Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/698339-5905-4637-b983-cdb3a657d9ee/1/5_y3rNVfY0m52BRheGwSRY-G9y4.mft
File:                     5_y3rNVfY0m52BRheGwSRY-G9y4.mft (raw, json)
Hash identifier:          hBZkH0NulqiEEYpM8kwXFzu++0+goVJE8++Z4zCmCXs=
Subject key identifier:   0D:4B:65:7C:B5:B8:72:51:48:18:1E:5F:7B:A7:4A:B5:8E:DC:86:B6
Authority key identifier: E7:FC:B7:AC:D5:5F:63:49:B9:D8:14:61:78:6C:12:45:8F:86:F7:2E
Certificate issuer:       /CN=e7fcb7acd55f6349b9d81461786c12458f86f72e
Certificate serial:       019A711307328BDB2488A11B2877346B7790
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5_y3rNVfY0m52BRheGwSRY-G9y4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/698339-5905-4637-b983-cdb3a657d9ee/1/5_y3rNVfY0m52BRheGwSRY-G9y4.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 04:01:03 +0000
Manifest this update:     Tue 11 Nov 2025 04:01:03 +0000
Manifest next update:     Wed 12 Nov 2025 04:01:03 +0000
Files and hashes:         1: 5_y3rNVfY0m52BRheGwSRY-G9y4.crl (hash: xGq9x4YxDWbGvl6roQQMd8eFrHryzH71dp5kgr9SVr8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/698339-5905-4637-b983-cdb3a657d9ee/1/5_y3rNVfY0m52BRheGwSRY-G9y4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/698339-5905-4637-b983-cdb3a657d9ee/1/5_y3rNVfY0m52BRheGwSRY-G9y4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5_y3rNVfY0m52BRheGwSRY-G9y4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:13:07:32:8b:db:24:88:a1:1b:28:77:34:6b:77:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7fcb7acd55f6349b9d81461786c12458f86f72e
        Validity
            Not Before: Nov 11 04:01:03 2025 GMT
            Not After : Nov 12 04:01:03 2025 GMT
        Subject: CN=0d4b657cb5b8725148181e5f7ba74ab58edc86b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:66:22:8e:fa:2a:39:56:2a:d2:1c:5e:26:44:
                    b5:04:2e:0e:e6:ae:62:54:e7:c6:79:32:69:a5:8a:
                    4c:bf:88:8b:26:4f:d2:cc:51:1a:4a:15:3a:56:af:
                    50:50:b6:83:37:50:52:80:ee:b1:ef:48:bd:69:1f:
                    17:10:74:6f:bd:5c:e6:58:05:df:15:d2:53:9d:e7:
                    a2:5e:06:dc:6d:a1:fe:0d:e0:d1:54:62:95:50:00:
                    3c:e8:49:10:ae:30:8d:c3:22:c4:e0:25:54:a5:72:
                    9c:f8:c7:f9:17:20:36:4b:77:55:1d:a8:5e:68:f6:
                    03:c9:23:35:33:f7:ed:33:66:80:ef:75:21:ef:f2:
                    a9:5b:bc:4f:3b:1a:93:fc:bf:84:85:8d:ff:7b:8d:
                    36:28:28:51:a6:94:57:83:35:12:38:b7:ea:60:92:
                    b7:92:5e:8a:e0:92:0b:05:29:c5:76:ef:ce:d9:8f:
                    5e:da:19:ef:f8:c0:48:2c:d5:24:6e:bd:e1:2a:6b:
                    f9:2a:92:9e:7a:5e:97:21:fa:67:71:61:ab:d7:3c:
                    37:c7:24:c2:cd:a5:27:f6:30:a6:20:9f:8e:73:7c:
                    33:da:60:7d:e2:1f:92:4f:b2:ed:8e:8c:c4:66:1d:
                    4b:43:de:13:a2:f3:9c:a0:e7:b4:50:62:30:59:be:
                    98:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:4B:65:7C:B5:B8:72:51:48:18:1E:5F:7B:A7:4A:B5:8E:DC:86:B6
            X509v3 Authority Key Identifier:
                keyid:E7:FC:B7:AC:D5:5F:63:49:B9:D8:14:61:78:6C:12:45:8F:86:F7:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_y3rNVfY0m52BRheGwSRY-G9y4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/698339-5905-4637-b983-cdb3a657d9ee/1/5_y3rNVfY0m52BRheGwSRY-G9y4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/698339-5905-4637-b983-cdb3a657d9ee/1/5_y3rNVfY0m52BRheGwSRY-G9y4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:8e:4a:42:f6:87:a9:85:5d:f1:e7:80:98:40:2e:93:80:6f:
         2f:0c:50:fa:5b:7d:64:60:d4:9a:03:0b:23:94:60:2f:b0:02:
         41:34:a0:7a:0b:cf:02:28:2c:ea:f0:02:0e:5d:db:79:ee:95:
         41:6a:b3:f7:e9:5f:ed:bf:34:5e:bd:db:49:94:ca:a5:eb:71:
         73:80:c7:a7:f9:ff:4c:7c:2e:25:ea:10:40:9a:10:56:4b:4a:
         e0:ed:51:2f:5a:0b:a2:25:66:83:93:c0:52:ff:5c:63:9a:a0:
         8a:11:43:24:e4:06:c9:2d:4f:01:1d:96:29:a7:28:f9:6c:3c:
         00:94:31:af:87:3a:3a:38:c7:1b:fe:1e:fe:f9:25:2e:66:bb:
         37:40:c1:b5:5b:30:14:fb:48:91:09:08:3d:6a:76:f8:59:79:
         39:61:c0:94:d1:fa:c7:8f:fa:29:0d:d7:42:59:69:f7:7f:15:
         b8:27:fa:29:21:e4:a3:a2:1e:1b:47:11:45:b9:37:01:4e:d5:
         24:55:b0:da:fe:f0:e8:67:9d:6f:ca:12:b8:15:f9:d5:da:c8:
         87:14:b0:6b:68:4e:40:86:94:fb:f2:eb:39:16:50:39:7e:ed:
         52:02:67:fb:26:75:98:ec:c1:4d:b1:88:49:81:39:7c:bc:bc:
         f2:e0:fc:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEwcyi9skiKEbKHc0a3eQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ZmNiN2FjZDU1ZjYzNDliOWQ4MTQ2MTc4NmMxMjQ1OGY4
NmY3MmUwHhcNMjUxMTExMDQwMTAzWhcNMjUxMTEyMDQwMTAzWjAzMTEwLwYDVQQD
EygwZDRiNjU3Y2I1Yjg3MjUxNDgxODFlNWY3YmE3NGFiNThlZGM4NmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2YijvoqOVYq0hxeJkS1BC4O5q5i
VOfGeTJppYpMv4iLJk/SzFEaShU6Vq9QULaDN1BSgO6x70i9aR8XEHRvvVzmWAXf
FdJTneeiXgbcbaH+DeDRVGKVUAA86EkQrjCNwyLE4CVUpXKc+Mf5FyA2S3dVHahe
aPYDySM1M/ftM2aA73Uh7/KpW7xPOxqT/L+EhY3/e402KChRppRXgzUSOLfqYJK3
kl6K4JILBSnFdu/O2Y9e2hnv+MBILNUkbr3hKmv5KpKeel6XIfpncWGr1zw3xyTC
zaUn9jCmIJ+Oc3wz2mB94h+ST7LtjozEZh1LQ94TovOcoOe0UGIwWb6YJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA1LZXy1uHJRSBgeX3unSrWO3Ia2MB8GA1UdIwQY
MBaAFOf8t6zVX2NJudgUYXhsEkWPhvcuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV95M3JOVmZZMG01MkJSaGVHd1NSWS1HOXk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC82OTgzMzktNTkwNS00NjM3LWI5ODMt
Y2RiM2E2NTdkOWVlLzEvNV95M3JOVmZZMG01MkJSaGVHd1NSWS1HOXk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC82OTgzMzktNTkwNS00NjM3LWI5ODMtY2RiM2E2NTdkOWVl
LzEvNV95M3JOVmZZMG01MkJSaGVHd1NSWS1HOXk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAao5KQvaH
qYVd8eeAmEAuk4BvLwxQ+lt9ZGDUmgMLI5RgL7ACQTSgegvPAigs6vACDl3bee6V
QWqz9+lf7b80Xr3bSZTKpetxc4DHp/n/THwuJeoQQJoQVktK4O1RL1oLoiVmg5PA
Uv9cY5qgihFDJOQGyS1PAR2WKaco+Ww8AJQxr4c6OjjHG/4e/vklLma7N0DBtVsw
FPtIkQkIPWp2+Fl5OWHAlNH6x4/6KQ3XQllp938VuCf6KSHko6IeG0cRRbk3AU7V
JFWw2v7w6Gedb8oSuBX51drIhxSwa2hOQIaU+/LrORZQOX7tUgJn+yZ1mOzBTbGI
SYE5fLy88uD8zA==
-----END CERTIFICATE-----