Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.mft
File:                     ehKIruzRFJyedF-YZT5okK-iU6s.mft (raw, json)
Hash identifier:          bNlX04svMfqEJlPgozlzCE21GPQp7KztxgaSmRL/lGA=
Subject key identifier:   F7:5D:F1:91:08:35:7B:8B:D8:88:CD:1B:1E:14:58:75:62:3D:78:FF
Authority key identifier: 7A:12:88:AE:EC:D1:14:9C:9E:74:5F:98:65:3E:68:90:AF:A2:53:AB
Certificate issuer:       /CN=7a1288aeecd1149c9e745f98653e6890afa253ab
Certificate serial:       019A725C5CF17E5AA6CFB83D1ADDFAD6FC46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ehKIruzRFJyedF-YZT5okK-iU6s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.mft
Manifest number:          020D
Signing time:             Tue 11 Nov 2025 10:00:46 +0000
Manifest this update:     Tue 11 Nov 2025 10:00:46 +0000
Manifest next update:     Wed 12 Nov 2025 10:00:46 +0000
Files and hashes:         1: ehKIruzRFJyedF-YZT5okK-iU6s.crl (hash: Rg4o4LDDv9o2pPWu6pYoNa3DN22DcWuH8949O+1jWUM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ehKIruzRFJyedF-YZT5okK-iU6s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:5c:f1:7e:5a:a6:cf:b8:3d:1a:dd:fa:d6:fc:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a1288aeecd1149c9e745f98653e6890afa253ab
        Validity
            Not Before: Nov 11 10:00:46 2025 GMT
            Not After : Nov 12 10:00:46 2025 GMT
        Subject: CN=f75df19108357b8bd888cd1b1e145875623d78ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:01:33:d9:08:a0:4c:c4:21:4c:17:cc:94:48:
                    4f:17:75:14:47:83:f7:1b:0f:47:5b:ce:50:01:f2:
                    d3:45:24:30:e3:08:a6:33:25:f4:6a:f3:f2:a5:ae:
                    e9:55:27:45:a3:ea:87:84:fa:e8:bf:b7:51:99:c3:
                    c3:85:9e:78:12:60:ea:17:72:cb:2d:6f:84:e7:fc:
                    87:dc:3e:fe:ef:ea:dd:2a:64:5b:ed:73:3d:9d:57:
                    a6:ff:33:5d:78:30:19:6a:6b:01:c2:89:42:12:60:
                    89:96:e4:36:75:8a:a0:74:45:13:d1:a0:99:a5:04:
                    40:17:a4:3b:23:55:fb:e9:dc:94:44:31:1b:e7:df:
                    5f:b0:52:64:d4:0b:b2:ed:d5:49:08:37:40:5e:7b:
                    5e:6d:cb:1f:b1:a4:55:5e:7f:a2:98:fc:36:65:13:
                    d3:23:33:c4:51:5c:04:a1:20:e3:b8:be:dd:1c:e5:
                    cc:bf:4e:ce:25:24:2e:2d:37:6f:c9:18:bb:80:12:
                    38:dd:44:ec:f4:a1:96:cc:17:e6:e9:24:b9:41:ca:
                    79:d7:26:b9:db:3c:7e:2a:01:b6:09:74:7e:64:49:
                    30:b3:78:73:45:d1:d6:15:60:4f:7f:62:95:f3:57:
                    91:79:42:86:89:91:d6:be:7e:c9:b4:4a:a8:97:19:
                    a3:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:5D:F1:91:08:35:7B:8B:D8:88:CD:1B:1E:14:58:75:62:3D:78:FF
            X509v3 Authority Key Identifier:
                keyid:7A:12:88:AE:EC:D1:14:9C:9E:74:5F:98:65:3E:68:90:AF:A2:53:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ehKIruzRFJyedF-YZT5okK-iU6s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:67:64:59:67:57:b8:92:21:b7:cd:12:27:99:47:2f:60:d6:
         c3:e8:74:80:09:03:3e:04:e4:75:3d:99:db:58:cf:e6:ec:ca:
         63:7e:ba:e6:99:57:c3:2b:c1:90:98:db:84:ff:d8:1b:e0:95:
         59:bf:d6:03:b5:e7:52:16:ed:f4:56:b6:80:38:b2:ce:dd:fb:
         0a:b3:33:8e:2e:61:27:4e:e8:e7:15:91:54:04:0a:c9:bb:cf:
         df:51:e9:ee:d7:38:c2:4e:0c:1e:43:b8:ad:af:81:95:ca:5f:
         15:bd:6b:83:ac:de:63:8d:aa:24:9e:0f:66:00:29:4f:f8:bb:
         45:fc:7d:9e:36:0a:7e:7f:dd:6a:0d:f3:1a:79:5e:e1:79:ab:
         99:d3:91:0c:e8:c6:c3:11:f8:60:2a:3f:8f:ac:d7:7c:7d:5c:
         2a:04:c8:f3:4e:d9:82:7a:41:58:bd:83:51:68:87:18:76:ca:
         69:e5:3b:66:08:ad:95:45:44:cd:76:1e:62:97:25:a4:e4:c0:
         75:0b:e2:af:0d:26:fb:12:d1:8a:88:69:61:07:53:dc:d5:ca:
         06:0f:7c:d6:a2:f6:29:f1:2f:a2:b9:e1:2c:55:38:2e:93:ed:
         41:04:cc:0b:2f:68:ce:54:e5:30:6d:e9:50:8a:a1:f5:b0:61:
         33:61:49:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXFzxflqmz7g9Gt361vxGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMTI4OGFlZWNkMTE0OWM5ZTc0NWY5ODY1M2U2ODkwYWZh
MjUzYWIwHhcNMjUxMTExMTAwMDQ2WhcNMjUxMTEyMTAwMDQ2WjAzMTEwLwYDVQQD
EyhmNzVkZjE5MTA4MzU3YjhiZDg4OGNkMWIxZTE0NTg3NTYyM2Q3OGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAEz2QigTMQhTBfMlEhPF3UUR4P3
Gw9HW85QAfLTRSQw4wimMyX0avPypa7pVSdFo+qHhProv7dRmcPDhZ54EmDqF3LL
LW+E5/yH3D7+7+rdKmRb7XM9nVem/zNdeDAZamsBwolCEmCJluQ2dYqgdEUT0aCZ
pQRAF6Q7I1X76dyURDEb599fsFJk1Auy7dVJCDdAXntebcsfsaRVXn+imPw2ZRPT
IzPEUVwEoSDjuL7dHOXMv07OJSQuLTdvyRi7gBI43UTs9KGWzBfm6SS5Qcp51ya5
2zx+KgG2CXR+ZEkws3hzRdHWFWBPf2KV81eReUKGiZHWvn7JtEqolxmjqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPdd8ZEINXuL2IjNGx4UWHViPXj/MB8GA1UdIwQY
MBaAFHoSiK7s0RScnnRfmGU+aJCvolOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWhLSXJ1elJGSnllZEYtWVpUNW9rSy1pVTZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9iNGYzZDAtYjFkMS00NmJlLWExOTAt
OGUyMDI3Njk1ZDA3LzEvZWhLSXJ1elJGSnllZEYtWVpUNW9rSy1pVTZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9iNGYzZDAtYjFkMS00NmJlLWExOTAtOGUyMDI3Njk1ZDA3
LzEvZWhLSXJ1elJGSnllZEYtWVpUNW9rSy1pVTZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACGdkWWdX
uJIht80SJ5lHL2DWw+h0gAkDPgTkdT2Z21jP5uzKY3665plXwyvBkJjbhP/YG+CV
Wb/WA7XnUhbt9Fa2gDiyzt37CrMzji5hJ07o5xWRVAQKybvP31Hp7tc4wk4MHkO4
ra+BlcpfFb1rg6zeY42qJJ4PZgApT/i7Rfx9njYKfn/dag3zGnle4XmrmdORDOjG
wxH4YCo/j6zXfH1cKgTI807ZgnpBWL2DUWiHGHbKaeU7ZgitlUVEzXYeYpclpOTA
dQvirw0m+xLRiohpYQdT3NXKBg981qL2KfEvornhLFU4LpPtQQTMCy9ozlTlMG3p
UIqh9bBhM2FJnA==
-----END CERTIFICATE-----