Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1a59c9-1446-4779-be0a-d50f29308464/1/5weSQnGbdzi4P0kUerH1gp93ahU.mft
File:                     5weSQnGbdzi4P0kUerH1gp93ahU.mft (raw, json)
Hash identifier:          2hXly9AcdllagygBrnUTOw8FbtpUkyuwtFpEvJjypTQ=
Subject key identifier:   FC:32:8E:92:B0:22:05:50:D3:3C:EE:81:21:58:7E:AF:C0:4C:13:88
Authority key identifier: E7:07:92:42:71:9B:77:38:B8:3F:49:14:7A:B1:F5:82:9F:77:6A:15
Certificate issuer:       /CN=e7079242719b7738b83f49147ab1f5829f776a15
Certificate serial:       0199FCC6423E26A63D4CF762B58778BE9BFF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5weSQnGbdzi4P0kUerH1gp93ahU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/1a59c9-1446-4779-be0a-d50f29308464/1/5weSQnGbdzi4P0kUerH1gp93ahU.mft
Manifest number:          AD
Signing time:             Sun 19 Oct 2025 14:01:15 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:15 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:15 +0000
Files and hashes:         1: 5weSQnGbdzi4P0kUerH1gp93ahU.crl (hash: 3UwbooFM+5AyHytMFswW3DkhO3Jf0W7jCE+mkJbUxUM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/1a59c9-1446-4779-be0a-d50f29308464/1/5weSQnGbdzi4P0kUerH1gp93ahU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/1a59c9-1446-4779-be0a-d50f29308464/1/5weSQnGbdzi4P0kUerH1gp93ahU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5weSQnGbdzi4P0kUerH1gp93ahU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 14:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:42:3e:26:a6:3d:4c:f7:62:b5:87:78:be:9b:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7079242719b7738b83f49147ab1f5829f776a15
        Validity
            Not Before: Oct 19 14:01:15 2025 GMT
            Not After : Oct 20 14:01:15 2025 GMT
        Subject: CN=fc328e92b0220550d33cee8121587eafc04c1388
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:fb:48:f3:f8:8f:a4:24:60:9d:f4:fe:13:0b:
                    36:7c:6c:25:dc:9a:37:57:45:25:11:5c:22:83:03:
                    50:cf:6f:ae:d1:dc:a5:91:c1:90:0b:6d:89:a4:d6:
                    84:d6:5b:50:9b:e1:8a:98:0c:78:c7:d6:a6:b5:fb:
                    35:78:14:de:34:ee:75:76:db:75:a4:d0:5a:eb:a3:
                    23:f9:db:2a:82:80:1f:20:e0:24:6e:fe:4a:42:8e:
                    9b:f7:dd:63:60:ad:4b:bc:5b:bd:b0:11:fa:15:83:
                    d4:7c:3b:7c:61:15:75:45:ad:18:69:ad:cd:7c:dd:
                    01:37:30:d3:7f:69:da:e1:0b:10:90:60:05:fe:d6:
                    d9:27:e5:d3:eb:18:a8:08:9b:ec:d5:44:e1:79:cc:
                    17:ce:8f:fd:3b:d1:2f:1d:7e:8b:44:1e:c1:4e:13:
                    aa:68:a9:8a:ed:53:8d:93:0f:1f:1b:a1:37:fb:80:
                    63:17:70:6a:f2:a1:8a:24:e9:18:3d:e9:83:67:8c:
                    34:6d:38:9e:4c:d4:f3:9f:1e:83:3b:73:42:79:93:
                    b9:2e:0f:4a:ed:5c:55:15:46:39:a0:94:5f:f2:f9:
                    a2:5e:03:60:6d:9e:ad:c9:7e:82:4a:66:f5:9d:41:
                    9c:d3:62:09:36:07:6a:55:85:b8:d0:e8:cd:a1:37:
                    88:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:32:8E:92:B0:22:05:50:D3:3C:EE:81:21:58:7E:AF:C0:4C:13:88
            X509v3 Authority Key Identifier:
                keyid:E7:07:92:42:71:9B:77:38:B8:3F:49:14:7A:B1:F5:82:9F:77:6A:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5weSQnGbdzi4P0kUerH1gp93ahU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1a59c9-1446-4779-be0a-d50f29308464/1/5weSQnGbdzi4P0kUerH1gp93ahU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1a59c9-1446-4779-be0a-d50f29308464/1/5weSQnGbdzi4P0kUerH1gp93ahU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:5d:f2:48:43:7b:9f:87:2f:cc:b2:31:83:2c:ae:50:9b:34:
         a3:6f:f3:1b:77:ce:68:f2:93:04:25:49:54:ca:f8:b0:65:cd:
         59:3a:b8:57:48:cd:ef:89:ee:19:42:20:c5:66:87:eb:b9:e7:
         80:9d:3e:69:04:17:05:a3:9d:dc:f9:48:9e:d5:55:6a:b7:73:
         9e:5f:48:8c:f6:ad:a7:d2:29:7b:69:27:71:cf:5b:b5:da:00:
         7e:9c:13:93:1f:71:dc:c7:05:1b:d1:5e:da:a2:0b:9a:99:13:
         70:e5:1d:55:06:05:a7:b5:7a:9c:02:fd:32:78:ff:59:9d:64:
         49:16:c7:b8:6f:87:3d:3f:56:06:d8:76:5f:60:92:8f:d0:d9:
         33:1f:a5:49:5f:63:e9:49:a2:b9:dd:76:70:de:7b:6a:5f:3b:
         33:8c:ed:18:8e:a1:f4:b7:5e:83:10:30:7b:4a:32:6a:09:04:
         bd:d3:20:3f:79:64:a0:a3:48:ea:66:7f:bd:d7:07:df:2a:25:
         95:d0:d2:ab:0a:4c:ff:12:97:76:99:6b:fe:31:d5:52:a1:82:
         f9:be:ca:a6:16:43:34:53:cf:f4:a9:0b:42:32:7b:b5:00:a1:
         72:94:3e:5c:d2:82:87:92:9c:af:f7:58:a8:27:30:9c:f5:99:
         a2:5e:40:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xkI+JqY9TPditYd4vpv/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3MDc5MjQyNzE5Yjc3MzhiODNmNDkxNDdhYjFmNTgyOWY3
NzZhMTUwHhcNMjUxMDE5MTQwMTE1WhcNMjUxMDIwMTQwMTE1WjAzMTEwLwYDVQQD
EyhmYzMyOGU5MmIwMjIwNTUwZDMzY2VlODEyMTU4N2VhZmMwNGMxMzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1PtI8/iPpCRgnfT+Ews2fGwl3Jo3
V0UlEVwigwNQz2+u0dylkcGQC22JpNaE1ltQm+GKmAx4x9amtfs1eBTeNO51dtt1
pNBa66Mj+dsqgoAfIOAkbv5KQo6b991jYK1LvFu9sBH6FYPUfDt8YRV1Ra0Yaa3N
fN0BNzDTf2na4QsQkGAF/tbZJ+XT6xioCJvs1UThecwXzo/9O9EvHX6LRB7BThOq
aKmK7VONkw8fG6E3+4BjF3Bq8qGKJOkYPemDZ4w0bTieTNTznx6DO3NCeZO5Lg9K
7VxVFUY5oJRf8vmiXgNgbZ6tyX6CSmb1nUGc02IJNgdqVYW40OjNoTeItwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPwyjpKwIgVQ0zzugSFYfq/ATBOIMB8GA1UdIwQY
MBaAFOcHkkJxm3c4uD9JFHqx9YKfd2oVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXdlU1FuR2Jkemk0UDBrVWVySDFncDkzYWhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xYTU5YzktMTQ0Ni00Nzc5LWJlMGEt
ZDUwZjI5MzA4NDY0LzEvNXdlU1FuR2Jkemk0UDBrVWVySDFncDkzYWhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xYTU5YzktMTQ0Ni00Nzc5LWJlMGEtZDUwZjI5MzA4NDY0
LzEvNXdlU1FuR2Jkemk0UDBrVWVySDFncDkzYWhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWl3ySEN7
n4cvzLIxgyyuUJs0o2/zG3fOaPKTBCVJVMr4sGXNWTq4V0jN74nuGUIgxWaH67nn
gJ0+aQQXBaOd3PlIntVVardznl9IjPatp9Ipe2kncc9btdoAfpwTkx9x3McFG9Fe
2qILmpkTcOUdVQYFp7V6nAL9Mnj/WZ1kSRbHuG+HPT9WBth2X2CSj9DZMx+lSV9j
6Umiud12cN57al87M4ztGI6h9LdegxAwe0oyagkEvdMgP3lkoKNI6mZ/vdcH3yol
ldDSqwpM/xKXdplr/jHVUqGC+b7KphZDNFPP9KkLQjJ7tQChcpQ+XNKCh5Kcr/dY
qCcwnPWZol5AvQ==
-----END CERTIFICATE-----