Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/627557-78a8-4b4e-a3b8-9a818ddd1558/1/EDjXopVKMtKv0WuIs2OzkGgc1ZM.mft
File:                     EDjXopVKMtKv0WuIs2OzkGgc1ZM.mft (raw, json)
Hash identifier:          Z3D1zKHBHqX+ENrYDgDXfR91nqj7XVWJW01kJc5+d44=
Subject key identifier:   CE:4A:20:13:42:C9:B7:48:71:ED:2A:B0:8A:72:86:A5:BB:1A:8F:9E
Authority key identifier: 10:38:D7:A2:95:4A:32:D2:AF:D1:6B:88:B3:63:B3:90:68:1C:D5:93
Certificate issuer:       /CN=1038d7a2954a32d2afd16b88b363b390681cd593
Certificate serial:       019A52D2A46153023C031824984EFD9B959B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EDjXopVKMtKv0WuIs2OzkGgc1ZM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/627557-78a8-4b4e-a3b8-9a818ddd1558/1/EDjXopVKMtKv0WuIs2OzkGgc1ZM.mft
Manifest number:          0FE2
Signing time:             Wed 05 Nov 2025 07:02:07 +0000
Manifest this update:     Wed 05 Nov 2025 07:02:07 +0000
Manifest next update:     Thu 06 Nov 2025 07:02:07 +0000
Files and hashes:         1: EDjXopVKMtKv0WuIs2OzkGgc1ZM.crl (hash: zDsqG2FqYOONq1Gp2/N/3ND3xeRKWxqV+sC1dGuvzGM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/627557-78a8-4b4e-a3b8-9a818ddd1558/1/EDjXopVKMtKv0WuIs2OzkGgc1ZM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/627557-78a8-4b4e-a3b8-9a818ddd1558/1/EDjXopVKMtKv0WuIs2OzkGgc1ZM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EDjXopVKMtKv0WuIs2OzkGgc1ZM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 03:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:52:d2:a4:61:53:02:3c:03:18:24:98:4e:fd:9b:95:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1038d7a2954a32d2afd16b88b363b390681cd593
        Validity
            Not Before: Nov  5 07:02:07 2025 GMT
            Not After : Nov  6 07:02:07 2025 GMT
        Subject: CN=ce4a201342c9b74871ed2ab08a7286a5bb1a8f9e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:35:c7:b1:57:54:bf:61:b2:b3:36:7a:ab:e4:
                    75:be:e6:25:64:4a:19:fc:cc:e7:e0:11:33:eb:5e:
                    6d:52:dc:c2:66:48:d3:01:82:15:c9:10:1f:bc:27:
                    05:c4:74:e1:1d:c1:3b:3b:94:d0:7d:10:d3:08:1e:
                    c8:24:24:97:e2:ff:ba:e9:7c:36:bf:9d:57:0d:6b:
                    83:03:75:f0:bf:54:24:db:92:ca:ab:dd:a4:73:51:
                    46:17:46:50:9f:4b:6e:c7:32:dd:b4:27:87:60:cf:
                    a9:79:7e:dd:8e:35:ff:e6:4d:e9:ab:08:c5:5d:77:
                    41:fc:df:3a:09:98:ea:e0:ea:be:8e:46:c9:69:ef:
                    d7:11:f5:f4:83:09:78:4a:42:68:b9:bd:03:99:96:
                    4c:eb:0c:82:2f:32:b4:c0:bf:5c:71:54:5e:10:9d:
                    82:7c:ee:93:a0:bc:6f:a1:e1:01:94:7a:70:fd:7b:
                    67:c0:de:d0:66:28:47:57:3e:60:58:4d:f4:60:4f:
                    1b:7d:29:6b:51:c3:e7:0e:e6:a4:cb:98:c0:fb:5c:
                    c2:7f:4c:8a:2c:f7:f7:85:5c:b6:42:0f:09:d6:bb:
                    a6:48:59:9d:7c:49:a9:72:38:52:ae:23:5d:85:3f:
                    1d:ad:86:90:02:7b:c5:92:ee:42:79:ab:63:e6:3e:
                    c4:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:4A:20:13:42:C9:B7:48:71:ED:2A:B0:8A:72:86:A5:BB:1A:8F:9E
            X509v3 Authority Key Identifier:
                keyid:10:38:D7:A2:95:4A:32:D2:AF:D1:6B:88:B3:63:B3:90:68:1C:D5:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EDjXopVKMtKv0WuIs2OzkGgc1ZM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/627557-78a8-4b4e-a3b8-9a818ddd1558/1/EDjXopVKMtKv0WuIs2OzkGgc1ZM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/627557-78a8-4b4e-a3b8-9a818ddd1558/1/EDjXopVKMtKv0WuIs2OzkGgc1ZM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cb:47:32:a4:6d:33:92:6e:ae:b0:29:67:e8:b2:60:46:72:5c:
         aa:bc:fe:86:6a:bb:6d:9b:3d:bc:d6:d3:fe:73:19:79:11:3c:
         b3:ce:1f:98:b1:e6:95:85:a2:e1:02:cb:b7:a4:46:58:75:9a:
         9e:92:81:ec:4d:33:ab:db:bf:5d:81:0c:54:80:b7:01:89:bc:
         c6:c5:a4:a8:ff:d0:bb:5f:16:ea:ab:e5:8d:19:f8:33:bc:36:
         e9:01:e6:d0:ec:e2:38:0f:9e:36:e6:06:7c:47:cf:f8:a9:df:
         7d:01:9a:f0:78:d7:60:79:61:ba:fb:38:d1:76:ee:b7:98:67:
         76:f8:fa:2b:c1:d2:2d:c1:3c:e4:43:c7:41:01:5c:a0:d4:ac:
         68:7b:60:32:39:b4:df:8a:dd:1c:31:d5:1e:57:24:ed:c7:6d:
         03:39:15:2f:96:29:d1:e6:12:9b:35:a4:da:dc:63:47:fb:e1:
         10:a7:bd:cd:be:a3:66:d9:8a:1c:06:cc:b5:27:da:a8:c3:fc:
         d9:d8:4d:a6:c2:5e:4f:60:f9:18:2b:5a:7d:69:ba:d2:d6:3e:
         17:81:fa:af:db:0f:90:b8:f6:29:9e:46:e5:4e:e1:7f:a2:7b:
         2c:96:a0:48:8b:75:d1:f1:5d:7d:a8:55:36:a8:9c:74:eb:f8:
         79:91:f6:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0qRhUwI8AxgkmE79m5WbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMzhkN2EyOTU0YTMyZDJhZmQxNmI4OGIzNjNiMzkwNjgx
Y2Q1OTMwHhcNMjUxMTA1MDcwMjA3WhcNMjUxMTA2MDcwMjA3WjAzMTEwLwYDVQQD
EyhjZTRhMjAxMzQyYzliNzQ4NzFlZDJhYjA4YTcyODZhNWJiMWE4ZjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzXHsVdUv2GyszZ6q+R1vuYlZEoZ
/Mzn4BEz615tUtzCZkjTAYIVyRAfvCcFxHThHcE7O5TQfRDTCB7IJCSX4v+66Xw2
v51XDWuDA3Xwv1Qk25LKq92kc1FGF0ZQn0tuxzLdtCeHYM+peX7djjX/5k3pqwjF
XXdB/N86CZjq4Oq+jkbJae/XEfX0gwl4SkJoub0DmZZM6wyCLzK0wL9ccVReEJ2C
fO6ToLxvoeEBlHpw/XtnwN7QZihHVz5gWE30YE8bfSlrUcPnDuaky5jA+1zCf0yK
LPf3hVy2Qg8J1rumSFmdfEmpcjhSriNdhT8drYaQAnvFku5Ceatj5j7EmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM5KIBNCybdIce0qsIpyhqW7Go+eMB8GA1UdIwQY
MBaAFBA416KVSjLSr9FriLNjs5BoHNWTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRURqWG9wVktNdEt2MFd1SXMyT3prR2djMVpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC82Mjc1NTctNzhhOC00YjRlLWEzYjgt
OWE4MThkZGQxNTU4LzEvRURqWG9wVktNdEt2MFd1SXMyT3prR2djMVpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC82Mjc1NTctNzhhOC00YjRlLWEzYjgtOWE4MThkZGQxNTU4
LzEvRURqWG9wVktNdEt2MFd1SXMyT3prR2djMVpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAy0cypG0z
km6usCln6LJgRnJcqrz+hmq7bZs9vNbT/nMZeRE8s84fmLHmlYWi4QLLt6RGWHWa
npKB7E0zq9u/XYEMVIC3AYm8xsWkqP/Qu18W6qvljRn4M7w26QHm0OziOA+eNuYG
fEfP+KnffQGa8HjXYHlhuvs40Xbut5hndvj6K8HSLcE85EPHQQFcoNSsaHtgMjm0
34rdHDHVHlck7cdtAzkVL5Yp0eYSmzWk2txjR/vhEKe9zb6jZtmKHAbMtSfaqMP8
2dhNpsJeT2D5GCtafWm60tY+F4H6r9sPkLj2KZ5G5U7hf6J7LJagSIt10fFdfahV
NqicdOv4eZH2QA==
-----END CERTIFICATE-----