Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft
File:                     sTI2xNBokx4LRMmLKQqPqlVKA7k.mft (raw, json)
Hash identifier:          nLSzGqXHAOCVPiXJwPRkhxanW3l9mvyA/Zn5Oy0wA/I=
Subject key identifier:   F5:86:DA:68:03:E4:38:B9:64:BC:27:57:0F:80:D1:23:C3:DB:9C:6D
Authority key identifier: B1:32:36:C4:D0:68:93:1E:0B:44:C9:8B:29:0A:8F:AA:55:4A:03:B9
Certificate issuer:       /CN=b13236c4d068931e0b44c98b290a8faa554a03b9
Certificate serial:       019A4D743AD5109B86E9AA2A33829C295AF4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sTI2xNBokx4LRMmLKQqPqlVKA7k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft
Manifest number:          04D3
Signing time:             Tue 04 Nov 2025 06:00:51 +0000
Manifest this update:     Tue 04 Nov 2025 06:00:51 +0000
Manifest next update:     Wed 05 Nov 2025 06:00:51 +0000
Files and hashes:         1: sTI2xNBokx4LRMmLKQqPqlVKA7k.crl (hash: MdF5eiUfFCOTvHQEhgGZGtJbGu7ZkIMyOKPFu1NoVBM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sTI2xNBokx4LRMmLKQqPqlVKA7k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 06:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:74:3a:d5:10:9b:86:e9:aa:2a:33:82:9c:29:5a:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b13236c4d068931e0b44c98b290a8faa554a03b9
        Validity
            Not Before: Nov  4 06:00:51 2025 GMT
            Not After : Nov  5 06:00:51 2025 GMT
        Subject: CN=f586da6803e438b964bc27570f80d123c3db9c6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:98:44:10:87:23:f5:97:1e:3f:7e:12:21:8b:
                    46:f7:8f:13:e6:48:d0:a9:46:d2:33:ed:ef:a0:04:
                    82:af:37:b5:35:b2:65:bd:cf:7a:df:70:42:5b:79:
                    50:37:5b:42:ec:63:e2:cb:41:32:c7:67:dc:39:bf:
                    a3:16:f8:3a:9d:d0:83:61:9d:2f:f3:6d:4b:c6:36:
                    f4:bf:8f:e0:b2:a8:de:43:07:18:df:95:85:33:30:
                    59:48:89:95:a1:7f:96:9c:a6:6b:aa:39:d1:98:4c:
                    61:ae:30:83:8a:68:22:bc:81:97:1c:16:74:d8:3f:
                    96:16:50:eb:ca:01:01:30:87:d2:37:83:12:07:30:
                    e8:c1:fa:2a:35:83:6a:4f:4a:c0:94:21:c8:82:23:
                    90:74:b8:97:f4:24:0f:76:68:23:31:45:2d:5d:4c:
                    23:75:72:c8:ef:f7:17:68:48:5d:b1:bf:ca:22:49:
                    91:47:8c:71:ef:43:a8:88:3f:bb:91:c0:77:7c:9a:
                    eb:08:58:98:c4:3f:e9:09:a1:26:f6:fa:0c:be:e6:
                    95:3c:10:eb:28:2f:0f:51:54:4f:c3:5d:a3:29:66:
                    05:fd:8c:92:d7:8e:05:0a:f6:d9:5d:0f:1f:52:84:
                    15:44:00:05:1f:30:83:18:87:6f:dc:0a:d9:8f:ba:
                    b2:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:86:DA:68:03:E4:38:B9:64:BC:27:57:0F:80:D1:23:C3:DB:9C:6D
            X509v3 Authority Key Identifier:
                keyid:B1:32:36:C4:D0:68:93:1E:0B:44:C9:8B:29:0A:8F:AA:55:4A:03:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sTI2xNBokx4LRMmLKQqPqlVKA7k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:b2:fd:ca:47:1b:1f:9e:41:22:83:36:c1:29:b4:1e:90:3c:
         a5:a1:de:3e:d0:b0:fa:db:aa:cd:e5:cc:4f:e9:82:34:0d:73:
         aa:b4:4c:74:9d:98:4f:6b:a1:66:25:1d:0c:bb:7c:e0:ec:68:
         36:f9:59:c7:f3:fd:84:83:76:34:67:f6:2b:68:36:64:c1:7f:
         66:e8:7a:26:07:2b:b9:27:c2:b8:08:6b:e1:fd:1f:09:63:77:
         91:53:66:ac:d7:f6:d6:20:d2:af:64:cc:d7:cf:4c:03:92:19:
         7a:53:bc:0c:29:46:3c:1b:2b:84:d9:96:1f:27:f2:88:db:14:
         65:5f:d5:5d:6d:ba:f1:1d:2d:1a:fa:82:18:94:30:26:c4:d2:
         d2:af:61:18:0f:c9:6d:f6:d4:08:5f:bd:59:3b:ce:e1:5e:8a:
         5a:e9:54:23:5f:3a:3c:ca:35:5e:00:82:a7:94:b7:4e:f6:87:
         22:42:18:48:82:e2:5d:f0:34:5b:76:b4:ca:48:a6:6a:bc:31:
         a9:b3:88:78:3c:27:38:15:90:a1:7c:28:c8:50:5d:79:b1:96:
         8a:9c:0d:f6:38:29:4d:48:40:d4:43:99:ca:7b:7b:e5:28:7d:
         6b:37:5a:a0:d2:0d:4f:d0:2b:1d:0d:aa:70:d6:ad:ab:75:a1:
         dc:ed:21:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNdDrVEJuG6aoqM4KcKVr0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMzIzNmM0ZDA2ODkzMWUwYjQ0Yzk4YjI5MGE4ZmFhNTU0
YTAzYjkwHhcNMjUxMTA0MDYwMDUxWhcNMjUxMTA1MDYwMDUxWjAzMTEwLwYDVQQD
EyhmNTg2ZGE2ODAzZTQzOGI5NjRiYzI3NTcwZjgwZDEyM2MzZGI5YzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzphEEIcj9ZceP34SIYtG948T5kjQ
qUbSM+3voASCrze1NbJlvc9633BCW3lQN1tC7GPiy0Eyx2fcOb+jFvg6ndCDYZ0v
821Lxjb0v4/gsqjeQwcY35WFMzBZSImVoX+WnKZrqjnRmExhrjCDimgivIGXHBZ0
2D+WFlDrygEBMIfSN4MSBzDowfoqNYNqT0rAlCHIgiOQdLiX9CQPdmgjMUUtXUwj
dXLI7/cXaEhdsb/KIkmRR4xx70OoiD+7kcB3fJrrCFiYxD/pCaEm9voMvuaVPBDr
KC8PUVRPw12jKWYF/YyS144FCvbZXQ8fUoQVRAAFHzCDGIdv3ArZj7qy9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPWG2mgD5Di5ZLwnVw+A0SPD25xtMB8GA1UdIwQY
MBaAFLEyNsTQaJMeC0TJiykKj6pVSgO5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1RJMnhOQm9reDRMUk1tTEtRcVBxbFZLQTdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS81NzI5ZmEtNTlkZC00MzQ2LThjMDAt
MmRkMTE5ODRiMzVmLzEvc1RJMnhOQm9reDRMUk1tTEtRcVBxbFZLQTdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS81NzI5ZmEtNTlkZC00MzQ2LThjMDAtMmRkMTE5ODRiMzVm
LzEvc1RJMnhOQm9reDRMUk1tTEtRcVBxbFZLQTdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABLL9ykcb
H55BIoM2wSm0HpA8paHePtCw+tuqzeXMT+mCNA1zqrRMdJ2YT2uhZiUdDLt84Oxo
NvlZx/P9hIN2NGf2K2g2ZMF/Zuh6JgcruSfCuAhr4f0fCWN3kVNmrNf21iDSr2TM
189MA5IZelO8DClGPBsrhNmWHyfyiNsUZV/VXW268R0tGvqCGJQwJsTS0q9hGA/J
bfbUCF+9WTvO4V6KWulUI186PMo1XgCCp5S3TvaHIkIYSILiXfA0W3a0ykimarwx
qbOIeDwnOBWQoXwoyFBdebGWipwN9jgpTUhA1EOZynt75Sh9azdaoNINT9ArHQ2q
cNatq3Wh3O0hdQ==
-----END CERTIFICATE-----