Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/73af7c-5647-42d7-aa1d-1d5bc001a1de/1/5IKZWNgAyhrebhPKeygLIpzmYC4.mft
File:                     5IKZWNgAyhrebhPKeygLIpzmYC4.mft (raw, json)
Hash identifier:          Gt1XNRM/VTMDTC+AKibK3AK5A+0KCq00n3OkCn3bLUk=
Subject key identifier:   6A:C4:4A:78:F7:EF:A9:E4:51:A9:FD:89:9A:78:DA:1F:44:4C:4F:4A
Authority key identifier: E4:82:99:58:D8:00:CA:1A:DE:6E:13:CA:7B:28:0B:22:9C:E6:60:2E
Certificate issuer:       /CN=e4829958d800ca1ade6e13ca7b280b229ce6602e
Certificate serial:       019A50E358BCFC3941FD8CDF0E60F3BE395E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5IKZWNgAyhrebhPKeygLIpzmYC4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/73af7c-5647-42d7-aa1d-1d5bc001a1de/1/5IKZWNgAyhrebhPKeygLIpzmYC4.mft
Manifest number:          170B
Signing time:             Tue 04 Nov 2025 22:01:07 +0000
Manifest this update:     Tue 04 Nov 2025 22:01:07 +0000
Manifest next update:     Wed 05 Nov 2025 22:01:07 +0000
Files and hashes:         1: 5IKZWNgAyhrebhPKeygLIpzmYC4.crl (hash: QdTndhLGtaFXcINB4HsuClx0vIsPgjyU0mp21hd2Tm0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f1/73af7c-5647-42d7-aa1d-1d5bc001a1de/1/5IKZWNgAyhrebhPKeygLIpzmYC4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f1/73af7c-5647-42d7-aa1d-1d5bc001a1de/1/5IKZWNgAyhrebhPKeygLIpzmYC4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5IKZWNgAyhrebhPKeygLIpzmYC4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:e3:58:bc:fc:39:41:fd:8c:df:0e:60:f3:be:39:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4829958d800ca1ade6e13ca7b280b229ce6602e
        Validity
            Not Before: Nov  4 22:01:07 2025 GMT
            Not After : Nov  5 22:01:07 2025 GMT
        Subject: CN=6ac44a78f7efa9e451a9fd899a78da1f444c4f4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:d7:52:96:6e:c1:33:e5:91:76:c6:fa:16:e4:
                    e3:24:6b:e4:1b:c3:a8:5d:34:29:36:d4:2e:4a:30:
                    8b:35:29:35:e8:fa:8b:4f:bf:ae:17:9d:cf:d3:3b:
                    c7:3a:09:d6:94:b3:d3:2f:a6:b4:59:47:07:8b:6f:
                    a3:f1:ee:a5:c4:6f:1d:61:fa:12:36:ee:11:be:52:
                    1b:48:d5:9e:8b:78:1e:79:1c:a7:3f:86:1e:d1:1d:
                    8a:16:b7:0c:3e:20:4b:f8:83:ac:82:88:75:fd:aa:
                    69:8a:8a:7b:f9:cd:36:ab:a7:93:ef:a8:e5:c8:d2:
                    93:aa:55:d9:98:76:3d:c5:a4:1d:7d:9d:8f:fa:a0:
                    75:a7:37:59:4a:cb:16:0f:2b:51:88:55:76:9a:30:
                    83:6e:ee:31:27:09:5e:fc:6f:13:c3:d6:15:ae:da:
                    d0:26:10:c1:5d:55:e5:4d:00:1a:10:da:50:75:61:
                    d2:61:35:74:37:70:79:56:44:fb:b1:cc:df:f6:2b:
                    d9:61:de:c8:b2:d4:14:e5:bd:7f:44:ed:aa:b1:4d:
                    95:81:c1:cc:9c:63:17:64:24:a8:e4:2c:1e:8e:a4:
                    9b:65:82:e8:57:6b:c1:6b:95:3c:c3:df:03:41:43:
                    9d:66:38:e0:d2:fe:d4:fd:f4:f3:70:17:b5:1e:d6:
                    f5:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:C4:4A:78:F7:EF:A9:E4:51:A9:FD:89:9A:78:DA:1F:44:4C:4F:4A
            X509v3 Authority Key Identifier:
                keyid:E4:82:99:58:D8:00:CA:1A:DE:6E:13:CA:7B:28:0B:22:9C:E6:60:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5IKZWNgAyhrebhPKeygLIpzmYC4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/73af7c-5647-42d7-aa1d-1d5bc001a1de/1/5IKZWNgAyhrebhPKeygLIpzmYC4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/73af7c-5647-42d7-aa1d-1d5bc001a1de/1/5IKZWNgAyhrebhPKeygLIpzmYC4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:9d:64:13:51:0c:e8:ae:4a:ae:0b:8d:b6:b5:08:94:4c:47:
         a3:e3:ba:ce:77:21:58:e3:3e:af:63:e4:ce:d1:8d:1b:be:8e:
         c1:50:17:f9:9e:ea:07:30:de:75:a8:f3:a6:c2:6d:fe:b1:a4:
         c4:d0:af:15:d6:ed:81:8f:1a:34:ff:b9:8c:10:7e:43:9c:f7:
         16:40:77:38:eb:bb:32:01:fb:95:fa:18:2d:90:39:91:51:2d:
         d8:6e:08:ca:2b:04:7b:72:1e:1f:e9:60:40:3b:71:67:c9:ab:
         a2:51:19:6c:96:0f:fe:ea:3a:c6:6b:9c:29:79:d9:61:a7:33:
         2e:68:e6:af:1e:ec:d7:53:80:e9:16:4a:c2:84:84:41:fe:8b:
         0c:40:3c:ac:de:5c:c4:1e:ba:eb:ca:d8:e3:99:fb:3d:e0:2a:
         0c:52:c1:f3:33:f8:fb:a0:25:16:28:f6:41:1f:8b:75:74:71:
         11:49:37:36:75:49:19:55:b5:7f:80:5a:f1:e9:f4:ed:f2:d6:
         13:de:ea:4b:9a:e2:f8:94:a3:d6:1f:32:56:d9:39:ce:7c:8d:
         bf:fc:f6:1b:c7:4b:2d:cb:10:f0:25:52:7b:71:21:8b:32:fb:
         65:7b:c7:fa:03:bf:8b:23:51:5d:9a:56:5d:22:cc:26:c0:de:
         1f:7e:5b:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ41i8/DlB/YzfDmDzvjleMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0ODI5OTU4ZDgwMGNhMWFkZTZlMTNjYTdiMjgwYjIyOWNl
NjYwMmUwHhcNMjUxMTA0MjIwMTA3WhcNMjUxMTA1MjIwMTA3WjAzMTEwLwYDVQQD
Eyg2YWM0NGE3OGY3ZWZhOWU0NTFhOWZkODk5YTc4ZGExZjQ0NGM0ZjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtdSlm7BM+WRdsb6FuTjJGvkG8Oo
XTQpNtQuSjCLNSk16PqLT7+uF53P0zvHOgnWlLPTL6a0WUcHi2+j8e6lxG8dYfoS
Nu4RvlIbSNWei3geeRynP4Ye0R2KFrcMPiBL+IOsgoh1/appiop7+c02q6eT76jl
yNKTqlXZmHY9xaQdfZ2P+qB1pzdZSssWDytRiFV2mjCDbu4xJwle/G8Tw9YVrtrQ
JhDBXVXlTQAaENpQdWHSYTV0N3B5VkT7sczf9ivZYd7IstQU5b1/RO2qsU2VgcHM
nGMXZCSo5CwejqSbZYLoV2vBa5U8w98DQUOdZjjg0v7U/fTzcBe1Htb1uQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGrESnj376nkUan9iZp42h9ETE9KMB8GA1UdIwQY
MBaAFOSCmVjYAMoa3m4TynsoCyKc5mAuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUlLWldOZ0F5aHJlYmhQS2V5Z0xJcHptWUM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS83M2FmN2MtNTY0Ny00MmQ3LWFhMWQt
MWQ1YmMwMDFhMWRlLzEvNUlLWldOZ0F5aHJlYmhQS2V5Z0xJcHptWUM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS83M2FmN2MtNTY0Ny00MmQ3LWFhMWQtMWQ1YmMwMDFhMWRl
LzEvNUlLWldOZ0F5aHJlYmhQS2V5Z0xJcHptWUM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEJ1kE1EM
6K5KrguNtrUIlExHo+O6znchWOM+r2PkztGNG76OwVAX+Z7qBzDedajzpsJt/rGk
xNCvFdbtgY8aNP+5jBB+Q5z3FkB3OOu7MgH7lfoYLZA5kVEt2G4IyisEe3IeH+lg
QDtxZ8mrolEZbJYP/uo6xmucKXnZYaczLmjmrx7s11OA6RZKwoSEQf6LDEA8rN5c
xB6668rY45n7PeAqDFLB8zP4+6AlFij2QR+LdXRxEUk3NnVJGVW1f4Ba8en07fLW
E97qS5ri+JSj1h8yVtk5znyNv/z2G8dLLcsQ8CVSe3EhizL7ZXvH+gO/iyNRXZpW
XSLMJsDeH35bTA==
-----END CERTIFICATE-----