Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.mft
File:                     WrJabDkrjmejrSH2D9MxHWt_Hlw.mft (raw, json)
Hash identifier:          SZVKol18YogBGJucSCVoRtNG7+QY7Kq/caMUnxiLAbI=
Subject key identifier:   E8:D1:61:38:8E:B4:6F:2D:02:B8:60:9E:A9:46:AC:79:BF:10:1B:2C
Authority key identifier: 5A:B2:5A:6C:39:2B:8E:67:A3:AD:21:F6:0F:D3:31:1D:6B:7F:1E:5C
Certificate issuer:       /CN=5ab25a6c392b8e67a3ad21f60fd3311d6b7f1e5c
Certificate serial:       019A4EF4E53D3BFEE1B0DACD141F207141F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WrJabDkrjmejrSH2D9MxHWt_Hlw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.mft
Manifest number:          0FA8
Signing time:             Tue 04 Nov 2025 13:01:03 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:03 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:03 +0000
Files and hashes:         1: WrJabDkrjmejrSH2D9MxHWt_Hlw.crl (hash: 9N4u/MCQZDxqT/WrhPpz4rWVwYnXrGYA2CbUqWFierg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WrJabDkrjmejrSH2D9MxHWt_Hlw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:e5:3d:3b:fe:e1:b0:da:cd:14:1f:20:71:41:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ab25a6c392b8e67a3ad21f60fd3311d6b7f1e5c
        Validity
            Not Before: Nov  4 13:01:03 2025 GMT
            Not After : Nov  5 13:01:03 2025 GMT
        Subject: CN=e8d161388eb46f2d02b8609ea946ac79bf101b2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:94:c9:01:d3:1a:17:55:d5:c9:73:4d:44:06:
                    04:7d:b3:0e:c6:5e:61:c8:09:66:43:f3:ff:f5:ab:
                    ee:5e:0d:6d:c5:43:64:d1:38:25:5a:40:30:91:ab:
                    4a:69:8f:2b:11:0b:27:fe:9f:cf:97:a8:00:d4:09:
                    ca:5b:62:aa:73:3d:b2:4e:87:9d:20:6f:89:fd:3e:
                    a2:57:a8:11:82:30:2c:a6:3a:d4:fe:bd:9b:e5:df:
                    3d:f3:a2:9b:93:18:5b:1e:29:57:b1:23:c1:93:a7:
                    08:ee:be:0c:85:a7:6d:e4:4c:dd:3d:04:33:c6:88:
                    9f:d1:94:59:f7:6b:3b:d0:f3:2c:11:d7:7d:18:95:
                    13:8b:df:af:45:df:c3:af:2c:bb:38:f5:4a:51:42:
                    39:40:41:ac:b5:93:ce:06:4f:19:12:34:9d:12:dc:
                    2a:b7:21:03:56:0e:75:3f:50:41:de:8c:a4:bf:36:
                    71:c2:93:3f:25:f1:67:73:c6:66:7f:03:51:21:10:
                    a2:c7:12:74:c8:bf:f9:71:57:9f:d7:6d:79:65:40:
                    07:2c:41:78:6c:17:53:4d:ca:12:e5:aa:c7:98:1e:
                    8f:2e:db:0d:68:b0:4c:a9:f7:ab:2b:8d:1c:3b:85:
                    0c:b8:9a:82:76:a3:bf:62:5c:3f:3d:1c:d0:08:8e:
                    6a:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:D1:61:38:8E:B4:6F:2D:02:B8:60:9E:A9:46:AC:79:BF:10:1B:2C
            X509v3 Authority Key Identifier:
                keyid:5A:B2:5A:6C:39:2B:8E:67:A3:AD:21:F6:0F:D3:31:1D:6B:7F:1E:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WrJabDkrjmejrSH2D9MxHWt_Hlw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:ca:99:a7:c6:61:4f:3b:ea:6a:78:0b:83:7a:c9:7c:cb:60:
         a8:52:49:ad:55:0a:9e:b7:81:e6:b1:2e:d1:64:13:af:74:2f:
         9d:ee:c2:a7:9e:77:82:07:9a:3e:08:4b:1b:e9:a2:5f:01:12:
         4c:d5:89:aa:b3:2b:c5:bb:69:53:74:5b:68:54:a5:57:8d:c9:
         12:84:ac:ae:8a:e4:f9:1e:b2:b4:03:b4:6d:74:f6:c7:5f:10:
         ed:e8:e9:d6:92:7f:97:ce:61:c6:fe:66:1b:1c:af:e4:8b:e5:
         00:3d:da:b2:d6:11:82:68:0f:4f:b3:29:a7:58:e6:d1:79:4e:
         dc:f1:f0:8d:d9:71:c4:79:20:a8:62:b8:24:cb:f3:07:7c:71:
         3e:c9:05:ed:d3:d4:1c:82:23:f7:32:0c:77:ee:62:e3:b5:1f:
         8c:c4:c6:7c:9d:1c:64:b1:ba:40:4e:26:29:2e:7e:7a:11:16:
         5b:4b:03:7b:b8:77:52:82:17:7d:90:41:e8:b9:ac:30:24:ae:
         f2:8a:fe:7a:6a:41:c1:99:d5:8f:ad:3a:ad:db:49:04:00:4e:
         cb:05:63:eb:20:f5:02:3c:e0:4b:30:9b:ab:73:78:97:57:1e:
         65:db:cc:55:da:20:27:b7:46:24:3a:44:d3:6d:bb:95:a5:b1:
         b1:42:64:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9OU9O/7hsNrNFB8gcUH2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhYjI1YTZjMzkyYjhlNjdhM2FkMjFmNjBmZDMzMTFkNmI3
ZjFlNWMwHhcNMjUxMTA0MTMwMTAzWhcNMjUxMTA1MTMwMTAzWjAzMTEwLwYDVQQD
EyhlOGQxNjEzODhlYjQ2ZjJkMDJiODYwOWVhOTQ2YWM3OWJmMTAxYjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA45TJAdMaF1XVyXNNRAYEfbMOxl5h
yAlmQ/P/9avuXg1txUNk0TglWkAwkatKaY8rEQsn/p/Pl6gA1AnKW2Kqcz2yToed
IG+J/T6iV6gRgjAspjrU/r2b5d8986KbkxhbHilXsSPBk6cI7r4Mhadt5EzdPQQz
xoif0ZRZ92s70PMsEdd9GJUTi9+vRd/Dryy7OPVKUUI5QEGstZPOBk8ZEjSdEtwq
tyEDVg51P1BB3oykvzZxwpM/JfFnc8ZmfwNRIRCixxJ0yL/5cVef1215ZUAHLEF4
bBdTTcoS5arHmB6PLtsNaLBMqferK40cO4UMuJqCdqO/Ylw/PRzQCI5qqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOjRYTiOtG8tArhgnqlGrHm/EBssMB8GA1UdIwQY
MBaAFFqyWmw5K45no60h9g/TMR1rfx5cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3JKYWJEa3JqbWVqclNIMkQ5TXhIV3RfSGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS84MWY3NmYtZDg3OC00NGExLTgyYzct
MmNjYjVmMGM1ZjZiLzEvV3JKYWJEa3JqbWVqclNIMkQ5TXhIV3RfSGx3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS84MWY3NmYtZDg3OC00NGExLTgyYzctMmNjYjVmMGM1ZjZi
LzEvV3JKYWJEa3JqbWVqclNIMkQ5TXhIV3RfSGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj8qZp8Zh
TzvqangLg3rJfMtgqFJJrVUKnreB5rEu0WQTr3Qvne7Cp553ggeaPghLG+miXwES
TNWJqrMrxbtpU3RbaFSlV43JEoSsrork+R6ytAO0bXT2x18Q7ejp1pJ/l85hxv5m
Gxyv5IvlAD3astYRgmgPT7Mpp1jm0XlO3PHwjdlxxHkgqGK4JMvzB3xxPskF7dPU
HIIj9zIMd+5i47UfjMTGfJ0cZLG6QE4mKS5+ehEWW0sDe7h3UoIXfZBB6LmsMCSu
8or+empBwZnVj606rdtJBABOywVj6yD1AjzgSzCbq3N4l1ceZdvMVdogJ7dGJDpE
0227laWxsUJkxg==
-----END CERTIFICATE-----