Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/5b45f8-9a30-41d3-b611-d5aa6477efde/1/eYCaQAStlYNQpkbViavLPP3z7S4.mft
File:                     eYCaQAStlYNQpkbViavLPP3z7S4.mft (raw, json)
Hash identifier:          cBVS6NjBTERIme7d5CGWWS/bLnnb8FEyfincF2MW8UI=
Subject key identifier:   3D:93:70:4A:1E:0F:7A:A6:B3:CB:BF:1E:C4:6B:43:15:14:02:F6:48
Authority key identifier: 79:80:9A:40:04:AD:95:83:50:A6:46:D5:89:AB:CB:3C:FD:F3:ED:2E
Certificate issuer:       /CN=79809a4004ad958350a646d589abcb3cfdf3ed2e
Certificate serial:       019A7293D920CCADF11B10801075C318A3DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eYCaQAStlYNQpkbViavLPP3z7S4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/5b45f8-9a30-41d3-b611-d5aa6477efde/1/eYCaQAStlYNQpkbViavLPP3z7S4.mft
Manifest number:          08A2
Signing time:             Tue 11 Nov 2025 11:01:23 +0000
Manifest this update:     Tue 11 Nov 2025 11:01:23 +0000
Manifest next update:     Wed 12 Nov 2025 11:01:23 +0000
Files and hashes:         1: eYCaQAStlYNQpkbViavLPP3z7S4.crl (hash: yMrY2TEeWgnuKM84CIE/CshKay+ay8IV8YL0AhV2k6w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e0/5b45f8-9a30-41d3-b611-d5aa6477efde/1/eYCaQAStlYNQpkbViavLPP3z7S4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e0/5b45f8-9a30-41d3-b611-d5aa6477efde/1/eYCaQAStlYNQpkbViavLPP3z7S4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eYCaQAStlYNQpkbViavLPP3z7S4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:d9:20:cc:ad:f1:1b:10:80:10:75:c3:18:a3:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=79809a4004ad958350a646d589abcb3cfdf3ed2e
        Validity
            Not Before: Nov 11 11:01:23 2025 GMT
            Not After : Nov 12 11:01:23 2025 GMT
        Subject: CN=3d93704a1e0f7aa6b3cbbf1ec46b43151402f648
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:cd:fd:df:82:86:6d:f9:d9:c7:43:83:64:e6:
                    52:01:12:e6:f6:82:86:49:9f:74:ca:15:7c:a1:ee:
                    d7:0e:e6:ed:0e:86:26:17:69:de:a1:a5:d0:2b:84:
                    67:4a:2a:24:9a:61:01:1a:94:b2:3a:14:b8:fb:e7:
                    b4:58:d6:cd:54:b1:9b:85:74:c6:39:ef:25:01:ee:
                    84:3b:08:20:53:9b:c0:b6:86:dd:42:46:50:78:ed:
                    33:64:ad:ee:8d:71:85:f6:b1:3c:64:72:fa:a2:3c:
                    e0:45:84:c7:8a:60:a0:a2:76:f9:ec:a3:3e:0d:ea:
                    13:4b:e4:75:0a:dd:de:40:2c:03:6f:f4:c8:8c:3e:
                    a0:92:26:30:71:4e:bf:f1:44:6b:26:55:56:60:6e:
                    71:4f:70:ae:f4:f4:77:ed:45:36:99:a1:c9:08:c4:
                    00:f2:84:b3:51:61:a3:c6:47:c5:ba:86:55:91:fc:
                    46:1f:2d:37:0f:a0:17:8d:de:32:af:c9:9f:5c:1f:
                    ed:07:78:0d:aa:83:89:0a:18:3c:86:34:bb:8e:b4:
                    8f:eb:e1:9b:26:db:ff:78:6f:75:92:f7:85:1d:23:
                    40:42:4b:4c:f5:c6:99:3d:21:0b:4e:15:a1:0f:6a:
                    c0:69:40:5a:58:24:2c:ba:3a:d7:f4:aa:f6:ce:51:
                    59:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:93:70:4A:1E:0F:7A:A6:B3:CB:BF:1E:C4:6B:43:15:14:02:F6:48
            X509v3 Authority Key Identifier:
                keyid:79:80:9A:40:04:AD:95:83:50:A6:46:D5:89:AB:CB:3C:FD:F3:ED:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eYCaQAStlYNQpkbViavLPP3z7S4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/5b45f8-9a30-41d3-b611-d5aa6477efde/1/eYCaQAStlYNQpkbViavLPP3z7S4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/5b45f8-9a30-41d3-b611-d5aa6477efde/1/eYCaQAStlYNQpkbViavLPP3z7S4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:59:9b:7e:77:5a:41:c7:49:10:b4:2a:06:a2:40:ec:b3:84:
         cb:ca:a4:7e:97:9c:30:52:b5:e4:ae:f5:01:bd:72:b4:39:3f:
         f4:63:3f:d2:03:45:46:84:d5:0b:08:1f:d0:b0:5a:69:db:13:
         7c:6a:57:65:cb:aa:e2:83:95:19:09:9a:74:e3:10:72:5c:4b:
         9a:3d:19:21:67:86:b6:82:8f:d2:18:3e:43:09:20:55:03:b3:
         2e:9c:14:6d:27:9e:00:20:06:ed:49:96:86:69:d7:cd:63:8f:
         bb:21:a1:cb:31:46:ec:f9:79:24:cc:14:47:31:43:e5:a6:19:
         81:5a:9b:eb:de:f6:1d:d3:3f:9b:8b:b3:58:7f:5b:66:48:04:
         c6:ed:95:40:d5:f4:cc:27:1a:a6:f6:b2:71:41:2f:47:af:ea:
         60:48:a9:0a:a6:93:fb:ac:87:fa:4e:a0:9e:68:93:25:5c:c2:
         91:7f:d1:b2:2f:ff:d0:aa:32:33:e7:bd:3f:45:a6:4c:e4:99:
         2b:0c:a9:be:b5:69:cc:6e:28:d2:cc:5e:81:fb:f1:af:51:da:
         c6:30:7e:91:cd:b7:fb:b0:86:52:e6:71:8f:bb:44:76:fb:a9:
         61:25:61:09:0c:98:d2:0e:a4:b4:98:80:23:4f:3c:c9:d8:ac:
         18:63:50:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk9kgzK3xGxCAEHXDGKPdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ODA5YTQwMDRhZDk1ODM1MGE2NDZkNTg5YWJjYjNjZmRm
M2VkMmUwHhcNMjUxMTExMTEwMTIzWhcNMjUxMTEyMTEwMTIzWjAzMTEwLwYDVQQD
EygzZDkzNzA0YTFlMGY3YWE2YjNjYmJmMWVjNDZiNDMxNTE0MDJmNjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvM3934KGbfnZx0ODZOZSARLm9oKG
SZ90yhV8oe7XDubtDoYmF2neoaXQK4RnSiokmmEBGpSyOhS4++e0WNbNVLGbhXTG
Oe8lAe6EOwggU5vAtobdQkZQeO0zZK3ujXGF9rE8ZHL6ojzgRYTHimCgonb57KM+
DeoTS+R1Ct3eQCwDb/TIjD6gkiYwcU6/8URrJlVWYG5xT3Cu9PR37UU2maHJCMQA
8oSzUWGjxkfFuoZVkfxGHy03D6AXjd4yr8mfXB/tB3gNqoOJChg8hjS7jrSP6+Gb
Jtv/eG91kveFHSNAQktM9caZPSELThWhD2rAaUBaWCQsujrX9Kr2zlFZ7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD2TcEoeD3qms8u/HsRrQxUUAvZIMB8GA1UdIwQY
MBaAFHmAmkAErZWDUKZG1Ymryzz98+0uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVlDYVFBU3RsWU5RcGtiVmlhdkxQUDN6N1M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81YjQ1ZjgtOWEzMC00MWQzLWI2MTEt
ZDVhYTY0NzdlZmRlLzEvZVlDYVFBU3RsWU5RcGtiVmlhdkxQUDN6N1M0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81YjQ1ZjgtOWEzMC00MWQzLWI2MTEtZDVhYTY0NzdlZmRl
LzEvZVlDYVFBU3RsWU5RcGtiVmlhdkxQUDN6N1M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZVmbfnda
QcdJELQqBqJA7LOEy8qkfpecMFK15K71Ab1ytDk/9GM/0gNFRoTVCwgf0LBaadsT
fGpXZcuq4oOVGQmadOMQclxLmj0ZIWeGtoKP0hg+QwkgVQOzLpwUbSeeACAG7UmW
hmnXzWOPuyGhyzFG7Pl5JMwURzFD5aYZgVqb6972HdM/m4uzWH9bZkgExu2VQNX0
zCcapvaycUEvR6/qYEipCqaT+6yH+k6gnmiTJVzCkX/Rsi//0KoyM+e9P0WmTOSZ
KwypvrVpzG4o0sxegfvxr1HaxjB+kc23+7CGUuZxj7tEdvupYSVhCQyY0g6ktJiA
I088ydisGGNQog==
-----END CERTIFICATE-----