Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
File:                     WnMRox5rU6F10ZE1sryZOh-5hLE.mft (raw, json)
Hash identifier:          q61cdlUHRohmEFcQ56I5AfOPeMRhtuytQs6YXs3lmjg=
Subject key identifier:   9A:95:C8:C5:44:EE:0B:7E:B9:1E:58:18:E4:F0:9F:A8:73:5E:79:33
Authority key identifier: 5A:73:11:A3:1E:6B:53:A1:75:D1:91:35:B2:BC:99:3A:1F:B9:84:B1
Certificate issuer:       /CN=5a7311a31e6b53a175d19135b2bc993a1fb984b1
Certificate serial:       019A4E4FCE94AE3E37EF3E31CECD25BC1972
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
Manifest number:          1532
Signing time:             Tue 04 Nov 2025 10:00:44 +0000
Manifest this update:     Tue 04 Nov 2025 10:00:44 +0000
Manifest next update:     Wed 05 Nov 2025 10:00:44 +0000
Files and hashes:         1: WnMRox5rU6F10ZE1sryZOh-5hLE.crl (hash: AKR5y+QmtE6ItXCiCDkVPyzKPqO3SILK3tbYNMT2slw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:4f:ce:94:ae:3e:37:ef:3e:31:ce:cd:25:bc:19:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5a7311a31e6b53a175d19135b2bc993a1fb984b1
        Validity
            Not Before: Nov  4 10:00:44 2025 GMT
            Not After : Nov  5 10:00:44 2025 GMT
        Subject: CN=9a95c8c544ee0b7eb91e5818e4f09fa8735e7933
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:28:91:d2:64:53:33:9f:f2:f8:55:ab:64:49:
                    b6:48:f9:00:65:70:93:06:6d:30:7b:de:45:31:52:
                    5d:1f:ac:2f:35:47:94:83:1b:9f:7c:17:55:81:41:
                    e4:ac:0c:e5:5e:9f:56:61:2b:fa:b6:72:1a:ec:72:
                    2a:2c:13:4a:05:c1:30:48:6d:a4:53:32:d4:af:59:
                    cd:eb:dc:16:99:00:92:b0:06:67:ef:26:81:be:64:
                    13:13:da:2a:26:bf:c9:ee:ea:3b:d4:f0:0e:c0:00:
                    71:58:0b:63:38:a3:12:30:a7:a5:0a:93:cf:38:72:
                    f6:59:a5:08:cd:59:2a:7e:86:2d:d2:00:09:ff:d7:
                    64:5d:eb:f3:bc:15:4b:1a:97:f5:78:f4:09:9f:93:
                    7d:a6:c5:d0:42:5e:54:58:f3:aa:9b:ba:8c:48:01:
                    7f:fe:8f:aa:da:d5:64:fd:14:6e:e8:06:b8:2b:eb:
                    4f:db:c7:71:36:12:30:21:e9:59:51:b9:23:aa:54:
                    c1:11:44:fc:52:83:0e:0b:14:b5:47:26:00:44:e8:
                    d1:08:f7:34:e6:60:8a:8e:ce:4f:75:ac:47:f5:f3:
                    c2:e5:07:56:96:ba:0a:75:cf:71:e0:19:7b:67:32:
                    cb:66:7c:4c:60:1d:71:02:22:ea:a9:60:46:92:6f:
                    db:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:95:C8:C5:44:EE:0B:7E:B9:1E:58:18:E4:F0:9F:A8:73:5E:79:33
            X509v3 Authority Key Identifier:
                keyid:5A:73:11:A3:1E:6B:53:A1:75:D1:91:35:B2:BC:99:3A:1F:B9:84:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:99:60:6c:bc:c7:e4:40:35:6e:a8:9e:ce:8c:14:c0:34:69:
         e5:bc:64:89:0d:5e:51:9a:57:cf:bb:42:cf:61:d0:53:3a:78:
         e7:2c:6d:63:ed:1f:94:ee:8b:72:7e:f7:34:3e:d5:87:79:fa:
         47:0c:5c:27:8a:74:07:c3:41:d2:e6:a6:90:94:37:c6:5d:e8:
         8b:ac:e9:0e:f8:41:b8:17:fe:20:6a:52:81:65:48:d9:63:e7:
         1c:3d:d8:57:06:0a:26:57:df:95:59:80:92:ca:ee:26:8a:55:
         6d:d8:de:99:b1:e1:8b:ff:f5:e4:b7:7b:bd:cb:2b:66:6b:bf:
         2d:9c:01:9e:c2:43:cd:8c:3a:68:67:d8:1d:03:ea:67:aa:ab:
         65:1b:09:01:07:bc:96:e0:6d:9f:4c:d2:96:b7:5f:7b:85:0f:
         91:d7:09:49:09:50:a2:02:3b:ad:ef:c8:0f:8c:43:4a:a5:0c:
         0f:bf:83:aa:28:3f:e1:3a:54:15:0d:c9:40:6d:c2:22:1d:09:
         2c:78:63:ab:d0:55:2a:f5:27:6d:71:cf:6d:2f:62:a8:cc:56:
         2b:ed:1b:e7:91:9c:8f:71:4b:46:96:4e:4b:af:57:52:43:03:
         cf:fb:9d:a3:e9:34:b0:52:cd:d2:9c:77:85:08:16:11:3e:e4:
         df:6e:5a:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOT86Urj437z4xzs0lvBlyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNzMxMWEzMWU2YjUzYTE3NWQxOTEzNWIyYmM5OTNhMWZi
OTg0YjEwHhcNMjUxMTA0MTAwMDQ0WhcNMjUxMTA1MTAwMDQ0WjAzMTEwLwYDVQQD
Eyg5YTk1YzhjNTQ0ZWUwYjdlYjkxZTU4MThlNGYwOWZhODczNWU3OTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCiR0mRTM5/y+FWrZEm2SPkAZXCT
Bm0we95FMVJdH6wvNUeUgxuffBdVgUHkrAzlXp9WYSv6tnIa7HIqLBNKBcEwSG2k
UzLUr1nN69wWmQCSsAZn7yaBvmQTE9oqJr/J7uo71PAOwABxWAtjOKMSMKelCpPP
OHL2WaUIzVkqfoYt0gAJ/9dkXevzvBVLGpf1ePQJn5N9psXQQl5UWPOqm7qMSAF/
/o+q2tVk/RRu6Aa4K+tP28dxNhIwIelZUbkjqlTBEUT8UoMOCxS1RyYAROjRCPc0
5mCKjs5PdaxH9fPC5QdWlroKdc9x4Bl7ZzLLZnxMYB1xAiLqqWBGkm/bTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJqVyMVE7gt+uR5YGOTwn6hzXnkzMB8GA1UdIwQY
MBaAFFpzEaMea1OhddGRNbK8mTofuYSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9lNjc3ODEtMTcxZC00MGQ3LTkwMzct
MWJhYTgzYzhhMDM2LzEvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9lNjc3ODEtMTcxZC00MGQ3LTkwMzctMWJhYTgzYzhhMDM2
LzEvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk5lgbLzH
5EA1bqiezowUwDRp5bxkiQ1eUZpXz7tCz2HQUzp45yxtY+0flO6Lcn73ND7Vh3n6
RwxcJ4p0B8NB0uamkJQ3xl3oi6zpDvhBuBf+IGpSgWVI2WPnHD3YVwYKJlfflVmA
ksruJopVbdjembHhi//15Ld7vcsrZmu/LZwBnsJDzYw6aGfYHQPqZ6qrZRsJAQe8
luBtn0zSlrdfe4UPkdcJSQlQogI7re/ID4xDSqUMD7+Dqig/4TpUFQ3JQG3CIh0J
LHhjq9BVKvUnbXHPbS9iqMxWK+0b55Gcj3FLRpZOS69XUkMDz/udo+k0sFLN0px3
hQgWET7k325aIQ==
-----END CERTIFICATE-----