Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
File:                     52vcVigM5dn89QMlGKfsm2HizO0.mft (raw, json)
Hash identifier:          oLQ7OLjjwimJGI9Tl6hOj64KK2sGVg5xz0nphghdM0E=
Subject key identifier:   32:4D:9F:09:19:9C:27:60:86:DC:B9:AE:D2:3C:A4:53:FF:B1:E0:D2
Authority key identifier: E7:6B:DC:56:28:0C:E5:D9:FC:F5:03:25:18:A7:EC:9B:61:E2:CC:ED
Certificate issuer:       /CN=e76bdc56280ce5d9fcf5032518a7ec9b61e2cced
Certificate serial:       019A4EF45F512BB44550611A56BB4616BCCC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
Manifest number:          11D6
Signing time:             Tue 04 Nov 2025 13:00:29 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:29 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:29 +0000
Files and hashes:         1: 52vcVigM5dn89QMlGKfsm2HizO0.crl (hash: /nLTYFFyBCVg4z409IuztNReH6LxcdEeBa42Od+ycqM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 13:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:5f:51:2b:b4:45:50:61:1a:56:bb:46:16:bc:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e76bdc56280ce5d9fcf5032518a7ec9b61e2cced
        Validity
            Not Before: Nov  4 13:00:29 2025 GMT
            Not After : Nov  5 13:00:29 2025 GMT
        Subject: CN=324d9f09199c276086dcb9aed23ca453ffb1e0d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:bc:14:f6:d1:59:f3:41:0f:3a:5c:37:07:79:
                    f7:5d:d6:d4:a4:fb:e8:a7:ce:2f:45:9b:b6:df:19:
                    3a:0d:5e:56:aa:2d:62:fb:1e:2f:e5:00:03:19:4a:
                    94:28:bc:5c:2f:af:6a:38:1c:6e:5c:38:d6:15:51:
                    3f:09:6c:3d:5d:53:76:b6:e7:49:56:19:44:9c:e3:
                    6d:9d:cb:0b:93:ee:b9:44:58:02:5c:ed:19:d9:a9:
                    9d:9c:b0:d7:17:69:a4:bb:68:62:f2:b7:7d:65:5b:
                    f7:77:ba:c7:c3:3b:a1:98:f8:8e:5a:6b:00:93:cb:
                    7a:79:0f:6c:e8:a4:f8:23:19:78:c3:6d:99:60:5e:
                    b4:46:47:04:02:86:ca:8f:94:92:34:a1:92:57:84:
                    ae:18:2e:b9:a7:3b:64:b0:38:77:16:86:58:6b:b9:
                    0d:d1:c0:43:3a:cf:b6:40:53:42:21:3f:2c:ca:3d:
                    db:51:ea:91:b4:9f:ba:c6:46:c9:77:28:30:6f:6c:
                    3b:f6:08:f8:73:16:c0:73:60:57:38:2b:43:3f:88:
                    c0:55:50:48:c5:10:63:32:6d:77:de:0d:f3:ce:99:
                    69:09:92:c7:bc:c1:f2:2e:9b:1e:de:a9:b4:db:80:
                    c8:36:8f:5f:f3:48:06:76:22:57:88:80:24:92:5c:
                    e8:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:4D:9F:09:19:9C:27:60:86:DC:B9:AE:D2:3C:A4:53:FF:B1:E0:D2
            X509v3 Authority Key Identifier:
                keyid:E7:6B:DC:56:28:0C:E5:D9:FC:F5:03:25:18:A7:EC:9B:61:E2:CC:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:2e:88:16:30:6c:10:a7:c9:f0:07:8a:ad:f7:ea:b3:fe:1a:
         66:91:eb:cf:e1:af:52:1d:ce:7e:2d:99:df:54:d0:3b:1f:df:
         2d:af:4e:d2:1a:58:04:9a:8e:be:1d:ff:6a:6f:c1:e5:52:03:
         a9:35:09:b5:58:2e:a9:b2:1e:2a:ba:82:61:5c:6d:bb:61:b3:
         be:b2:55:40:47:ab:90:02:8f:d2:da:ac:e7:b1:3d:97:fc:c1:
         e5:16:fc:4b:65:e5:cd:32:21:0d:78:a1:c2:16:68:8b:a0:12:
         cc:91:72:f9:53:c1:62:d3:3b:a9:fa:81:67:50:5f:21:e9:58:
         38:fd:0a:db:b2:82:f4:07:0b:28:d3:1b:0a:39:ea:02:07:3e:
         bf:e8:d7:4f:67:96:a6:6c:9f:93:87:85:ce:c9:0e:ae:3e:c5:
         f3:d7:1b:a0:42:49:8d:39:bf:30:01:0d:ca:a9:0c:4e:04:cd:
         dd:7e:1e:5e:cb:aa:21:eb:13:6f:40:7c:f5:af:d6:99:a3:16:
         05:38:9b:fb:9a:93:d7:ac:fc:7d:91:5b:86:8b:b5:32:c5:b0:
         86:15:41:bf:6a:48:39:1c:c4:23:cd:39:4d:1d:19:05:9b:c0:
         19:70:70:fa:b8:fc:ad:9c:4e:03:13:02:7c:93:b2:24:bc:2b:
         90:69:9c:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9F9RK7RFUGEaVrtGFrzMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NmJkYzU2MjgwY2U1ZDlmY2Y1MDMyNTE4YTdlYzliNjFl
MmNjZWQwHhcNMjUxMTA0MTMwMDI5WhcNMjUxMTA1MTMwMDI5WjAzMTEwLwYDVQQD
EygzMjRkOWYwOTE5OWMyNzYwODZkY2I5YWVkMjNjYTQ1M2ZmYjFlMGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA07wU9tFZ80EPOlw3B3n3XdbUpPvo
p84vRZu23xk6DV5Wqi1i+x4v5QADGUqUKLxcL69qOBxuXDjWFVE/CWw9XVN2tudJ
VhlEnONtncsLk+65RFgCXO0Z2amdnLDXF2mku2hi8rd9ZVv3d7rHwzuhmPiOWmsA
k8t6eQ9s6KT4Ixl4w22ZYF60RkcEAobKj5SSNKGSV4SuGC65pztksDh3FoZYa7kN
0cBDOs+2QFNCIT8syj3bUeqRtJ+6xkbJdygwb2w79gj4cxbAc2BXOCtDP4jAVVBI
xRBjMm133g3zzplpCZLHvMHyLpse3qm024DINo9f80gGdiJXiIAkklzoSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDJNnwkZnCdghty5rtI8pFP/seDSMB8GA1UdIwQY
MBaAFOdr3FYoDOXZ/PUDJRin7Jth4sztMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8zZGRkNmEtMzAyNS00MTk2LTg0YzIt
ZjFjMjRhODEzOWRiLzEvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8zZGRkNmEtMzAyNS00MTk2LTg0YzItZjFjMjRhODEzOWRi
LzEvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqS6IFjBs
EKfJ8AeKrffqs/4aZpHrz+GvUh3Ofi2Z31TQOx/fLa9O0hpYBJqOvh3/am/B5VID
qTUJtVguqbIeKrqCYVxtu2GzvrJVQEerkAKP0tqs57E9l/zB5Rb8S2XlzTIhDXih
whZoi6ASzJFy+VPBYtM7qfqBZ1BfIelYOP0K27KC9AcLKNMbCjnqAgc+v+jXT2eW
pmyfk4eFzskOrj7F89cboEJJjTm/MAENyqkMTgTN3X4eXsuqIesTb0B89a/WmaMW
BTib+5qT16z8fZFbhou1MsWwhhVBv2pIORzEI805TR0ZBZvAGXBw+rj8rZxOAxMC
fJOyJLwrkGmc6A==
-----END CERTIFICATE-----