:3c:76:63:12:94:3b:66:
         57:3a:22:3a:f7:6c:50:d7:a3:b9:5f:a3:2f:8f:f4:49:b0:23:
         2f:c8:02:46:53:04:d5:4f:17:7b:61:af:0c:c6:39:47:28:c4:
         32:f6:1c:22:12:d9:41:3f:e7:2e:04:2b:02:ad:38:ca:cf:49:
         11:08:d3:ce:ae:f1:ab:c7:63:5c:6c:65:b8:9c:4d:04:4e:83:
         97:da:13:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRh3PqZ9xx/4YGqI7qvo8bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxZjQzZjNlNjE5OTBmZDNlNTc2N2RlYmU5OGU1MWNjMTlj
YWM3MDgwHhcNMjUxMTA1MDEwMDIyWhcNMjUxMTA2MDEwMDIyWjAzMTEwLwYDVQQD
EyhkNjk4YjI1ZTc3MTk4MjVhM2MzYTVhZWVkNDAwOTRiOGU3OGQ1ZDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYSbhXb3ddJk9GPZDvdTbGa7fMkt
P5WMJUwdzvyzG2wFf904ONOWkS2uCTanAbd82QJxD+/NqpBDlgMBULodh0T7Whhx
uyh3ng71tLoNMhVFCur1z1J5bNCMFB84wvGh7uVtlDQm7BBTSIvGgymUv2TwY6uv
PoJK5KD+tKHP1mO+xApi1E6fiXRllMikAJsF27sZB3H7HmqJ++SpJBdyQn92oXJe
AdcuzxuluMtGOTrSTMiHPicVW7k/+0NFAM00JquDlKV5Q65BSzNISvAAHMgqMEtY
QsVq23Nj1QGLgxeQSNqu7SpnRxDeYbTjOuDGYLASplaI0oiRmDBM31pMFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNaYsl53GYJaPDpa7tQAlLjnjV1BMB8GA1UdIwQY
MBaAFOH0Pz5hmQ/T5XZ96+mOUcwZyscIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGZRX1BtR1pEOVBsZG4zcjZZNVJ6Qm5LeHdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9kNTM4M2ItMTBlNS00M2U5LWIzMjAt
MzIzNDE2MGRiY2Q0LzEvNGZRX1BtR1pEOVBsZG4zcjZZNVJ6Qm5LeHdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9kNTM4M2ItMTBlNS00M2U5LWIzMjAtMzIzNDE2MGRiY2Q0
LzEvNGZRX1BtR1pEOVBsZG4zcjZZNVJ6Qm5LeHdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp07FT9sH
ggpmqGhXvU64htVvZViPzSCM5wfDDuc61BSlqb4OIipWyolsCGD2+fyf99jiVDY6
2J5Zo6sEsBzkFARaHNCmvB7fGiCj5whUC/LSN+vHAXIynMGdBP+O7Pybudid2pD7
sJWWzcA34tvVE2onxZyXJvq0EDik4Lj4ZceUGKNra2UAppPiLw9ff43YKbHxser/
lXuB6ZvieRn/uWZ5iac88sT0Y/VJw3o8dmMSlDtmVzoiOvdsUNejuV+jL4/0SbAj
L8gCRlME1U8Xe2GvDMY5RyjEMvYcIhLZQT/nLgQrAq04ys9JEQjTzq7xq8djXGxl
uJxNBE6Dl9oTdg==
-----END CERTIFICATE-----