Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c487-f8fb-4035-9e28-4468d12f322b/1/T5mJlOtWGejymrO956sq0U6r_P0.mft
File:                     T5mJlOtWGejymrO956sq0U6r_P0.mft (raw, json)
Hash identifier:          /ybuDI+t2qLw/MHVHDb/+HFMtFCKDy0nT9ewjwE/K5g=
Subject key identifier:   C1:AA:AC:06:07:56:AB:84:D9:F6:73:5D:F7:3E:61:A4:A2:09:A7:4F
Authority key identifier: 4F:99:89:94:EB:56:19:E8:F2:9A:B3:BD:E7:AB:2A:D1:4E:AB:FC:FD
Certificate issuer:       /CN=4f998994eb5619e8f29ab3bde7ab2ad14eabfcfd
Certificate serial:       019A503E136919801297D525E21F635E0808
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T5mJlOtWGejymrO956sq0U6r_P0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/53c487-f8fb-4035-9e28-4468d12f322b/1/T5mJlOtWGejymrO956sq0U6r_P0.mft
Manifest number:          1709
Signing time:             Tue 04 Nov 2025 19:00:36 +0000
Manifest this update:     Tue 04 Nov 2025 19:00:36 +0000
Manifest next update:     Wed 05 Nov 2025 19:00:36 +0000
Files and hashes:         1: T5mJlOtWGejymrO956sq0U6r_P0.crl (hash: OAxXsnQK2NDAkxQvySSosLHvipzJyJeeIYcuq+s+Hcc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e0/53c487-f8fb-4035-9e28-4468d12f322b/1/T5mJlOtWGejymrO956sq0U6r_P0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e0/53c487-f8fb-4035-9e28-4468d12f322b/1/T5mJlOtWGejymrO956sq0U6r_P0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/T5mJlOtWGejymrO956sq0U6r_P0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:3e:13:69:19:80:12:97:d5:25:e2:1f:63:5e:08:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f998994eb5619e8f29ab3bde7ab2ad14eabfcfd
        Validity
            Not Before: Nov  4 19:00:36 2025 GMT
            Not After : Nov  5 19:00:36 2025 GMT
        Subject: CN=c1aaac060756ab84d9f6735df73e61a4a209a74f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:9a:fc:8e:c3:90:05:fe:82:19:dc:81:07:fa:
                    e8:92:f1:84:1e:74:df:8c:fd:2f:fe:be:f0:35:5f:
                    a7:03:57:62:51:c1:61:76:1e:d9:fd:b4:70:82:b3:
                    80:04:e4:7c:d7:67:70:24:ee:04:60:66:6e:0e:fd:
                    76:fe:3c:04:0c:13:11:19:f5:5f:f0:a2:37:ac:6a:
                    5f:a5:50:b3:5c:00:f0:eb:ef:21:f3:9c:16:6b:a7:
                    67:0b:54:8f:e4:32:80:cc:4d:70:77:51:e5:7c:f8:
                    00:fd:ce:18:57:b9:a6:17:02:5c:83:b0:78:eb:69:
                    59:0e:05:0f:68:31:f0:f9:86:ec:3f:9b:2b:44:1e:
                    70:dc:1f:70:55:bb:00:20:52:99:db:97:da:a8:1f:
                    5c:25:37:14:a0:7b:59:1b:a6:bc:36:03:7d:d7:fc:
                    2e:6b:b3:98:1f:ff:ca:43:54:49:f4:47:d5:19:80:
                    af:38:32:a0:82:96:7b:0c:7b:c6:c1:fc:91:ef:a3:
                    3c:34:ba:cc:5a:0f:09:58:f5:2b:45:0e:20:9b:9f:
                    33:93:94:82:cd:88:b3:e8:28:ac:00:e0:c1:1b:88:
                    10:c7:f9:87:9e:0a:f1:16:51:ff:be:6c:03:ff:a3:
                    b6:11:11:6c:77:c5:62:55:e6:0d:01:44:6f:c8:7e:
                    48:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:AA:AC:06:07:56:AB:84:D9:F6:73:5D:F7:3E:61:A4:A2:09:A7:4F
            X509v3 Authority Key Identifier:
                keyid:4F:99:89:94:EB:56:19:E8:F2:9A:B3:BD:E7:AB:2A:D1:4E:AB:FC:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5mJlOtWGejymrO956sq0U6r_P0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c487-f8fb-4035-9e28-4468d12f322b/1/T5mJlOtWGejymrO956sq0U6r_P0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c487-f8fb-4035-9e28-4468d12f322b/1/T5mJlOtWGejymrO956sq0U6r_P0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:46:3b:cd:50:b4:1d:23:36:70:45:90:63:50:59:56:7f:4f:
         e8:84:7b:90:bd:15:e9:f0:79:89:c8:fc:a0:2c:d3:a0:94:30:
         9c:d6:93:a9:06:67:c0:34:17:bd:d2:3a:54:30:41:bb:85:8b:
         44:4b:e5:c1:0d:39:fa:05:e7:94:b7:60:f9:03:f9:c5:bf:75:
         fa:5a:f7:01:d0:91:d5:ae:07:ef:f2:44:4f:8e:86:e7:20:ae:
         d0:8c:2e:48:58:36:a8:d2:e8:31:6d:88:27:bc:99:20:97:6a:
         79:59:54:e9:90:bd:ee:bd:da:89:d2:eb:de:19:92:f1:d0:d7:
         19:e5:f1:68:6e:98:95:a6:23:c7:d0:1c:eb:6a:13:5f:6a:09:
         9b:e6:06:d3:4f:02:a4:39:0e:f4:bb:de:c7:c2:cc:ba:16:07:
         5b:e8:4f:b6:28:5a:95:40:17:a7:b8:dd:cb:e8:ca:d9:34:0e:
         10:e2:50:27:38:8d:fe:0d:02:48:62:eb:10:48:88:70:0c:e9:
         e3:af:a9:c3:1b:cf:c5:3e:f7:b1:0b:fe:58:1e:57:9b:c5:a7:
         71:da:36:9f:f1:af:16:e3:49:3a:82:11:c3:02:77:0a:36:54:
         a4:de:1e:cd:b5:5c:d4:95:ad:58:d8:5c:19:48:ef:42:5a:47:
         bb:e7:c8:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQPhNpGYASl9Ul4h9jXggIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTk4OTk0ZWI1NjE5ZThmMjlhYjNiZGU3YWIyYWQxNGVh
YmZjZmQwHhcNMjUxMTA0MTkwMDM2WhcNMjUxMTA1MTkwMDM2WjAzMTEwLwYDVQQD
EyhjMWFhYWMwNjA3NTZhYjg0ZDlmNjczNWRmNzNlNjFhNGEyMDlhNzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpr8jsOQBf6CGdyBB/rokvGEHnTf
jP0v/r7wNV+nA1diUcFhdh7Z/bRwgrOABOR812dwJO4EYGZuDv12/jwEDBMRGfVf
8KI3rGpfpVCzXADw6+8h85wWa6dnC1SP5DKAzE1wd1HlfPgA/c4YV7mmFwJcg7B4
62lZDgUPaDHw+YbsP5srRB5w3B9wVbsAIFKZ25faqB9cJTcUoHtZG6a8NgN91/wu
a7OYH//KQ1RJ9EfVGYCvODKggpZ7DHvGwfyR76M8NLrMWg8JWPUrRQ4gm58zk5SC
zYiz6CisAODBG4gQx/mHngrxFlH/vmwD/6O2ERFsd8ViVeYNAURvyH5IzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMGqrAYHVquE2fZzXfc+YaSiCadPMB8GA1UdIwQY
MBaAFE+ZiZTrVhno8pqzveerKtFOq/z9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVtSmxPdFdHZWp5bXJPOTU2c3EwVTZyX1AwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M0ODctZjhmYi00MDM1LTllMjgt
NDQ2OGQxMmYzMjJiLzEvVDVtSmxPdFdHZWp5bXJPOTU2c3EwVTZyX1AwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M0ODctZjhmYi00MDM1LTllMjgtNDQ2OGQxMmYzMjJi
LzEvVDVtSmxPdFdHZWp5bXJPOTU2c3EwVTZyX1AwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK0Y7zVC0
HSM2cEWQY1BZVn9P6IR7kL0V6fB5icj8oCzToJQwnNaTqQZnwDQXvdI6VDBBu4WL
REvlwQ05+gXnlLdg+QP5xb91+lr3AdCR1a4H7/JET46G5yCu0IwuSFg2qNLoMW2I
J7yZIJdqeVlU6ZC97r3aidLr3hmS8dDXGeXxaG6YlaYjx9Ac62oTX2oJm+YG008C
pDkO9Lvex8LMuhYHW+hPtihalUAXp7jdy+jK2TQOEOJQJziN/g0CSGLrEEiIcAzp
46+pwxvPxT73sQv+WB5Xm8Wncdo2n/GvFuNJOoIRwwJ3CjZUpN4ezbVc1JWtWNhc
GUjvQlpHu+fIgg==
-----END CERTIFICATE-----