Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft
File:                     5D7dxEvG9TRFds9ZrwATXGtiwB0.mft (raw, json)
Hash identifier:          2Hnl69v5yYHgZDVbeQ6XxZUy6NfTiHJUez7RU78PBxs=
Subject key identifier:   91:40:FD:87:8E:EB:F7:E2:1E:FE:C4:8F:FE:BA:DE:01:95:0B:BF:17
Authority key identifier: E4:3E:DD:C4:4B:C6:F5:34:45:76:CF:59:AF:00:13:5C:6B:62:C0:1D
Certificate issuer:       /CN=e43eddc44bc6f5344576cf59af00135c6b62c01d
Certificate serial:       0199FC5871842E91012CEFF21D6399F85006
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft
Manifest number:          0D49
Signing time:             Sun 19 Oct 2025 12:01:18 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:18 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:18 +0000
Files and hashes:         1: 5D7dxEvG9TRFds9ZrwATXGtiwB0.crl (hash: 58dxl+jLSY1arZK27p5h0idRr1wu9JyOt7v2Vls9YEY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:71:84:2e:91:01:2c:ef:f2:1d:63:99:f8:50:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e43eddc44bc6f5344576cf59af00135c6b62c01d
        Validity
            Not Before: Oct 19 12:01:18 2025 GMT
            Not After : Oct 20 12:01:18 2025 GMT
        Subject: CN=9140fd878eebf7e21efec48ffebade01950bbf17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:51:47:0d:7f:62:35:57:d7:be:fa:55:5e:d5:
                    6a:fd:11:cc:4c:70:62:34:04:d8:cb:3b:48:a2:75:
                    bf:24:b9:50:d4:a6:6a:20:f8:53:3f:00:c5:43:c2:
                    b3:c6:87:ca:e6:c8:33:90:25:47:41:73:91:a1:41:
                    69:a7:9a:a8:ac:fe:e1:d2:ae:d9:8e:4b:e9:33:8f:
                    1b:43:7e:0e:ad:16:9a:d3:f4:4a:52:3e:0b:04:09:
                    80:6f:3c:7b:fc:46:ce:a0:4d:05:81:cf:1c:ca:9d:
                    18:68:b7:72:75:b9:d8:76:05:30:1a:d5:9c:8d:27:
                    4f:da:59:bf:43:23:7f:2b:74:a6:fc:b3:41:c4:f6:
                    49:d8:4c:cc:db:c8:a0:30:dd:c9:0c:9e:d6:19:ce:
                    b8:d0:47:c5:8f:0b:4b:d6:0f:4d:d3:ac:f0:89:45:
                    fb:50:5c:5c:33:3e:c4:6d:4e:67:85:c0:73:97:71:
                    0b:a9:49:2f:69:38:ee:2c:59:5e:c5:82:29:e0:4d:
                    eb:9b:26:ec:13:ee:08:c6:5d:f3:73:6d:07:ec:70:
                    e3:45:2b:cd:47:cd:ea:be:c2:c0:26:f4:62:e3:0b:
                    d5:d6:54:9a:67:51:d4:ef:99:d5:2c:82:16:06:7c:
                    c2:ef:ad:77:61:3a:6b:94:90:2a:26:d9:de:21:3f:
                    f9:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:40:FD:87:8E:EB:F7:E2:1E:FE:C4:8F:FE:BA:DE:01:95:0B:BF:17
            X509v3 Authority Key Identifier:
                keyid:E4:3E:DD:C4:4B:C6:F5:34:45:76:CF:59:AF:00:13:5C:6B:62:C0:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:55:1b:eb:2b:68:42:6b:ac:9c:fb:c2:13:29:65:47:7e:4f:
         7f:05:cb:31:0b:c8:87:16:31:91:f0:cd:c7:dd:88:3b:c9:df:
         38:01:0e:79:63:a3:fb:1a:ef:20:74:04:10:bb:6f:fd:ad:d3:
         31:6f:98:86:2c:9b:f4:79:51:1f:4f:3f:1d:df:a0:e2:47:11:
         95:a3:80:2b:64:ef:0b:36:af:d6:1b:b5:0e:9e:c2:65:c2:a9:
         16:d0:68:64:50:69:56:e2:fe:97:09:b5:cf:5f:2d:b1:26:a1:
         af:54:29:bd:4a:c0:b5:47:5c:f5:a4:6c:08:4a:0e:61:ce:0e:
         48:ae:0b:79:45:79:9f:44:1a:54:79:d7:d9:3c:10:09:c3:c3:
         28:00:67:af:81:4f:77:f7:bb:a7:41:1e:5b:66:a8:88:3d:de:
         bd:c3:d1:c6:0b:17:b6:bf:d8:50:7a:d8:28:66:f6:a3:19:e7:
         d7:ca:5d:21:1d:70:26:74:1d:94:68:a5:65:6c:93:27:e4:4a:
         e7:a9:72:c6:7b:c7:45:c8:dd:80:26:6d:e2:82:7a:71:1e:60:
         93:b4:7f:aa:91:a1:2a:22:4e:6d:1c:ce:5b:ec:20:48:61:f0:
         1d:0e:9b:1f:61:0d:2b:7a:f6:64:c3:1e:69:23:23:33:23:d1:
         4b:a1:86:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WHGELpEBLO/yHWOZ+FAGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0M2VkZGM0NGJjNmY1MzQ0NTc2Y2Y1OWFmMDAxMzVjNmI2
MmMwMWQwHhcNMjUxMDE5MTIwMTE4WhcNMjUxMDIwMTIwMTE4WjAzMTEwLwYDVQQD
Eyg5MTQwZmQ4NzhlZWJmN2UyMWVmZWM0OGZmZWJhZGUwMTk1MGJiZjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+FFHDX9iNVfXvvpVXtVq/RHMTHBi
NATYyztIonW/JLlQ1KZqIPhTPwDFQ8KzxofK5sgzkCVHQXORoUFpp5qorP7h0q7Z
jkvpM48bQ34OrRaa0/RKUj4LBAmAbzx7/EbOoE0Fgc8cyp0YaLdydbnYdgUwGtWc
jSdP2lm/QyN/K3Sm/LNBxPZJ2EzM28igMN3JDJ7WGc640EfFjwtL1g9N06zwiUX7
UFxcMz7EbU5nhcBzl3ELqUkvaTjuLFlexYIp4E3rmybsE+4Ixl3zc20H7HDjRSvN
R83qvsLAJvRi4wvV1lSaZ1HU75nVLIIWBnzC7613YTprlJAqJtneIT/5JwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJFA/YeO6/fiHv7Ej/663gGVC78XMB8GA1UdIwQY
MBaAFOQ+3cRLxvU0RXbPWa8AE1xrYsAdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yZGFhNzItMDMxNC00NmM1LWJlNWIt
OWE2OTMwNDI1OGEwLzEvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8yZGFhNzItMDMxNC00NmM1LWJlNWItOWE2OTMwNDI1OGEw
LzEvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiVUb6yto
QmusnPvCEyllR35PfwXLMQvIhxYxkfDNx92IO8nfOAEOeWOj+xrvIHQEELtv/a3T
MW+Yhiyb9HlRH08/Hd+g4kcRlaOAK2TvCzav1hu1Dp7CZcKpFtBoZFBpVuL+lwm1
z18tsSahr1QpvUrAtUdc9aRsCEoOYc4OSK4LeUV5n0QaVHnX2TwQCcPDKABnr4FP
d/e7p0EeW2aoiD3evcPRxgsXtr/YUHrYKGb2oxnn18pdIR1wJnQdlGilZWyTJ+RK
56lyxnvHRcjdgCZt4oJ6cR5gk7R/qpGhKiJObRzOW+wgSGHwHQ6bH2ENK3r2ZMMe
aSMjMyPRS6GGig==
-----END CERTIFICATE-----