Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft
File:                     bIlKsevTD7N84imjdNPjE52QUY8.mft (raw, json)
Hash identifier:          Ffa5gVmsQk6FTX3SlJTQqojfh+XkuYF6T6ZTSkZBh6s=
Subject key identifier:   EA:91:2F:8A:0F:40:FF:97:D6:48:18:4F:91:9A:D7:5C:50:78:EB:98
Authority key identifier: 6C:89:4A:B1:EB:D3:0F:B3:7C:E2:29:A3:74:D3:E3:13:9D:90:51:8F
Certificate issuer:       /CN=6c894ab1ebd30fb37ce229a374d3e3139d90518f
Certificate serial:       019A70A4EA9965F8E3D83579CA0B98B2C1B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft
Manifest number:          075E
Signing time:             Tue 11 Nov 2025 02:00:47 +0000
Manifest this update:     Tue 11 Nov 2025 02:00:47 +0000
Manifest next update:     Wed 12 Nov 2025 02:00:47 +0000
Files and hashes:         1: bIlKsevTD7N84imjdNPjE52QUY8.crl (hash: zUTaWFl2JG1ITv73paC2liqCP99DQ83b7M5t09stMT8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 02:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:a4:ea:99:65:f8:e3:d8:35:79:ca:0b:98:b2:c1:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c894ab1ebd30fb37ce229a374d3e3139d90518f
        Validity
            Not Before: Nov 11 02:00:47 2025 GMT
            Not After : Nov 12 02:00:47 2025 GMT
        Subject: CN=ea912f8a0f40ff97d648184f919ad75c5078eb98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:08:cc:fd:f7:cc:62:80:3f:2c:74:81:90:38:
                    f9:0f:d0:dc:b3:c0:b7:ae:b6:44:07:c5:61:74:7a:
                    69:85:55:cc:e5:87:26:91:c0:cb:e4:f7:0f:0a:93:
                    33:ad:c7:c4:36:57:ed:f5:16:0a:b3:c2:b8:4e:10:
                    f8:04:6a:d4:71:4a:20:56:e6:6e:3e:96:e7:14:47:
                    c1:85:01:b6:06:8f:65:eb:cb:9f:6c:16:4b:b0:3f:
                    50:11:43:02:44:a2:b3:e6:6c:91:a6:0f:ed:0c:75:
                    c7:c3:84:28:2e:8c:59:0f:de:cb:b7:c3:f2:5b:d8:
                    eb:a7:d8:ca:28:98:da:42:54:c4:55:6b:95:f9:55:
                    b1:d6:71:61:9d:aa:2d:61:f9:49:9e:50:e2:2f:10:
                    49:0d:c8:03:06:03:1a:03:37:28:1c:0c:20:91:37:
                    8a:d2:66:6b:93:a0:5d:93:b4:3c:58:01:8d:e9:d4:
                    33:90:c5:72:20:d5:52:e3:6e:74:04:58:4a:b4:70:
                    ed:a2:eb:9d:d2:f6:11:36:18:23:21:9c:cd:0c:ea:
                    b5:be:11:dd:3b:45:b6:4d:f4:3c:64:6b:3e:22:38:
                    c1:8f:5d:8b:fe:04:eb:c3:23:f5:c8:b0:ea:38:26:
                    35:1a:6f:4c:a9:ac:e6:0e:aa:fc:48:c8:a1:87:39:
                    90:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:91:2F:8A:0F:40:FF:97:D6:48:18:4F:91:9A:D7:5C:50:78:EB:98
            X509v3 Authority Key Identifier:
                keyid:6C:89:4A:B1:EB:D3:0F:B3:7C:E2:29:A3:74:D3:E3:13:9D:90:51:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:37:c4:5b:cf:1d:e5:52:37:07:09:d2:dd:15:7a:2b:24:f5:
         d7:75:a4:e7:2e:c8:48:09:d3:e6:40:82:d2:e3:08:d8:cf:f2:
         01:42:2b:5d:f6:9c:33:47:54:c6:a7:67:23:b6:1d:2f:03:b8:
         91:9a:4d:03:c1:97:9b:7f:25:c9:6c:15:a0:b7:4b:62:85:de:
         8b:0f:a8:6e:1f:37:f8:b0:88:6b:4f:ae:83:cc:e8:f0:ac:75:
         67:f0:9f:21:37:78:d4:3e:ed:7f:e2:7f:ee:d7:1a:c7:31:6a:
         7a:25:3e:50:90:88:45:c2:88:9a:10:c1:4d:25:0b:33:e1:39:
         7f:3e:7b:ea:11:a9:67:d7:2f:4c:59:54:16:c8:fd:21:ac:45:
         e5:c8:e8:d2:1b:19:03:30:48:53:ee:80:0d:40:37:40:ce:3e:
         72:fc:32:33:26:bc:22:90:0e:d6:c1:ec:af:63:72:94:ec:27:
         a7:d2:20:fa:a1:3f:30:dc:9d:71:f4:ce:4e:39:71:46:7e:f5:
         1c:48:ac:9b:d3:1c:9e:42:58:ea:0f:bc:4b:4e:0d:08:5a:cf:
         16:5f:6e:0d:87:a5:be:7e:6f:4b:7d:fb:10:1e:7b:58:46:99:
         72:4e:cb:1d:02:56:2a:23:54:4e:bc:c2:ba:27:12:93:4c:ff:
         90:7a:17:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpOqZZfjj2DV5yguYssG3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjODk0YWIxZWJkMzBmYjM3Y2UyMjlhMzc0ZDNlMzEzOWQ5
MDUxOGYwHhcNMjUxMTExMDIwMDQ3WhcNMjUxMTEyMDIwMDQ3WjAzMTEwLwYDVQQD
EyhlYTkxMmY4YTBmNDBmZjk3ZDY0ODE4NGY5MTlhZDc1YzUwNzhlYjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowjM/ffMYoA/LHSBkDj5D9Dcs8C3
rrZEB8VhdHpphVXM5YcmkcDL5PcPCpMzrcfENlft9RYKs8K4ThD4BGrUcUogVuZu
PpbnFEfBhQG2Bo9l68ufbBZLsD9QEUMCRKKz5myRpg/tDHXHw4QoLoxZD97Lt8Py
W9jrp9jKKJjaQlTEVWuV+VWx1nFhnaotYflJnlDiLxBJDcgDBgMaAzcoHAwgkTeK
0mZrk6Bdk7Q8WAGN6dQzkMVyINVS4250BFhKtHDtouud0vYRNhgjIZzNDOq1vhHd
O0W2TfQ8ZGs+IjjBj12L/gTrwyP1yLDqOCY1Gm9MqazmDqr8SMihhzmQEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOqRL4oPQP+X1kgYT5Ga11xQeOuYMB8GA1UdIwQY
MBaAFGyJSrHr0w+zfOIpo3TT4xOdkFGPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklsS3NldlREN044NGltamROUGpFNTJRVVk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS81ZmFmNzYtMWJjMi00NzIxLTk0OTgt
YTFhZTU5ZTE2ODczLzEvYklsS3NldlREN044NGltamROUGpFNTJRVVk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS81ZmFmNzYtMWJjMi00NzIxLTk0OTgtYTFhZTU5ZTE2ODcz
LzEvYklsS3NldlREN044NGltamROUGpFNTJRVVk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUDfEW88d
5VI3BwnS3RV6KyT113Wk5y7ISAnT5kCC0uMI2M/yAUIrXfacM0dUxqdnI7YdLwO4
kZpNA8GXm38lyWwVoLdLYoXeiw+obh83+LCIa0+ug8zo8Kx1Z/CfITd41D7tf+J/
7tcaxzFqeiU+UJCIRcKImhDBTSULM+E5fz576hGpZ9cvTFlUFsj9IaxF5cjo0hsZ
AzBIU+6ADUA3QM4+cvwyMya8IpAO1sHsr2NylOwnp9Ig+qE/MNydcfTOTjlxRn71
HEism9McnkJY6g+8S04NCFrPFl9uDYelvn5vS337EB57WEaZck7LHQJWKiNUTrzC
uicSk0z/kHoXng==
-----END CERTIFICATE-----