Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft
File:                     tY6n73bYACz8pmxSD3ybYIo5XZU.mft (raw, json)
Hash identifier:          JGfbZ3ItLrUIdqd0alOy7V5GG/6tS4EFqaKWNJ67mG4=
Subject key identifier:   6D:EE:88:11:D8:4C:06:2D:99:5E:F8:00:35:ED:C1:E7:58:0C:A3:B6
Authority key identifier: B5:8E:A7:EF:76:D8:00:2C:FC:A6:6C:52:0F:7C:9B:60:8A:39:5D:95
Certificate issuer:       /CN=b58ea7ef76d8002cfca66c520f7c9b608a395d95
Certificate serial:       019A71135104ECFCC5D0A54D9CB618804E3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tY6n73bYACz8pmxSD3ybYIo5XZU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft
Manifest number:          06AF
Signing time:             Tue 11 Nov 2025 04:01:22 +0000
Manifest this update:     Tue 11 Nov 2025 04:01:22 +0000
Manifest next update:     Wed 12 Nov 2025 04:01:22 +0000
Files and hashes:         1: tY6n73bYACz8pmxSD3ybYIo5XZU.crl (hash: 0P24e9+DNVFdO92Bsb0ONQtfvdpiAXg2v4Tg8m5qhZU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tY6n73bYACz8pmxSD3ybYIo5XZU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:13:51:04:ec:fc:c5:d0:a5:4d:9c:b6:18:80:4e:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b58ea7ef76d8002cfca66c520f7c9b608a395d95
        Validity
            Not Before: Nov 11 04:01:22 2025 GMT
            Not After : Nov 12 04:01:22 2025 GMT
        Subject: CN=6dee8811d84c062d995ef80035edc1e7580ca3b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:26:62:09:a8:ce:0c:27:b4:d5:e4:04:7d:83:
                    63:f5:b8:0c:78:c9:03:9e:83:8d:7b:ee:5a:a4:5a:
                    24:b5:5b:94:61:09:bc:f1:87:8c:d7:af:25:e5:fd:
                    49:e5:d4:0c:c9:fc:35:be:85:5d:f3:05:8e:14:34:
                    06:40:75:a7:19:d6:54:4f:59:61:4c:fc:e7:9d:d0:
                    e5:41:26:33:01:d8:35:1c:23:2e:30:f4:66:01:0f:
                    34:31:b0:0d:13:f1:3c:50:36:a0:d6:c6:42:eb:c8:
                    8c:f3:6d:c1:8f:ea:9b:ee:91:5c:e5:86:60:8e:65:
                    36:5a:b4:d7:e0:8f:b8:83:21:ad:92:52:0e:f8:f6:
                    15:e1:8d:22:13:0a:ca:89:68:a4:86:5c:21:65:bf:
                    d9:16:5e:01:8d:ed:c0:1b:5f:35:43:e1:c4:c7:99:
                    bd:20:65:73:ef:80:79:a5:bf:a7:20:3d:19:ac:34:
                    13:20:0b:f6:7a:31:2a:8e:21:5b:29:9e:dd:70:8b:
                    29:f2:d0:7a:78:93:00:4c:06:0e:d4:97:9c:93:5b:
                    e2:a8:87:b3:a7:c5:db:dd:49:a9:62:62:12:11:71:
                    78:a5:91:04:7d:93:ac:50:71:0a:03:78:dd:55:ea:
                    3b:6d:ca:a6:83:6f:b9:0c:11:87:16:31:7c:48:c9:
                    cc:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:EE:88:11:D8:4C:06:2D:99:5E:F8:00:35:ED:C1:E7:58:0C:A3:B6
            X509v3 Authority Key Identifier:
                keyid:B5:8E:A7:EF:76:D8:00:2C:FC:A6:6C:52:0F:7C:9B:60:8A:39:5D:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tY6n73bYACz8pmxSD3ybYIo5XZU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:b0:5e:45:6d:b8:6f:11:4a:c3:c0:ce:98:a2:42:39:c7:82:
         27:71:f2:17:bc:ad:70:12:26:b7:01:15:07:9a:d9:e5:cf:53:
         11:7a:f1:bd:cd:cf:a3:82:75:6d:53:0c:51:84:8c:9a:2e:ce:
         5f:68:5f:7c:ce:e8:e1:48:40:0e:e4:8e:fd:37:1f:17:d0:4f:
         68:ee:2b:be:69:7e:95:be:a9:f9:1a:cf:02:59:76:1f:eb:9a:
         4b:76:cf:c0:86:4d:94:53:d0:a1:83:c9:ce:c3:8e:e9:ad:a5:
         35:36:ed:bc:b7:db:bd:74:1a:d1:38:ab:5a:8b:84:17:d6:ba:
         6a:57:d2:55:17:2a:56:85:ac:84:6d:d5:f5:53:48:78:15:a5:
         cc:c2:84:09:06:9f:be:ea:ba:c7:bf:5a:b0:44:8f:92:e2:ec:
         59:db:b8:36:d7:a0:0f:07:d8:f2:a4:82:bb:d9:07:69:96:9a:
         9e:2a:b6:82:d6:1e:75:fa:62:82:f3:5d:92:1b:aa:a3:f1:e0:
         fa:c9:87:62:30:73:f0:e3:dc:27:61:f0:de:75:73:6c:de:79:
         c7:8e:6b:bf:59:53:8d:27:44:d9:ee:ca:a1:10:8a:b1:b4:0e:
         49:84:0d:21:05:a9:bf:70:95:0a:48:1b:1d:7d:bb:23:ef:66:
         bb:87:dc:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxE1EE7PzF0KVNnLYYgE47MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1OGVhN2VmNzZkODAwMmNmY2E2NmM1MjBmN2M5YjYwOGEz
OTVkOTUwHhcNMjUxMTExMDQwMTIyWhcNMjUxMTEyMDQwMTIyWjAzMTEwLwYDVQQD
Eyg2ZGVlODgxMWQ4NGMwNjJkOTk1ZWY4MDAzNWVkYzFlNzU4MGNhM2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySZiCajODCe01eQEfYNj9bgMeMkD
noONe+5apFoktVuUYQm88YeM168l5f1J5dQMyfw1voVd8wWOFDQGQHWnGdZUT1lh
TPznndDlQSYzAdg1HCMuMPRmAQ80MbANE/E8UDag1sZC68iM823Bj+qb7pFc5YZg
jmU2WrTX4I+4gyGtklIO+PYV4Y0iEwrKiWikhlwhZb/ZFl4Bje3AG181Q+HEx5m9
IGVz74B5pb+nID0ZrDQTIAv2ejEqjiFbKZ7dcIsp8tB6eJMATAYO1Jeck1viqIez
p8Xb3UmpYmISEXF4pZEEfZOsUHEKA3jdVeo7bcqmg2+5DBGHFjF8SMnMAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG3uiBHYTAYtmV74ADXtwedYDKO2MB8GA1UdIwQY
MBaAFLWOp+922AAs/KZsUg98m2CKOV2VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFk2bjczYllBQ3o4cG14U0QzeWJZSW81WFpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS80ZDk1YmEtOTlmYy00OTNlLWE1YzQt
NmI5ZmYyY2ZhMDdmLzEvdFk2bjczYllBQ3o4cG14U0QzeWJZSW81WFpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS80ZDk1YmEtOTlmYy00OTNlLWE1YzQtNmI5ZmYyY2ZhMDdm
LzEvdFk2bjczYllBQ3o4cG14U0QzeWJZSW81WFpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIbBeRW24
bxFKw8DOmKJCOceCJ3HyF7ytcBImtwEVB5rZ5c9TEXrxvc3Po4J1bVMMUYSMmi7O
X2hffM7o4UhADuSO/TcfF9BPaO4rvml+lb6p+RrPAll2H+uaS3bPwIZNlFPQoYPJ
zsOO6a2lNTbtvLfbvXQa0TirWouEF9a6alfSVRcqVoWshG3V9VNIeBWlzMKECQaf
vuq6x79asESPkuLsWdu4NtegDwfY8qSCu9kHaZaaniq2gtYedfpigvNdkhuqo/Hg
+smHYjBz8OPcJ2Hw3nVzbN55x45rv1lTjSdE2e7KoRCKsbQOSYQNIQWpv3CVCkgb
HX27I+9mu4fcOA==
-----END CERTIFICATE-----