Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
File:                     5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft (raw, json)
Hash identifier:          waOFWcPH8DgOsl1ZgZ/acUsxyGo1A8iMYoZVkuqLaBI=
Subject key identifier:   D0:70:79:D1:71:B8:9E:AB:EA:A1:D6:AF:59:93:DF:10:28:9D:0C:8D
Authority key identifier: E5:2C:B8:5C:A7:93:FA:D5:65:B4:60:8E:26:D8:2A:6A:E2:7D:C2:32
Certificate issuer:       /CN=e52cb85ca793fad565b4608e26d82a6ae27dc232
Certificate serial:       0198D4A7E35EAA99AFDFB4FD5DC90330728B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
Manifest number:          0CCE
Signing time:             Sat 23 Aug 2025 02:00:29 +0000
Manifest this update:     Sat 23 Aug 2025 02:00:29 +0000
Manifest next update:     Sun 24 Aug 2025 02:00:29 +0000
Files and hashes:         1: 5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl (hash: CExR+lv9uiAJwVfXERUN6lEUixYD2lF6hL1+mvIkpS8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:a7:e3:5e:aa:99:af:df:b4:fd:5d:c9:03:30:72:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e52cb85ca793fad565b4608e26d82a6ae27dc232
        Validity
            Not Before: Aug 23 02:00:29 2025 GMT
            Not After : Aug 24 02:00:29 2025 GMT
        Subject: CN=d07079d171b89eabeaa1d6af5993df10289d0c8d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:40:7a:7b:ab:53:45:67:cb:20:bb:b1:75:2b:
                    d8:7b:fa:94:71:60:7f:6b:5a:a7:56:ea:6f:14:25:
                    a5:01:f3:71:26:6a:9c:cd:d2:1a:79:11:46:4e:0a:
                    57:da:45:21:dc:48:d8:99:dc:8d:ca:b2:b1:7f:ee:
                    a6:78:5d:6a:93:95:d9:ff:a3:68:5e:ee:f0:86:4d:
                    4d:a5:93:3a:66:53:4e:c0:32:6e:67:b1:19:77:17:
                    a6:5a:04:c6:db:34:ea:85:56:1d:04:ef:5c:34:25:
                    94:89:c5:2d:5e:4e:c6:37:6e:24:0f:d2:e7:74:51:
                    9f:95:8d:4a:d0:9a:3e:32:51:0a:eb:9d:4e:4a:ab:
                    6e:04:fc:85:28:a4:01:94:02:38:1e:7c:89:82:dd:
                    8b:4d:ce:1a:8a:31:18:d1:bd:7a:92:65:90:93:6e:
                    d3:81:0c:f4:3a:14:3e:f4:d7:7d:53:fd:d7:84:79:
                    b2:b4:e1:a1:9f:5b:04:ec:4f:bd:19:e0:38:8d:32:
                    7e:9a:c8:86:d7:a8:c5:6c:e0:38:13:fa:c0:53:6d:
                    18:74:c8:db:98:60:8e:14:8c:20:17:79:03:77:02:
                    cd:47:e2:08:cf:91:87:bf:f8:ff:f8:55:b7:c7:cd:
                    99:38:76:e7:81:8b:b4:3b:87:be:e1:c9:7a:1d:33:
                    7f:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:70:79:D1:71:B8:9E:AB:EA:A1:D6:AF:59:93:DF:10:28:9D:0C:8D
            X509v3 Authority Key Identifier:
                keyid:E5:2C:B8:5C:A7:93:FA:D5:65:B4:60:8E:26:D8:2A:6A:E2:7D:C2:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:89:be:af:e9:07:3d:13:f1:61:d6:e2:e3:c4:b6:b0:f2:5d:
         5d:10:7f:34:3f:0c:0e:ee:41:74:71:c0:a0:c5:ed:2c:4c:77:
         44:e0:b0:6b:24:56:72:c6:d5:ec:a2:4d:5d:af:34:87:cb:0a:
         69:08:3c:0f:da:af:74:82:63:e4:34:b2:2b:d3:af:b4:ed:d5:
         f5:a8:f7:b4:a3:e4:f6:e5:cf:c2:20:2f:40:0a:60:6c:c6:02:
         68:b5:2b:6b:d2:4d:60:1c:4f:50:29:73:16:0a:fd:0e:2d:ae:
         db:59:a1:4f:43:41:97:08:27:4f:b5:a9:e6:73:ce:ef:77:26:
         a9:b3:86:5b:75:00:a9:c2:98:14:85:e9:7c:1f:1a:8d:b3:5f:
         47:fa:56:56:84:e2:5e:a2:4f:be:10:6f:2c:46:94:47:f2:90:
         32:5b:45:77:a3:2d:69:6c:80:32:da:39:4a:14:df:06:28:bc:
         d4:73:d1:d4:33:f7:f2:db:1c:04:1a:a7:8a:c8:d8:f7:4d:51:
         02:bc:88:2c:41:25:3d:73:84:ff:e4:f8:8a:5f:f6:68:00:72:
         f4:9f:e9:00:3f:82:ef:69:a4:fb:53:ee:52:8e:a4:a1:0f:31:
         1d:32:b5:76:ad:3a:be:89:e1:8b:87:b6:dc:dd:ac:5f:53:b3:
         02:86:b5:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUp+Neqpmv37T9XckDMHKLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MmNiODVjYTc5M2ZhZDU2NWI0NjA4ZTI2ZDgyYTZhZTI3
ZGMyMzIwHhcNMjUwODIzMDIwMDI5WhcNMjUwODI0MDIwMDI5WjAzMTEwLwYDVQQD
EyhkMDcwNzlkMTcxYjg5ZWFiZWFhMWQ2YWY1OTkzZGYxMDI4OWQwYzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUB6e6tTRWfLILuxdSvYe/qUcWB/
a1qnVupvFCWlAfNxJmqczdIaeRFGTgpX2kUh3EjYmdyNyrKxf+6meF1qk5XZ/6No
Xu7whk1NpZM6ZlNOwDJuZ7EZdxemWgTG2zTqhVYdBO9cNCWUicUtXk7GN24kD9Ln
dFGflY1K0Jo+MlEK651OSqtuBPyFKKQBlAI4HnyJgt2LTc4aijEY0b16kmWQk27T
gQz0OhQ+9Nd9U/3XhHmytOGhn1sE7E+9GeA4jTJ+msiG16jFbOA4E/rAU20YdMjb
mGCOFIwgF3kDdwLNR+IIz5GHv/j/+FW3x82ZOHbngYu0O4e+4cl6HTN/iQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNBwedFxuJ6r6qHWr1mT3xAonQyNMB8GA1UdIwQY
MBaAFOUsuFynk/rVZbRgjibYKmrifcIyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi85NWJhZDktMjBmZS00YjhkLThmMDMt
OWMyOTk5ZDA5YjhmLzEvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi85NWJhZDktMjBmZS00YjhkLThmMDMtOWMyOTk5ZDA5Yjhm
LzEvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI4m+r+kH
PRPxYdbi48S2sPJdXRB/ND8MDu5BdHHAoMXtLEx3ROCwayRWcsbV7KJNXa80h8sK
aQg8D9qvdIJj5DSyK9OvtO3V9aj3tKPk9uXPwiAvQApgbMYCaLUra9JNYBxPUClz
Fgr9Di2u21mhT0NBlwgnT7Wp5nPO73cmqbOGW3UAqcKYFIXpfB8ajbNfR/pWVoTi
XqJPvhBvLEaUR/KQMltFd6MtaWyAMto5ShTfBii81HPR1DP38tscBBqnisjY901R
AryILEElPXOE/+T4il/2aABy9J/pAD+C72mk+1PuUo6koQ8xHTK1dq06vonhi4e2
3N2sX1OzAoa1sQ==
-----END CERTIFICATE-----