Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/257fd7-a9f7-4284-acf3-34304f5cda98/1/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.mft
File:                     _ThaYWOY5BbHDcsyJWb5Pj0vvxM.mft (raw, json)
Hash identifier:          FxnftgQ45nVE0Q40Odao4BGxeKL3H2Nkhx5hNfmTkKg=
Subject key identifier:   84:6D:C5:0A:A9:5E:61:60:71:30:20:41:62:ED:B6:38:B6:C2:85:7E
Authority key identifier: FD:38:5A:61:63:98:E4:16:C7:0D:CB:32:25:66:F9:3E:3D:2F:BF:13
Certificate issuer:       /CN=fd385a616398e416c70dcb322566f93e3d2fbf13
Certificate serial:       0199FC588C52A83C74BCD586E7670867C2D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/257fd7-a9f7-4284-acf3-34304f5cda98/1/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.mft
Manifest number:          0E52
Signing time:             Sun 19 Oct 2025 12:01:25 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:25 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:25 +0000
Files and hashes:         1: _ThaYWOY5BbHDcsyJWb5Pj0vvxM.crl (hash: oM6oF0RCCm9l1DYf31y12+DYASrLxyl2FKbFQnP06ig=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/257fd7-a9f7-4284-acf3-34304f5cda98/1/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/257fd7-a9f7-4284-acf3-34304f5cda98/1/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:8c:52:a8:3c:74:bc:d5:86:e7:67:08:67:c2:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fd385a616398e416c70dcb322566f93e3d2fbf13
        Validity
            Not Before: Oct 19 12:01:25 2025 GMT
            Not After : Oct 20 12:01:25 2025 GMT
        Subject: CN=846dc50aa95e61607130204162edb638b6c2857e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:2c:0e:57:70:88:75:23:41:3f:2e:11:94:05:
                    49:b1:25:b6:32:69:1e:8f:70:65:a7:db:c6:09:a9:
                    a9:0d:d7:88:93:b4:03:96:13:8f:7a:c7:42:22:22:
                    ea:de:90:7e:b3:75:a6:fe:db:a6:4c:d7:4e:80:d3:
                    06:22:c7:7e:1d:2b:25:10:6e:66:79:9d:69:75:c9:
                    c4:73:2b:21:3a:a9:d9:51:70:37:27:87:12:0d:b1:
                    26:df:c6:b6:69:24:63:31:7e:b6:da:b3:19:b0:03:
                    1f:d8:cc:a7:d3:29:09:cd:fb:6d:87:ab:62:64:9c:
                    7e:7e:ef:eb:d8:27:84:f9:1a:33:d1:3c:42:00:30:
                    68:c4:ef:31:30:da:83:b8:d8:19:7c:72:db:c0:cc:
                    3a:f2:12:2e:c0:16:42:7c:ad:f4:14:f4:2a:7d:42:
                    95:af:0b:82:c1:6e:45:81:ae:06:ba:32:a3:26:3c:
                    2a:33:c8:48:b2:b3:f9:e1:4d:b6:57:51:8b:62:43:
                    94:48:66:05:e5:b3:53:29:3d:fd:4b:e0:5d:eb:f1:
                    dd:0d:3e:32:30:9a:e7:f2:9d:fd:cb:0c:10:87:d3:
                    c5:ca:f8:4f:fe:df:75:ee:7d:13:46:97:70:82:57:
                    b8:a1:39:c0:85:d5:11:da:07:c9:71:3d:63:f6:0a:
                    dd:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:6D:C5:0A:A9:5E:61:60:71:30:20:41:62:ED:B6:38:B6:C2:85:7E
            X509v3 Authority Key Identifier:
                keyid:FD:38:5A:61:63:98:E4:16:C7:0D:CB:32:25:66:F9:3E:3D:2F:BF:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/257fd7-a9f7-4284-acf3-34304f5cda98/1/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/257fd7-a9f7-4284-acf3-34304f5cda98/1/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:12:ea:10:50:a6:b8:f1:c9:cc:2e:75:0e:0a:ef:b8:dc:21:
         b0:24:4f:f9:2a:4e:c0:38:2c:3d:57:5f:82:2c:50:79:37:60:
         f1:73:ea:ef:f9:8d:1d:8f:0c:21:f8:32:5d:01:bc:69:e1:eb:
         b9:a6:0c:57:82:3a:19:ce:7f:98:b1:b2:d1:00:9b:54:18:86:
         e1:de:81:92:f5:6a:11:5c:dc:ab:56:c0:33:31:13:28:37:b3:
         76:70:39:09:3d:91:3a:15:c7:9e:aa:fb:64:16:d3:3b:de:c5:
         2d:18:8a:40:c8:8a:fd:46:f6:8e:c4:3c:e5:7e:25:98:0b:c8:
         c4:d9:ad:11:f4:05:28:21:01:dc:93:2e:0f:db:df:33:1b:e3:
         b6:06:d8:54:fe:9a:58:2f:53:9f:db:29:df:86:56:e1:43:bb:
         d0:d1:16:af:b6:67:b5:e5:0f:16:89:45:76:e2:03:99:de:2f:
         d4:38:d5:13:3f:c7:e1:b9:ca:36:07:e5:79:4c:59:80:b6:15:
         40:7b:0a:c3:60:58:eb:19:8c:36:af:30:4f:19:09:8d:02:67:
         21:3c:08:dd:c6:b9:34:a3:c9:81:a8:a4:a6:78:1f:32:13:03:
         d5:d4:d9:b9:81:62:b6:5f:9f:94:5f:f1:61:d5:53:f6:16:0f:
         2b:fa:3c:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WIxSqDx0vNWG52cIZ8LXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMzg1YTYxNjM5OGU0MTZjNzBkY2IzMjI1NjZmOTNlM2Qy
ZmJmMTMwHhcNMjUxMDE5MTIwMTI1WhcNMjUxMDIwMTIwMTI1WjAzMTEwLwYDVQQD
Eyg4NDZkYzUwYWE5NWU2MTYwNzEzMDIwNDE2MmVkYjYzOGI2YzI4NTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ywOV3CIdSNBPy4RlAVJsSW2Mmke
j3Blp9vGCampDdeIk7QDlhOPesdCIiLq3pB+s3Wm/tumTNdOgNMGIsd+HSslEG5m
eZ1pdcnEcyshOqnZUXA3J4cSDbEm38a2aSRjMX622rMZsAMf2Myn0ykJzftth6ti
ZJx+fu/r2CeE+Roz0TxCADBoxO8xMNqDuNgZfHLbwMw68hIuwBZCfK30FPQqfUKV
rwuCwW5Fga4GujKjJjwqM8hIsrP54U22V1GLYkOUSGYF5bNTKT39S+Bd6/HdDT4y
MJrn8p39ywwQh9PFyvhP/t917n0TRpdwgle4oTnAhdUR2gfJcT1j9grdjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIRtxQqpXmFgcTAgQWLttji2woV+MB8GA1UdIwQY
MBaAFP04WmFjmOQWxw3LMiVm+T49L78TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1RoYVlXT1k1QmJIRGNzeUpXYjVQajB2dnhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8yNTdmZDctYTlmNy00Mjg0LWFjZjMt
MzQzMDRmNWNkYTk4LzEvX1RoYVlXT1k1QmJIRGNzeUpXYjVQajB2dnhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8yNTdmZDctYTlmNy00Mjg0LWFjZjMtMzQzMDRmNWNkYTk4
LzEvX1RoYVlXT1k1QmJIRGNzeUpXYjVQajB2dnhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACRLqEFCm
uPHJzC51DgrvuNwhsCRP+SpOwDgsPVdfgixQeTdg8XPq7/mNHY8MIfgyXQG8aeHr
uaYMV4I6Gc5/mLGy0QCbVBiG4d6BkvVqEVzcq1bAMzETKDezdnA5CT2ROhXHnqr7
ZBbTO97FLRiKQMiK/Ub2jsQ85X4lmAvIxNmtEfQFKCEB3JMuD9vfMxvjtgbYVP6a
WC9Tn9sp34ZW4UO70NEWr7ZnteUPFolFduIDmd4v1DjVEz/H4bnKNgfleUxZgLYV
QHsKw2BY6xmMNq8wTxkJjQJnITwI3ca5NKPJgaikpngfMhMD1dTZuYFitl+flF/x
YdVT9hYPK/o8Lw==
-----END CERTIFICATE-----