Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/bec563-581e-49e4-9cc7-a83a8d533275/1/rSzoJufkLt3WnfrTpZqbmqTigYM.mft
File:                     rSzoJufkLt3WnfrTpZqbmqTigYM.mft (raw, json)
Hash identifier:          IywBgE/2ox09qS8G2aBS+O76P6oGEbaegLttlldv7H4=
Subject key identifier:   66:05:5E:C2:4D:C7:E1:B2:E0:62:84:02:D1:16:AD:F4:7C:6A:55:74
Authority key identifier: AD:2C:E8:26:E7:E4:2E:DD:D6:9D:FA:D3:A5:9A:9B:9A:A4:E2:81:83
Certificate issuer:       /CN=ad2ce826e7e42eddd69dfad3a59a9b9aa4e28183
Certificate serial:       019A5007229AD53536807CF2A4E288B3CD39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rSzoJufkLt3WnfrTpZqbmqTigYM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/bec563-581e-49e4-9cc7-a83a8d533275/1/rSzoJufkLt3WnfrTpZqbmqTigYM.mft
Manifest number:          1609
Signing time:             Tue 04 Nov 2025 18:00:36 +0000
Manifest this update:     Tue 04 Nov 2025 18:00:36 +0000
Manifest next update:     Wed 05 Nov 2025 18:00:36 +0000
Files and hashes:         1: rSzoJufkLt3WnfrTpZqbmqTigYM.crl (hash: eFO5E661+q877oXq9BBpsVWiih2MtXz25YA/3UcEYrc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/bec563-581e-49e4-9cc7-a83a8d533275/1/rSzoJufkLt3WnfrTpZqbmqTigYM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/bec563-581e-49e4-9cc7-a83a8d533275/1/rSzoJufkLt3WnfrTpZqbmqTigYM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rSzoJufkLt3WnfrTpZqbmqTigYM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:07:22:9a:d5:35:36:80:7c:f2:a4:e2:88:b3:cd:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad2ce826e7e42eddd69dfad3a59a9b9aa4e28183
        Validity
            Not Before: Nov  4 18:00:36 2025 GMT
            Not After : Nov  5 18:00:36 2025 GMT
        Subject: CN=66055ec24dc7e1b2e0628402d116adf47c6a5574
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:09:1f:36:ea:20:d0:90:2c:7c:8e:a0:3c:03:
                    5a:7f:c0:41:41:50:6f:7c:b7:19:f6:cb:ea:64:6f:
                    7f:69:5a:ed:75:46:52:a6:27:04:b1:d8:a7:16:0c:
                    0e:77:b0:6f:c5:f5:8e:e3:c1:3a:d9:e4:de:7c:60:
                    07:a3:88:5f:1b:e3:ec:d6:a4:98:4f:4a:51:dd:8c:
                    b1:2a:96:ce:04:00:4f:5c:87:3d:93:24:a0:bf:6f:
                    fe:cd:ff:59:94:aa:36:b8:ea:3c:46:56:ab:93:90:
                    da:8a:0b:cb:34:9a:27:ad:9a:23:88:b1:a4:e3:91:
                    01:28:3f:f9:0e:48:b0:76:48:77:bc:35:12:84:9a:
                    5a:0b:6e:4f:98:5d:dc:67:cc:ab:21:ce:34:43:1f:
                    ad:be:5b:75:c8:7b:34:3d:34:a7:d9:40:36:c8:bd:
                    59:a5:13:01:a5:a3:25:27:bb:30:d5:05:33:dd:e1:
                    b1:65:dd:a8:b8:70:c1:e9:d0:7c:4d:99:b3:b8:cf:
                    be:1b:1e:ca:4e:d3:18:c2:a5:8c:f2:f1:6a:53:bf:
                    27:d1:03:a9:93:f5:fd:28:af:c4:9e:56:84:8c:46:
                    6d:bf:82:44:16:1b:34:2f:60:f0:60:16:5f:cd:87:
                    6c:5f:3f:17:32:e7:1b:3d:18:89:10:fd:aa:44:2b:
                    9a:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:05:5E:C2:4D:C7:E1:B2:E0:62:84:02:D1:16:AD:F4:7C:6A:55:74
            X509v3 Authority Key Identifier:
                keyid:AD:2C:E8:26:E7:E4:2E:DD:D6:9D:FA:D3:A5:9A:9B:9A:A4:E2:81:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rSzoJufkLt3WnfrTpZqbmqTigYM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/bec563-581e-49e4-9cc7-a83a8d533275/1/rSzoJufkLt3WnfrTpZqbmqTigYM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/bec563-581e-49e4-9cc7-a83a8d533275/1/rSzoJufkLt3WnfrTpZqbmqTigYM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:76:9d:6e:18:49:8f:f8:bd:40:25:57:ef:5d:b6:51:db:de:
         4f:68:c1:d5:c8:ab:8e:64:73:14:ef:62:0c:62:67:a3:38:ce:
         67:f8:69:03:4c:df:43:4a:e0:d9:87:6c:a1:0e:ed:c0:ea:fa:
         eb:97:11:ae:2d:1d:6f:a6:6c:9c:cf:ee:a9:0e:b5:05:7c:5f:
         e6:d6:8b:af:1b:07:2b:bf:50:6f:53:1b:e4:c4:06:cf:71:80:
         7f:a3:90:42:0c:b4:8d:48:08:6e:d6:9b:95:19:0f:f6:72:84:
         d9:2c:4f:6c:ad:79:9a:9e:a4:e6:93:82:ab:f4:68:64:ec:b8:
         d3:19:8c:36:d2:ec:ab:a8:62:63:b1:9c:6b:f8:a9:02:01:37:
         22:6a:cf:ac:29:f9:78:1a:d0:b1:75:c1:9e:02:b1:bd:c3:9b:
         f0:75:bd:19:19:df:b8:14:6b:dd:ec:21:5e:f0:f8:e1:5b:c8:
         7a:cc:a4:7c:ba:c7:43:7b:e1:47:97:ee:d7:2e:78:01:3a:4d:
         03:a3:09:36:c0:e8:ae:0c:32:34:c6:e7:4f:d4:2c:9b:2d:b8:
         d3:99:59:df:ae:7b:77:e4:6b:8f:ac:3e:32:7b:ba:6e:f3:9c:
         69:9e:d9:80:1c:56:e1:da:b6:c0:11:11:c8:ff:ee:c3:f3:fa:
         9c:0c:ed:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQByKa1TU2gHzypOKIs805MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMmNlODI2ZTdlNDJlZGRkNjlkZmFkM2E1OWE5YjlhYTRl
MjgxODMwHhcNMjUxMTA0MTgwMDM2WhcNMjUxMTA1MTgwMDM2WjAzMTEwLwYDVQQD
Eyg2NjA1NWVjMjRkYzdlMWIyZTA2Mjg0MDJkMTE2YWRmNDdjNmE1NTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgkfNuog0JAsfI6gPANaf8BBQVBv
fLcZ9svqZG9/aVrtdUZSpicEsdinFgwOd7BvxfWO48E62eTefGAHo4hfG+Ps1qSY
T0pR3YyxKpbOBABPXIc9kySgv2/+zf9ZlKo2uOo8Rlark5DaigvLNJonrZojiLGk
45EBKD/5Dkiwdkh3vDUShJpaC25PmF3cZ8yrIc40Qx+tvlt1yHs0PTSn2UA2yL1Z
pRMBpaMlJ7sw1QUz3eGxZd2ouHDB6dB8TZmzuM++Gx7KTtMYwqWM8vFqU78n0QOp
k/X9KK/EnlaEjEZtv4JEFhs0L2DwYBZfzYdsXz8XMucbPRiJEP2qRCuakQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGYFXsJNx+Gy4GKEAtEWrfR8alV0MB8GA1UdIwQY
MBaAFK0s6Cbn5C7d1p3606Wam5qk4oGDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclN6b0p1ZmtMdDNXbmZyVHBacWJtcVRpZ1lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iZWM1NjMtNTgxZS00OWU0LTljYzct
YTgzYThkNTMzMjc1LzEvclN6b0p1ZmtMdDNXbmZyVHBacWJtcVRpZ1lNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iZWM1NjMtNTgxZS00OWU0LTljYzctYTgzYThkNTMzMjc1
LzEvclN6b0p1ZmtMdDNXbmZyVHBacWJtcVRpZ1lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI3adbhhJ
j/i9QCVX7122UdveT2jB1cirjmRzFO9iDGJnozjOZ/hpA0zfQ0rg2YdsoQ7twOr6
65cRri0db6ZsnM/uqQ61BXxf5taLrxsHK79Qb1Mb5MQGz3GAf6OQQgy0jUgIbtab
lRkP9nKE2SxPbK15mp6k5pOCq/RoZOy40xmMNtLsq6hiY7Gca/ipAgE3ImrPrCn5
eBrQsXXBngKxvcOb8HW9GRnfuBRr3ewhXvD44VvIesykfLrHQ3vhR5fu1y54ATpN
A6MJNsDorgwyNMbnT9Qsmy2405lZ3657d+Rrj6w+Mnu6bvOcaZ7ZgBxW4dq2wBER
yP/uw/P6nAzt1Q==
-----END CERTIFICATE-----