Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/baeddc-dbf2-447f-b42d-5b30639babf6/1/I5P_Icb3MQdXqdzXgdqIBfI3lNg.mft
File:                     I5P_Icb3MQdXqdzXgdqIBfI3lNg.mft (raw, json)
Hash identifier:          5xAo+4LbmA4QP0410ZfDbq0rHjqVOb6z/Eel8Ln9Sjc=
Subject key identifier:   D4:96:8E:0E:F9:BF:3E:93:47:A6:7A:43:71:86:03:D7:AE:1B:11:54
Authority key identifier: 23:93:FF:21:C6:F7:31:07:57:A9:DC:D7:81:DA:88:05:F2:37:94:D8
Certificate issuer:       /CN=2393ff21c6f7310757a9dcd781da8805f23794d8
Certificate serial:       019A71B88AAA9DFF6E0C7F04C23D7F38189B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I5P_Icb3MQdXqdzXgdqIBfI3lNg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/baeddc-dbf2-447f-b42d-5b30639babf6/1/I5P_Icb3MQdXqdzXgdqIBfI3lNg.mft
Manifest number:          0A67
Signing time:             Tue 11 Nov 2025 07:01:50 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:50 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:50 +0000
Files and hashes:         1: I5P_Icb3MQdXqdzXgdqIBfI3lNg.crl (hash: p5i7I7m44nYyg+AQSEvke2LY5NsyqiIl7uDQoJTeTuY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/baeddc-dbf2-447f-b42d-5b30639babf6/1/I5P_Icb3MQdXqdzXgdqIBfI3lNg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/baeddc-dbf2-447f-b42d-5b30639babf6/1/I5P_Icb3MQdXqdzXgdqIBfI3lNg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I5P_Icb3MQdXqdzXgdqIBfI3lNg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:8a:aa:9d:ff:6e:0c:7f:04:c2:3d:7f:38:18:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2393ff21c6f7310757a9dcd781da8805f23794d8
        Validity
            Not Before: Nov 11 07:01:50 2025 GMT
            Not After : Nov 12 07:01:50 2025 GMT
        Subject: CN=d4968e0ef9bf3e9347a67a43718603d7ae1b1154
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:34:42:ba:f4:5c:af:d4:ec:0f:89:85:9f:0f:
                    92:ee:ed:8a:77:94:e2:dc:aa:f7:e2:85:1f:13:7e:
                    f7:94:c1:08:e5:b7:fd:6b:4d:18:13:1c:7a:cc:f4:
                    c2:45:01:5c:dc:5f:fe:cc:75:ec:d1:d1:bb:40:a1:
                    a2:a2:09:46:97:45:5a:0a:15:4d:92:fe:0d:bf:5e:
                    e8:d9:d9:0f:1c:86:b4:23:c1:e5:2e:6b:0a:8a:92:
                    8d:ff:15:d3:a2:44:b2:0e:87:98:bc:3d:bf:03:18:
                    52:b6:23:53:89:87:85:a4:bc:7a:9f:10:28:4e:2d:
                    95:fc:35:c5:30:6d:13:a5:88:36:82:0d:42:68:e7:
                    29:85:f7:c1:78:d8:b5:a7:0d:fc:93:cb:40:33:1d:
                    c5:ad:29:bf:05:9a:0b:a2:69:07:f4:06:44:8e:8b:
                    0d:41:10:aa:43:76:e1:43:7e:9e:c9:66:26:06:96:
                    70:e9:a4:43:70:25:69:62:d8:2d:cc:35:4e:19:c3:
                    76:2f:59:d0:13:9d:27:f0:92:20:86:c8:64:d4:a8:
                    94:74:e4:85:b7:3b:f8:13:99:72:65:73:45:22:53:
                    b0:34:fd:c3:63:fa:df:05:19:74:f8:e7:51:57:69:
                    28:23:5f:ca:60:3c:1b:f0:de:14:cf:76:6d:20:a2:
                    54:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:96:8E:0E:F9:BF:3E:93:47:A6:7A:43:71:86:03:D7:AE:1B:11:54
            X509v3 Authority Key Identifier:
                keyid:23:93:FF:21:C6:F7:31:07:57:A9:DC:D7:81:DA:88:05:F2:37:94:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I5P_Icb3MQdXqdzXgdqIBfI3lNg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/baeddc-dbf2-447f-b42d-5b30639babf6/1/I5P_Icb3MQdXqdzXgdqIBfI3lNg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/baeddc-dbf2-447f-b42d-5b30639babf6/1/I5P_Icb3MQdXqdzXgdqIBfI3lNg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:d9:b6:fc:7c:4d:0c:d3:9f:50:e8:8e:3a:1a:17:a3:97:50:
         d6:02:fe:00:a4:63:9b:52:ca:95:ef:4a:9f:51:9d:5c:47:88:
         51:de:87:a2:f7:74:9e:da:e2:f4:ce:00:af:15:31:50:93:ab:
         8c:62:be:9c:ad:f4:07:2c:96:30:32:93:5b:8f:1b:cf:c3:6e:
         2e:9c:8b:dd:e0:a0:2f:e7:9e:80:d7:8c:a3:30:ac:c7:33:3f:
         e0:d9:06:3c:32:43:24:98:f3:1b:ba:91:2a:17:16:3c:94:c5:
         88:d0:e3:af:14:3d:94:f1:af:41:74:50:94:d6:3d:d0:7e:4f:
         b2:66:96:fb:95:ab:5a:36:e1:46:1b:d5:2f:85:6b:e9:2b:68:
         ac:d6:b0:40:68:8a:82:2b:ef:d5:e4:7d:1f:1f:35:f3:5b:08:
         1c:22:01:19:db:43:90:f5:f6:d7:c6:03:a5:49:5d:97:a8:d7:
         bf:88:7c:a3:1a:90:54:9d:f5:eb:15:0c:17:1e:a3:e0:a8:6c:
         e4:75:24:19:1e:fd:67:ac:93:a1:db:08:3f:a4:5d:8a:b4:fe:
         44:cf:75:f6:b9:ed:fe:ee:6c:6e:db:b8:95:d8:7f:0c:ae:45:
         9b:25:73:76:70:70:6f:94:a9:7a:4c:3f:d1:43:0c:93:21:a0:
         8f:9c:2c:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuIqqnf9uDH8Ewj1/OBibMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzOTNmZjIxYzZmNzMxMDc1N2E5ZGNkNzgxZGE4ODA1ZjIz
Nzk0ZDgwHhcNMjUxMTExMDcwMTUwWhcNMjUxMTEyMDcwMTUwWjAzMTEwLwYDVQQD
EyhkNDk2OGUwZWY5YmYzZTkzNDdhNjdhNDM3MTg2MDNkN2FlMWIxMTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTRCuvRcr9TsD4mFnw+S7u2Kd5Ti
3Kr34oUfE373lMEI5bf9a00YExx6zPTCRQFc3F/+zHXs0dG7QKGioglGl0VaChVN
kv4Nv17o2dkPHIa0I8HlLmsKipKN/xXTokSyDoeYvD2/AxhStiNTiYeFpLx6nxAo
Ti2V/DXFMG0TpYg2gg1CaOcphffBeNi1pw38k8tAMx3FrSm/BZoLomkH9AZEjosN
QRCqQ3bhQ36eyWYmBpZw6aRDcCVpYtgtzDVOGcN2L1nQE50n8JIghshk1KiUdOSF
tzv4E5lyZXNFIlOwNP3DY/rfBRl0+OdRV2koI1/KYDwb8N4Uz3ZtIKJUFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNSWjg75vz6TR6Z6Q3GGA9euGxFUMB8GA1UdIwQY
MBaAFCOT/yHG9zEHV6nc14HaiAXyN5TYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTVQX0ljYjNNUWRYcWR6WGdkcUlCZkkzbE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9iYWVkZGMtZGJmMi00NDdmLWI0MmQt
NWIzMDYzOWJhYmY2LzEvSTVQX0ljYjNNUWRYcWR6WGdkcUlCZkkzbE5nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9iYWVkZGMtZGJmMi00NDdmLWI0MmQtNWIzMDYzOWJhYmY2
LzEvSTVQX0ljYjNNUWRYcWR6WGdkcUlCZkkzbE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgNm2/HxN
DNOfUOiOOhoXo5dQ1gL+AKRjm1LKle9Kn1GdXEeIUd6Hovd0ntri9M4ArxUxUJOr
jGK+nK30ByyWMDKTW48bz8NuLpyL3eCgL+eegNeMozCsxzM/4NkGPDJDJJjzG7qR
KhcWPJTFiNDjrxQ9lPGvQXRQlNY90H5PsmaW+5WrWjbhRhvVL4Vr6StorNawQGiK
givv1eR9Hx8181sIHCIBGdtDkPX218YDpUldl6jXv4h8oxqQVJ316xUMFx6j4Khs
5HUkGR79Z6yTodsIP6RdirT+RM919rnt/u5sbtu4ldh/DK5FmyVzdnBwb5Spekw/
0UMMkyGgj5ws1Q==
-----END CERTIFICATE-----