Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/559200-c501-4ac0-a5f5-e5a35a847273/1/rENzvP5MWzcCARWd-W2xNzaYur0.mft
File:                     rENzvP5MWzcCARWd-W2xNzaYur0.mft (raw, json)
Hash identifier:          rZfvgiJxk6eH8Los9/IE717Q+R6CtwkH9H+wpRWCyig=
Subject key identifier:   4A:38:E4:C6:37:0D:0E:8F:82:30:03:BD:79:B0:71:42:A5:97:E8:CB
Authority key identifier: AC:43:73:BC:FE:4C:5B:37:02:01:15:9D:F9:6D:B1:37:36:98:BA:BD
Certificate issuer:       /CN=ac4373bcfe4c5b370201159df96db1373698babd
Certificate serial:       019A71EEAEFA022697681C33D71572424982
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rENzvP5MWzcCARWd-W2xNzaYur0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/559200-c501-4ac0-a5f5-e5a35a847273/1/rENzvP5MWzcCARWd-W2xNzaYur0.mft
Manifest number:          48
Signing time:             Tue 11 Nov 2025 08:00:58 +0000
Manifest this update:     Tue 11 Nov 2025 08:00:58 +0000
Manifest next update:     Wed 12 Nov 2025 08:00:58 +0000
Files and hashes:         1: rENzvP5MWzcCARWd-W2xNzaYur0.crl (hash: vKrK79gmZuEhpodWOIcH6/yXWOD0CrBrzItCMi/TR9Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/559200-c501-4ac0-a5f5-e5a35a847273/1/rENzvP5MWzcCARWd-W2xNzaYur0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/559200-c501-4ac0-a5f5-e5a35a847273/1/rENzvP5MWzcCARWd-W2xNzaYur0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rENzvP5MWzcCARWd-W2xNzaYur0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 08:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:ee:ae:fa:02:26:97:68:1c:33:d7:15:72:42:49:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ac4373bcfe4c5b370201159df96db1373698babd
        Validity
            Not Before: Nov 11 08:00:58 2025 GMT
            Not After : Nov 12 08:00:58 2025 GMT
        Subject: CN=4a38e4c6370d0e8f823003bd79b07142a597e8cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:6a:5b:95:27:c8:0f:cf:b3:bf:3d:62:30:a4:
                    ea:7c:ee:d2:87:a1:43:6f:88:c0:9e:01:b2:2f:a6:
                    31:fa:5a:e3:6f:58:44:eb:a6:f9:26:fd:88:cf:09:
                    ac:df:4c:08:1d:d8:da:5b:cf:44:56:06:57:47:3b:
                    e0:9e:3a:a8:70:f7:77:c7:7d:88:f7:69:5b:ba:36:
                    26:a7:87:89:31:ff:10:18:9f:7a:f6:82:57:d8:be:
                    a9:7d:69:43:86:31:23:47:84:ee:ba:36:e5:7c:46:
                    ae:54:9c:34:fe:6a:a4:2e:bb:12:cc:45:a4:1b:29:
                    3f:00:89:04:0d:fd:7e:11:f8:7f:62:46:2d:39:9f:
                    9a:12:ec:df:f5:a6:68:c7:21:23:90:d3:6a:2e:d6:
                    72:fe:9b:c2:3a:48:8f:04:6d:04:91:4c:52:36:2f:
                    ba:7c:a4:17:0d:3f:dd:6a:b0:63:fc:a7:f5:84:38:
                    63:22:ab:30:ba:38:bc:b0:8b:e7:1c:41:c9:83:01:
                    a2:eb:30:29:cc:09:3b:e7:00:39:85:4f:5c:a9:23:
                    3e:f0:33:99:86:66:0b:51:94:c8:99:d8:24:06:ac:
                    36:17:22:23:bb:29:ba:46:ec:1e:95:bf:d4:95:63:
                    3c:2c:c0:ae:90:cd:fc:64:9f:29:b6:62:07:c8:df:
                    a1:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:38:E4:C6:37:0D:0E:8F:82:30:03:BD:79:B0:71:42:A5:97:E8:CB
            X509v3 Authority Key Identifier:
                keyid:AC:43:73:BC:FE:4C:5B:37:02:01:15:9D:F9:6D:B1:37:36:98:BA:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rENzvP5MWzcCARWd-W2xNzaYur0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/559200-c501-4ac0-a5f5-e5a35a847273/1/rENzvP5MWzcCARWd-W2xNzaYur0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/559200-c501-4ac0-a5f5-e5a35a847273/1/rENzvP5MWzcCARWd-W2xNzaYur0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:4c:64:cb:fb:72:7c:8e:1f:c9:4a:16:db:e9:e2:38:e1:d4:
         e1:b9:28:93:71:5d:6b:ed:b7:77:9d:b8:89:86:0c:21:ce:fa:
         22:5f:fb:c0:d6:17:97:12:db:bd:b4:aa:f5:74:e3:fc:86:20:
         30:8e:dc:b9:f6:7c:36:9e:22:bb:66:b0:5c:1d:81:92:22:91:
         01:89:26:74:97:8d:1a:58:58:0d:e9:51:f5:9a:eb:a6:99:ba:
         78:cc:14:34:f0:bb:90:34:97:c8:80:3a:ba:45:a3:c3:55:8d:
         10:12:36:3b:7b:fa:a1:07:fb:0d:b2:fa:91:64:c5:63:9e:7b:
         52:9f:53:49:bc:16:06:85:85:5e:59:34:07:99:90:4e:63:8d:
         f5:f3:5c:00:38:c7:e2:53:65:46:c0:bb:36:64:54:7a:32:65:
         bc:2b:3d:89:55:15:c7:48:e4:5f:31:e3:c1:90:5d:35:c6:27:
         2f:01:1b:d2:fb:94:97:e9:ca:87:7f:f9:30:7f:3a:ce:53:9f:
         3d:5f:cc:39:0f:2e:3d:6a:7b:12:e5:bf:7c:03:8d:38:1f:18:
         0b:75:27:9f:d5:25:36:68:0a:57:2d:57:71:3f:5f:dd:4f:0b:
         f4:21:3f:70:f6:65:1c:f1:74:a1:fb:70:40:ca:52:eb:14:21:
         f2:5b:e4:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7q76AiaXaBwz1xVyQkmCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjNDM3M2JjZmU0YzViMzcwMjAxMTU5ZGY5NmRiMTM3MzY5
OGJhYmQwHhcNMjUxMTExMDgwMDU4WhcNMjUxMTEyMDgwMDU4WjAzMTEwLwYDVQQD
Eyg0YTM4ZTRjNjM3MGQwZThmODIzMDAzYmQ3OWIwNzE0MmE1OTdlOGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2pblSfID8+zvz1iMKTqfO7Sh6FD
b4jAngGyL6Yx+lrjb1hE66b5Jv2Izwms30wIHdjaW89EVgZXRzvgnjqocPd3x32I
92lbujYmp4eJMf8QGJ969oJX2L6pfWlDhjEjR4TuujblfEauVJw0/mqkLrsSzEWk
Gyk/AIkEDf1+Efh/YkYtOZ+aEuzf9aZoxyEjkNNqLtZy/pvCOkiPBG0EkUxSNi+6
fKQXDT/darBj/Kf1hDhjIqswuji8sIvnHEHJgwGi6zApzAk75wA5hU9cqSM+8DOZ
hmYLUZTImdgkBqw2FyIjuym6Ruwelb/UlWM8LMCukM38ZJ8ptmIHyN+hmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEo45MY3DQ6PgjADvXmwcUKll+jLMB8GA1UdIwQY
MBaAFKxDc7z+TFs3AgEVnfltsTc2mLq9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckVOenZQNU1XemNDQVJXZC1XMnhOemFZdXIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81NTkyMDAtYzUwMS00YWMwLWE1ZjUt
ZTVhMzVhODQ3MjczLzEvckVOenZQNU1XemNDQVJXZC1XMnhOemFZdXIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81NTkyMDAtYzUwMS00YWMwLWE1ZjUtZTVhMzVhODQ3Mjcz
LzEvckVOenZQNU1XemNDQVJXZC1XMnhOemFZdXIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhUxky/ty
fI4fyUoW2+niOOHU4bkok3Fda+23d524iYYMIc76Il/7wNYXlxLbvbSq9XTj/IYg
MI7cufZ8Np4iu2awXB2BkiKRAYkmdJeNGlhYDelR9Zrrppm6eMwUNPC7kDSXyIA6
ukWjw1WNEBI2O3v6oQf7DbL6kWTFY557Up9TSbwWBoWFXlk0B5mQTmON9fNcADjH
4lNlRsC7NmRUejJlvCs9iVUVx0jkXzHjwZBdNcYnLwEb0vuUl+nKh3/5MH86zlOf
PV/MOQ8uPWp7EuW/fAONOB8YC3Unn9UlNmgKVy1XcT9f3U8L9CE/cPZlHPF0oftw
QMpS6xQh8lvk7w==
-----END CERTIFICATE-----