Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/a3a299-ce28-4c35-ac64-c8c20f25de88/1/5kdeNHqvK1nU7oU6ilS05L03R-s.mft
File:                     5kdeNHqvK1nU7oU6ilS05L03R-s.mft (raw, json)
Hash identifier:          pTb69kKXYgFTovSghD0UeO7AeA3wRuHng6xxkKQwo1g=
Subject key identifier:   4D:CB:E8:FB:C7:09:7C:1A:B0:E3:3E:15:23:6B:AF:3A:60:BD:74:F0
Authority key identifier: E6:47:5E:34:7A:AF:2B:59:D4:EE:85:3A:8A:54:B4:E4:BD:37:47:EB
Certificate issuer:       /CN=e6475e347aaf2b59d4ee853a8a54b4e4bd3747eb
Certificate serial:       019A71EE6807408C733E2DA1B1E47C38294E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5kdeNHqvK1nU7oU6ilS05L03R-s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/a3a299-ce28-4c35-ac64-c8c20f25de88/1/5kdeNHqvK1nU7oU6ilS05L03R-s.mft
Manifest number:          0269
Signing time:             Tue 11 Nov 2025 08:00:40 +0000
Manifest this update:     Tue 11 Nov 2025 08:00:40 +0000
Manifest next update:     Wed 12 Nov 2025 08:00:40 +0000
Files and hashes:         1: 5kdeNHqvK1nU7oU6ilS05L03R-s.crl (hash: OLmeGAS+BLK6aYs0MkTslrBlMyJB+R097jLoZIPN+0k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/a3a299-ce28-4c35-ac64-c8c20f25de88/1/5kdeNHqvK1nU7oU6ilS05L03R-s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/a3a299-ce28-4c35-ac64-c8c20f25de88/1/5kdeNHqvK1nU7oU6ilS05L03R-s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5kdeNHqvK1nU7oU6ilS05L03R-s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 08:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:ee:68:07:40:8c:73:3e:2d:a1:b1:e4:7c:38:29:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e6475e347aaf2b59d4ee853a8a54b4e4bd3747eb
        Validity
            Not Before: Nov 11 08:00:40 2025 GMT
            Not After : Nov 12 08:00:40 2025 GMT
        Subject: CN=4dcbe8fbc7097c1ab0e33e15236baf3a60bd74f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:14:c3:f0:ab:52:61:f7:52:6d:ae:9f:a0:f6:
                    11:b4:1f:6e:2d:c2:5a:9a:b7:be:f9:68:08:2f:ce:
                    c1:3c:9b:a6:42:c0:5d:b6:aa:d5:0e:04:e8:e3:ad:
                    20:5b:8e:d0:75:8b:32:bb:44:e0:31:9d:54:f6:74:
                    0e:02:ce:ff:e9:04:9d:02:62:ab:c4:2b:f8:9b:08:
                    f3:3d:8c:d1:84:90:89:67:77:9d:f4:bc:a0:56:aa:
                    2f:e8:ae:01:7a:2a:34:92:48:74:d7:6b:ac:56:c7:
                    0e:e3:f7:0e:02:bb:66:d8:1d:f7:4d:40:86:75:41:
                    68:44:11:c0:4b:32:4a:37:a7:59:d5:30:c4:1f:47:
                    21:22:41:c0:7d:46:52:b6:d9:d7:32:88:d7:b5:64:
                    ea:ef:e7:7e:62:8a:d8:2f:61:c4:50:bc:8b:9f:3f:
                    d5:6f:18:b7:db:e7:d4:51:e7:f8:2d:97:10:b3:85:
                    8e:f7:92:12:cc:d6:ea:15:f3:6d:fb:4d:b4:0b:d1:
                    0b:00:51:94:ab:8a:bd:59:d8:dc:87:ef:8f:00:bb:
                    f2:73:33:79:59:04:c1:fa:0d:69:3f:a3:b6:5d:00:
                    80:ef:d1:43:58:3e:4e:3e:60:0c:ee:1d:da:a3:86:
                    e4:0b:33:ba:2b:e0:ef:64:6c:aa:86:1a:a3:85:b7:
                    aa:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:CB:E8:FB:C7:09:7C:1A:B0:E3:3E:15:23:6B:AF:3A:60:BD:74:F0
            X509v3 Authority Key Identifier:
                keyid:E6:47:5E:34:7A:AF:2B:59:D4:EE:85:3A:8A:54:B4:E4:BD:37:47:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5kdeNHqvK1nU7oU6ilS05L03R-s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/a3a299-ce28-4c35-ac64-c8c20f25de88/1/5kdeNHqvK1nU7oU6ilS05L03R-s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/a3a299-ce28-4c35-ac64-c8c20f25de88/1/5kdeNHqvK1nU7oU6ilS05L03R-s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cc:63:92:67:f7:d3:1d:8d:5a:d4:e8:8e:e4:1a:74:28:98:2c:
         83:56:ab:f8:72:a5:d7:b1:44:0b:4a:22:d4:b2:dd:c0:aa:a8:
         10:59:b1:cb:77:9a:96:a6:7c:18:31:06:a8:16:53:23:1a:ac:
         1a:ff:d7:ad:90:7b:ec:00:ce:85:62:7c:69:3e:d5:05:ac:18:
         a9:7a:ce:64:ad:0e:a1:e5:23:33:4b:14:e0:cb:d1:28:fe:2e:
         ca:db:2e:82:56:2c:1e:69:45:90:cc:24:5b:ae:ee:6d:4c:0b:
         f6:43:31:d3:06:9e:6b:6c:f8:12:af:15:8d:62:71:08:1b:53:
         4a:c0:81:e6:ee:63:fa:49:5d:80:11:60:f3:49:89:d3:f3:ca:
         ba:d1:cf:3d:ef:87:2e:a4:83:80:2c:62:f6:be:7e:e0:4f:ad:
         8b:a0:6d:bf:29:01:7b:49:67:01:f1:95:f7:f7:3e:c8:d6:ad:
         40:14:bb:11:91:ed:3d:89:08:86:dd:4b:2f:e3:40:85:a7:6c:
         4a:25:9d:09:3b:f4:31:63:23:35:ac:ea:53:17:28:a0:c3:9e:
         a3:e7:30:2c:2f:98:32:80:d5:49:0e:86:7e:ee:28:08:39:9e:
         28:f8:d4:0a:74:b4:49:e2:eb:ef:09:c4:f5:b7:44:f0:67:b7:
         52:38:50:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7mgHQIxzPi2hseR8OClOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2NDc1ZTM0N2FhZjJiNTlkNGVlODUzYThhNTRiNGU0YmQz
NzQ3ZWIwHhcNMjUxMTExMDgwMDQwWhcNMjUxMTEyMDgwMDQwWjAzMTEwLwYDVQQD
Eyg0ZGNiZThmYmM3MDk3YzFhYjBlMzNlMTUyMzZiYWYzYTYwYmQ3NGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRTD8KtSYfdSba6foPYRtB9uLcJa
mre++WgIL87BPJumQsBdtqrVDgTo460gW47QdYsyu0TgMZ1U9nQOAs7/6QSdAmKr
xCv4mwjzPYzRhJCJZ3ed9LygVqov6K4Beio0kkh012usVscO4/cOArtm2B33TUCG
dUFoRBHASzJKN6dZ1TDEH0chIkHAfUZSttnXMojXtWTq7+d+YorYL2HEULyLnz/V
bxi32+fUUef4LZcQs4WO95ISzNbqFfNt+020C9ELAFGUq4q9Wdjch++PALvyczN5
WQTB+g1pP6O2XQCA79FDWD5OPmAM7h3ao4bkCzO6K+DvZGyqhhqjhbeqEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE3L6PvHCXwasOM+FSNrrzpgvXTwMB8GA1UdIwQY
MBaAFOZHXjR6rytZ1O6FOopUtOS9N0frMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWtkZU5IcXZLMW5VN29VNmlsUzA1TDAzUi1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9hM2EyOTktY2UyOC00YzM1LWFjNjQt
YzhjMjBmMjVkZTg4LzEvNWtkZU5IcXZLMW5VN29VNmlsUzA1TDAzUi1zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9hM2EyOTktY2UyOC00YzM1LWFjNjQtYzhjMjBmMjVkZTg4
LzEvNWtkZU5IcXZLMW5VN29VNmlsUzA1TDAzUi1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzGOSZ/fT
HY1a1OiO5Bp0KJgsg1ar+HKl17FEC0oi1LLdwKqoEFmxy3ealqZ8GDEGqBZTIxqs
Gv/XrZB77ADOhWJ8aT7VBawYqXrOZK0OoeUjM0sU4MvRKP4uytsuglYsHmlFkMwk
W67ubUwL9kMx0waea2z4Eq8VjWJxCBtTSsCB5u5j+kldgBFg80mJ0/PKutHPPe+H
LqSDgCxi9r5+4E+ti6BtvykBe0lnAfGV9/c+yNatQBS7EZHtPYkIht1LL+NAhads
SiWdCTv0MWMjNazqUxcooMOeo+cwLC+YMoDVSQ6Gfu4oCDmeKPjUCnS0SeLr7wnE
9bdE8Ge3UjhQ6Q==
-----END CERTIFICATE-----