Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.mft
File:                     epHmw2HvM-JQ3YijH32Sfq03Xtk.mft (raw, json)
Hash identifier:          l0l6YrSC2eCxO6QOZZVm7sG1Rw9oof2NeCQujgFaMXE=
Subject key identifier:   53:3C:19:49:B3:D8:18:F1:5D:0A:B2:52:58:B5:01:B3:F0:88:FD:36
Authority key identifier: 7A:91:E6:C3:61:EF:33:E2:50:DD:88:A3:1F:7D:92:7E:AD:37:5E:D9
Certificate issuer:       /CN=7a91e6c361ef33e250dd88a31f7d927ead375ed9
Certificate serial:       019A4EF5C7A3206EE5607131BDBAB5A7E707
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/epHmw2HvM-JQ3YijH32Sfq03Xtk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.mft
Manifest number:          0689
Signing time:             Tue 04 Nov 2025 13:02:01 +0000
Manifest this update:     Tue 04 Nov 2025 13:02:01 +0000
Manifest next update:     Wed 05 Nov 2025 13:02:01 +0000
Files and hashes:         1: epHmw2HvM-JQ3YijH32Sfq03Xtk.crl (hash: S/RZ4D4CECNRmdhCl0JiDdu79qnBGW15l0xPci6R/HA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/epHmw2HvM-JQ3YijH32Sfq03Xtk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:c7:a3:20:6e:e5:60:71:31:bd:ba:b5:a7:e7:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a91e6c361ef33e250dd88a31f7d927ead375ed9
        Validity
            Not Before: Nov  4 13:02:01 2025 GMT
            Not After : Nov  5 13:02:01 2025 GMT
        Subject: CN=533c1949b3d818f15d0ab25258b501b3f088fd36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:18:fa:12:12:7d:0a:4b:5f:2f:3b:64:62:06:
                    7f:72:6e:12:a8:d1:8e:0e:7b:7f:7b:f0:e3:d1:76:
                    5c:98:77:e7:37:9f:9a:79:81:04:29:b9:27:0b:30:
                    49:ab:d2:9e:d3:82:75:ad:b0:e7:fc:47:3e:25:b1:
                    dd:6a:89:84:86:e0:e4:56:2d:d4:f8:51:0b:c9:0d:
                    08:3b:d9:5c:80:c9:53:f1:5e:f8:ab:50:ce:82:a7:
                    f6:89:a2:75:46:13:b9:91:84:5f:0a:82:5a:a1:9d:
                    4e:0a:62:56:15:ae:33:b0:7a:99:d2:33:8a:26:58:
                    be:24:14:c5:f2:fc:8f:cf:19:e5:4d:1f:7c:22:fc:
                    fc:22:e6:d4:61:24:a6:18:fe:4f:6f:06:32:8a:cb:
                    b0:4f:be:45:3d:10:1b:12:28:35:ce:46:81:8f:7b:
                    47:5f:0f:c4:b4:2e:22:d1:63:89:b1:f8:e9:f8:cb:
                    78:b8:d9:73:fd:b6:53:2a:73:d2:0c:c5:4d:fa:d9:
                    ef:5a:f3:ef:82:e5:04:43:1b:10:5c:ee:81:ec:2e:
                    4a:22:dd:01:23:cc:d2:8b:e3:b8:fa:9a:93:12:75:
                    d4:5c:63:75:05:6e:d0:d5:aa:56:31:2e:d6:55:f5:
                    26:7c:57:3d:70:0f:d0:36:f2:a3:98:dc:bb:ac:27:
                    e6:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:3C:19:49:B3:D8:18:F1:5D:0A:B2:52:58:B5:01:B3:F0:88:FD:36
            X509v3 Authority Key Identifier:
                keyid:7A:91:E6:C3:61:EF:33:E2:50:DD:88:A3:1F:7D:92:7E:AD:37:5E:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/epHmw2HvM-JQ3YijH32Sfq03Xtk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         e2:54:b3:99:24:48:75:23:cf:b2:81:48:26:86:73:ab:41:a3:
         8e:b0:10:4a:f7:f8:4b:95:fe:65:fe:29:2b:a3:95:d4:db:75:
         3e:5d:4d:b4:2a:25:b5:a7:68:e0:40:79:da:de:fa:4a:d9:73:
         ac:63:f9:d5:70:c5:59:55:fc:53:b2:01:80:e6:80:f0:23:ca:
         de:46:4c:05:3e:2e:3b:26:61:1a:d6:ff:79:e5:6b:1c:58:76:
         13:63:07:ec:c7:b1:c3:db:83:68:1d:dc:59:33:6a:ed:4c:5b:
         f0:dc:9f:61:cd:22:c3:a1:d6:ee:18:a4:8e:c8:ec:a7:bf:01:
         59:d7:00:5b:79:53:25:f1:96:06:27:49:0f:18:31:10:91:90:
         31:a6:62:0b:83:95:a9:dd:95:9c:7f:29:8c:56:54:d2:5a:45:
         09:93:87:5e:cd:e0:06:75:a3:95:f9:fd:7e:ca:3b:c8:88:68:
         e8:e8:b8:54:2a:1c:e4:bb:b0:9b:e9:58:6c:de:75:31:92:fd:
         7d:09:08:da:01:8e:7a:fd:73:82:c4:b8:ca:61:65:6d:54:2c:
         1d:70:d2:0a:55:5f:97:8b:90:4d:b3:c5:8d:bd:36:7d:76:92:
         e6:0b:88:33:a4:ee:f8:ca:39:b6:e3:c5:6a:45:c3:9c:7b:e8:
         83:ff:ad:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9cejIG7lYHExvbq1p+cHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhOTFlNmMzNjFlZjMzZTI1MGRkODhhMzFmN2Q5MjdlYWQz
NzVlZDkwHhcNMjUxMTA0MTMwMjAxWhcNMjUxMTA1MTMwMjAxWjAzMTEwLwYDVQQD
Eyg1MzNjMTk0OWIzZDgxOGYxNWQwYWIyNTI1OGI1MDFiM2YwODhmZDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRj6EhJ9CktfLztkYgZ/cm4SqNGO
Dnt/e/Dj0XZcmHfnN5+aeYEEKbknCzBJq9Ke04J1rbDn/Ec+JbHdaomEhuDkVi3U
+FELyQ0IO9lcgMlT8V74q1DOgqf2iaJ1RhO5kYRfCoJaoZ1OCmJWFa4zsHqZ0jOK
Jli+JBTF8vyPzxnlTR98Ivz8IubUYSSmGP5PbwYyisuwT75FPRAbEig1zkaBj3tH
Xw/EtC4i0WOJsfjp+Mt4uNlz/bZTKnPSDMVN+tnvWvPvguUEQxsQXO6B7C5KIt0B
I8zSi+O4+pqTEnXUXGN1BW7Q1apWMS7WVfUmfFc9cA/QNvKjmNy7rCfmZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFM8GUmz2BjxXQqyUli1AbPwiP02MB8GA1UdIwQY
MBaAFHqR5sNh7zPiUN2Iox99kn6tN17ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXBIbXcySHZNLUpRM1lpakgzMlNmcTAzWHRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS80ZTNmYzMtMDQ4ZC00YjY2LWE5NTEt
M2UyNTM0NTgzNjExLzEvZXBIbXcySHZNLUpRM1lpakgzMlNmcTAzWHRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS80ZTNmYzMtMDQ4ZC00YjY2LWE5NTEtM2UyNTM0NTgzNjEx
LzEvZXBIbXcySHZNLUpRM1lpakgzMlNmcTAzWHRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA4lSzmSRI
dSPPsoFIJoZzq0GjjrAQSvf4S5X+Zf4pK6OV1Nt1Pl1NtColtado4EB52t76Stlz
rGP51XDFWVX8U7IBgOaA8CPK3kZMBT4uOyZhGtb/eeVrHFh2E2MH7Mexw9uDaB3c
WTNq7Uxb8NyfYc0iw6HW7hikjsjsp78BWdcAW3lTJfGWBidJDxgxEJGQMaZiC4OV
qd2VnH8pjFZU0lpFCZOHXs3gBnWjlfn9fso7yIho6Oi4VCoc5Luwm+lYbN51MZL9
fQkI2gGOev1zgsS4ymFlbVQsHXDSClVfl4uQTbPFjb02fXaS5guIM6Tu+Mo5tuPF
akXDnHvog/+tiA==
-----END CERTIFICATE-----