Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/13da12-e553-4714-9618-4ce506cf7a2c/1/STGaFtGrBlzvNlhRkqfv-H-VFV8.mft
File:                     STGaFtGrBlzvNlhRkqfv-H-VFV8.mft (raw, json)
Hash identifier:          eaK5YnBxORNYRUkio4BTnrLO1fq0y+Qnp9m+uTMcKF8=
Subject key identifier:   4D:C0:E0:CD:1F:CB:66:09:CF:B0:DA:48:76:68:52:A6:32:B9:E8:4C
Authority key identifier: 49:31:9A:16:D1:AB:06:5C:EF:36:58:51:92:A7:EF:F8:7F:95:15:5F
Certificate issuer:       /CN=49319a16d1ab065cef36585192a7eff87f95155f
Certificate serial:       019A4EF43576604152885B86FC0EC3A71294
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/STGaFtGrBlzvNlhRkqfv-H-VFV8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/13da12-e553-4714-9618-4ce506cf7a2c/1/STGaFtGrBlzvNlhRkqfv-H-VFV8.mft
Manifest number:          05CF
Signing time:             Tue 04 Nov 2025 13:00:18 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:18 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:18 +0000
Files and hashes:         1: STGaFtGrBlzvNlhRkqfv-H-VFV8.crl (hash: WM0V8wwFbPQZOICayflOhsLYd4d33INsNvKj5naeUHc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/13da12-e553-4714-9618-4ce506cf7a2c/1/STGaFtGrBlzvNlhRkqfv-H-VFV8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/13da12-e553-4714-9618-4ce506cf7a2c/1/STGaFtGrBlzvNlhRkqfv-H-VFV8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/STGaFtGrBlzvNlhRkqfv-H-VFV8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:35:76:60:41:52:88:5b:86:fc:0e:c3:a7:12:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49319a16d1ab065cef36585192a7eff87f95155f
        Validity
            Not Before: Nov  4 13:00:18 2025 GMT
            Not After : Nov  5 13:00:18 2025 GMT
        Subject: CN=4dc0e0cd1fcb6609cfb0da48766852a632b9e84c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:5a:82:1c:29:80:09:e9:45:79:68:69:1a:54:
                    5d:44:6b:f3:65:31:61:6a:e0:31:64:f3:4e:94:76:
                    88:ec:7a:ad:af:3c:a1:14:64:3d:d3:7e:e1:ae:70:
                    a8:33:95:b0:24:2a:9a:2e:8a:bf:ec:58:b4:d9:06:
                    d6:6f:16:0e:9f:56:fc:32:af:e9:64:11:41:4e:6e:
                    9a:9d:1a:f1:9a:34:49:38:b3:db:2f:46:77:f8:d2:
                    a6:d1:8f:62:ab:eb:27:53:69:d0:30:23:83:4a:a5:
                    61:01:20:19:92:6a:75:12:1c:ec:90:b7:fa:16:68:
                    0a:0c:99:f5:ce:3a:1d:69:25:58:8d:d2:fd:d8:aa:
                    7d:e1:5e:ca:3a:92:c1:f5:96:fd:ad:e6:25:92:83:
                    22:51:db:6b:9e:66:3e:50:b4:1a:85:c2:b4:ed:76:
                    f6:b4:0f:4f:0f:b1:6c:89:8c:70:03:06:17:58:98:
                    13:9c:9a:30:c4:3a:bb:17:b3:c4:75:b6:f8:85:aa:
                    27:bd:10:e1:c2:ef:b3:cc:f2:dd:0c:9b:56:11:24:
                    30:ae:a5:a7:4a:e4:f4:0d:5b:eb:65:48:a9:04:c5:
                    b1:8e:4a:e1:35:2c:5f:cd:ff:b0:06:e8:0e:f6:cf:
                    c4:1b:f0:02:25:12:29:95:ab:85:dc:ed:8e:4a:ac:
                    f5:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:C0:E0:CD:1F:CB:66:09:CF:B0:DA:48:76:68:52:A6:32:B9:E8:4C
            X509v3 Authority Key Identifier:
                keyid:49:31:9A:16:D1:AB:06:5C:EF:36:58:51:92:A7:EF:F8:7F:95:15:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/STGaFtGrBlzvNlhRkqfv-H-VFV8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/13da12-e553-4714-9618-4ce506cf7a2c/1/STGaFtGrBlzvNlhRkqfv-H-VFV8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/13da12-e553-4714-9618-4ce506cf7a2c/1/STGaFtGrBlzvNlhRkqfv-H-VFV8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:2d:f3:12:27:b9:50:aa:c7:d5:fc:14:52:b0:7f:39:b4:53:
         76:f6:55:3a:f5:88:94:ef:a4:ed:bc:de:c2:98:74:dd:ae:f0:
         2d:72:e0:f5:9f:ad:12:eb:db:e1:52:8a:dd:cf:65:29:98:a0:
         43:d7:33:3d:c0:0e:7f:09:1a:fa:ae:5f:4e:7a:55:b4:ae:f3:
         8e:e9:51:c6:e7:eb:44:09:19:e1:33:3b:67:35:44:62:41:a3:
         9b:be:27:81:d9:d6:c7:c8:81:58:29:b1:bb:8a:c8:0e:2b:4b:
         7e:ee:8b:2e:3b:b4:39:49:37:98:35:8f:34:bc:99:62:7f:cd:
         3f:7e:4f:ac:df:00:3b:70:84:c3:7c:39:fd:26:40:d7:bf:73:
         9c:09:77:a1:b3:ed:29:3e:da:1a:5b:ec:fe:ac:50:f7:7f:fc:
         2f:0a:b9:3a:a1:d4:6d:bb:21:8b:fd:e4:1c:bd:86:cf:07:bc:
         64:d3:2f:a8:0f:17:80:50:ce:a8:05:32:e0:38:d5:05:17:d3:
         04:1c:48:b6:6f:33:95:f6:02:da:a7:54:15:7a:d8:2c:09:32:
         61:07:d0:92:ba:98:31:90:c5:4c:54:20:9e:b8:2d:6c:99:7c:
         41:e4:8b:04:61:7a:c9:f9:eb:85:43:95:95:52:d2:07:06:fc:
         b5:59:f1:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9DV2YEFSiFuG/A7DpxKUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MzE5YTE2ZDFhYjA2NWNlZjM2NTg1MTkyYTdlZmY4N2Y5
NTE1NWYwHhcNMjUxMTA0MTMwMDE4WhcNMjUxMTA1MTMwMDE4WjAzMTEwLwYDVQQD
Eyg0ZGMwZTBjZDFmY2I2NjA5Y2ZiMGRhNDg3NjY4NTJhNjMyYjllODRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVqCHCmACelFeWhpGlRdRGvzZTFh
auAxZPNOlHaI7HqtrzyhFGQ9037hrnCoM5WwJCqaLoq/7Fi02QbWbxYOn1b8Mq/p
ZBFBTm6anRrxmjRJOLPbL0Z3+NKm0Y9iq+snU2nQMCODSqVhASAZkmp1EhzskLf6
FmgKDJn1zjodaSVYjdL92Kp94V7KOpLB9Zb9reYlkoMiUdtrnmY+ULQahcK07Xb2
tA9PD7FsiYxwAwYXWJgTnJowxDq7F7PEdbb4haonvRDhwu+zzPLdDJtWESQwrqWn
SuT0DVvrZUipBMWxjkrhNSxfzf+wBugO9s/EG/ACJRIplauF3O2OSqz13QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE3A4M0fy2YJz7DaSHZoUqYyuehMMB8GA1UdIwQY
MBaAFEkxmhbRqwZc7zZYUZKn7/h/lRVfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1RHYUZ0R3JCbHp2TmxoUmtxZnYtSC1WRlY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8xM2RhMTItZTU1My00NzE0LTk2MTgt
NGNlNTA2Y2Y3YTJjLzEvU1RHYUZ0R3JCbHp2TmxoUmtxZnYtSC1WRlY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8xM2RhMTItZTU1My00NzE0LTk2MTgtNGNlNTA2Y2Y3YTJj
LzEvU1RHYUZ0R3JCbHp2TmxoUmtxZnYtSC1WRlY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJS3zEie5
UKrH1fwUUrB/ObRTdvZVOvWIlO+k7bzewph03a7wLXLg9Z+tEuvb4VKK3c9lKZig
Q9czPcAOfwka+q5fTnpVtK7zjulRxufrRAkZ4TM7ZzVEYkGjm74ngdnWx8iBWCmx
u4rIDitLfu6LLju0OUk3mDWPNLyZYn/NP35PrN8AO3CEw3w5/SZA179znAl3obPt
KT7aGlvs/qxQ93/8Lwq5OqHUbbshi/3kHL2Gzwe8ZNMvqA8XgFDOqAUy4DjVBRfT
BBxItm8zlfYC2qdUFXrYLAkyYQfQkrqYMZDFTFQgnrgtbJl8QeSLBGF6yfnrhUOV
lVLSBwb8tVnxpQ==
-----END CERTIFICATE-----