Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/9f46c0-90be-41cc-ad5d-4add393a723e/1/IhQgnik48W3KWTVwH6aG2Q_De54.mft
File:                     IhQgnik48W3KWTVwH6aG2Q_De54.mft (raw, json)
Hash identifier:          ctOLLEekMNPDxCIaP3jHLpwKz5g6sV3jPLZdaHZQrSk=
Subject key identifier:   5E:7E:D2:32:D7:6D:0F:3F:E0:11:1B:1C:6B:92:74:8F:8B:EE:9E:EA
Authority key identifier: 22:14:20:9E:29:38:F1:6D:CA:59:35:70:1F:A6:86:D9:0F:C3:7B:9E
Certificate issuer:       /CN=2214209e2938f16dca5935701fa686d90fc37b9e
Certificate serial:       019A73A6EEDC980B3CCD032824A796A6F8F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IhQgnik48W3KWTVwH6aG2Q_De54.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/9f46c0-90be-41cc-ad5d-4add393a723e/1/IhQgnik48W3KWTVwH6aG2Q_De54.mft
Manifest number:          05AC
Signing time:             Tue 11 Nov 2025 16:01:51 +0000
Manifest this update:     Tue 11 Nov 2025 16:01:51 +0000
Manifest next update:     Wed 12 Nov 2025 16:01:51 +0000
Files and hashes:         1: IhQgnik48W3KWTVwH6aG2Q_De54.crl (hash: 6JfOxyJ7hxA9Q1pZtqNRKveP19B+Pq79k8Qn/0kw1rM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/9f46c0-90be-41cc-ad5d-4add393a723e/1/IhQgnik48W3KWTVwH6aG2Q_De54.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/9f46c0-90be-41cc-ad5d-4add393a723e/1/IhQgnik48W3KWTVwH6aG2Q_De54.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IhQgnik48W3KWTVwH6aG2Q_De54.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:a6:ee:dc:98:0b:3c:cd:03:28:24:a7:96:a6:f8:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2214209e2938f16dca5935701fa686d90fc37b9e
        Validity
            Not Before: Nov 11 16:01:51 2025 GMT
            Not After : Nov 12 16:01:51 2025 GMT
        Subject: CN=5e7ed232d76d0f3fe0111b1c6b92748f8bee9eea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:2f:3f:b0:82:79:ae:99:db:39:05:38:fc:eb:
                    b2:bd:1c:d3:c2:3c:4e:13:87:a2:fd:be:95:7a:f3:
                    22:9e:aa:18:a2:4b:44:d0:c1:57:c8:7f:fe:50:66:
                    6b:77:4b:f6:8b:dc:d3:d8:6c:7a:a1:85:8e:d1:23:
                    d7:a0:15:1b:ad:4a:0e:74:13:1f:6c:9e:20:ca:5e:
                    70:eb:67:7c:6e:6d:df:08:fd:ab:4f:10:6d:ee:5d:
                    46:ef:93:5b:b5:25:81:f7:9a:1a:8a:fd:a2:b4:55:
                    ce:35:8a:0e:d0:29:fd:3f:1b:26:ed:e3:c5:67:f5:
                    04:4e:b3:95:00:f6:9d:5b:c1:8f:fc:a0:bf:89:d7:
                    e9:ff:1b:4f:52:87:a1:d0:26:1f:09:e1:9d:f6:f2:
                    c8:90:45:fb:a2:17:8f:56:ab:cd:8a:00:c7:fa:e7:
                    3e:02:12:3e:b4:d5:b8:f7:ae:e9:c0:30:0a:08:26:
                    85:84:48:f5:46:77:e8:3b:c0:26:08:3b:7a:29:cc:
                    b4:24:0c:f1:42:32:bc:fa:48:4c:9b:e0:e0:92:af:
                    4b:7c:91:3d:37:22:68:61:8b:91:52:e7:b6:47:09:
                    dc:84:a5:74:1c:c1:68:db:24:82:37:20:ee:56:59:
                    e4:3c:cc:7c:bf:b1:49:6e:f0:89:12:a3:73:5a:91:
                    fc:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:7E:D2:32:D7:6D:0F:3F:E0:11:1B:1C:6B:92:74:8F:8B:EE:9E:EA
            X509v3 Authority Key Identifier:
                keyid:22:14:20:9E:29:38:F1:6D:CA:59:35:70:1F:A6:86:D9:0F:C3:7B:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IhQgnik48W3KWTVwH6aG2Q_De54.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/9f46c0-90be-41cc-ad5d-4add393a723e/1/IhQgnik48W3KWTVwH6aG2Q_De54.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/9f46c0-90be-41cc-ad5d-4add393a723e/1/IhQgnik48W3KWTVwH6aG2Q_De54.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:76:c8:19:f3:53:89:72:d8:aa:cb:bd:1a:19:65:85:83:2e:
         02:22:24:92:46:5c:75:a4:38:1b:d4:3c:75:b0:cf:60:15:c7:
         47:3d:e5:7e:fe:f0:63:d7:22:96:76:72:6a:9c:51:94:b4:92:
         6e:7b:a0:94:2d:c3:59:d5:cd:79:8e:4c:c9:a7:c0:9e:3a:39:
         49:af:f4:73:ae:25:50:fb:76:ad:90:6f:1d:b4:41:7b:bc:e6:
         bf:2e:42:82:33:97:76:8e:75:86:aa:14:a5:04:6c:76:86:71:
         6f:ab:09:57:f4:d8:6e:19:5f:92:6f:1a:b9:21:c5:b2:6e:48:
         be:a1:d2:aa:87:bb:f2:b8:07:b9:60:1e:62:ba:38:b1:3b:3f:
         8b:8a:cf:b3:24:74:54:ac:01:e7:69:5e:e8:9e:cd:02:7a:23:
         68:b0:06:8b:17:99:e2:e8:0a:b0:ea:29:db:c5:40:6f:1b:95:
         4b:2c:26:d5:fd:14:c8:09:d9:61:e2:57:f2:2e:d2:01:2d:07:
         75:64:e0:30:92:f0:ce:b0:7b:09:91:9c:3b:e0:2a:79:c3:39:
         b5:4a:b2:cd:3a:a4:ae:26:84:da:cd:d5:d7:47:82:d9:33:9e:
         1b:44:6f:5c:c6:be:56:c4:d5:41:0a:5b:62:0c:3c:5e:54:ca:
         a5:db:32:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzpu7cmAs8zQMoJKeWpvjxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMTQyMDllMjkzOGYxNmRjYTU5MzU3MDFmYTY4NmQ5MGZj
MzdiOWUwHhcNMjUxMTExMTYwMTUxWhcNMjUxMTEyMTYwMTUxWjAzMTEwLwYDVQQD
Eyg1ZTdlZDIzMmQ3NmQwZjNmZTAxMTFiMWM2YjkyNzQ4ZjhiZWU5ZWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3S8/sIJ5rpnbOQU4/OuyvRzTwjxO
E4ei/b6VevMinqoYoktE0MFXyH/+UGZrd0v2i9zT2Gx6oYWO0SPXoBUbrUoOdBMf
bJ4gyl5w62d8bm3fCP2rTxBt7l1G75NbtSWB95oaiv2itFXONYoO0Cn9Pxsm7ePF
Z/UETrOVAPadW8GP/KC/idfp/xtPUoeh0CYfCeGd9vLIkEX7ohePVqvNigDH+uc+
AhI+tNW4967pwDAKCCaFhEj1RnfoO8AmCDt6Kcy0JAzxQjK8+khMm+Dgkq9LfJE9
NyJoYYuRUue2RwnchKV0HMFo2ySCNyDuVlnkPMx8v7FJbvCJEqNzWpH83QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF5+0jLXbQ8/4BEbHGuSdI+L7p7qMB8GA1UdIwQY
MBaAFCIUIJ4pOPFtylk1cB+mhtkPw3ueMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWhRZ25pazQ4VzNLV1RWd0g2YUcyUV9EZTU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi85ZjQ2YzAtOTBiZS00MWNjLWFkNWQt
NGFkZDM5M2E3MjNlLzEvSWhRZ25pazQ4VzNLV1RWd0g2YUcyUV9EZTU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi85ZjQ2YzAtOTBiZS00MWNjLWFkNWQtNGFkZDM5M2E3MjNl
LzEvSWhRZ25pazQ4VzNLV1RWd0g2YUcyUV9EZTU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiHbIGfNT
iXLYqsu9GhllhYMuAiIkkkZcdaQ4G9Q8dbDPYBXHRz3lfv7wY9cilnZyapxRlLSS
bnuglC3DWdXNeY5MyafAnjo5Sa/0c64lUPt2rZBvHbRBe7zmvy5CgjOXdo51hqoU
pQRsdoZxb6sJV/TYbhlfkm8auSHFsm5IvqHSqoe78rgHuWAeYro4sTs/i4rPsyR0
VKwB52le6J7NAnojaLAGixeZ4ugKsOop28VAbxuVSywm1f0UyAnZYeJX8i7SAS0H
dWTgMJLwzrB7CZGcO+AqecM5tUqyzTqkriaE2s3V10eC2TOeG0RvXMa+VsTVQQpb
Ygw8XlTKpdsyLg==
-----END CERTIFICATE-----