Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/a3a299-ce28-4c35-ac64-c8c20f25de88/1/5kdeNHqvK1nU7oU6ilS05L03R-s.mft
File:                     5kdeNHqvK1nU7oU6ilS05L03R-s.mft (raw, json)
Hash identifier:          zuNANx/35mGXRZbMR/NAZ0QHFrSlSNvGz7hjnlXDf0c=
Subject key identifier:   CA:F2:91:79:56:50:BD:55:30:9B:85:4A:B2:E7:94:2A:5C:48:F9:72
Authority key identifier: E6:47:5E:34:7A:AF:2B:59:D4:EE:85:3A:8A:54:B4:E4:BD:37:47:EB
Certificate issuer:       /CN=e6475e347aaf2b59d4ee853a8a54b4e4bd3747eb
Certificate serial:       019921E757AF86D3311537000C6B0D8E3DFE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5kdeNHqvK1nU7oU6ilS05L03R-s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/a3a299-ce28-4c35-ac64-c8c20f25de88/1/5kdeNHqvK1nU7oU6ilS05L03R-s.mft
Manifest number:          01BB
Signing time:             Sun 07 Sep 2025 02:00:33 +0000
Manifest this update:     Sun 07 Sep 2025 02:00:33 +0000
Manifest next update:     Mon 08 Sep 2025 02:00:33 +0000
Files and hashes:         1: 5kdeNHqvK1nU7oU6ilS05L03R-s.crl (hash: oheNRBObdXx9Q2AQgtXQ6xE07qdVbkAbUfZZW9J9txg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/a3a299-ce28-4c35-ac64-c8c20f25de88/1/5kdeNHqvK1nU7oU6ilS05L03R-s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/a3a299-ce28-4c35-ac64-c8c20f25de88/1/5kdeNHqvK1nU7oU6ilS05L03R-s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5kdeNHqvK1nU7oU6ilS05L03R-s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 02:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:e7:57:af:86:d3:31:15:37:00:0c:6b:0d:8e:3d:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e6475e347aaf2b59d4ee853a8a54b4e4bd3747eb
        Validity
            Not Before: Sep  7 02:00:33 2025 GMT
            Not After : Sep  8 02:00:33 2025 GMT
        Subject: CN=caf291795650bd55309b854ab2e7942a5c48f972
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:3c:f4:74:25:f1:d5:b1:21:ac:1d:99:e6:a8:
                    e8:e3:36:14:51:1b:a2:94:f7:1e:c4:9c:f2:3b:de:
                    04:ad:e9:d7:98:24:8e:e0:3d:0a:a7:10:e4:d7:cc:
                    42:39:21:bf:69:92:e1:1b:c6:2e:2e:80:0a:23:4e:
                    cc:fc:19:68:a6:d4:aa:a6:64:92:eb:75:7d:1c:1c:
                    54:08:bb:80:67:79:1f:58:9d:45:64:b3:56:74:d4:
                    c1:d5:d4:fe:81:65:46:b6:c3:de:ee:b4:5d:f5:ea:
                    16:81:fc:29:96:7f:5e:42:a5:7c:0e:0e:12:fe:bc:
                    ff:70:82:96:cb:3d:74:1f:0d:04:80:30:9f:a5:81:
                    3f:b0:23:9c:13:2a:4e:3c:6d:5b:32:67:bf:de:9e:
                    a0:e3:ca:15:a9:8e:44:09:74:c4:0e:50:77:31:f2:
                    b6:7c:72:87:71:e5:c1:1b:f3:12:45:e2:82:d3:02:
                    25:9a:f0:36:1d:a6:32:29:a0:84:17:73:fd:80:78:
                    f2:db:30:c6:fc:1e:e8:de:4a:ac:a3:c3:f4:ce:6c:
                    64:e9:d6:13:bf:23:f2:84:44:34:c3:4b:c5:00:2c:
                    d0:8c:9e:bf:cc:2a:44:03:c3:6d:30:a7:d0:47:6f:
                    61:88:2f:e8:09:41:da:ac:9f:bf:14:74:11:29:49:
                    60:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:F2:91:79:56:50:BD:55:30:9B:85:4A:B2:E7:94:2A:5C:48:F9:72
            X509v3 Authority Key Identifier:
                keyid:E6:47:5E:34:7A:AF:2B:59:D4:EE:85:3A:8A:54:B4:E4:BD:37:47:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5kdeNHqvK1nU7oU6ilS05L03R-s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/a3a299-ce28-4c35-ac64-c8c20f25de88/1/5kdeNHqvK1nU7oU6ilS05L03R-s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/a3a299-ce28-4c35-ac64-c8c20f25de88/1/5kdeNHqvK1nU7oU6ilS05L03R-s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:1c:15:8c:3a:0c:8a:4d:e9:74:9f:b5:ff:da:c9:94:3d:a1:
         76:4b:3b:2a:b2:fe:b3:99:73:44:59:59:3e:82:4a:ff:55:63:
         51:b2:b8:90:9f:20:9a:61:ef:6e:ac:15:5f:f0:fc:10:a0:11:
         a1:8d:10:86:c0:21:9f:ed:b0:c7:e0:d8:c4:b3:d2:00:4e:88:
         b4:c9:ce:19:4f:33:44:2d:b3:29:26:48:14:85:20:01:05:d7:
         93:0b:38:bf:a0:2b:b2:69:f3:c2:a4:4c:85:94:1f:7f:b5:1d:
         85:2f:99:3b:e1:ab:90:01:3b:2d:9e:f2:2d:17:a3:62:da:c3:
         cc:e1:39:c2:59:f2:c9:82:05:99:62:8b:81:8a:da:3f:e9:72:
         5f:d0:e6:20:47:03:a8:c8:9f:d0:24:07:81:4a:de:42:eb:31:
         45:70:8a:d9:1e:76:56:a1:12:e1:92:a0:3a:a1:61:fb:3c:d3:
         ae:71:9b:55:b1:1f:5c:f3:85:11:94:59:c6:91:a6:78:c8:1e:
         9f:27:ad:38:9b:0b:3c:ca:a6:c4:13:d7:7b:a1:b2:6f:2b:93:
         f0:e2:99:92:06:b5:96:03:ea:5e:7d:39:4f:5a:dc:2d:88:58:
         48:74:6a:1a:5e:46:f3:e3:22:d0:1b:72:e9:55:b2:57:41:dd:
         47:54:31:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkh51evhtMxFTcADGsNjj3+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2NDc1ZTM0N2FhZjJiNTlkNGVlODUzYThhNTRiNGU0YmQz
NzQ3ZWIwHhcNMjUwOTA3MDIwMDMzWhcNMjUwOTA4MDIwMDMzWjAzMTEwLwYDVQQD
EyhjYWYyOTE3OTU2NTBiZDU1MzA5Yjg1NGFiMmU3OTQyYTVjNDhmOTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTz0dCXx1bEhrB2Z5qjo4zYUURui
lPcexJzyO94ErenXmCSO4D0KpxDk18xCOSG/aZLhG8YuLoAKI07M/BloptSqpmSS
63V9HBxUCLuAZ3kfWJ1FZLNWdNTB1dT+gWVGtsPe7rRd9eoWgfwpln9eQqV8Dg4S
/rz/cIKWyz10Hw0EgDCfpYE/sCOcEypOPG1bMme/3p6g48oVqY5ECXTEDlB3MfK2
fHKHceXBG/MSReKC0wIlmvA2HaYyKaCEF3P9gHjy2zDG/B7o3kqso8P0zmxk6dYT
vyPyhEQ0w0vFACzQjJ6/zCpEA8NtMKfQR29hiC/oCUHarJ+/FHQRKUlgUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMrykXlWUL1VMJuFSrLnlCpcSPlyMB8GA1UdIwQY
MBaAFOZHXjR6rytZ1O6FOopUtOS9N0frMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWtkZU5IcXZLMW5VN29VNmlsUzA1TDAzUi1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9hM2EyOTktY2UyOC00YzM1LWFjNjQt
YzhjMjBmMjVkZTg4LzEvNWtkZU5IcXZLMW5VN29VNmlsUzA1TDAzUi1zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9hM2EyOTktY2UyOC00YzM1LWFjNjQtYzhjMjBmMjVkZTg4
LzEvNWtkZU5IcXZLMW5VN29VNmlsUzA1TDAzUi1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJRwVjDoM
ik3pdJ+1/9rJlD2hdks7KrL+s5lzRFlZPoJK/1VjUbK4kJ8gmmHvbqwVX/D8EKAR
oY0QhsAhn+2wx+DYxLPSAE6ItMnOGU8zRC2zKSZIFIUgAQXXkws4v6ArsmnzwqRM
hZQff7UdhS+ZO+GrkAE7LZ7yLRejYtrDzOE5wlnyyYIFmWKLgYraP+lyX9DmIEcD
qMif0CQHgUreQusxRXCK2R52VqES4ZKgOqFh+zzTrnGbVbEfXPOFEZRZxpGmeMge
nyetOJsLPMqmxBPXe6GybyuT8OKZkga1lgPqXn05T1rcLYhYSHRqGl5G8+Mi0Bty
6VWyV0HdR1QxDA==
-----END CERTIFICATE-----