Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft
File:                     Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft (raw, json)
Hash identifier:          S6xmYt3yvTWvWJVsL4Xm9BewDAVeuQ26L00ASGiXB/8=
Subject key identifier:   32:16:50:C6:96:AE:F0:30:D9:45:1E:F8:98:E1:63:CF:DD:35:28:02
Authority key identifier: 5E:A8:79:0A:08:C8:E0:D8:45:88:D9:4D:1A:51:BC:A9:AB:E7:58:1D
Certificate issuer:       /CN=5ea8790a08c8e0d84588d94d1a51bca9abe7581d
Certificate serial:       019A725CD951C076554E5A59322A0E3D74C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft
Manifest number:          152E
Signing time:             Tue 11 Nov 2025 10:01:18 +0000
Manifest this update:     Tue 11 Nov 2025 10:01:18 +0000
Manifest next update:     Wed 12 Nov 2025 10:01:18 +0000
Files and hashes:         1: Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl (hash: g2Ztbdr5Zx3cK6YFt2qZR8+Tl7bWC7FEaZ0yurTImtI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:d9:51:c0:76:55:4e:5a:59:32:2a:0e:3d:74:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ea8790a08c8e0d84588d94d1a51bca9abe7581d
        Validity
            Not Before: Nov 11 10:01:18 2025 GMT
            Not After : Nov 12 10:01:18 2025 GMT
        Subject: CN=321650c696aef030d9451ef898e163cfdd352802
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:a1:03:71:1e:72:26:a4:f3:e3:a6:e8:e1:21:
                    10:4f:49:f8:c1:16:78:8e:71:3c:29:e1:9f:fb:6e:
                    a7:b1:d9:ea:00:c3:36:d6:ee:0f:f9:6d:cc:1a:2c:
                    b0:f5:0d:b8:14:04:07:ff:d1:73:ba:85:84:71:2c:
                    48:e4:79:40:2f:66:33:e6:9b:d3:96:5e:6f:2c:cb:
                    d9:0e:38:39:77:82:b8:00:3f:c0:16:07:23:b3:45:
                    d2:27:d5:96:78:b8:f7:e5:18:95:d1:45:49:f9:2f:
                    57:a7:3c:9b:59:f0:4f:44:6a:4f:9c:ca:1b:1f:2e:
                    6d:a7:72:78:bc:f1:35:7b:b1:96:02:d7:90:af:20:
                    68:76:bc:b5:82:21:5b:60:b6:94:af:0a:c1:73:66:
                    63:ad:bc:56:56:fa:2e:5b:7f:ba:68:80:23:17:06:
                    a0:34:a3:6a:ff:51:b2:af:7c:ae:a6:2b:f2:52:bf:
                    43:2c:39:38:46:ae:0e:92:ce:eb:1d:dd:04:3e:7a:
                    ae:25:40:85:17:c7:31:9f:01:a3:d4:9c:9b:db:33:
                    5c:4b:f4:73:f6:9d:56:b9:cc:14:e5:d7:38:6b:91:
                    a2:24:ce:03:93:50:d7:a5:c4:99:d2:15:9c:dd:c5:
                    48:5b:08:15:e8:98:3a:5d:ea:b6:a2:49:49:7c:28:
                    26:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:16:50:C6:96:AE:F0:30:D9:45:1E:F8:98:E1:63:CF:DD:35:28:02
            X509v3 Authority Key Identifier:
                keyid:5E:A8:79:0A:08:C8:E0:D8:45:88:D9:4D:1A:51:BC:A9:AB:E7:58:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:67:00:5d:d4:e8:0e:bd:26:33:76:1d:79:bc:d9:76:93:9c:
         18:53:fa:cf:17:cd:bb:6b:f9:a4:64:7c:3b:e0:d8:64:8d:7d:
         62:da:55:2e:d8:15:75:3a:2b:3f:9b:20:66:80:3f:f9:9f:df:
         6e:75:9a:fe:ba:9f:d9:8e:6b:27:51:f0:12:d8:4c:10:a5:e2:
         05:5f:aa:32:be:37:e5:e1:14:a6:30:84:8e:60:df:2a:49:ba:
         8d:67:54:1c:89:33:1e:24:00:63:f3:a8:56:06:b6:c6:1c:75:
         4b:fc:2f:18:52:c1:8d:bd:fa:a3:02:c3:6f:52:cc:9f:a2:64:
         c5:6a:a5:75:05:65:99:10:7a:0e:a5:49:ed:3e:df:8e:87:ec:
         82:62:fd:d1:89:00:59:29:fd:b3:5d:5b:e7:a3:39:2c:10:2c:
         00:2c:48:ab:4a:ea:38:9f:21:14:29:ee:18:8f:3c:1d:ee:e9:
         80:48:65:59:4c:94:85:e6:12:f6:ae:ba:0b:6e:93:5d:a9:6a:
         33:3b:bb:5e:99:0b:d5:e9:63:b0:48:04:db:3e:0c:67:93:fb:
         58:a8:4b:f7:c9:7c:de:a3:29:43:75:50:49:90:44:47:5d:1d:
         96:be:97:73:97:7f:68:63:c6:e7:61:dc:91:af:31:49:7a:d8:
         16:28:94:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXNlRwHZVTlpZMioOPXTEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYTg3OTBhMDhjOGUwZDg0NTg4ZDk0ZDFhNTFiY2E5YWJl
NzU4MWQwHhcNMjUxMTExMTAwMTE4WhcNMjUxMTEyMTAwMTE4WjAzMTEwLwYDVQQD
EygzMjE2NTBjNjk2YWVmMDMwZDk0NTFlZjg5OGUxNjNjZmRkMzUyODAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKEDcR5yJqTz46bo4SEQT0n4wRZ4
jnE8KeGf+26nsdnqAMM21u4P+W3MGiyw9Q24FAQH/9FzuoWEcSxI5HlAL2Yz5pvT
ll5vLMvZDjg5d4K4AD/AFgcjs0XSJ9WWeLj35RiV0UVJ+S9XpzybWfBPRGpPnMob
Hy5tp3J4vPE1e7GWAteQryBodry1giFbYLaUrwrBc2ZjrbxWVvouW3+6aIAjFwag
NKNq/1Gyr3yupivyUr9DLDk4Rq4Oks7rHd0EPnquJUCFF8cxnwGj1Jyb2zNcS/Rz
9p1WucwU5dc4a5GiJM4Dk1DXpcSZ0hWc3cVIWwgV6Jg6Xeq2oklJfCgmiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDIWUMaWrvAw2UUe+JjhY8/dNSgCMB8GA1UdIwQY
MBaAFF6oeQoIyODYRYjZTRpRvKmr51gdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9jMDZhMjMtMDE2My00N2E1LTg2MDgt
MzBjMGExMTFjZDU1LzEvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9jMDZhMjMtMDE2My00N2E1LTg2MDgtMzBjMGExMTFjZDU1
LzEvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAamcAXdTo
Dr0mM3YdebzZdpOcGFP6zxfNu2v5pGR8O+DYZI19YtpVLtgVdTorP5sgZoA/+Z/f
bnWa/rqf2Y5rJ1HwEthMEKXiBV+qMr435eEUpjCEjmDfKkm6jWdUHIkzHiQAY/Oo
Vga2xhx1S/wvGFLBjb36owLDb1LMn6JkxWqldQVlmRB6DqVJ7T7fjofsgmL90YkA
WSn9s11b56M5LBAsACxIq0rqOJ8hFCnuGI88He7pgEhlWUyUheYS9q66C26TXalq
Mzu7XpkL1eljsEgE2z4MZ5P7WKhL98l83qMpQ3VQSZBER10dlr6Xc5d/aGPG52Hc
ka8xSXrYFiiUpQ==
-----END CERTIFICATE-----