Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/7d4a29-023f-42d7-aab7-d87b361acd89/1/i5epFTYKSH1c9dXGZeW_4f_1Np8.mft
File:                     i5epFTYKSH1c9dXGZeW_4f_1Np8.mft (raw, json)
Hash identifier:          HNqRBnvvR59qJ3tl/+evU9sghfxxX/IkCMmf8qVhQH4=
Subject key identifier:   24:B9:ED:BF:26:14:D4:F5:80:05:E3:BE:C9:B0:AB:A9:EC:E0:B1:AD
Authority key identifier: 8B:97:A9:15:36:0A:48:7D:5C:F5:D5:C6:65:E5:BF:E1:FF:F5:36:9F
Certificate issuer:       /CN=8b97a915360a487d5cf5d5c665e5bfe1fff5369f
Certificate serial:       0199FDD9BCA0046924664E5F44BE63B5B97E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i5epFTYKSH1c9dXGZeW_4f_1Np8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/7d4a29-023f-42d7-aab7-d87b361acd89/1/i5epFTYKSH1c9dXGZeW_4f_1Np8.mft
Manifest number:          0580
Signing time:             Sun 19 Oct 2025 19:02:09 +0000
Manifest this update:     Sun 19 Oct 2025 19:02:09 +0000
Manifest next update:     Mon 20 Oct 2025 19:02:09 +0000
Files and hashes:         1: i5epFTYKSH1c9dXGZeW_4f_1Np8.crl (hash: MtNIiAXDVumPpHAooavSX4SosZsnwImBprAMOi0/pIw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/7d4a29-023f-42d7-aab7-d87b361acd89/1/i5epFTYKSH1c9dXGZeW_4f_1Np8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/7d4a29-023f-42d7-aab7-d87b361acd89/1/i5epFTYKSH1c9dXGZeW_4f_1Np8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/i5epFTYKSH1c9dXGZeW_4f_1Np8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:bc:a0:04:69:24:66:4e:5f:44:be:63:b5:b9:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8b97a915360a487d5cf5d5c665e5bfe1fff5369f
        Validity
            Not Before: Oct 19 19:02:09 2025 GMT
            Not After : Oct 20 19:02:09 2025 GMT
        Subject: CN=24b9edbf2614d4f58005e3bec9b0aba9ece0b1ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:5c:f6:2b:d7:3e:31:a7:4f:77:61:f3:0a:73:
                    9e:d5:b7:57:1f:85:16:71:4d:1a:80:b7:ad:9a:50:
                    52:97:93:6d:7d:f7:92:7f:b3:9f:37:36:31:73:d8:
                    6d:df:0c:12:2a:6c:80:56:bc:1e:d5:7c:d3:f2:3d:
                    4a:32:db:1d:63:6c:31:1e:f6:3a:e7:53:2a:23:9c:
                    56:73:7e:47:70:b0:b9:d8:ae:6a:f1:74:b9:9f:c1:
                    08:da:80:5f:a9:8d:05:a1:f2:48:c9:03:b3:01:4d:
                    19:5c:26:91:08:65:ad:f6:07:1a:ba:91:a3:0a:b1:
                    db:c4:22:79:14:f8:3d:2d:46:38:dd:9a:e7:e9:a2:
                    2b:5d:6a:cf:37:7f:ca:b2:e5:e7:84:82:92:6c:70:
                    32:79:5c:09:00:49:26:11:61:2a:43:2f:f4:5d:25:
                    63:3a:15:4a:cc:76:97:b7:c4:13:5b:fa:f9:ee:bc:
                    42:35:48:a1:35:e6:35:1e:4c:bc:fa:01:fd:a2:b7:
                    e9:c0:3f:55:5a:53:ab:dc:5c:4d:d2:a9:ee:f5:93:
                    c9:9f:c1:6e:49:a0:94:3c:14:a4:92:a8:4c:86:ca:
                    b8:c6:b8:02:4f:bb:33:31:4c:40:8f:60:1e:a7:dd:
                    2e:4d:82:ae:d2:cd:33:f0:7b:16:1c:3d:1e:e5:65:
                    4e:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:B9:ED:BF:26:14:D4:F5:80:05:E3:BE:C9:B0:AB:A9:EC:E0:B1:AD
            X509v3 Authority Key Identifier:
                keyid:8B:97:A9:15:36:0A:48:7D:5C:F5:D5:C6:65:E5:BF:E1:FF:F5:36:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i5epFTYKSH1c9dXGZeW_4f_1Np8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/7d4a29-023f-42d7-aab7-d87b361acd89/1/i5epFTYKSH1c9dXGZeW_4f_1Np8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/7d4a29-023f-42d7-aab7-d87b361acd89/1/i5epFTYKSH1c9dXGZeW_4f_1Np8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:95:97:36:49:bd:aa:34:d2:95:d3:f6:c7:f0:f4:fe:03:55:
         96:bb:d4:18:5f:cb:c1:1d:bd:f3:d5:2e:6d:58:19:75:2a:f9:
         2d:c0:e2:b3:a1:e3:f8:cc:25:98:b1:70:1f:d8:0f:1d:f8:da:
         17:78:e1:55:58:bc:bb:71:41:68:29:9d:79:2b:98:90:fc:73:
         6b:42:6b:e6:0c:71:99:f0:36:df:b0:e7:b7:09:52:a9:d0:7a:
         be:9e:00:a2:93:6e:df:96:96:b7:72:11:d2:e6:f0:15:72:ff:
         23:db:da:74:55:6e:6e:cc:cd:4d:ee:be:49:af:1a:09:03:ea:
         15:0e:33:3e:fb:70:b4:c1:ec:02:79:d4:a2:f3:92:bf:f8:f0:
         b7:d7:55:e6:0c:31:b9:a8:d6:3a:e1:83:73:91:23:d1:c2:c6:
         6f:bb:5d:ba:84:40:8e:40:f4:43:87:cd:39:f5:31:4c:08:72:
         ed:e7:88:6f:30:2f:e3:d0:d0:77:4e:5e:0c:0c:f1:cc:a5:e1:
         0e:b5:32:59:5a:7b:7f:37:92:0e:fb:06:71:43:f6:e9:46:6e:
         be:10:0e:d8:7c:a7:cc:64:1a:e0:e9:c9:a3:b5:6f:ab:eb:d5:
         b3:d4:e3:fe:1d:3d:ce:78:17:c4:2d:fe:b5:92:c3:32:cf:d0:
         e0:7e:c6:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92bygBGkkZk5fRL5jtbl+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiOTdhOTE1MzYwYTQ4N2Q1Y2Y1ZDVjNjY1ZTViZmUxZmZm
NTM2OWYwHhcNMjUxMDE5MTkwMjA5WhcNMjUxMDIwMTkwMjA5WjAzMTEwLwYDVQQD
EygyNGI5ZWRiZjI2MTRkNGY1ODAwNWUzYmVjOWIwYWJhOWVjZTBiMWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVz2K9c+MadPd2HzCnOe1bdXH4UW
cU0agLetmlBSl5NtffeSf7OfNzYxc9ht3wwSKmyAVrwe1XzT8j1KMtsdY2wxHvY6
51MqI5xWc35HcLC52K5q8XS5n8EI2oBfqY0FofJIyQOzAU0ZXCaRCGWt9gcaupGj
CrHbxCJ5FPg9LUY43Zrn6aIrXWrPN3/KsuXnhIKSbHAyeVwJAEkmEWEqQy/0XSVj
OhVKzHaXt8QTW/r57rxCNUihNeY1Hky8+gH9orfpwD9VWlOr3FxN0qnu9ZPJn8Fu
SaCUPBSkkqhMhsq4xrgCT7szMUxAj2Aep90uTYKu0s0z8HsWHD0e5WVO1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCS57b8mFNT1gAXjvsmwq6ns4LGtMB8GA1UdIwQY
MBaAFIuXqRU2Ckh9XPXVxmXlv+H/9TafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTVlcEZUWUtTSDFjOWRYR1plV180Zl8xTnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy83ZDRhMjktMDIzZi00MmQ3LWFhYjct
ZDg3YjM2MWFjZDg5LzEvaTVlcEZUWUtTSDFjOWRYR1plV180Zl8xTnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy83ZDRhMjktMDIzZi00MmQ3LWFhYjctZDg3YjM2MWFjZDg5
LzEvaTVlcEZUWUtTSDFjOWRYR1plV180Zl8xTnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd5WXNkm9
qjTSldP2x/D0/gNVlrvUGF/LwR2989UubVgZdSr5LcDis6Hj+MwlmLFwH9gPHfja
F3jhVVi8u3FBaCmdeSuYkPxza0Jr5gxxmfA237DntwlSqdB6vp4AopNu35aWt3IR
0ubwFXL/I9vadFVubszNTe6+Sa8aCQPqFQ4zPvtwtMHsAnnUovOSv/jwt9dV5gwx
uajWOuGDc5Ej0cLGb7tduoRAjkD0Q4fNOfUxTAhy7eeIbzAv49DQd05eDAzxzKXh
DrUyWVp7fzeSDvsGcUP26UZuvhAO2HynzGQa4OnJo7Vvq+vVs9Tj/h09zngXxC3+
tZLDMs/Q4H7GiQ==
-----END CERTIFICATE-----