Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.mft
File:                     PuzIGOGpxqhRe81paldEKNbRekQ.mft (raw, json)
Hash identifier:          alQPxrtfj7sW315Xmn/4uJwitPifQ2s9DH/2ZmNFX5c=
Subject key identifier:   2F:F1:2F:32:CB:40:8E:BE:B2:4F:28:84:D1:F1:79:34:1A:0B:E1:FF
Authority key identifier: 3E:EC:C8:18:E1:A9:C6:A8:51:7B:CD:69:6A:57:44:28:D6:D1:7A:44
Certificate issuer:       /CN=3eecc818e1a9c6a8517bcd696a574428d6d17a44
Certificate serial:       019A71EEA2677E18AD8EC594074B364F6B55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PuzIGOGpxqhRe81paldEKNbRekQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.mft
Manifest number:          05CE
Signing time:             Tue 11 Nov 2025 08:00:55 +0000
Manifest this update:     Tue 11 Nov 2025 08:00:55 +0000
Manifest next update:     Wed 12 Nov 2025 08:00:55 +0000
Files and hashes:         1: PuzIGOGpxqhRe81paldEKNbRekQ.crl (hash: I4crLYqrTepuFCcJ3MtuzwgsuE2nd7gcnhBkn5d6N3I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PuzIGOGpxqhRe81paldEKNbRekQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 08:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:ee:a2:67:7e:18:ad:8e:c5:94:07:4b:36:4f:6b:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3eecc818e1a9c6a8517bcd696a574428d6d17a44
        Validity
            Not Before: Nov 11 08:00:55 2025 GMT
            Not After : Nov 12 08:00:55 2025 GMT
        Subject: CN=2ff12f32cb408ebeb24f2884d1f179341a0be1ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:9b:ea:de:18:e0:e0:28:2e:45:86:f9:59:a2:
                    3e:94:f5:09:a2:03:5a:64:a5:31:91:24:ad:fe:d6:
                    09:eb:5f:ca:31:fe:f5:98:44:ed:ad:4c:01:77:9f:
                    5a:19:be:1a:cc:1f:ce:26:b2:49:3e:dd:4f:bb:db:
                    02:b2:25:21:d7:04:71:f3:fb:bc:f3:20:aa:00:44:
                    85:86:fd:38:d1:69:fe:1a:7d:25:9b:7a:32:a4:2f:
                    06:c8:16:55:e6:f6:5d:9a:04:b0:60:54:8a:65:72:
                    df:29:10:65:f5:f2:29:ba:d2:39:b6:96:ae:fd:50:
                    bf:4f:3b:ae:f3:fd:af:07:50:de:de:6b:1d:f9:72:
                    8e:38:31:cc:5b:8a:50:06:56:ce:51:b7:a2:a5:0a:
                    51:43:c2:cd:38:82:f2:07:f1:5d:97:88:90:d5:ca:
                    b8:54:1d:77:3e:cf:e9:e5:ef:a3:b6:ee:66:a9:58:
                    a8:b3:35:e8:f6:5b:e8:5a:ea:88:8f:10:b0:06:9d:
                    47:2d:3f:c6:b8:2d:3e:7c:a2:a0:85:f7:8d:47:d5:
                    07:a5:e1:34:96:92:99:af:25:a8:f4:bf:40:ef:3b:
                    47:31:9f:aa:13:d2:23:05:7c:06:b7:68:20:79:2b:
                    bb:d1:5c:fe:cd:d1:6f:88:44:71:9f:b9:8e:49:c9:
                    89:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:F1:2F:32:CB:40:8E:BE:B2:4F:28:84:D1:F1:79:34:1A:0B:E1:FF
            X509v3 Authority Key Identifier:
                keyid:3E:EC:C8:18:E1:A9:C6:A8:51:7B:CD:69:6A:57:44:28:D6:D1:7A:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PuzIGOGpxqhRe81paldEKNbRekQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:32:8f:30:20:2f:43:37:8a:06:8f:95:ba:7f:91:f3:b3:3b:
         1e:51:16:6a:e8:44:87:c1:0a:e4:88:d1:67:e1:27:31:91:62:
         47:65:9c:38:86:ee:92:e5:9b:4c:e3:77:1a:36:d0:e7:76:3a:
         3c:c8:f0:27:1a:7e:b3:bc:a6:71:dd:2d:a1:34:ca:fa:dd:2c:
         dd:a1:98:83:4e:67:ac:21:87:ba:d7:1e:be:e0:ee:3b:61:ef:
         9e:ac:2a:8d:2a:1a:af:2d:76:64:6a:96:f5:6f:ce:ef:da:ed:
         50:85:f1:80:50:d5:50:0d:f8:a4:c6:10:02:b7:17:75:ec:8e:
         8b:0f:9c:df:8e:90:3b:36:2f:57:ee:92:82:3a:8a:08:4b:74:
         73:4b:1c:68:e0:b7:f2:08:ed:0d:05:9b:8b:5a:4e:9d:aa:a8:
         e3:bf:3e:18:70:dd:5b:21:2d:07:d1:5a:a7:e3:27:c5:22:1d:
         34:e2:1f:3f:89:66:af:73:bb:99:f7:e3:b4:8c:a6:bf:bd:dc:
         bb:5e:73:17:35:b2:3f:b6:bd:ef:43:cd:9b:1e:c2:b6:09:2f:
         56:01:8d:bc:0d:68:f7:e3:59:38:9b:1f:c3:4c:49:88:f0:ef:
         9b:a6:f9:65:6b:5a:76:02:fb:5e:0f:69:56:0a:35:c3:6f:6d:
         28:49:55:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7qJnfhitjsWUB0s2T2tVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZWNjODE4ZTFhOWM2YTg1MTdiY2Q2OTZhNTc0NDI4ZDZk
MTdhNDQwHhcNMjUxMTExMDgwMDU1WhcNMjUxMTEyMDgwMDU1WjAzMTEwLwYDVQQD
EygyZmYxMmYzMmNiNDA4ZWJlYjI0ZjI4ODRkMWYxNzkzNDFhMGJlMWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJvq3hjg4CguRYb5WaI+lPUJogNa
ZKUxkSSt/tYJ61/KMf71mETtrUwBd59aGb4azB/OJrJJPt1Pu9sCsiUh1wRx8/u8
8yCqAESFhv040Wn+Gn0lm3oypC8GyBZV5vZdmgSwYFSKZXLfKRBl9fIputI5tpau
/VC/Tzuu8/2vB1De3msd+XKOODHMW4pQBlbOUbeipQpRQ8LNOILyB/Fdl4iQ1cq4
VB13Ps/p5e+jtu5mqVioszXo9lvoWuqIjxCwBp1HLT/GuC0+fKKghfeNR9UHpeE0
lpKZryWo9L9A7ztHMZ+qE9IjBXwGt2ggeSu70Vz+zdFviERxn7mOScmJ+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC/xLzLLQI6+sk8ohNHxeTQaC+H/MB8GA1UdIwQY
MBaAFD7syBjhqcaoUXvNaWpXRCjW0XpEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHV6SUdPR3B4cWhSZTgxcGFsZEVLTmJSZWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8yODg2MGQtM2M5MC00NDlmLWE0M2Ut
OGQzZDUwNDgwZDlkLzEvUHV6SUdPR3B4cWhSZTgxcGFsZEVLTmJSZWtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8yODg2MGQtM2M5MC00NDlmLWE0M2UtOGQzZDUwNDgwZDlk
LzEvUHV6SUdPR3B4cWhSZTgxcGFsZEVLTmJSZWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXDKPMCAv
QzeKBo+Vun+R87M7HlEWauhEh8EK5IjRZ+EnMZFiR2WcOIbukuWbTON3GjbQ53Y6
PMjwJxp+s7ymcd0toTTK+t0s3aGYg05nrCGHutcevuDuO2HvnqwqjSoary12ZGqW
9W/O79rtUIXxgFDVUA34pMYQArcXdeyOiw+c346QOzYvV+6SgjqKCEt0c0scaOC3
8gjtDQWbi1pOnaqo478+GHDdWyEtB9Fap+MnxSIdNOIfP4lmr3O7mffjtIymv73c
u15zFzWyP7a970PNmx7CtgkvVgGNvA1o9+NZOJsfw0xJiPDvm6b5ZWtadgL7Xg9p
Vgo1w29tKElVFA==
-----END CERTIFICATE-----