Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.mft
File:                     geY5cEKnqWRfwS91nQJhldfL_Vg.mft (raw, json)
Hash identifier:          x3fKfzqYyg7OD9S87Xqxt1l8G/AP50RAj0JBM+e/FiA=
Subject key identifier:   8E:E5:73:36:F1:2C:0E:D8:BC:D9:EA:6A:9C:89:4D:AB:7D:FE:EA:AB
Authority key identifier: 81:E6:39:70:42:A7:A9:64:5F:C1:2F:75:9D:02:61:95:D7:CB:FD:58
Certificate issuer:       /CN=81e6397042a7a9645fc12f759d026195d7cbfd58
Certificate serial:       019A7225B152E0907ACF344687B8BD7FF44F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/geY5cEKnqWRfwS91nQJhldfL_Vg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.mft
Manifest number:          0E2A
Signing time:             Tue 11 Nov 2025 09:01:03 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:03 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:03 +0000
Files and hashes:         1: geY5cEKnqWRfwS91nQJhldfL_Vg.crl (hash: xCH03enA1VZz+8S7XUJ8Iizo7BwL4hyNdxiOKVMIT7I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/geY5cEKnqWRfwS91nQJhldfL_Vg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:b1:52:e0:90:7a:cf:34:46:87:b8:bd:7f:f4:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81e6397042a7a9645fc12f759d026195d7cbfd58
        Validity
            Not Before: Nov 11 09:01:03 2025 GMT
            Not After : Nov 12 09:01:03 2025 GMT
        Subject: CN=8ee57336f12c0ed8bcd9ea6a9c894dab7dfeeaab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:ef:c9:16:d2:ed:77:ea:0d:e6:5c:b0:73:e9:
                    59:2a:ae:e9:99:de:41:26:7c:82:d1:d7:4b:f5:c0:
                    41:da:07:3e:79:fa:70:9a:ed:b9:6a:ad:d4:ac:1c:
                    b3:2e:61:a4:d2:b2:10:e0:db:61:ca:de:71:56:a7:
                    c2:32:9d:73:41:e5:f9:76:7d:3a:e5:7f:80:b7:3d:
                    1d:d5:09:98:c1:56:16:da:1f:05:48:9b:21:6b:d7:
                    76:b3:0d:94:67:fb:f2:a4:cf:75:b4:4c:16:8c:46:
                    32:eb:64:36:c1:1b:3c:dc:0e:38:c5:2f:3d:43:d3:
                    53:8c:38:79:6e:ee:e5:35:82:6a:91:df:de:79:44:
                    80:79:36:e1:bc:1f:55:ed:0a:b0:41:9a:33:01:74:
                    ba:66:71:f4:51:52:3f:4c:fa:19:c4:13:41:d5:05:
                    61:b4:f2:6e:9b:19:fd:c9:d3:4f:3f:4d:18:fd:24:
                    27:70:7a:82:ee:f6:7e:38:be:ff:e5:fa:38:d9:ea:
                    c7:cf:d5:a5:ef:5c:31:bd:16:6c:7a:fc:27:ce:12:
                    1a:26:ed:15:bc:ee:2f:74:9e:76:08:3f:21:0f:c5:
                    82:44:0e:2d:62:d7:0a:52:d4:0d:50:42:c4:e4:e3:
                    4c:17:9d:fc:31:1d:bf:ff:89:2b:8a:f8:6d:bb:42:
                    8c:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:E5:73:36:F1:2C:0E:D8:BC:D9:EA:6A:9C:89:4D:AB:7D:FE:EA:AB
            X509v3 Authority Key Identifier:
                keyid:81:E6:39:70:42:A7:A9:64:5F:C1:2F:75:9D:02:61:95:D7:CB:FD:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/geY5cEKnqWRfwS91nQJhldfL_Vg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:56:73:96:95:60:7c:ff:c8:d2:3c:e8:9c:e5:46:dc:44:04:
         20:15:b5:c1:50:0a:6c:2b:3d:b2:ee:0d:c6:21:47:34:fe:4f:
         a7:e2:c5:d3:66:dc:af:bb:59:60:21:80:5e:85:e2:61:41:bb:
         17:bd:a2:07:c8:e9:e6:c7:0b:65:44:9d:55:b3:82:38:ad:1a:
         88:8e:a3:54:ee:24:b3:47:a4:ff:47:bf:40:58:77:1a:5f:cd:
         11:3d:a6:d8:12:02:73:57:77:85:4e:e3:c8:25:c7:28:22:03:
         05:f9:9d:dd:68:54:3a:2f:2c:d4:1c:e7:52:06:61:7e:35:9b:
         88:90:b4:2c:52:ef:dd:f9:09:0d:17:7e:19:2b:18:7b:75:3c:
         66:2c:7b:62:cb:70:69:21:6c:4a:4b:b4:31:77:df:3a:58:ee:
         32:d7:f0:f0:25:d2:7a:a8:39:e8:c1:72:32:9b:5a:53:a6:03:
         8b:51:9b:59:74:cc:c0:71:fc:bd:23:3b:3a:2d:12:bb:1a:fc:
         78:ad:67:4a:f3:8b:f1:2b:66:38:15:08:9a:de:83:64:9f:44:
         fc:39:bc:c7:98:42:55:48:2b:a8:39:02:6a:6a:80:41:31:39:
         41:b9:bb:96:80:f8:5d:09:e2:a4:98:e9:0d:e4:38:b4:e3:03:
         32:94:a5:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJbFS4JB6zzRGh7i9f/RPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZTYzOTcwNDJhN2E5NjQ1ZmMxMmY3NTlkMDI2MTk1ZDdj
YmZkNTgwHhcNMjUxMTExMDkwMTAzWhcNMjUxMTEyMDkwMTAzWjAzMTEwLwYDVQQD
Eyg4ZWU1NzMzNmYxMmMwZWQ4YmNkOWVhNmE5Yzg5NGRhYjdkZmVlYWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwe/JFtLtd+oN5lywc+lZKq7pmd5B
JnyC0ddL9cBB2gc+efpwmu25aq3UrByzLmGk0rIQ4Nthyt5xVqfCMp1zQeX5dn06
5X+Atz0d1QmYwVYW2h8FSJsha9d2sw2UZ/vypM91tEwWjEYy62Q2wRs83A44xS89
Q9NTjDh5bu7lNYJqkd/eeUSAeTbhvB9V7QqwQZozAXS6ZnH0UVI/TPoZxBNB1QVh
tPJumxn9ydNPP00Y/SQncHqC7vZ+OL7/5fo42erHz9Wl71wxvRZsevwnzhIaJu0V
vO4vdJ52CD8hD8WCRA4tYtcKUtQNUELE5ONMF538MR2//4krivhtu0KM8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI7lczbxLA7YvNnqapyJTat9/uqrMB8GA1UdIwQY
MBaAFIHmOXBCp6lkX8EvdZ0CYZXXy/1YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2VZNWNFS25xV1Jmd1M5MW5RSmhsZGZMX1ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjhmMWItZjNmMS00ZjFiLTlhYzQt
NWNhNmE3YWQwNWZhLzEvZ2VZNWNFS25xV1Jmd1M5MW5RSmhsZGZMX1ZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjhmMWItZjNmMS00ZjFiLTlhYzQtNWNhNmE3YWQwNWZh
LzEvZ2VZNWNFS25xV1Jmd1M5MW5RSmhsZGZMX1ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKFZzlpVg
fP/I0jzonOVG3EQEIBW1wVAKbCs9su4NxiFHNP5Pp+LF02bcr7tZYCGAXoXiYUG7
F72iB8jp5scLZUSdVbOCOK0aiI6jVO4ks0ek/0e/QFh3Gl/NET2m2BICc1d3hU7j
yCXHKCIDBfmd3WhUOi8s1BznUgZhfjWbiJC0LFLv3fkJDRd+GSsYe3U8Zix7Ystw
aSFsSku0MXffOljuMtfw8CXSeqg56MFyMptaU6YDi1GbWXTMwHH8vSM7Oi0Suxr8
eK1nSvOL8StmOBUImt6DZJ9E/Dm8x5hCVUgrqDkCamqAQTE5Qbm7loD4XQnipJjp
DeQ4tOMDMpSllQ==
-----END CERTIFICATE-----