Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.mft
File:                     5cfDmlkS3cIen2tRmJZyV2ISeDM.mft (raw, json)
Hash identifier:          C3nrfYP2o1TIej3WLKfx0Sm7+yCuRU2RkjuNwvVxVq8=
Subject key identifier:   C9:C1:4E:CE:36:AC:44:F9:89:AE:5A:23:C1:C8:FE:3A:1A:AD:91:45
Authority key identifier: E5:C7:C3:9A:59:12:DD:C2:1E:9F:6B:51:98:96:72:57:62:12:78:33
Certificate issuer:       /CN=e5c7c39a5912ddc21e9f6b519896725762127833
Certificate serial:       019A71B776BE57C55D3A96B09B269C05FDA8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5cfDmlkS3cIen2tRmJZyV2ISeDM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.mft
Manifest number:          0299
Signing time:             Tue 11 Nov 2025 07:00:40 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:40 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:40 +0000
Files and hashes:         1: 5cfDmlkS3cIen2tRmJZyV2ISeDM.crl (hash: Uqz55VEqzCzMdSbUOWUFjPcaxUU2g+pp3fVLCWkOQF8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5cfDmlkS3cIen2tRmJZyV2ISeDM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:76:be:57:c5:5d:3a:96:b0:9b:26:9c:05:fd:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e5c7c39a5912ddc21e9f6b519896725762127833
        Validity
            Not Before: Nov 11 07:00:40 2025 GMT
            Not After : Nov 12 07:00:40 2025 GMT
        Subject: CN=c9c14ece36ac44f989ae5a23c1c8fe3a1aad9145
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:84:1a:0c:76:42:53:22:c4:fa:98:1f:a0:50:
                    0e:18:f3:dc:c8:88:a5:d9:4e:84:23:a1:6e:37:6a:
                    2f:9b:31:9e:88:c8:e1:d2:ee:9d:02:59:f5:6e:95:
                    1a:42:53:71:a7:16:25:c4:1e:cf:fa:c9:27:83:c5:
                    7b:ad:62:15:2e:fd:1c:8c:d0:8b:79:78:74:3c:1f:
                    60:8c:74:84:5e:39:56:1e:c6:18:c3:e3:19:3d:62:
                    3f:4c:03:9e:54:27:56:41:b9:63:57:f4:99:69:eb:
                    0e:10:5f:1b:7e:12:98:97:f2:5e:97:13:40:f1:3b:
                    ff:76:20:58:5b:3e:cd:fe:47:d8:5d:54:21:e5:0a:
                    36:bf:06:d6:e5:87:31:5a:f2:3b:04:3b:60:c7:a8:
                    ca:53:a0:c9:a5:23:ad:7c:80:c7:1d:d5:48:51:25:
                    85:3b:78:35:88:7c:5b:15:24:a3:d6:ba:ac:83:d5:
                    bf:72:0d:fd:9f:74:00:4b:f5:13:b9:b6:79:8e:10:
                    ba:3e:a8:40:5b:24:c2:d6:9e:0a:ac:19:4f:e3:3e:
                    24:5e:1f:4c:49:61:f3:00:6d:09:68:f1:e2:2f:4d:
                    27:c2:da:42:bb:35:63:cb:d3:64:4e:cf:4c:f2:80:
                    87:ce:7b:65:bc:84:6f:7f:ff:31:e8:03:74:e8:a1:
                    b5:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:C1:4E:CE:36:AC:44:F9:89:AE:5A:23:C1:C8:FE:3A:1A:AD:91:45
            X509v3 Authority Key Identifier:
                keyid:E5:C7:C3:9A:59:12:DD:C2:1E:9F:6B:51:98:96:72:57:62:12:78:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5cfDmlkS3cIen2tRmJZyV2ISeDM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:31:32:d8:c0:92:6c:1b:ea:07:ff:36:d5:99:03:16:69:07:
         21:71:46:a7:87:62:50:df:98:b8:9d:56:36:23:45:c5:95:81:
         5e:ee:fb:c0:4c:c0:1f:e2:f1:ef:2a:8b:56:9d:05:a5:0f:fc:
         d3:ba:c7:42:cf:6d:57:c4:60:04:ca:1c:15:b4:60:ed:ee:2e:
         34:58:ba:dd:3f:f1:fc:da:46:62:f4:c5:27:cf:c3:77:43:a7:
         c9:e8:73:e1:77:8a:b0:fc:1b:92:12:da:0c:a7:6d:80:bc:08:
         c2:10:16:39:6a:8f:2c:e4:df:d1:9e:1f:0f:cc:b6:31:57:84:
         28:28:50:0e:d2:40:c6:0c:6d:cc:51:c2:25:60:f5:11:9f:66:
         8f:63:19:8a:e9:99:58:87:1d:2a:43:15:fe:58:fc:8c:c7:9a:
         9a:59:cc:2f:a3:89:4a:1f:09:82:d5:49:40:65:94:50:66:13:
         84:20:76:46:b4:42:1f:41:48:8a:91:2a:85:95:90:a9:0d:f3:
         30:1f:b9:c0:d5:44:35:62:e3:64:97:cb:a2:6b:e1:a2:3a:40:
         b7:b4:ac:93:95:aa:bf:80:14:45:20:e3:09:60:87:76:76:6d:
         c7:50:7e:2b:cd:dd:1d:25:25:b6:2c:12:95:58:54:01:da:1c:
         2a:6e:9e:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt3a+V8VdOpawmyacBf2oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YzdjMzlhNTkxMmRkYzIxZTlmNmI1MTk4OTY3MjU3NjIx
Mjc4MzMwHhcNMjUxMTExMDcwMDQwWhcNMjUxMTEyMDcwMDQwWjAzMTEwLwYDVQQD
EyhjOWMxNGVjZTM2YWM0NGY5ODlhZTVhMjNjMWM4ZmUzYTFhYWQ5MTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4YQaDHZCUyLE+pgfoFAOGPPcyIil
2U6EI6FuN2ovmzGeiMjh0u6dAln1bpUaQlNxpxYlxB7P+skng8V7rWIVLv0cjNCL
eXh0PB9gjHSEXjlWHsYYw+MZPWI/TAOeVCdWQbljV/SZaesOEF8bfhKYl/JelxNA
8Tv/diBYWz7N/kfYXVQh5Qo2vwbW5YcxWvI7BDtgx6jKU6DJpSOtfIDHHdVIUSWF
O3g1iHxbFSSj1rqsg9W/cg39n3QAS/UTubZ5jhC6PqhAWyTC1p4KrBlP4z4kXh9M
SWHzAG0JaPHiL00nwtpCuzVjy9NkTs9M8oCHzntlvIRvf/8x6AN06KG1SwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMnBTs42rET5ia5aI8HI/joarZFFMB8GA1UdIwQY
MBaAFOXHw5pZEt3CHp9rUZiWcldiEngzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWNmRG1sa1MzY0llbjJ0Um1KWnlWMklTZURNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8xMGFmODMtMDhmNS00OTE5LWJhMWQt
MzhmODY0YTM0Yjc4LzEvNWNmRG1sa1MzY0llbjJ0Um1KWnlWMklTZURNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8xMGFmODMtMDhmNS00OTE5LWJhMWQtMzhmODY0YTM0Yjc4
LzEvNWNmRG1sa1MzY0llbjJ0Um1KWnlWMklTZURNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdTEy2MCS
bBvqB/821ZkDFmkHIXFGp4diUN+YuJ1WNiNFxZWBXu77wEzAH+Lx7yqLVp0FpQ/8
07rHQs9tV8RgBMocFbRg7e4uNFi63T/x/NpGYvTFJ8/Dd0Onyehz4XeKsPwbkhLa
DKdtgLwIwhAWOWqPLOTf0Z4fD8y2MVeEKChQDtJAxgxtzFHCJWD1EZ9mj2MZiumZ
WIcdKkMV/lj8jMeamlnML6OJSh8JgtVJQGWUUGYThCB2RrRCH0FIipEqhZWQqQ3z
MB+5wNVENWLjZJfLomvhojpAt7Ssk5Wqv4AURSDjCWCHdnZtx1B+K83dHSUltiwS
lVhUAdocKm6euQ==
-----END CERTIFICATE-----