Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/945b53-d788-487b-a982-0903ee7c1902/1/bUmIt5OIS3moT-NFY9A581RsGF8.mft
File:                     bUmIt5OIS3moT-NFY9A581RsGF8.mft (raw, json)
Hash identifier:          +uC7cNCDhL0euOHLNOjp9WyBG4SlkbzAc5nWgwT8aT0=
Subject key identifier:   62:DD:AB:6F:4C:F0:2D:F0:86:4A:7C:CC:A8:94:CF:12:A0:A9:4A:AE
Authority key identifier: 6D:49:88:B7:93:88:4B:79:A8:4F:E3:45:63:D0:39:F3:54:6C:18:5F
Certificate issuer:       /CN=6d4988b793884b79a84fe34563d039f3546c185f
Certificate serial:       019A72264E4A5E97CC9A63F95A7D6B5BC312
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bUmIt5OIS3moT-NFY9A581RsGF8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/945b53-d788-487b-a982-0903ee7c1902/1/bUmIt5OIS3moT-NFY9A581RsGF8.mft
Manifest number:          E3
Signing time:             Tue 11 Nov 2025 09:01:44 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:44 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:44 +0000
Files and hashes:         1: bUmIt5OIS3moT-NFY9A581RsGF8.crl (hash: KJFV3YG5j2b8AOgn61WLotd5fec939sSkzxdO7IMT5Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/945b53-d788-487b-a982-0903ee7c1902/1/bUmIt5OIS3moT-NFY9A581RsGF8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/945b53-d788-487b-a982-0903ee7c1902/1/bUmIt5OIS3moT-NFY9A581RsGF8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bUmIt5OIS3moT-NFY9A581RsGF8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:4e:4a:5e:97:cc:9a:63:f9:5a:7d:6b:5b:c3:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d4988b793884b79a84fe34563d039f3546c185f
        Validity
            Not Before: Nov 11 09:01:44 2025 GMT
            Not After : Nov 12 09:01:44 2025 GMT
        Subject: CN=62ddab6f4cf02df0864a7ccca894cf12a0a94aae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:1b:6c:26:47:95:79:86:98:c4:5a:85:ff:9f:
                    f3:eb:45:ed:ac:45:16:d7:ee:76:89:a7:86:f0:99:
                    39:a5:e9:82:05:42:1e:b7:f5:1b:82:fb:66:18:16:
                    2e:02:e8:f9:33:f6:97:10:7f:ff:e4:07:21:11:9f:
                    c7:70:64:f2:3d:16:67:e9:5c:bb:ac:db:93:b0:33:
                    37:6e:da:ea:6d:3a:97:0f:61:26:d7:ad:54:e8:71:
                    75:08:63:7b:07:c0:fb:5e:86:1a:3b:02:d7:78:2f:
                    76:2a:4c:d7:8d:4b:54:fc:4b:27:f9:fa:08:5a:6f:
                    b4:0a:9b:35:c5:1b:9a:d3:e8:66:1e:4c:cc:67:c5:
                    ad:4c:af:04:85:99:bd:ee:27:db:4a:27:a2:d2:3b:
                    33:ac:e7:2d:5a:2d:eb:9a:a5:29:f2:bb:4b:bf:18:
                    4a:1f:db:55:56:a3:6c:06:e7:81:a1:53:f9:f9:0b:
                    52:d1:5a:dc:86:21:a4:84:7e:a2:62:65:57:db:15:
                    a8:c5:a3:04:c0:bf:4b:d9:d0:7f:b3:ef:ed:79:24:
                    77:ca:ab:09:ac:92:94:ed:09:bd:a3:d2:f9:60:a5:
                    c2:dc:0d:8b:5d:49:1b:4e:c4:3d:fd:43:09:64:40:
                    5c:f4:58:bb:b1:fd:6d:d1:2f:92:48:05:83:a9:cd:
                    7d:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:DD:AB:6F:4C:F0:2D:F0:86:4A:7C:CC:A8:94:CF:12:A0:A9:4A:AE
            X509v3 Authority Key Identifier:
                keyid:6D:49:88:B7:93:88:4B:79:A8:4F:E3:45:63:D0:39:F3:54:6C:18:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bUmIt5OIS3moT-NFY9A581RsGF8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/945b53-d788-487b-a982-0903ee7c1902/1/bUmIt5OIS3moT-NFY9A581RsGF8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/945b53-d788-487b-a982-0903ee7c1902/1/bUmIt5OIS3moT-NFY9A581RsGF8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:6b:cf:6e:78:e1:8d:94:e8:83:12:9e:43:67:da:85:56:ec:
         b0:8c:da:b2:e7:de:64:70:c1:50:da:60:23:2d:a7:41:77:64:
         89:26:e3:49:86:1e:b7:c5:4c:4a:ee:2d:e3:95:af:22:b7:22:
         be:48:63:26:f5:d2:3d:47:25:60:a0:7b:d8:e2:cc:cd:2b:cb:
         94:80:c8:7b:53:79:0c:b3:63:b8:f5:04:5f:e5:fd:4a:8e:5e:
         5a:4c:7a:2c:90:cc:18:e0:99:2c:c5:86:5d:29:db:6c:61:ab:
         9d:e9:dc:1f:dc:f3:d1:a9:35:3d:f2:48:9b:3d:6b:9d:a5:5d:
         a1:c1:29:67:2d:f9:9f:af:39:13:17:7e:07:d6:49:d1:d5:bb:
         36:db:08:52:ba:bd:e9:ff:2d:46:15:d9:bc:f4:bb:2b:8a:1a:
         9f:23:96:7d:c7:e5:13:5b:dd:4a:0f:1d:35:72:5c:e5:f5:b3:
         48:4f:0d:b9:73:2a:96:1e:63:d0:eb:65:dd:84:1d:3e:8c:76:
         7b:0c:0d:15:8c:1a:34:e1:17:6c:81:a2:d9:79:9a:8e:c1:2a:
         bb:c1:b3:46:07:09:a0:5b:d9:d0:78:40:4a:24:38:8d:26:b3:
         c2:c3:1d:4f:e0:60:f5:59:30:c4:7b:bc:6e:c4:06:78:24:01:
         4a:7e:33:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJk5KXpfMmmP5Wn1rW8MSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNDk4OGI3OTM4ODRiNzlhODRmZTM0NTYzZDAzOWYzNTQ2
YzE4NWYwHhcNMjUxMTExMDkwMTQ0WhcNMjUxMTEyMDkwMTQ0WjAzMTEwLwYDVQQD
Eyg2MmRkYWI2ZjRjZjAyZGYwODY0YTdjY2NhODk0Y2YxMmEwYTk0YWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxtsJkeVeYaYxFqF/5/z60XtrEUW
1+52iaeG8Jk5pemCBUIet/UbgvtmGBYuAuj5M/aXEH//5AchEZ/HcGTyPRZn6Vy7
rNuTsDM3btrqbTqXD2Em161U6HF1CGN7B8D7XoYaOwLXeC92KkzXjUtU/Esn+foI
Wm+0Cps1xRua0+hmHkzMZ8WtTK8EhZm97ifbSiei0jszrOctWi3rmqUp8rtLvxhK
H9tVVqNsBueBoVP5+QtS0VrchiGkhH6iYmVX2xWoxaMEwL9L2dB/s+/teSR3yqsJ
rJKU7Qm9o9L5YKXC3A2LXUkbTsQ9/UMJZEBc9Fi7sf1t0S+SSAWDqc19KQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGLdq29M8C3whkp8zKiUzxKgqUquMB8GA1UdIwQY
MBaAFG1JiLeTiEt5qE/jRWPQOfNUbBhfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlVtSXQ1T0lTM21vVC1ORlk5QTU4MVJzR0Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC85NDViNTMtZDc4OC00ODdiLWE5ODIt
MDkwM2VlN2MxOTAyLzEvYlVtSXQ1T0lTM21vVC1ORlk5QTU4MVJzR0Y4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC85NDViNTMtZDc4OC00ODdiLWE5ODItMDkwM2VlN2MxOTAy
LzEvYlVtSXQ1T0lTM21vVC1ORlk5QTU4MVJzR0Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACGvPbnjh
jZTogxKeQ2fahVbssIzasufeZHDBUNpgIy2nQXdkiSbjSYYet8VMSu4t45WvIrci
vkhjJvXSPUclYKB72OLMzSvLlIDIe1N5DLNjuPUEX+X9So5eWkx6LJDMGOCZLMWG
XSnbbGGrnencH9zz0ak1PfJImz1rnaVdocEpZy35n685Exd+B9ZJ0dW7NtsIUrq9
6f8tRhXZvPS7K4oanyOWfcflE1vdSg8dNXJc5fWzSE8NuXMqlh5j0Otl3YQdPox2
ewwNFYwaNOEXbIGi2XmajsEqu8GzRgcJoFvZ0HhASiQ4jSazwsMdT+Bg9VkwxHu8
bsQGeCQBSn4z6Q==
-----END CERTIFICATE-----