Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.mft
File:                     Xl5k_r-lZnT03hZCn13eSdnOk2g.mft (raw, json)
Hash identifier:          hfE+yjuD0M8bvzC4T4QX9aoeh0pRF2eMm0m0U1Bkp9c=
Subject key identifier:   1A:29:E7:15:1D:86:52:97:28:EA:08:96:F2:AD:8A:C4:19:1B:CA:4A
Authority key identifier: 5E:5E:64:FE:BF:A5:66:74:F4:DE:16:42:9F:5D:DE:49:D9:CE:93:68
Certificate issuer:       /CN=5e5e64febfa56674f4de16429f5dde49d9ce9368
Certificate serial:       019A71134FC78A4F73BDA641C67BD88BC59C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xl5k_r-lZnT03hZCn13eSdnOk2g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.mft
Manifest number:          13B0
Signing time:             Tue 11 Nov 2025 04:01:22 +0000
Manifest this update:     Tue 11 Nov 2025 04:01:22 +0000
Manifest next update:     Wed 12 Nov 2025 04:01:22 +0000
Files and hashes:         1: Xl5k_r-lZnT03hZCn13eSdnOk2g.crl (hash: feA4xt9kGELWWY6vO9Wv3+1a/8wc7+dy8OxWQ0lqrI8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Xl5k_r-lZnT03hZCn13eSdnOk2g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:13:4f:c7:8a:4f:73:bd:a6:41:c6:7b:d8:8b:c5:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e5e64febfa56674f4de16429f5dde49d9ce9368
        Validity
            Not Before: Nov 11 04:01:22 2025 GMT
            Not After : Nov 12 04:01:22 2025 GMT
        Subject: CN=1a29e7151d86529728ea0896f2ad8ac4191bca4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:52:0b:e2:e5:1c:58:17:1a:21:3e:84:3f:d7:
                    f1:6c:07:be:49:83:0e:c0:df:9d:47:d2:8c:d9:1c:
                    22:c5:dc:ea:4a:0f:d2:52:2a:bd:bd:93:39:7a:c9:
                    7a:fa:e8:4d:3a:ae:58:10:cf:fe:e3:a0:90:54:7f:
                    91:3b:2e:77:91:0b:db:23:2c:d3:37:99:98:0f:c2:
                    34:10:5c:4c:cf:78:cd:38:f7:24:32:42:3a:22:12:
                    37:a0:5c:94:4f:ef:37:c3:5c:ed:57:36:b1:87:f7:
                    8b:9b:41:9a:df:0a:80:9b:d9:f4:26:d5:20:bb:5e:
                    b8:5a:01:0a:4f:c7:2e:ca:27:01:9e:44:55:86:03:
                    e1:41:c8:72:26:68:31:3b:d1:d5:72:d9:30:84:10:
                    77:be:07:15:50:f2:96:15:e6:e9:f3:cd:04:25:60:
                    1f:04:8d:df:85:67:14:20:59:02:cc:4d:5c:8f:92:
                    e9:4c:31:8e:3c:52:fa:5a:e4:22:58:02:45:4f:39:
                    1b:db:6f:5c:c9:d8:69:15:81:6b:60:1a:98:65:46:
                    a3:8f:87:50:31:83:10:5f:06:47:5b:2e:56:44:d9:
                    3c:ae:bc:5f:7f:f4:19:e8:51:52:17:f1:96:eb:70:
                    aa:d5:88:52:55:16:d0:39:b7:fd:a5:be:df:cc:cd:
                    27:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:29:E7:15:1D:86:52:97:28:EA:08:96:F2:AD:8A:C4:19:1B:CA:4A
            X509v3 Authority Key Identifier:
                keyid:5E:5E:64:FE:BF:A5:66:74:F4:DE:16:42:9F:5D:DE:49:D9:CE:93:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xl5k_r-lZnT03hZCn13eSdnOk2g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:18:8c:88:e0:bb:99:27:f7:b4:9f:db:52:3a:11:cd:ab:f1:
         c5:6f:12:cc:dd:00:ff:4b:f2:7b:5f:a9:67:70:e9:4c:80:f4:
         92:5e:53:2f:a2:db:6e:c3:81:d0:f4:cf:40:56:50:36:ba:93:
         fa:6e:c1:77:a3:e3:2d:07:43:b2:04:5e:02:66:2b:29:65:b9:
         92:fb:1d:94:70:59:55:ce:32:f1:59:bc:4a:e4:06:83:73:a1:
         4e:bc:8e:01:a9:0a:16:df:57:4e:e0:9b:25:df:b3:7a:f3:f6:
         99:6d:fb:b5:df:0a:df:3c:db:5d:e7:a8:e3:62:bd:1d:e1:e4:
         25:7b:df:f4:29:33:86:51:e5:b6:9f:56:f9:89:f6:df:92:cc:
         02:8f:91:7f:e0:c3:a8:a9:7f:dd:84:c0:fc:ae:c0:1e:c3:2b:
         5c:d4:90:e3:7c:cb:7e:2a:aa:c1:c8:87:7a:f3:58:5e:26:d5:
         72:80:0d:a8:c5:02:26:be:f2:15:61:6d:ff:27:64:26:cf:23:
         14:c5:6b:8b:69:ba:2f:fc:12:33:bd:3d:65:55:00:b8:fb:fe:
         4a:12:14:e3:aa:f0:d6:6f:af:f4:39:52:d5:d2:95:ee:2f:16:
         ef:8f:88:60:a8:79:13:a4:f2:7a:4a:d3:4b:f9:3c:db:e2:b0:
         1f:18:e5:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxE0/Hik9zvaZBxnvYi8WcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNWU2NGZlYmZhNTY2NzRmNGRlMTY0MjlmNWRkZTQ5ZDlj
ZTkzNjgwHhcNMjUxMTExMDQwMTIyWhcNMjUxMTEyMDQwMTIyWjAzMTEwLwYDVQQD
EygxYTI5ZTcxNTFkODY1Mjk3MjhlYTA4OTZmMmFkOGFjNDE5MWJjYTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlIL4uUcWBcaIT6EP9fxbAe+SYMO
wN+dR9KM2RwixdzqSg/SUiq9vZM5esl6+uhNOq5YEM/+46CQVH+ROy53kQvbIyzT
N5mYD8I0EFxMz3jNOPckMkI6IhI3oFyUT+83w1ztVzaxh/eLm0Ga3wqAm9n0JtUg
u164WgEKT8cuyicBnkRVhgPhQchyJmgxO9HVctkwhBB3vgcVUPKWFebp880EJWAf
BI3fhWcUIFkCzE1cj5LpTDGOPFL6WuQiWAJFTzkb229cydhpFYFrYBqYZUajj4dQ
MYMQXwZHWy5WRNk8rrxff/QZ6FFSF/GW63Cq1YhSVRbQObf9pb7fzM0nJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBop5xUdhlKXKOoIlvKtisQZG8pKMB8GA1UdIwQY
MBaAFF5eZP6/pWZ09N4WQp9d3knZzpNoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGw1a19yLWxablQwM2haQ24xM2VTZG5PazJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84NWZjMTEtZTIzYS00OTQyLWIwZGUt
MjJmOGQ0YTAyN2FlLzEvWGw1a19yLWxablQwM2haQ24xM2VTZG5PazJnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84NWZjMTEtZTIzYS00OTQyLWIwZGUtMjJmOGQ0YTAyN2Fl
LzEvWGw1a19yLWxablQwM2haQ24xM2VTZG5PazJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKRiMiOC7
mSf3tJ/bUjoRzavxxW8SzN0A/0vye1+pZ3DpTID0kl5TL6LbbsOB0PTPQFZQNrqT
+m7Bd6PjLQdDsgReAmYrKWW5kvsdlHBZVc4y8Vm8SuQGg3OhTryOAakKFt9XTuCb
Jd+zevP2mW37td8K3zzbXeeo42K9HeHkJXvf9CkzhlHltp9W+Yn235LMAo+Rf+DD
qKl/3YTA/K7AHsMrXNSQ43zLfiqqwciHevNYXibVcoANqMUCJr7yFWFt/ydkJs8j
FMVri2m6L/wSM709ZVUAuPv+ShIU46rw1m+v9DlS1dKV7i8W74+IYKh5E6TyekrT
S/k82+KwHxjlXw==
-----END CERTIFICATE-----