Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/3eed28-230c-4b9f-904c-777e6ca4eff6/1/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.mft
File:                     5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.mft (raw, json)
Hash identifier:          HVffFMyL9+j8i7HqIuM8C5FL6TnZsIhzauQ5DWdb0oc=
Subject key identifier:   DB:59:DB:3C:E6:29:82:51:65:2A:FD:A6:31:61:60:FF:00:9B:7B:9B
Authority key identifier: E4:18:CD:DC:39:D3:47:56:3C:6D:C1:E5:EC:5E:59:62:1E:40:E4:D9
Certificate issuer:       /CN=e418cddc39d347563c6dc1e5ec5e59621e40e4d9
Certificate serial:       019A71B77D509B70E20C68F07A487B97BEF7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/3eed28-230c-4b9f-904c-777e6ca4eff6/1/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.mft
Manifest number:          0503
Signing time:             Tue 11 Nov 2025 07:00:41 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:41 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:41 +0000
Files and hashes:         1: 5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.crl (hash: zdmE4u6UY5A278Y5iKD5gAKLV6ceuSBEiM0EL6nRRJ0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/3eed28-230c-4b9f-904c-777e6ca4eff6/1/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/3eed28-230c-4b9f-904c-777e6ca4eff6/1/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:7d:50:9b:70:e2:0c:68:f0:7a:48:7b:97:be:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e418cddc39d347563c6dc1e5ec5e59621e40e4d9
        Validity
            Not Before: Nov 11 07:00:41 2025 GMT
            Not After : Nov 12 07:00:41 2025 GMT
        Subject: CN=db59db3ce6298251652afda6316160ff009b7b9b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:bc:2b:0a:5e:51:ba:92:ed:7d:d2:25:c2:8e:
                    e3:c8:79:11:0b:7a:5d:75:45:b0:27:dc:80:12:c2:
                    ea:36:da:bb:9e:1c:e8:4f:d0:a4:94:5e:8d:41:30:
                    14:b0:5c:e4:00:30:e3:6e:1e:d4:86:8d:11:49:6f:
                    29:66:55:89:7d:c5:a3:76:ca:59:68:33:46:67:f9:
                    35:58:0e:78:0a:0f:4a:4a:98:b5:b4:79:ba:13:af:
                    6c:36:20:d1:0f:31:71:38:ae:0a:cc:84:08:45:e3:
                    f5:ce:de:73:af:d2:06:b6:41:7f:23:99:75:e9:ee:
                    b0:12:82:ee:f0:e5:2c:9f:61:7e:0f:31:6c:23:e7:
                    a5:3a:ac:f9:b7:e6:b6:e7:76:e2:c3:0e:0b:fe:08:
                    df:a4:82:7a:45:b4:b2:91:51:ea:f3:a5:56:61:e1:
                    75:92:41:f8:13:3a:e8:43:de:a5:d2:16:b2:4f:f9:
                    1d:9a:c1:2a:08:12:58:10:ed:cf:6d:66:a6:76:4c:
                    e5:05:d9:e3:a5:91:0e:5c:6c:06:a8:aa:2b:73:45:
                    f9:49:72:c9:38:ac:76:99:f7:34:08:0c:26:a9:65:
                    d7:3f:a5:ed:d4:5e:a2:0a:2c:aa:45:2e:b5:68:9e:
                    3e:a3:63:4c:3d:9d:ea:06:25:7d:35:6f:80:31:d7:
                    d3:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:59:DB:3C:E6:29:82:51:65:2A:FD:A6:31:61:60:FF:00:9B:7B:9B
            X509v3 Authority Key Identifier:
                keyid:E4:18:CD:DC:39:D3:47:56:3C:6D:C1:E5:EC:5E:59:62:1E:40:E4:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/3eed28-230c-4b9f-904c-777e6ca4eff6/1/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/3eed28-230c-4b9f-904c-777e6ca4eff6/1/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:b0:83:4d:6d:98:60:4a:00:de:6f:ca:d9:c8:8f:70:f1:6a:
         b2:1d:ca:5c:1d:fb:02:7f:c2:30:e8:ee:cb:8f:b7:66:29:61:
         e7:49:1a:7f:8e:5b:37:36:52:57:90:cb:05:2b:b8:dd:a8:8a:
         f1:8d:b1:83:97:f4:d7:93:75:d3:c8:84:49:00:04:d8:a0:4c:
         51:06:91:99:49:e6:32:43:0b:ce:e8:55:80:a8:d4:e9:bb:ac:
         e3:3b:d3:c2:8b:f3:2e:ad:79:ba:5f:e8:a9:09:8b:c4:38:c9:
         01:86:8e:bf:ee:0d:21:93:94:11:58:5c:9e:d4:9a:77:39:f6:
         e6:30:32:c6:f0:37:85:2a:c2:07:dd:6a:fc:74:f5:49:c9:7d:
         31:d2:2e:02:6c:8c:e9:50:0c:46:71:da:1b:a2:01:c2:4b:0f:
         b1:ab:5c:bb:55:45:aa:db:2c:67:b7:72:62:01:08:10:a2:48:
         5b:16:b0:c5:1d:04:2a:bb:99:be:84:99:28:8c:0e:d2:2e:6d:
         49:e2:fe:f3:b3:81:b6:ad:21:c7:4e:d0:9a:1a:9d:f4:d4:fe:
         ba:e1:21:82:de:b0:71:87:51:6b:78:68:0e:9e:a6:eb:b4:4c:
         ae:5d:0a:79:cc:1e:bc:67:56:f9:ba:6f:4a:9d:8e:1a:f6:79:
         31:8e:2d:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt31Qm3DiDGjwekh7l773MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0MThjZGRjMzlkMzQ3NTYzYzZkYzFlNWVjNWU1OTYyMWU0
MGU0ZDkwHhcNMjUxMTExMDcwMDQxWhcNMjUxMTEyMDcwMDQxWjAzMTEwLwYDVQQD
EyhkYjU5ZGIzY2U2Mjk4MjUxNjUyYWZkYTYzMTYxNjBmZjAwOWI3YjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7rwrCl5RupLtfdIlwo7jyHkRC3pd
dUWwJ9yAEsLqNtq7nhzoT9CklF6NQTAUsFzkADDjbh7Uho0RSW8pZlWJfcWjdspZ
aDNGZ/k1WA54Cg9KSpi1tHm6E69sNiDRDzFxOK4KzIQIReP1zt5zr9IGtkF/I5l1
6e6wEoLu8OUsn2F+DzFsI+elOqz5t+a253biww4L/gjfpIJ6RbSykVHq86VWYeF1
kkH4EzroQ96l0hayT/kdmsEqCBJYEO3PbWamdkzlBdnjpZEOXGwGqKorc0X5SXLJ
OKx2mfc0CAwmqWXXP6Xt1F6iCiyqRS61aJ4+o2NMPZ3qBiV9NW+AMdfTRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNtZ2zzmKYJRZSr9pjFhYP8Am3ubMB8GA1UdIwQY
MBaAFOQYzdw500dWPG3B5exeWWIeQOTZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUJqTjNEblRSMVk4YmNIbDdGNVpZaDVBNU5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8zZWVkMjgtMjMwYy00YjlmLTkwNGMt
Nzc3ZTZjYTRlZmY2LzEvNUJqTjNEblRSMVk4YmNIbDdGNVpZaDVBNU5rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8zZWVkMjgtMjMwYy00YjlmLTkwNGMtNzc3ZTZjYTRlZmY2
LzEvNUJqTjNEblRSMVk4YmNIbDdGNVpZaDVBNU5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJbCDTW2Y
YEoA3m/K2ciPcPFqsh3KXB37An/CMOjuy4+3Zilh50kaf45bNzZSV5DLBSu43aiK
8Y2xg5f015N108iESQAE2KBMUQaRmUnmMkMLzuhVgKjU6bus4zvTwovzLq15ul/o
qQmLxDjJAYaOv+4NIZOUEVhcntSadzn25jAyxvA3hSrCB91q/HT1Scl9MdIuAmyM
6VAMRnHaG6IBwksPsatcu1VFqtssZ7dyYgEIEKJIWxawxR0EKruZvoSZKIwO0i5t
SeL+87OBtq0hx07Qmhqd9NT+uuEhgt6wcYdRa3hoDp6m67RMrl0KecwevGdW+bpv
Sp2OGvZ5MY4t9g==
-----END CERTIFICATE-----