Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft
File:                     5DWo9PNqSBGpLRlhc-HEmarMd9U.mft (raw, json)
Hash identifier:          QCYUzVdm6QExA4yg0GiJCDO5AP6wMbvTrPudHYczrNg=
Subject key identifier:   28:8E:D1:65:B5:C9:4F:B2:69:3B:75:4A:84:6F:19:59:D1:CC:2B:FC
Authority key identifier: E4:35:A8:F4:F3:6A:48:11:A9:2D:19:61:73:E1:C4:99:AA:CC:77:D5
Certificate issuer:       /CN=e435a8f4f36a4811a92d196173e1c499aacc77d5
Certificate serial:       019A4E4F5AEBC782C5C4F783876E9B38CC38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5DWo9PNqSBGpLRlhc-HEmarMd9U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft
Manifest number:          0DEA
Signing time:             Tue 04 Nov 2025 10:00:14 +0000
Manifest this update:     Tue 04 Nov 2025 10:00:14 +0000
Manifest next update:     Wed 05 Nov 2025 10:00:14 +0000
Files and hashes:         1: 5DWo9PNqSBGpLRlhc-HEmarMd9U.crl (hash: zR5HvzAHwDrCTKzEyoaz5lqb951VDo8VMqK+kCJcQTM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5DWo9PNqSBGpLRlhc-HEmarMd9U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:4f:5a:eb:c7:82:c5:c4:f7:83:87:6e:9b:38:cc:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e435a8f4f36a4811a92d196173e1c499aacc77d5
        Validity
            Not Before: Nov  4 10:00:14 2025 GMT
            Not After : Nov  5 10:00:14 2025 GMT
        Subject: CN=288ed165b5c94fb2693b754a846f1959d1cc2bfc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:05:d5:a4:74:16:14:db:6b:8c:3d:2a:37:bf:
                    0f:66:6d:fc:bc:25:81:7c:96:71:e0:22:d3:51:92:
                    95:78:12:71:13:72:f6:44:fe:14:be:cc:4e:d5:80:
                    b5:19:9e:4f:c2:92:57:6c:46:4b:81:6f:d5:28:9c:
                    cd:19:31:a0:db:a7:fa:94:bb:e5:67:69:d7:52:14:
                    c4:a9:de:86:7e:8d:03:9e:bd:de:33:73:f9:d3:fc:
                    56:e3:02:88:cc:ee:ea:a0:d2:21:1e:a8:67:84:10:
                    47:a2:ac:56:1f:5c:bd:e0:78:4c:61:8e:fb:f2:0e:
                    54:49:9f:66:8a:77:fe:f3:57:4b:37:cb:67:68:9c:
                    93:3c:e6:3e:c5:1a:f2:37:64:3a:af:3f:e8:27:74:
                    3f:4e:24:e5:90:2e:4b:38:08:8f:09:8a:8b:52:7f:
                    a8:a1:38:bb:b1:3b:d6:7d:e8:ec:1e:fe:39:b8:34:
                    df:b3:50:70:f3:66:ac:06:f3:20:c7:bc:fd:f7:0e:
                    63:66:98:91:d0:c1:4d:8e:8f:3c:99:77:a4:8c:99:
                    e9:85:7f:42:c9:c0:07:3c:aa:b2:3a:c8:ec:63:ab:
                    a0:46:bd:8d:e2:3e:60:ce:37:4a:85:26:c4:17:6d:
                    35:7d:15:b5:97:2c:62:ca:40:41:14:31:51:ac:d3:
                    b3:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:8E:D1:65:B5:C9:4F:B2:69:3B:75:4A:84:6F:19:59:D1:CC:2B:FC
            X509v3 Authority Key Identifier:
                keyid:E4:35:A8:F4:F3:6A:48:11:A9:2D:19:61:73:E1:C4:99:AA:CC:77:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5DWo9PNqSBGpLRlhc-HEmarMd9U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:d6:38:4d:68:4e:31:8f:cf:9f:53:4e:3f:b1:03:e2:2b:49:
         74:85:72:f6:5a:8e:c9:24:00:2e:65:6b:28:84:41:06:ac:6d:
         5e:1b:ae:38:fe:43:08:76:66:c9:2c:67:b0:db:3e:3c:a3:03:
         d1:a4:9b:e5:88:3a:5f:cb:67:f7:e0:a0:99:20:8a:00:33:3a:
         ad:de:79:21:0a:a8:cd:7f:10:bb:75:ab:6f:75:44:c1:4a:ac:
         2c:22:86:cc:e5:08:b7:7e:23:21:60:5e:c2:2e:bb:9b:89:5c:
         e2:b6:ab:e5:d2:d0:32:75:de:3f:94:54:f9:a6:6f:6a:1d:05:
         8f:45:a0:c4:09:0c:92:f5:2f:4b:4e:d9:98:71:f3:1b:a1:84:
         93:c4:b4:20:e6:50:97:22:26:57:0b:b2:75:51:08:c7:bd:92:
         1c:30:79:8c:2a:72:6c:35:db:a7:30:e2:21:3c:e3:f5:50:27:
         5b:dd:de:74:3e:3f:de:a2:81:10:c1:9f:be:78:2f:d3:79:11:
         3f:81:31:22:7b:f2:5c:82:d1:ae:0e:d2:92:de:a6:47:df:61:
         ff:1b:82:7c:32:35:57:ab:a0:37:9d:cc:2a:d0:c2:9b:59:36:
         a3:23:7a:dc:40:44:f5:c9:b4:15:ed:b0:3d:f3:c2:3c:37:ac:
         71:0d:3e:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOT1rrx4LFxPeDh26bOMw4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0MzVhOGY0ZjM2YTQ4MTFhOTJkMTk2MTczZTFjNDk5YWFj
Yzc3ZDUwHhcNMjUxMTA0MTAwMDE0WhcNMjUxMTA1MTAwMDE0WjAzMTEwLwYDVQQD
EygyODhlZDE2NWI1Yzk0ZmIyNjkzYjc1NGE4NDZmMTk1OWQxY2MyYmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9QXVpHQWFNtrjD0qN78PZm38vCWB
fJZx4CLTUZKVeBJxE3L2RP4UvsxO1YC1GZ5PwpJXbEZLgW/VKJzNGTGg26f6lLvl
Z2nXUhTEqd6Gfo0Dnr3eM3P50/xW4wKIzO7qoNIhHqhnhBBHoqxWH1y94HhMYY77
8g5USZ9minf+81dLN8tnaJyTPOY+xRryN2Q6rz/oJ3Q/TiTlkC5LOAiPCYqLUn+o
oTi7sTvWfejsHv45uDTfs1Bw82asBvMgx7z99w5jZpiR0MFNjo88mXekjJnphX9C
ycAHPKqyOsjsY6ugRr2N4j5gzjdKhSbEF201fRW1lyxiykBBFDFRrNOzXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCiO0WW1yU+yaTt1SoRvGVnRzCv8MB8GA1UdIwQY
MBaAFOQ1qPTzakgRqS0ZYXPhxJmqzHfVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNURXbzlQTnFTQkdwTFJsaGMtSEVtYXJNZDlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80MmJhNzUtOTJlNi00NzkzLThhZDkt
YjgwZTlmYTQyZGZiLzEvNURXbzlQTnFTQkdwTFJsaGMtSEVtYXJNZDlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80MmJhNzUtOTJlNi00NzkzLThhZDktYjgwZTlmYTQyZGZi
LzEvNURXbzlQTnFTQkdwTFJsaGMtSEVtYXJNZDlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABtY4TWhO
MY/Pn1NOP7ED4itJdIVy9lqOySQALmVrKIRBBqxtXhuuOP5DCHZmySxnsNs+PKMD
0aSb5Yg6X8tn9+CgmSCKADM6rd55IQqozX8Qu3Wrb3VEwUqsLCKGzOUIt34jIWBe
wi67m4lc4rar5dLQMnXeP5RU+aZvah0Fj0WgxAkMkvUvS07ZmHHzG6GEk8S0IOZQ
lyImVwuydVEIx72SHDB5jCpybDXbpzDiITzj9VAnW93edD4/3qKBEMGfvngv03kR
P4ExInvyXILRrg7Skt6mR99h/xuCfDI1V6ugN53MKtDCm1k2oyN63EBE9cm0Fe2w
PfPCPDescQ0+zg==
-----END CERTIFICATE-----