Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft
File:                     5DWo9PNqSBGpLRlhc-HEmarMd9U.mft (raw, json)
Hash identifier:          EALGDA1MuN9anMmESoicPJEqtaMe/FvDKnnXY2JNfog=
Subject key identifier:   36:30:39:59:25:6D:29:B8:09:4D:CD:91:B7:7E:7A:7C:63:AD:2D:3C
Authority key identifier: E4:35:A8:F4:F3:6A:48:11:A9:2D:19:61:73:E1:C4:99:AA:CC:77:D5
Certificate issuer:       /CN=e435a8f4f36a4811a92d196173e1c499aacc77d5
Certificate serial:       019A7112EFEC49EDD3C640D0BAC1A9A84E8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5DWo9PNqSBGpLRlhc-HEmarMd9U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft
Manifest number:          0DFC
Signing time:             Tue 11 Nov 2025 04:00:57 +0000
Manifest this update:     Tue 11 Nov 2025 04:00:57 +0000
Manifest next update:     Wed 12 Nov 2025 04:00:57 +0000
Files and hashes:         1: 5DWo9PNqSBGpLRlhc-HEmarMd9U.crl (hash: z4oxECLa6JUhShKIIxHw55AMv48OBJfprdN3Xc3C3hg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5DWo9PNqSBGpLRlhc-HEmarMd9U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:12:ef:ec:49:ed:d3:c6:40:d0:ba:c1:a9:a8:4e:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e435a8f4f36a4811a92d196173e1c499aacc77d5
        Validity
            Not Before: Nov 11 04:00:57 2025 GMT
            Not After : Nov 12 04:00:57 2025 GMT
        Subject: CN=36303959256d29b8094dcd91b77e7a7c63ad2d3c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:95:26:b4:c7:e4:b1:5c:7e:b8:0d:16:f7:23:
                    8e:b0:ce:dd:65:ac:76:4c:3d:f5:09:10:29:d8:5f:
                    f1:22:06:3b:04:a5:d6:21:68:c7:71:a2:27:90:d2:
                    56:39:f8:2f:c3:8f:72:63:40:47:0e:1d:e3:1c:05:
                    d3:59:a5:b8:29:c2:56:62:e5:03:cf:56:91:9d:bb:
                    9d:77:a6:39:04:74:26:6f:d0:0f:6a:24:86:c3:3f:
                    c6:86:fb:55:b6:c1:2d:3a:e7:98:38:72:9b:a9:f9:
                    82:4f:7c:32:ba:a8:86:c3:fd:90:f5:ef:53:c9:62:
                    c6:dc:ae:43:96:f5:66:62:70:ec:d1:cf:e5:24:1e:
                    8d:4b:ce:41:a9:f1:6d:e3:15:a9:73:ab:c3:ed:fe:
                    80:78:b0:46:28:82:67:3a:c5:76:0e:2c:ac:d7:3f:
                    dd:a0:5e:a4:0b:b9:06:1a:5e:d3:a9:05:45:e7:1d:
                    d6:23:fb:0a:6f:1b:13:fa:ea:f3:60:5d:5c:25:dd:
                    d1:cf:69:17:c5:f5:fa:7c:33:95:80:4a:52:41:09:
                    7b:08:85:74:33:da:c7:33:e3:de:42:3d:12:cb:3f:
                    36:ef:45:b4:68:16:64:f4:08:64:35:0f:f6:0f:77:
                    ab:ba:57:8e:c1:fc:27:46:aa:dc:d5:51:28:3e:37:
                    7b:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:30:39:59:25:6D:29:B8:09:4D:CD:91:B7:7E:7A:7C:63:AD:2D:3C
            X509v3 Authority Key Identifier:
                keyid:E4:35:A8:F4:F3:6A:48:11:A9:2D:19:61:73:E1:C4:99:AA:CC:77:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5DWo9PNqSBGpLRlhc-HEmarMd9U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:7c:e7:86:dd:cc:aa:2c:a5:71:74:bf:2c:3d:ed:52:92:1d:
         3c:9f:be:97:ef:4f:9f:15:6c:17:3b:02:4e:94:a3:d3:05:ff:
         01:63:46:7a:37:90:c8:53:3e:e8:c6:a1:12:e9:a8:80:6a:8e:
         9f:68:da:b1:9d:5a:f7:d1:a3:51:d0:ac:58:ad:29:35:56:60:
         5d:f5:8a:e0:82:f8:20:d0:16:a4:28:e5:bc:82:3a:e8:1f:7f:
         a7:94:f6:3b:b1:b0:7a:61:ee:03:e2:3a:09:53:2b:aa:6b:f6:
         ae:f4:c1:a3:72:e0:42:c1:45:b8:84:77:b0:4c:00:52:be:4d:
         d8:d0:1f:66:28:26:db:6c:7a:bb:2f:93:b1:e5:43:73:54:6d:
         3c:2d:75:5a:76:72:2f:6f:b0:e4:9c:87:c9:49:01:e9:9b:20:
         98:35:40:4b:4a:10:80:a0:b3:75:ae:17:04:fa:40:60:20:b9:
         e6:bd:15:89:97:d7:80:4f:9a:c0:16:b3:7f:78:18:5b:6e:c6:
         06:98:7c:ee:0e:be:76:73:c9:a3:59:0e:82:af:57:63:08:2f:
         69:9a:b1:99:d1:f2:f4:52:50:02:a3:cc:a2:d5:5d:0a:55:d7:
         1d:30:4e:3b:40:10:45:43:63:67:8d:6d:e5:cd:29:7a:22:a3:
         c6:6d:e8:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEu/sSe3TxkDQusGpqE6NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0MzVhOGY0ZjM2YTQ4MTFhOTJkMTk2MTczZTFjNDk5YWFj
Yzc3ZDUwHhcNMjUxMTExMDQwMDU3WhcNMjUxMTEyMDQwMDU3WjAzMTEwLwYDVQQD
EygzNjMwMzk1OTI1NmQyOWI4MDk0ZGNkOTFiNzdlN2E3YzYzYWQyZDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4JUmtMfksVx+uA0W9yOOsM7dZax2
TD31CRAp2F/xIgY7BKXWIWjHcaInkNJWOfgvw49yY0BHDh3jHAXTWaW4KcJWYuUD
z1aRnbudd6Y5BHQmb9APaiSGwz/GhvtVtsEtOueYOHKbqfmCT3wyuqiGw/2Q9e9T
yWLG3K5DlvVmYnDs0c/lJB6NS85BqfFt4xWpc6vD7f6AeLBGKIJnOsV2Diys1z/d
oF6kC7kGGl7TqQVF5x3WI/sKbxsT+urzYF1cJd3Rz2kXxfX6fDOVgEpSQQl7CIV0
M9rHM+PeQj0Syz8270W0aBZk9AhkNQ/2D3eruleOwfwnRqrc1VEoPjd7hQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDYwOVklbSm4CU3Nkbd+enxjrS08MB8GA1UdIwQY
MBaAFOQ1qPTzakgRqS0ZYXPhxJmqzHfVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNURXbzlQTnFTQkdwTFJsaGMtSEVtYXJNZDlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80MmJhNzUtOTJlNi00NzkzLThhZDkt
YjgwZTlmYTQyZGZiLzEvNURXbzlQTnFTQkdwTFJsaGMtSEVtYXJNZDlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80MmJhNzUtOTJlNi00NzkzLThhZDktYjgwZTlmYTQyZGZi
LzEvNURXbzlQTnFTQkdwTFJsaGMtSEVtYXJNZDlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc3znht3M
qiylcXS/LD3tUpIdPJ++l+9PnxVsFzsCTpSj0wX/AWNGejeQyFM+6MahEumogGqO
n2jasZ1a99GjUdCsWK0pNVZgXfWK4IL4INAWpCjlvII66B9/p5T2O7GwemHuA+I6
CVMrqmv2rvTBo3LgQsFFuIR3sEwAUr5N2NAfZigm22x6uy+TseVDc1RtPC11WnZy
L2+w5JyHyUkB6ZsgmDVAS0oQgKCzda4XBPpAYCC55r0ViZfXgE+awBazf3gYW27G
Bph87g6+dnPJo1kOgq9XYwgvaZqxmdHy9FJQAqPMotVdClXXHTBOO0AQRUNjZ41t
5c0peiKjxm3ogQ==
-----END CERTIFICATE-----