Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/1446aa-6e41-45c0-b09a-32c3658b25be/1/5XB6RVkqydFxmoV2lgMXeCm0bgo.mft
File:                     5XB6RVkqydFxmoV2lgMXeCm0bgo.mft (raw, json)
Hash identifier:          HRZrF/GY8r9OZqheU2n6qLYz3Z23FiO/Lhc+aiMRl7E=
Subject key identifier:   20:38:94:A2:C8:4E:2F:EA:CD:2C:BF:48:E7:5B:D6:D4:B8:DD:09:E2
Authority key identifier: E5:70:7A:45:59:2A:C9:D1:71:9A:85:76:96:03:17:78:29:B4:6E:0A
Certificate issuer:       /CN=e5707a45592ac9d1719a85769603177829b46e0a
Certificate serial:       019A71EE818AC181E04B47661A881B09AAE8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5XB6RVkqydFxmoV2lgMXeCm0bgo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/1446aa-6e41-45c0-b09a-32c3658b25be/1/5XB6RVkqydFxmoV2lgMXeCm0bgo.mft
Manifest number:          0D1D
Signing time:             Tue 11 Nov 2025 08:00:47 +0000
Manifest this update:     Tue 11 Nov 2025 08:00:47 +0000
Manifest next update:     Wed 12 Nov 2025 08:00:47 +0000
Files and hashes:         1: 5XB6RVkqydFxmoV2lgMXeCm0bgo.crl (hash: elFz7N6Yef/Gs5Nxv6KJ38DMWmyevkxob7ZodfOs9Mw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f1/1446aa-6e41-45c0-b09a-32c3658b25be/1/5XB6RVkqydFxmoV2lgMXeCm0bgo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f1/1446aa-6e41-45c0-b09a-32c3658b25be/1/5XB6RVkqydFxmoV2lgMXeCm0bgo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5XB6RVkqydFxmoV2lgMXeCm0bgo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 08:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:ee:81:8a:c1:81:e0:4b:47:66:1a:88:1b:09:aa:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e5707a45592ac9d1719a85769603177829b46e0a
        Validity
            Not Before: Nov 11 08:00:47 2025 GMT
            Not After : Nov 12 08:00:47 2025 GMT
        Subject: CN=203894a2c84e2feacd2cbf48e75bd6d4b8dd09e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:7f:2a:be:03:cf:e9:ad:5c:4b:66:0d:1c:19:
                    de:ff:f5:b7:ed:70:98:65:35:40:6e:95:d7:13:ce:
                    b4:41:27:b7:27:e5:8d:d7:3f:6d:58:17:37:90:84:
                    d3:67:cd:ee:a8:32:80:18:ac:02:25:ef:ba:e9:c7:
                    97:37:59:09:c5:6c:1e:46:83:18:32:30:05:db:1a:
                    fb:8c:f9:b2:b6:38:71:28:bc:28:93:47:36:08:5c:
                    5f:4d:e3:08:d8:8d:b1:2c:89:b6:60:e5:8b:b6:49:
                    42:50:a0:95:29:e3:74:d9:61:33:d3:2e:8d:60:3c:
                    98:77:74:1b:31:6f:5b:83:93:c1:d9:a2:2c:de:7c:
                    ed:66:5e:d0:c7:00:de:98:e4:da:87:75:97:dc:1b:
                    de:01:cf:fb:e2:91:6e:2c:d6:0f:9a:e9:f7:55:a3:
                    ef:43:22:f6:85:86:86:db:46:fa:07:56:67:bb:7b:
                    f4:65:7a:aa:99:9b:82:b3:75:61:da:43:01:ab:53:
                    e8:d5:e5:d9:8d:46:5c:c1:df:df:38:76:0c:64:02:
                    50:4f:8f:3a:e3:5c:fd:01:fd:d6:10:1b:44:70:8d:
                    f1:e0:e6:e1:22:69:0a:1c:16:85:f4:48:35:77:48:
                    0f:e7:db:b0:42:61:2c:85:9c:8f:2b:81:db:ea:9d:
                    23:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:38:94:A2:C8:4E:2F:EA:CD:2C:BF:48:E7:5B:D6:D4:B8:DD:09:E2
            X509v3 Authority Key Identifier:
                keyid:E5:70:7A:45:59:2A:C9:D1:71:9A:85:76:96:03:17:78:29:B4:6E:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5XB6RVkqydFxmoV2lgMXeCm0bgo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/1446aa-6e41-45c0-b09a-32c3658b25be/1/5XB6RVkqydFxmoV2lgMXeCm0bgo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/1446aa-6e41-45c0-b09a-32c3658b25be/1/5XB6RVkqydFxmoV2lgMXeCm0bgo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:2b:47:50:90:5e:4e:86:7e:16:44:ad:d9:7c:d3:4e:05:19:
         1c:46:b3:c6:5b:8b:fb:86:f2:e3:37:b1:8b:bb:40:ea:c1:dc:
         5e:f0:da:b2:c9:68:ef:0c:1f:e1:a8:1a:6c:1f:46:c3:68:42:
         6c:83:f0:e5:7a:7a:93:8b:93:6b:9a:26:d2:f2:e3:17:b5:dc:
         f1:c3:36:1a:0d:0b:a7:cf:93:66:0c:07:8d:31:c6:a4:4b:c1:
         90:9f:8f:29:66:20:05:16:ff:f0:8a:a5:96:f7:a6:ac:97:85:
         34:74:ab:15:0d:ed:a4:03:66:ea:67:b5:f2:69:5f:56:ca:37:
         6e:b4:10:41:45:42:a4:fb:d9:2b:aa:a5:87:76:41:a9:14:57:
         73:b4:b4:0a:66:84:19:1d:18:3c:38:d1:4f:97:fb:27:53:6e:
         ec:88:d8:c6:e4:ea:cc:0a:c6:a8:36:5f:51:b5:4a:09:9c:cd:
         6d:84:b5:9a:5b:d6:63:6a:f5:c3:0a:b4:ce:bf:d8:c8:d4:f3:
         66:c0:19:99:38:16:d8:0d:d1:bf:ce:c6:0d:e4:7b:68:77:85:
         a1:87:da:d4:ff:9f:0b:56:44:17:6f:65:1b:d5:e0:f2:75:3a:
         06:e2:e5:e4:9e:a4:62:4f:70:0a:6f:4d:29:6d:9f:f4:1a:4b:
         19:8f:d5:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7oGKwYHgS0dmGogbCaroMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NzA3YTQ1NTkyYWM5ZDE3MTlhODU3Njk2MDMxNzc4Mjli
NDZlMGEwHhcNMjUxMTExMDgwMDQ3WhcNMjUxMTEyMDgwMDQ3WjAzMTEwLwYDVQQD
EygyMDM4OTRhMmM4NGUyZmVhY2QyY2JmNDhlNzViZDZkNGI4ZGQwOWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqH8qvgPP6a1cS2YNHBne//W37XCY
ZTVAbpXXE860QSe3J+WN1z9tWBc3kITTZ83uqDKAGKwCJe+66ceXN1kJxWweRoMY
MjAF2xr7jPmytjhxKLwok0c2CFxfTeMI2I2xLIm2YOWLtklCUKCVKeN02WEz0y6N
YDyYd3QbMW9bg5PB2aIs3nztZl7QxwDemOTah3WX3BveAc/74pFuLNYPmun3VaPv
QyL2hYaG20b6B1Znu3v0ZXqqmZuCs3Vh2kMBq1Po1eXZjUZcwd/fOHYMZAJQT486
41z9Af3WEBtEcI3x4ObhImkKHBaF9Eg1d0gP59uwQmEshZyPK4Hb6p0jXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCA4lKLITi/qzSy/SOdb1tS43QniMB8GA1UdIwQY
MBaAFOVwekVZKsnRcZqFdpYDF3gptG4KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVhCNlJWa3F5ZEZ4bW9WMmxnTVhlQ20wYmdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8xNDQ2YWEtNmU0MS00NWMwLWIwOWEt
MzJjMzY1OGIyNWJlLzEvNVhCNlJWa3F5ZEZ4bW9WMmxnTVhlQ20wYmdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8xNDQ2YWEtNmU0MS00NWMwLWIwOWEtMzJjMzY1OGIyNWJl
LzEvNVhCNlJWa3F5ZEZ4bW9WMmxnTVhlQ20wYmdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADStHUJBe
ToZ+FkSt2XzTTgUZHEazxluL+4by4zexi7tA6sHcXvDasslo7wwf4agabB9Gw2hC
bIPw5Xp6k4uTa5om0vLjF7Xc8cM2Gg0Lp8+TZgwHjTHGpEvBkJ+PKWYgBRb/8Iql
lvemrJeFNHSrFQ3tpANm6me18mlfVso3brQQQUVCpPvZK6qlh3ZBqRRXc7S0CmaE
GR0YPDjRT5f7J1Nu7IjYxuTqzArGqDZfUbVKCZzNbYS1mlvWY2r1wwq0zr/YyNTz
ZsAZmTgW2A3Rv87GDeR7aHeFoYfa1P+fC1ZEF29lG9Xg8nU6BuLl5J6kYk9wCm9N
KW2f9BpLGY/V4g==
-----END CERTIFICATE-----