Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.mft
File:                     Xj5PqMmXGu8SNF_A430Ws0WbeDs.mft (raw, json)
Hash identifier:          5ers42RMiE7Fs80epOzEJEQjytxHOkid+v8OtPZiDH8=
Subject key identifier:   27:3F:97:6A:51:D7:26:AD:D6:4C:FB:CB:4C:D5:36:F7:73:D1:56:6B
Authority key identifier: 5E:3E:4F:A8:C9:97:1A:EF:12:34:5F:C0:E3:7D:16:B3:45:9B:78:3B
Certificate issuer:       /CN=5e3e4fa8c9971aef12345fc0e37d16b3459b783b
Certificate serial:       019A72262A377BAB8CBC86BCC32380D41156
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xj5PqMmXGu8SNF_A430Ws0WbeDs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.mft
Manifest number:          0D75
Signing time:             Tue 11 Nov 2025 09:01:34 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:34 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:34 +0000
Files and hashes:         1: Xj5PqMmXGu8SNF_A430Ws0WbeDs.crl (hash: HtdfkEydh6bcp2nc7qXD6somspi3WNO5hBHWUIFPbsY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Xj5PqMmXGu8SNF_A430Ws0WbeDs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:2a:37:7b:ab:8c:bc:86:bc:c3:23:80:d4:11:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e3e4fa8c9971aef12345fc0e37d16b3459b783b
        Validity
            Not Before: Nov 11 09:01:34 2025 GMT
            Not After : Nov 12 09:01:34 2025 GMT
        Subject: CN=273f976a51d726add64cfbcb4cd536f773d1566b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:61:fb:39:f4:75:b2:dd:ba:da:55:50:f9:14:
                    ac:bd:cf:64:fb:24:7e:0f:7d:a6:cf:d3:fb:82:fc:
                    33:af:69:45:7c:1e:a9:32:1d:20:86:6e:e4:56:b6:
                    5c:20:73:05:ef:99:08:f8:69:30:54:17:67:be:10:
                    1a:20:68:53:70:6b:d3:9c:ef:f5:dd:43:f2:ca:a2:
                    4e:b5:dc:5f:7a:ed:6f:6c:22:fd:33:82:98:95:ed:
                    c9:15:31:99:8f:44:92:ea:e5:65:61:0b:81:bf:36:
                    1e:8b:59:6d:f5:22:50:96:46:b4:bd:8b:0a:c5:00:
                    75:7a:e3:92:2f:51:aa:a6:4c:15:c6:84:ee:5c:91:
                    8a:3d:a1:06:a0:51:88:12:e4:b7:80:f9:b7:9a:00:
                    4f:e9:2b:dd:eb:77:88:5e:e3:99:6d:5d:8b:1f:8c:
                    0a:70:45:84:87:27:03:3d:e7:26:e7:1f:5b:c9:93:
                    3b:d5:de:a5:ca:e7:37:3f:f0:3b:bd:af:74:4d:86:
                    76:59:34:68:ec:bd:0a:a5:fd:d8:d4:1d:9e:41:a8:
                    fe:95:53:42:5c:1b:cc:b1:b4:5b:32:53:17:e4:bc:
                    0a:9f:42:09:3d:97:48:56:b2:58:70:92:e3:e1:89:
                    52:00:fb:2f:88:e6:ae:29:ac:5b:24:15:87:80:ef:
                    51:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:3F:97:6A:51:D7:26:AD:D6:4C:FB:CB:4C:D5:36:F7:73:D1:56:6B
            X509v3 Authority Key Identifier:
                keyid:5E:3E:4F:A8:C9:97:1A:EF:12:34:5F:C0:E3:7D:16:B3:45:9B:78:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xj5PqMmXGu8SNF_A430Ws0WbeDs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:22:64:8c:a5:06:54:a6:66:67:a2:bc:ca:2b:7b:74:0a:87:
         9c:bd:fd:d8:47:4a:38:c8:98:d6:c3:f5:46:55:35:f5:fa:0e:
         37:3f:c0:32:1c:5e:69:b5:5e:12:83:81:95:24:3b:c5:45:70:
         50:0d:30:11:df:b1:d4:15:be:ce:0a:67:d4:fd:32:08:b7:00:
         fe:70:a7:cd:68:e4:31:1e:34:92:11:34:57:fc:f1:b1:9f:f8:
         60:fd:80:58:cb:e0:cf:81:e0:ae:e6:39:4e:74:16:f6:09:78:
         64:b3:d0:b2:19:8b:d9:16:92:72:d0:1c:dd:99:54:4a:98:53:
         40:51:73:66:9f:37:8a:ca:52:cd:b1:04:3f:10:68:1f:4d:00:
         81:b9:d3:21:f1:de:55:6b:ab:3b:2a:1b:79:fb:89:39:58:b7:
         50:f6:73:3d:b2:25:a5:87:73:b3:20:dd:fc:50:8a:da:19:e8:
         1e:e3:09:b3:b4:3e:c8:3e:8d:1f:47:49:83:f2:b9:09:3d:26:
         26:b4:01:ae:7e:eb:1d:28:00:49:fb:1c:f4:34:98:04:1d:a0:
         e6:4d:d5:36:98:e6:8c:28:cf:b0:bf:b6:dd:b2:6f:9e:a5:91:
         d3:12:08:62:20:0d:e3:97:e2:78:cb:92:1f:b8:e9:15:d3:0f:
         27:f9:04:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJio3e6uMvIa8wyOA1BFWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlM2U0ZmE4Yzk5NzFhZWYxMjM0NWZjMGUzN2QxNmIzNDU5
Yjc4M2IwHhcNMjUxMTExMDkwMTM0WhcNMjUxMTEyMDkwMTM0WjAzMTEwLwYDVQQD
EygyNzNmOTc2YTUxZDcyNmFkZDY0Y2ZiY2I0Y2Q1MzZmNzczZDE1NjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWH7OfR1st262lVQ+RSsvc9k+yR+
D32mz9P7gvwzr2lFfB6pMh0ghm7kVrZcIHMF75kI+GkwVBdnvhAaIGhTcGvTnO/1
3UPyyqJOtdxfeu1vbCL9M4KYle3JFTGZj0SS6uVlYQuBvzYei1lt9SJQlka0vYsK
xQB1euOSL1GqpkwVxoTuXJGKPaEGoFGIEuS3gPm3mgBP6Svd63eIXuOZbV2LH4wK
cEWEhycDPecm5x9byZM71d6lyuc3P/A7va90TYZ2WTRo7L0Kpf3Y1B2eQaj+lVNC
XBvMsbRbMlMX5LwKn0IJPZdIVrJYcJLj4YlSAPsviOauKaxbJBWHgO9R/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCc/l2pR1yat1kz7y0zVNvdz0VZrMB8GA1UdIwQY
MBaAFF4+T6jJlxrvEjRfwON9FrNFm3g7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGo1UHFNbVhHdThTTkZfQTQzMFdzMFdiZURzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9lYjU0NTQtNzI5My00MzdmLWFjMGIt
M2EzYjAyOTZiYjgyLzEvWGo1UHFNbVhHdThTTkZfQTQzMFdzMFdiZURzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9lYjU0NTQtNzI5My00MzdmLWFjMGItM2EzYjAyOTZiYjgy
LzEvWGo1UHFNbVhHdThTTkZfQTQzMFdzMFdiZURzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeyJkjKUG
VKZmZ6K8yit7dAqHnL392EdKOMiY1sP1RlU19foONz/AMhxeabVeEoOBlSQ7xUVw
UA0wEd+x1BW+zgpn1P0yCLcA/nCnzWjkMR40khE0V/zxsZ/4YP2AWMvgz4HgruY5
TnQW9gl4ZLPQshmL2RaSctAc3ZlUSphTQFFzZp83ispSzbEEPxBoH00AgbnTIfHe
VWurOyobefuJOVi3UPZzPbIlpYdzsyDd/FCK2hnoHuMJs7Q+yD6NH0dJg/K5CT0m
JrQBrn7rHSgASfsc9DSYBB2g5k3VNpjmjCjPsL+23bJvnqWR0xIIYiAN45fieMuS
H7jpFdMPJ/kEsw==
-----END CERTIFICATE-----