Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
File:                     5LDTY6ChegaEUahRRc5PpGTX-hs.mft (raw, json)
Hash identifier:          QgjOEQ3WRxCyy0rWHN2QnBxCj9Gp/9a3A5W/Ax3OHmg=
Subject key identifier:   DF:23:20:72:9A:57:C8:10:CF:79:97:F5:21:24:84:13:77:35:3F:9F
Authority key identifier: E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B
Certificate issuer:       /CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
Certificate serial:       0199FFC8E1F471E15734DB1AA4E2C02D7396
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
Manifest number:          1015
Signing time:             Mon 20 Oct 2025 04:02:59 +0000
Manifest this update:     Mon 20 Oct 2025 04:02:59 +0000
Manifest next update:     Tue 21 Oct 2025 04:02:59 +0000
Files and hashes:         1: 5LDTY6ChegaEUahRRc5PpGTX-hs.crl (hash: XxqK8vNhpfTrvJ8nx0EUP0wMuBO+MTisBv7yhjH//EM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c8:e1:f4:71:e1:57:34:db:1a:a4:e2:c0:2d:73:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
        Validity
            Not Before: Oct 20 04:02:59 2025 GMT
            Not After : Oct 21 04:02:59 2025 GMT
        Subject: CN=df2320729a57c810cf7997f52124841377353f9f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:40:a9:65:89:99:20:70:4d:90:be:88:be:05:
                    4e:8b:ce:bc:04:4e:f8:a8:45:ac:70:ca:e1:f2:7d:
                    86:dc:4a:36:ec:01:3c:03:3a:92:c6:24:7e:32:5e:
                    b8:18:bc:5b:53:19:ea:52:90:99:f3:ac:0d:c2:88:
                    a2:41:9d:a8:61:10:80:98:21:12:c4:4b:f1:04:dd:
                    c6:ff:c0:10:6d:cc:ac:b1:c2:c5:8b:be:cc:5e:f8:
                    fc:a3:fb:d7:bb:07:e7:14:cf:93:5a:c9:4b:dd:ae:
                    05:9f:f7:b9:66:e9:b8:51:d4:42:17:14:45:94:e0:
                    fa:ec:15:60:a9:d5:66:3a:64:2c:f2:1b:58:84:c0:
                    a4:cc:b4:a9:a9:b6:5d:07:e8:13:4f:bb:b2:2a:3e:
                    8e:41:0d:c0:38:b7:c5:e5:d9:5c:b1:09:e3:49:be:
                    29:a4:4b:32:72:dc:f8:0e:2b:51:bd:d8:e5:bd:aa:
                    fd:3a:4f:c5:39:c2:c5:d3:a5:4f:14:11:8a:8b:7f:
                    6d:2a:03:9a:4c:4d:fa:d5:e6:48:15:15:64:4c:6d:
                    4a:b3:fb:5b:ca:ad:2d:cc:61:d7:03:ec:c2:6e:b8:
                    fb:1e:03:36:20:5a:12:75:7b:72:3c:9a:c5:b3:31:
                    72:5d:ef:60:30:39:a2:3a:dc:80:38:c6:e3:03:9a:
                    1c:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:23:20:72:9A:57:C8:10:CF:79:97:F5:21:24:84:13:77:35:3F:9F
            X509v3 Authority Key Identifier:
                keyid:E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:0c:d7:fa:e4:af:19:b2:23:48:07:d5:c5:cf:65:7e:fd:f6:
         d3:ab:5d:60:a6:f6:7c:31:62:8d:85:44:f2:01:9e:b8:30:73:
         d0:a0:70:35:6a:09:f6:d3:e2:27:d9:c3:57:d9:32:31:a7:6f:
         87:03:76:19:b0:78:67:f1:81:01:15:07:17:3a:2f:e7:da:79:
         a7:f4:17:d3:01:26:11:3d:35:c6:f8:8b:1c:e0:65:7d:f7:ff:
         02:2d:00:1c:45:37:ca:fc:4b:4a:9c:e5:31:dc:c0:32:b3:59:
         0f:f7:e9:ef:42:b5:01:46:ce:aa:3a:9d:39:84:60:7b:4e:03:
         b1:e5:8d:0b:52:ff:17:43:cf:e1:a4:44:84:86:67:73:45:f0:
         43:95:a4:4c:ff:64:95:98:7a:32:9a:f0:27:6c:c6:7a:a1:67:
         26:31:b5:69:7a:c1:be:a8:b4:10:ae:f6:41:e8:bb:b9:e2:c4:
         24:82:a7:30:f6:f5:35:3e:df:74:ab:10:35:84:19:6b:08:17:
         2b:6e:1b:f9:44:e6:c4:66:8d:d4:90:1f:35:4d:ca:1c:58:8b:
         d7:f4:db:36:1d:0b:5d:45:94:ab:0b:9f:28:57:b4:ff:5d:f0:
         97:62:19:f2:5e:a4:1e:50:5c:1a:f1:8a:09:b3:9f:90:cf:30:
         7a:dd:c5:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yOH0ceFXNNsapOLALXOWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YjBkMzYzYTBhMTdhMDY4NDUxYTg1MTQ1Y2U0ZmE0NjRk
N2ZhMWIwHhcNMjUxMDIwMDQwMjU5WhcNMjUxMDIxMDQwMjU5WjAzMTEwLwYDVQQD
EyhkZjIzMjA3MjlhNTdjODEwY2Y3OTk3ZjUyMTI0ODQxMzc3MzUzZjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ECpZYmZIHBNkL6IvgVOi868BE74
qEWscMrh8n2G3Eo27AE8AzqSxiR+Ml64GLxbUxnqUpCZ86wNwoiiQZ2oYRCAmCES
xEvxBN3G/8AQbcysscLFi77MXvj8o/vXuwfnFM+TWslL3a4Fn/e5Zum4UdRCFxRF
lOD67BVgqdVmOmQs8htYhMCkzLSpqbZdB+gTT7uyKj6OQQ3AOLfF5dlcsQnjSb4p
pEsyctz4DitRvdjlvar9Ok/FOcLF06VPFBGKi39tKgOaTE361eZIFRVkTG1Ks/tb
yq0tzGHXA+zCbrj7HgM2IFoSdXtyPJrFszFyXe9gMDmiOtyAOMbjA5ocnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN8jIHKaV8gQz3mX9SEkhBN3NT+fMB8GA1UdIwQY
MBaAFOSw02OgoXoGhFGoUUXOT6Rk1/obMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS80NzUzZDMtYTFlOS00ZmQ1LWFlZmUt
N2M3ZDhhNzhhOTYzLzEvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS80NzUzZDMtYTFlOS00ZmQ1LWFlZmUtN2M3ZDhhNzhhOTYz
LzEvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATAzX+uSv
GbIjSAfVxc9lfv3206tdYKb2fDFijYVE8gGeuDBz0KBwNWoJ9tPiJ9nDV9kyMadv
hwN2GbB4Z/GBARUHFzov59p5p/QX0wEmET01xviLHOBlfff/Ai0AHEU3yvxLSpzl
MdzAMrNZD/fp70K1AUbOqjqdOYRge04DseWNC1L/F0PP4aREhIZnc0XwQ5WkTP9k
lZh6MprwJ2zGeqFnJjG1aXrBvqi0EK72Qei7ueLEJIKnMPb1NT7fdKsQNYQZawgX
K24b+UTmxGaN1JAfNU3KHFiL1/TbNh0LXUWUqwufKFe0/13wl2IZ8l6kHlBcGvGK
CbOfkM8wet3FuA==
-----END CERTIFICATE-----