Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.mft
File:                     5UmH5s-8zliuDJbnZmqyGrPi4JA.mft (raw, json)
Hash identifier:          MOVvM8zPXVse1x919Xv/pT5Ho3w90LKi1banFo2ih8s=
Subject key identifier:   B1:D5:8B:A6:10:61:E4:9C:A7:B8:C7:2B:E9:12:FE:7E:C5:1A:38:F7
Authority key identifier: E5:49:87:E6:CF:BC:CE:58:AE:0C:96:E7:66:6A:B2:1A:B3:E2:E0:90
Certificate issuer:       /CN=e54987e6cfbcce58ae0c96e7666ab21ab3e2e090
Certificate serial:       019A70A5A13EDBC1C5BEFFF62DC4E8818FD3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5UmH5s-8zliuDJbnZmqyGrPi4JA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.mft
Manifest number:          03C2
Signing time:             Tue 11 Nov 2025 02:01:34 +0000
Manifest this update:     Tue 11 Nov 2025 02:01:34 +0000
Manifest next update:     Wed 12 Nov 2025 02:01:34 +0000
Files and hashes:         1: 5UmH5s-8zliuDJbnZmqyGrPi4JA.crl (hash: p1aFFOCB9jAi9eHqxpxW61K8vXQ/kbyqe9KQ5tsImqY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5UmH5s-8zliuDJbnZmqyGrPi4JA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 02:01:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:a5:a1:3e:db:c1:c5:be:ff:f6:2d:c4:e8:81:8f:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e54987e6cfbcce58ae0c96e7666ab21ab3e2e090
        Validity
            Not Before: Nov 11 02:01:34 2025 GMT
            Not After : Nov 12 02:01:34 2025 GMT
        Subject: CN=b1d58ba61061e49ca7b8c72be912fe7ec51a38f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:c3:7f:1f:08:09:44:fc:05:26:7b:dd:6d:1c:
                    b3:ea:b9:43:22:a3:79:23:ae:56:c2:84:24:3f:08:
                    53:f3:4b:bd:50:14:35:c0:69:66:2c:5c:59:56:6b:
                    af:6d:d4:4a:eb:81:11:62:6a:22:3d:1d:67:ad:a7:
                    c9:f0:2b:1a:44:9b:62:4a:ec:44:4d:ac:8a:d3:68:
                    7b:e7:26:a2:e4:5f:e5:1b:9a:b8:bd:25:36:4f:46:
                    e6:3c:66:42:48:fd:a6:82:c6:50:c6:c9:6b:bc:7e:
                    cd:70:d2:54:85:41:63:0f:92:40:bb:06:c5:05:ba:
                    d5:33:3d:40:0f:cf:d4:ba:9a:36:f0:1c:99:45:56:
                    ba:cd:8c:9d:c4:dc:10:2a:b6:7f:42:c4:7e:f9:10:
                    8b:03:b2:a7:16:1b:0f:6d:30:38:6c:e5:59:39:d3:
                    b5:1e:5f:e7:23:01:9d:e0:14:3a:1f:80:4a:d7:bd:
                    23:6f:e1:1c:3f:1a:e8:ac:0c:62:6b:5f:8c:48:1a:
                    52:22:0c:78:b0:02:33:d5:f7:01:fa:cb:b7:5b:85:
                    12:ff:4f:c8:f2:7b:b2:b7:ec:29:b0:b3:30:bb:09:
                    8b:28:eb:78:0c:0f:c1:d1:15:fd:65:d8:22:b0:ee:
                    e6:ef:d8:d8:1d:75:0d:56:04:e1:5f:04:6a:cc:89:
                    3c:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:D5:8B:A6:10:61:E4:9C:A7:B8:C7:2B:E9:12:FE:7E:C5:1A:38:F7
            X509v3 Authority Key Identifier:
                keyid:E5:49:87:E6:CF:BC:CE:58:AE:0C:96:E7:66:6A:B2:1A:B3:E2:E0:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5UmH5s-8zliuDJbnZmqyGrPi4JA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:a4:a5:9a:d9:36:27:2f:19:73:5f:cb:2c:3c:16:81:b3:1d:
         00:8e:18:29:e9:45:f1:72:8d:66:7c:6b:f9:c7:a7:58:25:e8:
         9f:d1:18:03:bf:44:63:b1:5e:4d:c7:4d:0f:af:cf:40:35:57:
         a7:3f:bf:e8:7b:0e:03:96:a9:2b:9e:c6:b4:61:01:ad:7b:11:
         9d:37:80:86:5b:e4:88:fd:0b:e8:a9:26:59:9a:4d:7d:c7:bf:
         95:c6:8c:f1:07:88:f1:fb:ba:96:7d:d1:c5:ce:38:9e:6a:50:
         e7:bc:5f:e1:d9:d8:9e:6f:85:24:74:65:ac:86:0d:88:95:69:
         28:e5:e0:a5:29:2d:21:88:d2:da:1e:2b:b3:e0:89:c5:e9:12:
         c2:a1:4e:0a:0b:8c:ca:a8:6e:a7:a0:a0:d4:0d:e8:0d:07:da:
         64:8e:43:2a:57:6a:38:5e:b2:1c:b5:ee:73:9b:12:ee:07:a0:
         9e:90:96:cc:a1:c4:25:60:e4:95:1b:d4:25:87:73:82:bf:d5:
         e7:16:e8:40:e8:b5:11:d5:7c:99:8a:77:53:ce:a6:cd:f5:71:
         dc:71:e2:97:ea:bf:a4:f3:a5:54:d9:c5:f3:2f:a3:08:cf:6a:
         a4:ed:3b:9a:79:0a:e5:53:2c:80:87:e2:b0:50:b2:38:32:c3:
         47:7c:b7:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpaE+28HFvv/2LcTogY/TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NDk4N2U2Y2ZiY2NlNThhZTBjOTZlNzY2NmFiMjFhYjNl
MmUwOTAwHhcNMjUxMTExMDIwMTM0WhcNMjUxMTEyMDIwMTM0WjAzMTEwLwYDVQQD
EyhiMWQ1OGJhNjEwNjFlNDljYTdiOGM3MmJlOTEyZmU3ZWM1MWEzOGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMN/HwgJRPwFJnvdbRyz6rlDIqN5
I65WwoQkPwhT80u9UBQ1wGlmLFxZVmuvbdRK64ERYmoiPR1nrafJ8CsaRJtiSuxE
TayK02h75yai5F/lG5q4vSU2T0bmPGZCSP2mgsZQxslrvH7NcNJUhUFjD5JAuwbF
BbrVMz1AD8/Uupo28ByZRVa6zYydxNwQKrZ/QsR++RCLA7KnFhsPbTA4bOVZOdO1
Hl/nIwGd4BQ6H4BK170jb+EcPxrorAxia1+MSBpSIgx4sAIz1fcB+su3W4US/0/I
8nuyt+wpsLMwuwmLKOt4DA/B0RX9ZdgisO7m79jYHXUNVgThXwRqzIk8zQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLHVi6YQYeScp7jHK+kS/n7FGjj3MB8GA1UdIwQY
MBaAFOVJh+bPvM5YrgyW52Zqshqz4uCQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVVtSDVzLTh6bGl1REpiblptcXlHclBpNEpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84YWU3MzAtYWU1ZS00YmU5LTk3OGIt
MDBiNTIwODc1Mzc2LzEvNVVtSDVzLTh6bGl1REpiblptcXlHclBpNEpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84YWU3MzAtYWU1ZS00YmU5LTk3OGItMDBiNTIwODc1Mzc2
LzEvNVVtSDVzLTh6bGl1REpiblptcXlHclBpNEpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJqSlmtk2
Jy8Zc1/LLDwWgbMdAI4YKelF8XKNZnxr+cenWCXon9EYA79EY7FeTcdND6/PQDVX
pz+/6HsOA5apK57GtGEBrXsRnTeAhlvkiP0L6KkmWZpNfce/lcaM8QeI8fu6ln3R
xc44nmpQ57xf4dnYnm+FJHRlrIYNiJVpKOXgpSktIYjS2h4rs+CJxekSwqFOCguM
yqhup6Cg1A3oDQfaZI5DKldqOF6yHLXuc5sS7gegnpCWzKHEJWDklRvUJYdzgr/V
5xboQOi1EdV8mYp3U86mzfVx3HHil+q/pPOlVNnF8y+jCM9qpO07mnkK5VMsgIfi
sFCyODLDR3y3TQ==
-----END CERTIFICATE-----