Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft
File:                     5D7dxEvG9TRFds9ZrwATXGtiwB0.mft (raw, json)
Hash identifier:          O1fQEBqrz9gaKWMWiv9r/Ti7nzP7enZmA6c1LCCpC8w=
Subject key identifier:   B2:A4:27:CB:7B:E7:CF:87:DE:A8:CE:4A:54:32:15:E3:74:A6:F1:A7
Authority key identifier: E4:3E:DD:C4:4B:C6:F5:34:45:76:CF:59:AF:00:13:5C:6B:62:C0:1D
Certificate issuer:       /CN=e43eddc44bc6f5344576cf59af00135c6b62c01d
Certificate serial:       019A72259F3E45FB953E0637D5D5105CE1BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft
Manifest number:          0D86
Signing time:             Tue 11 Nov 2025 09:00:59 +0000
Manifest this update:     Tue 11 Nov 2025 09:00:59 +0000
Manifest next update:     Wed 12 Nov 2025 09:00:59 +0000
Files and hashes:         1: 5D7dxEvG9TRFds9ZrwATXGtiwB0.crl (hash: gojzr9rYwe//ppg50qSLDubO8X5obP8dhmR8S5AJAtQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:9f:3e:45:fb:95:3e:06:37:d5:d5:10:5c:e1:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e43eddc44bc6f5344576cf59af00135c6b62c01d
        Validity
            Not Before: Nov 11 09:00:59 2025 GMT
            Not After : Nov 12 09:00:59 2025 GMT
        Subject: CN=b2a427cb7be7cf87dea8ce4a543215e374a6f1a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:9c:9e:8c:d3:c7:2d:f3:a2:34:b8:ee:b2:f3:
                    c4:f0:fe:06:56:df:4f:d8:84:34:9f:e5:af:26:c5:
                    9f:2a:1d:43:37:cc:e4:3a:45:19:60:a1:86:fd:f6:
                    0a:69:ba:f6:b3:2e:dd:77:fe:e2:f3:57:43:61:1a:
                    b9:99:29:ac:ed:c3:9a:41:14:1a:a6:c3:c3:8d:5b:
                    9c:73:10:66:b4:1b:33:ef:2e:5d:5a:ff:5d:32:c4:
                    e5:c4:d6:e8:f6:7a:d5:35:96:d9:53:9b:06:48:a7:
                    af:bb:34:ce:62:87:ac:7c:34:f7:cc:6e:97:c2:37:
                    05:f3:61:e5:bd:99:a4:98:4d:b5:55:5c:75:02:76:
                    99:37:39:10:46:d3:70:d5:86:6c:d2:6d:e1:a1:cd:
                    26:dc:0e:ca:2e:49:2e:34:62:5a:59:f1:df:18:92:
                    a5:90:08:5d:31:a1:53:78:bd:f3:d0:69:97:9d:8a:
                    af:50:a7:e4:e5:f3:38:5b:ec:39:54:b4:4e:a8:32:
                    a2:2f:ab:ff:20:e6:cc:c3:a7:4e:ae:08:2f:8a:db:
                    d2:42:7e:db:e9:44:b8:aa:ce:14:76:04:46:bf:be:
                    d3:18:b3:52:27:e6:0a:f4:32:1f:06:65:d5:8f:06:
                    51:a3:37:a9:0e:50:ce:da:8c:9e:4e:76:b5:aa:c6:
                    26:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:A4:27:CB:7B:E7:CF:87:DE:A8:CE:4A:54:32:15:E3:74:A6:F1:A7
            X509v3 Authority Key Identifier:
                keyid:E4:3E:DD:C4:4B:C6:F5:34:45:76:CF:59:AF:00:13:5C:6B:62:C0:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:10:f3:99:75:e5:51:f1:48:18:6c:8c:da:0e:b1:cf:c3:7d:
         d6:96:2f:b4:05:25:5a:75:49:11:7d:45:1a:8a:1c:7d:b1:6e:
         10:9d:dc:ef:25:92:44:a5:2b:0b:6a:31:58:0b:2d:f3:f7:bb:
         d7:dd:a7:de:32:4e:62:d6:0f:59:5d:30:c8:de:f2:58:86:36:
         fe:88:2c:4a:96:da:8b:b2:b7:27:8e:c2:2b:a1:b6:f1:6e:20:
         14:18:80:a2:f2:b7:17:e5:af:8a:79:40:c4:8e:af:04:6a:67:
         3c:d4:93:bd:b2:57:c2:73:ea:4a:99:ca:e3:63:1f:8f:38:81:
         73:1d:43:fb:36:ca:3e:d8:45:a7:70:ca:1d:e3:0a:b2:00:eb:
         7d:01:d6:5d:a9:09:d7:80:84:20:b1:58:f6:59:ef:e5:9c:49:
         37:c5:2a:4a:26:8e:48:85:af:7e:9b:f4:f3:6b:9d:02:fd:7b:
         a0:65:50:6b:2b:dc:b4:61:ef:e5:7c:c0:82:9f:9d:15:6f:ef:
         0d:fe:6d:74:28:83:8f:1a:f7:0d:d2:8c:58:2d:e7:87:f9:07:
         11:52:6c:ae:67:87:e4:0c:24:d6:c5:3e:a4:6c:e0:5a:55:7a:
         36:f4:59:5c:61:35:31:7d:31:ed:f9:e0:48:d4:54:95:2b:d3:
         1a:0c:f4:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJZ8+RfuVPgY31dUQXOG9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0M2VkZGM0NGJjNmY1MzQ0NTc2Y2Y1OWFmMDAxMzVjNmI2
MmMwMWQwHhcNMjUxMTExMDkwMDU5WhcNMjUxMTEyMDkwMDU5WjAzMTEwLwYDVQQD
EyhiMmE0MjdjYjdiZTdjZjg3ZGVhOGNlNGE1NDMyMTVlMzc0YTZmMWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJyejNPHLfOiNLjusvPE8P4GVt9P
2IQ0n+WvJsWfKh1DN8zkOkUZYKGG/fYKabr2sy7dd/7i81dDYRq5mSms7cOaQRQa
psPDjVuccxBmtBsz7y5dWv9dMsTlxNbo9nrVNZbZU5sGSKevuzTOYoesfDT3zG6X
wjcF82HlvZmkmE21VVx1AnaZNzkQRtNw1YZs0m3hoc0m3A7KLkkuNGJaWfHfGJKl
kAhdMaFTeL3z0GmXnYqvUKfk5fM4W+w5VLROqDKiL6v/IObMw6dOrggvitvSQn7b
6US4qs4UdgRGv77TGLNSJ+YK9DIfBmXVjwZRozepDlDO2oyeTna1qsYmowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLKkJ8t758+H3qjOSlQyFeN0pvGnMB8GA1UdIwQY
MBaAFOQ+3cRLxvU0RXbPWa8AE1xrYsAdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yZGFhNzItMDMxNC00NmM1LWJlNWIt
OWE2OTMwNDI1OGEwLzEvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8yZGFhNzItMDMxNC00NmM1LWJlNWItOWE2OTMwNDI1OGEw
LzEvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUhDzmXXl
UfFIGGyM2g6xz8N91pYvtAUlWnVJEX1FGoocfbFuEJ3c7yWSRKUrC2oxWAst8/e7
192n3jJOYtYPWV0wyN7yWIY2/ogsSpbai7K3J47CK6G28W4gFBiAovK3F+WvinlA
xI6vBGpnPNSTvbJXwnPqSpnK42MfjziBcx1D+zbKPthFp3DKHeMKsgDrfQHWXakJ
14CEILFY9lnv5ZxJN8UqSiaOSIWvfpv082udAv17oGVQayvctGHv5XzAgp+dFW/v
Df5tdCiDjxr3DdKMWC3nh/kHEVJsrmeH5Awk1sU+pGzgWlV6NvRZXGE1MX0x7fng
SNRUlSvTGgz00Q==
-----END CERTIFICATE-----