Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
File:                     5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft (raw, json)
Hash identifier:          IVpvMT2zG7UzSe1M7rnIMKNM2k6NkncqpzZgm9x0t2Y=
Subject key identifier:   C2:FE:E6:78:5F:A6:C0:25:19:97:9A:B2:1D:C5:B4:7A:6F:7B:D1:6F
Authority key identifier: E5:2C:B8:5C:A7:93:FA:D5:65:B4:60:8E:26:D8:2A:6A:E2:7D:C2:32
Certificate issuer:       /CN=e52cb85ca793fad565b4608e26d82a6ae27dc232
Certificate serial:       0199FC215AFA82D67435933796DCCECCB112
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
Manifest number:          0D67
Signing time:             Sun 19 Oct 2025 11:01:08 +0000
Manifest this update:     Sun 19 Oct 2025 11:01:08 +0000
Manifest next update:     Mon 20 Oct 2025 11:01:08 +0000
Files and hashes:         1: 5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl (hash: 9fZIwTbBnW8lPtti61eAHddWEaYhgmLuxTN0ERRgQ38=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:21:5a:fa:82:d6:74:35:93:37:96:dc:ce:cc:b1:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e52cb85ca793fad565b4608e26d82a6ae27dc232
        Validity
            Not Before: Oct 19 11:01:08 2025 GMT
            Not After : Oct 20 11:01:08 2025 GMT
        Subject: CN=c2fee6785fa6c02519979ab21dc5b47a6f7bd16f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:e8:58:2a:f3:92:59:a1:0f:c5:ff:3e:6c:3e:
                    49:12:de:61:25:0c:e9:80:8c:c8:99:8b:41:30:b6:
                    22:73:06:1e:fb:e8:32:0f:9d:6f:5c:c4:df:fa:a3:
                    ac:0c:6b:fc:fa:1a:6e:19:20:24:d4:f5:1a:8d:62:
                    2a:75:54:8c:fd:36:f1:77:b0:23:81:60:22:c9:e6:
                    09:ed:9a:6a:ab:b3:b0:59:3f:1b:3f:a2:61:3b:3d:
                    57:eb:ff:78:8f:7f:de:63:bf:aa:e8:ca:3c:23:83:
                    69:af:d9:0a:70:61:be:33:2b:d2:9a:92:0f:8e:f2:
                    83:03:6f:3a:74:37:ad:be:d6:cf:95:76:96:9c:bc:
                    3d:a2:dc:a8:57:aa:43:2c:9c:2f:eb:57:da:97:4f:
                    e7:00:9b:e9:7a:c5:46:38:ec:8a:a8:91:af:a3:1f:
                    ae:37:cf:65:e3:c2:7e:fa:3f:b2:46:97:51:93:ab:
                    cf:8e:7a:10:09:6b:10:be:8f:0b:d9:88:d6:59:05:
                    e6:55:f8:49:94:0a:d2:ec:ec:d5:54:2b:60:4c:af:
                    72:32:85:0b:c5:4f:ca:9b:d3:e3:a3:30:a0:28:4c:
                    fb:16:bc:f9:0d:1c:02:4e:4b:4e:f0:8b:90:ee:75:
                    a0:80:9b:84:bd:cb:16:12:a7:66:06:fe:f1:cf:40:
                    80:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:FE:E6:78:5F:A6:C0:25:19:97:9A:B2:1D:C5:B4:7A:6F:7B:D1:6F
            X509v3 Authority Key Identifier:
                keyid:E5:2C:B8:5C:A7:93:FA:D5:65:B4:60:8E:26:D8:2A:6A:E2:7D:C2:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:99:18:13:3e:35:38:a5:93:40:68:ee:6f:42:28:6d:fb:72:
         e9:58:77:c7:bb:8e:d9:18:c1:7e:65:b7:c8:f5:3a:fc:b7:a1:
         ab:a8:0f:17:e4:0d:71:64:bd:02:32:83:db:f2:42:4a:ad:46:
         f3:d1:c6:e7:a7:35:bf:dc:bb:93:01:16:1b:29:e2:48:fa:c3:
         6e:7e:6a:81:4e:18:e6:96:4e:01:4b:80:c2:b8:0b:3a:6b:c2:
         b8:0a:76:c2:54:fa:8a:cc:88:5e:bd:f0:45:37:4b:57:2e:85:
         24:ff:3c:7f:f4:58:b3:bc:9d:7e:a6:41:08:c4:33:ec:64:13:
         46:b4:46:4f:8e:c4:e4:39:72:07:f1:b5:69:20:fd:7c:a4:46:
         8a:0f:7d:10:40:84:cf:a7:7c:5c:0c:a0:d0:6c:32:63:dd:79:
         54:b1:59:9b:85:d8:14:7f:b9:09:ab:13:fd:10:76:ee:38:36:
         68:8a:22:0e:f1:ed:00:d6:fb:a3:ed:27:2f:f5:1a:cf:1c:50:
         c3:c9:59:a6:ed:44:be:74:2c:e1:f7:fb:1b:b8:50:2e:40:a5:
         76:ce:7f:16:31:4f:ca:e7:7e:90:1f:68:57:1a:f0:83:75:32:
         e3:0d:b1:fb:df:9b:2e:cf:a8:22:5e:cf:62:76:fa:1f:ae:26:
         3b:ca:b0:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8IVr6gtZ0NZM3ltzOzLESMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MmNiODVjYTc5M2ZhZDU2NWI0NjA4ZTI2ZDgyYTZhZTI3
ZGMyMzIwHhcNMjUxMDE5MTEwMTA4WhcNMjUxMDIwMTEwMTA4WjAzMTEwLwYDVQQD
EyhjMmZlZTY3ODVmYTZjMDI1MTk5NzlhYjIxZGM1YjQ3YTZmN2JkMTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzOhYKvOSWaEPxf8+bD5JEt5hJQzp
gIzImYtBMLYicwYe++gyD51vXMTf+qOsDGv8+hpuGSAk1PUajWIqdVSM/Tbxd7Aj
gWAiyeYJ7Zpqq7OwWT8bP6JhOz1X6/94j3/eY7+q6Mo8I4Npr9kKcGG+MyvSmpIP
jvKDA286dDetvtbPlXaWnLw9otyoV6pDLJwv61fal0/nAJvpesVGOOyKqJGvox+u
N89l48J++j+yRpdRk6vPjnoQCWsQvo8L2YjWWQXmVfhJlArS7OzVVCtgTK9yMoUL
xU/Km9PjozCgKEz7Frz5DRwCTktO8IuQ7nWggJuEvcsWEqdmBv7xz0CAdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFML+5nhfpsAlGZeash3FtHpve9FvMB8GA1UdIwQY
MBaAFOUsuFynk/rVZbRgjibYKmrifcIyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi85NWJhZDktMjBmZS00YjhkLThmMDMt
OWMyOTk5ZDA5YjhmLzEvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi85NWJhZDktMjBmZS00YjhkLThmMDMtOWMyOTk5ZDA5Yjhm
LzEvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiZkYEz41
OKWTQGjub0Iobfty6Vh3x7uO2RjBfmW3yPU6/Lehq6gPF+QNcWS9AjKD2/JCSq1G
89HG56c1v9y7kwEWGyniSPrDbn5qgU4Y5pZOAUuAwrgLOmvCuAp2wlT6isyIXr3w
RTdLVy6FJP88f/RYs7ydfqZBCMQz7GQTRrRGT47E5DlyB/G1aSD9fKRGig99EECE
z6d8XAyg0GwyY915VLFZm4XYFH+5CasT/RB27jg2aIoiDvHtANb7o+0nL/UazxxQ
w8lZpu1EvnQs4ff7G7hQLkClds5/FjFPyud+kB9oVxrwg3Uy4w2x+9+bLs+oIl7P
Ynb6H64mO8qwCw==
-----END CERTIFICATE-----