Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
File:                     52vcVigM5dn89QMlGKfsm2HizO0.mft (raw, json)
Hash identifier:          zxrFrus5CvNIc6KVdHpDT+Nqf8kstdvFILyU6VifudI=
Subject key identifier:   F0:CE:09:0C:F1:CB:E0:18:9A:88:5B:FE:FE:AC:43:01:FD:82:6F:87
Authority key identifier: E7:6B:DC:56:28:0C:E5:D9:FC:F5:03:25:18:A7:EC:9B:61:E2:CC:ED
Certificate issuer:       /CN=e76bdc56280ce5d9fcf5032518a7ec9b61e2cced
Certificate serial:       019A71B81D3680739588388E46E131A72D85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
Manifest number:          11E8
Signing time:             Tue 11 Nov 2025 07:01:22 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:22 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:22 +0000
Files and hashes:         1: 52vcVigM5dn89QMlGKfsm2HizO0.crl (hash: piz/03e12gaFowmA2eoruRt8vsQWrnvWqzHhpGPWPmY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:1d:36:80:73:95:88:38:8e:46:e1:31:a7:2d:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e76bdc56280ce5d9fcf5032518a7ec9b61e2cced
        Validity
            Not Before: Nov 11 07:01:22 2025 GMT
            Not After : Nov 12 07:01:22 2025 GMT
        Subject: CN=f0ce090cf1cbe0189a885bfefeac4301fd826f87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:0a:03:ec:1d:85:a2:3a:6e:5f:cb:d8:77:fe:
                    9d:15:a8:39:2d:f7:95:a6:d3:02:e2:95:b2:39:f4:
                    f7:25:c0:f7:8f:8b:a2:a4:ed:e7:93:48:07:50:1d:
                    41:bb:6a:6b:d7:6d:b0:fa:ab:b7:1a:fd:e9:73:ea:
                    33:32:65:31:6d:d2:61:14:49:ea:7d:77:02:b7:d5:
                    1f:27:bc:95:ff:f9:9a:be:c4:9f:d9:a2:31:9d:73:
                    4f:52:e8:fa:31:13:b7:7e:b9:6c:c5:d3:88:c1:86:
                    80:56:70:50:f1:ca:66:a4:5c:36:b2:4f:86:4f:b8:
                    42:ea:a1:29:8e:06:38:f2:5c:f9:76:c8:fe:71:cd:
                    dd:19:48:d5:a4:82:70:5d:80:62:f4:93:0b:cc:3d:
                    d4:8a:18:7a:9d:79:a0:21:ce:b7:cf:22:74:ca:8e:
                    56:6a:7f:7a:d8:f4:ea:f6:d1:9e:45:9e:e3:94:c6:
                    c4:ca:5e:cf:ab:17:e5:f2:2c:19:64:88:9d:d9:71:
                    8d:9f:49:3e:a7:3e:98:e5:07:03:88:c8:0b:c1:d5:
                    88:bb:f8:2d:0c:8f:23:af:57:a4:91:9e:c2:38:9e:
                    ae:4e:7d:88:12:fe:10:8c:fc:51:a4:cc:d2:06:6c:
                    72:21:96:fc:eb:ec:6e:47:e1:84:44:c0:ba:bb:43:
                    2d:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:CE:09:0C:F1:CB:E0:18:9A:88:5B:FE:FE:AC:43:01:FD:82:6F:87
            X509v3 Authority Key Identifier:
                keyid:E7:6B:DC:56:28:0C:E5:D9:FC:F5:03:25:18:A7:EC:9B:61:E2:CC:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:5e:ec:4c:e3:63:80:65:f5:fc:30:40:98:e5:9c:9c:99:71:
         3c:e4:a9:49:29:3f:78:ee:e8:b6:27:87:c7:cf:11:54:d9:06:
         fd:cb:b5:44:87:28:36:1c:e7:6d:34:40:9e:14:3d:84:51:11:
         77:70:1c:e6:44:cb:2c:3d:3e:51:b6:8c:9b:88:a9:47:b1:87:
         a0:e2:48:3c:a2:73:67:f9:25:1c:05:7a:47:46:b7:8b:1f:cb:
         1f:85:7d:5d:20:0e:58:e7:f8:28:cd:d9:e7:ff:9f:df:94:e7:
         c5:ef:59:1c:e2:b1:b6:1e:1c:5e:02:f7:bb:8d:48:d4:ef:ba:
         63:52:20:0b:82:46:38:55:89:ef:f0:98:df:f9:78:69:90:8e:
         0a:7b:d6:93:a6:cf:7b:a4:a2:86:c9:b7:1b:4c:db:0c:dc:97:
         59:0a:b0:47:61:a7:c6:1a:1a:1d:63:03:97:3e:dc:ea:5f:bf:
         c2:a0:81:6d:1e:19:31:ae:d5:b2:c0:e8:15:a1:b0:b3:24:1e:
         7d:4d:ac:59:db:c0:e2:bb:38:87:db:b8:e0:bd:5a:42:df:79:
         d1:01:5a:0a:d8:db:56:6b:d8:ee:3f:58:8d:fb:41:aa:aa:ff:
         db:e7:9d:c4:44:a6:19:73:a6:e7:66:3c:45:cb:f4:e7:68:ae:
         86:97:dd:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuB02gHOViDiORuExpy2FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NmJkYzU2MjgwY2U1ZDlmY2Y1MDMyNTE4YTdlYzliNjFl
MmNjZWQwHhcNMjUxMTExMDcwMTIyWhcNMjUxMTEyMDcwMTIyWjAzMTEwLwYDVQQD
EyhmMGNlMDkwY2YxY2JlMDE4OWE4ODViZmVmZWFjNDMwMWZkODI2Zjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4woD7B2FojpuX8vYd/6dFag5LfeV
ptMC4pWyOfT3JcD3j4uipO3nk0gHUB1Bu2pr122w+qu3Gv3pc+ozMmUxbdJhFEnq
fXcCt9UfJ7yV//mavsSf2aIxnXNPUuj6MRO3frlsxdOIwYaAVnBQ8cpmpFw2sk+G
T7hC6qEpjgY48lz5dsj+cc3dGUjVpIJwXYBi9JMLzD3Uihh6nXmgIc63zyJ0yo5W
an962PTq9tGeRZ7jlMbEyl7Pqxfl8iwZZIid2XGNn0k+pz6Y5QcDiMgLwdWIu/gt
DI8jr1ekkZ7COJ6uTn2IEv4QjPxRpMzSBmxyIZb86+xuR+GERMC6u0MtQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPDOCQzxy+AYmohb/v6sQwH9gm+HMB8GA1UdIwQY
MBaAFOdr3FYoDOXZ/PUDJRin7Jth4sztMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8zZGRkNmEtMzAyNS00MTk2LTg0YzIt
ZjFjMjRhODEzOWRiLzEvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8zZGRkNmEtMzAyNS00MTk2LTg0YzItZjFjMjRhODEzOWRi
LzEvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAol7sTONj
gGX1/DBAmOWcnJlxPOSpSSk/eO7otieHx88RVNkG/cu1RIcoNhznbTRAnhQ9hFER
d3Ac5kTLLD0+UbaMm4ipR7GHoOJIPKJzZ/klHAV6R0a3ix/LH4V9XSAOWOf4KM3Z
5/+f35Tnxe9ZHOKxth4cXgL3u41I1O+6Y1IgC4JGOFWJ7/CY3/l4aZCOCnvWk6bP
e6Sihsm3G0zbDNyXWQqwR2GnxhoaHWMDlz7c6l+/wqCBbR4ZMa7VssDoFaGwsyQe
fU2sWdvA4rs4h9u44L1aQt950QFaCtjbVmvY7j9YjftBqqr/2+edxESmGXOm52Y8
Rcv052iuhpfdlQ==
-----END CERTIFICATE-----