Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
File:                     5LDTY6ChegaEUahRRc5PpGTX-hs.mft (raw, json)
Hash identifier:          9m3ckthDhAVwQv+E9nr6tPrwfBXwM2lBLy/cZiS5k1c=
Subject key identifier:   68:21:2A:C3:AA:29:0B:8C:5E:4D:F1:FE:BC:A7:BF:B3:86:E2:12:BB
Authority key identifier: E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B
Certificate issuer:       /CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
Certificate serial:       019A71B815A33C039D64BEBC5992C6B888C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
Manifest number:          1050
Signing time:             Tue 11 Nov 2025 07:01:20 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:20 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:20 +0000
Files and hashes:         1: 5LDTY6ChegaEUahRRc5PpGTX-hs.crl (hash: Xn3tQw5tSQqCxXX3RjDZhNrECTbBMUQvT2+QI4U/eqI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:15:a3:3c:03:9d:64:be:bc:59:92:c6:b8:88:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
        Validity
            Not Before: Nov 11 07:01:20 2025 GMT
            Not After : Nov 12 07:01:20 2025 GMT
        Subject: CN=68212ac3aa290b8c5e4df1febca7bfb386e212bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:94:e7:b2:37:cc:99:88:b7:52:da:c0:72:77:
                    77:0d:a3:c3:ff:4e:ce:48:83:1b:61:b5:13:2b:77:
                    7e:76:2b:31:a6:d9:14:ed:7d:30:14:73:b4:3b:68:
                    7b:5a:da:62:0a:e1:e2:24:6c:f4:cc:4b:e8:11:74:
                    53:1b:28:e0:64:6a:6c:f7:6a:8b:83:63:68:aa:c0:
                    b7:d2:c3:96:7b:13:29:c0:d7:24:a2:79:ce:43:ea:
                    d7:22:95:4c:cd:7f:54:a9:bd:8b:23:f6:ef:ff:70:
                    af:5d:2c:32:d4:c0:5d:b6:57:d4:45:3c:71:7e:3a:
                    97:71:8c:1a:e4:56:ac:17:15:b5:45:15:df:b2:4c:
                    d4:c4:b2:ff:30:65:c9:22:0a:d9:23:1d:bf:38:89:
                    ef:91:ec:33:50:2f:a2:56:f1:cc:84:38:df:de:b8:
                    f1:77:a7:be:ed:76:f8:2c:6d:43:15:0e:c5:87:71:
                    a9:3c:17:8d:7a:e3:b8:65:3b:c8:0f:5d:9b:ea:5c:
                    65:b7:1a:73:f5:37:e6:f2:a3:da:5b:92:b2:3d:b3:
                    91:1d:54:48:d4:a1:2e:89:6f:0a:51:e8:bb:48:39:
                    29:13:4c:e1:65:5f:85:51:eb:27:4d:50:63:3d:4d:
                    5f:af:c0:1e:19:08:6d:c7:0e:51:9c:80:00:10:85:
                    82:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:21:2A:C3:AA:29:0B:8C:5E:4D:F1:FE:BC:A7:BF:B3:86:E2:12:BB
            X509v3 Authority Key Identifier:
                keyid:E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:9f:b1:40:ac:c9:05:c7:80:be:dc:a7:39:27:3a:32:75:a0:
         24:05:b9:6f:d4:d4:98:11:35:0e:12:fe:67:30:7d:c9:37:80:
         62:de:02:08:20:d2:06:c5:52:c4:2b:2f:79:8f:7b:bb:b6:db:
         26:82:d6:ec:cb:00:f3:a6:f3:88:18:ca:79:ba:57:c8:86:f5:
         1b:ce:40:0c:81:09:4e:03:99:96:4f:eb:4b:cd:55:4c:d7:48:
         99:52:36:d9:8b:52:60:a0:0a:e5:27:4c:eb:03:f5:19:60:4d:
         84:c9:80:64:64:4f:52:aa:7d:c7:2f:69:2f:38:48:a4:e1:03:
         14:b0:90:ba:5a:b8:43:29:16:aa:fd:da:06:53:f9:cf:75:fa:
         2e:73:f2:77:d6:54:87:59:ca:7c:2d:72:53:fb:db:d5:dc:93:
         b5:dc:81:05:9d:cb:99:21:80:23:d0:76:55:38:1d:e4:22:b5:
         7c:68:1f:4e:d8:58:12:20:e7:58:6a:50:d0:e4:f3:3c:6e:b5:
         9a:9f:8e:76:24:81:d1:e8:76:fe:d0:32:01:d0:a4:6a:df:4d:
         cc:ee:c4:69:1c:00:c2:88:88:17:8c:16:91:80:11:1f:36:2a:
         ca:d5:3e:85:0f:80:78:43:ab:c1:c8:87:4a:c5:62:ad:80:1c:
         67:4d:fc:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuBWjPAOdZL68WZLGuIjHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YjBkMzYzYTBhMTdhMDY4NDUxYTg1MTQ1Y2U0ZmE0NjRk
N2ZhMWIwHhcNMjUxMTExMDcwMTIwWhcNMjUxMTEyMDcwMTIwWjAzMTEwLwYDVQQD
Eyg2ODIxMmFjM2FhMjkwYjhjNWU0ZGYxZmViY2E3YmZiMzg2ZTIxMmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5TnsjfMmYi3UtrAcnd3DaPD/07O
SIMbYbUTK3d+disxptkU7X0wFHO0O2h7WtpiCuHiJGz0zEvoEXRTGyjgZGps92qL
g2NoqsC30sOWexMpwNckonnOQ+rXIpVMzX9Uqb2LI/bv/3CvXSwy1MBdtlfURTxx
fjqXcYwa5FasFxW1RRXfskzUxLL/MGXJIgrZIx2/OInvkewzUC+iVvHMhDjf3rjx
d6e+7Xb4LG1DFQ7Fh3GpPBeNeuO4ZTvID12b6lxltxpz9Tfm8qPaW5KyPbORHVRI
1KEuiW8KUei7SDkpE0zhZV+FUesnTVBjPU1fr8AeGQhtxw5RnIAAEIWCUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGghKsOqKQuMXk3x/rynv7OG4hK7MB8GA1UdIwQY
MBaAFOSw02OgoXoGhFGoUUXOT6Rk1/obMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS80NzUzZDMtYTFlOS00ZmQ1LWFlZmUt
N2M3ZDhhNzhhOTYzLzEvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS80NzUzZDMtYTFlOS00ZmQ1LWFlZmUtN2M3ZDhhNzhhOTYz
LzEvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKp+xQKzJ
BceAvtynOSc6MnWgJAW5b9TUmBE1DhL+ZzB9yTeAYt4CCCDSBsVSxCsveY97u7bb
JoLW7MsA86bziBjKebpXyIb1G85ADIEJTgOZlk/rS81VTNdImVI22YtSYKAK5SdM
6wP1GWBNhMmAZGRPUqp9xy9pLzhIpOEDFLCQulq4QykWqv3aBlP5z3X6LnPyd9ZU
h1nKfC1yU/vb1dyTtdyBBZ3LmSGAI9B2VTgd5CK1fGgfTthYEiDnWGpQ0OTzPG61
mp+OdiSB0eh2/tAyAdCkat9NzO7EaRwAwoiIF4wWkYARHzYqytU+hQ+AeEOrwciH
SsVirYAcZ038SA==
-----END CERTIFICATE-----