Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft
File:                     EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft (raw, json)
Hash identifier:          Yky7gMUrtFw0xRmAshhddnykPx7nvOtH1zMwsquvA+Y=
Subject key identifier:   B8:36:99:89:28:1F:71:7D:03:7B:39:C3:97:57:3D:A5:98:6D:95:01
Authority key identifier: 10:79:7E:B5:F9:AA:9A:BE:52:00:8C:E7:F2:1A:B4:4A:FD:EE:A0:D0
Certificate issuer:       /CN=10797eb5f9aa9abe52008ce7f21ab44afdeea0d0
Certificate serial:       019A5151285214986A2164EFB4CF452B8799
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft
Manifest number:          170A
Signing time:             Wed 05 Nov 2025 00:01:04 +0000
Manifest this update:     Wed 05 Nov 2025 00:01:04 +0000
Manifest next update:     Thu 06 Nov 2025 00:01:04 +0000
Files and hashes:         1: EHl-tfmqmr5SAIzn8hq0Sv3uoNA.crl (hash: L0lhZe1z9StalzIIaCoLPv/0tlabvHNQyQIGGr1wIqo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 22:37:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:51:51:28:52:14:98:6a:21:64:ef:b4:cf:45:2b:87:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=10797eb5f9aa9abe52008ce7f21ab44afdeea0d0
        Validity
            Not Before: Nov  5 00:01:04 2025 GMT
            Not After : Nov  6 00:01:04 2025 GMT
        Subject: CN=b8369989281f717d037b39c397573da5986d9501
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:18:02:1a:1a:77:24:ed:b4:d6:56:31:38:02:
                    59:9f:78:a7:ba:a8:67:4c:5d:68:c3:71:68:51:c7:
                    97:04:f9:a0:00:37:fc:85:53:c3:42:09:08:cb:ee:
                    71:e3:09:fe:89:d9:7e:ea:0f:f8:9f:07:dd:46:92:
                    36:17:ba:37:e6:e5:aa:77:c6:89:2a:9a:d2:c3:2a:
                    50:cc:a1:27:9e:1b:47:07:ce:b3:0d:e8:cc:fd:37:
                    91:ca:21:75:26:8f:4f:4b:3a:ba:3d:35:b2:4a:96:
                    3e:6f:6d:e8:88:5a:54:c5:26:37:bb:23:16:97:d0:
                    ab:c8:45:9b:fd:62:0a:f8:73:7f:46:d7:cf:68:69:
                    01:f2:5b:68:4c:96:6c:88:41:c2:7e:b7:70:20:78:
                    9d:af:86:cc:f5:1a:bf:96:58:9c:78:5f:f9:4e:38:
                    22:4d:81:c9:da:38:51:b4:11:33:3d:b3:f2:ef:5c:
                    e6:96:5d:ba:f9:10:02:97:40:57:e2:64:1c:78:82:
                    92:84:00:6f:40:1b:14:eb:bf:0a:b3:75:7d:db:4e:
                    a3:51:33:bf:74:e1:1a:d1:a5:d7:37:46:6f:68:cc:
                    6b:0c:6d:19:e8:b0:25:eb:ad:77:f5:e1:11:f6:87:
                    d5:4b:6c:67:8f:c1:3f:90:a6:c9:6d:33:13:d8:08:
                    6b:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:36:99:89:28:1F:71:7D:03:7B:39:C3:97:57:3D:A5:98:6D:95:01
            X509v3 Authority Key Identifier:
                keyid:10:79:7E:B5:F9:AA:9A:BE:52:00:8C:E7:F2:1A:B4:4A:FD:EE:A0:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:fb:40:06:fc:55:6b:62:e7:3c:6a:8f:2e:07:c9:40:ca:5e:
         96:e2:23:18:62:48:28:5a:f3:3b:f4:bf:83:a3:2e:1a:2b:b7:
         c8:b4:b1:72:28:4e:70:8b:a7:20:f7:0a:c2:32:fe:fa:f9:7f:
         32:b2:03:9d:d3:e7:d8:7d:c0:4c:f2:97:6c:4f:0a:73:3e:98:
         2a:64:7d:36:e4:63:45:75:f3:7a:93:af:f2:b5:f6:87:e4:17:
         5d:cb:f9:46:e7:cb:2f:5e:e3:63:63:0c:27:5e:ab:f9:6a:fe:
         63:d2:da:7d:ed:6f:3d:d4:21:4b:04:42:7e:c0:79:21:db:0a:
         fd:e3:3e:66:28:1f:75:e7:1b:52:cb:b7:6d:1e:8e:b3:f0:59:
         b0:a1:c6:a9:25:62:80:30:2a:1f:1e:60:53:ea:7a:65:65:e1:
         ce:56:5b:82:4c:31:cf:a0:05:af:3f:eb:81:a6:ec:02:6e:86:
         9d:04:ff:c8:cb:d6:7d:8a:6b:f4:91:2e:cb:d3:a7:41:74:67:
         66:c0:34:66:d8:c1:f0:08:f4:83:c7:03:1a:38:c3:62:09:6b:
         01:84:de:78:0d:1b:e6:00:06:82:c9:71:23:f3:b9:e3:72:48:
         57:47:e6:c2:7e:85:fb:8e:6b:83:69:bf:db:08:bb:cd:e6:80:
         46:29:be:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRUShSFJhqIWTvtM9FK4eZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNzk3ZWI1ZjlhYTlhYmU1MjAwOGNlN2YyMWFiNDRhZmRl
ZWEwZDAwHhcNMjUxMTA1MDAwMTA0WhcNMjUxMTA2MDAwMTA0WjAzMTEwLwYDVQQD
EyhiODM2OTk4OTI4MWY3MTdkMDM3YjM5YzM5NzU3M2RhNTk4NmQ5NTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBgCGhp3JO201lYxOAJZn3inuqhn
TF1ow3FoUceXBPmgADf8hVPDQgkIy+5x4wn+idl+6g/4nwfdRpI2F7o35uWqd8aJ
KprSwypQzKEnnhtHB86zDejM/TeRyiF1Jo9PSzq6PTWySpY+b23oiFpUxSY3uyMW
l9CryEWb/WIK+HN/RtfPaGkB8ltoTJZsiEHCfrdwIHidr4bM9Rq/lliceF/5Tjgi
TYHJ2jhRtBEzPbPy71zmll26+RACl0BX4mQceIKShABvQBsU678Ks3V9206jUTO/
dOEa0aXXN0ZvaMxrDG0Z6LAl66139eER9ofVS2xnj8E/kKbJbTMT2AhrwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLg2mYkoH3F9A3s5w5dXPaWYbZUBMB8GA1UdIwQY
MBaAFBB5frX5qpq+UgCM5/IatEr97qDQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUhsLXRmbXFtcjVTQUl6bjhocTBTdjN1b05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9mNWM4YTMtZTVjYS00MWFlLWFmOGEt
OGRiNzA4MzQ3NDM4LzEvRUhsLXRmbXFtcjVTQUl6bjhocTBTdjN1b05BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9mNWM4YTMtZTVjYS00MWFlLWFmOGEtOGRiNzA4MzQ3NDM4
LzEvRUhsLXRmbXFtcjVTQUl6bjhocTBTdjN1b05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApvtABvxV
a2LnPGqPLgfJQMpeluIjGGJIKFrzO/S/g6MuGiu3yLSxcihOcIunIPcKwjL++vl/
MrIDndPn2H3ATPKXbE8Kcz6YKmR9NuRjRXXzepOv8rX2h+QXXcv5RufLL17jY2MM
J16r+Wr+Y9Lafe1vPdQhSwRCfsB5IdsK/eM+ZigfdecbUsu3bR6Os/BZsKHGqSVi
gDAqHx5gU+p6ZWXhzlZbgkwxz6AFrz/rgabsAm6GnQT/yMvWfYpr9JEuy9OnQXRn
ZsA0ZtjB8Aj0g8cDGjjDYglrAYTeeA0b5gAGgslxI/O543JIV0fmwn6F+45rg2m/
2wi7zeaARim++w==
-----END CERTIFICATE-----