Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.mft
File:                     XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.mft (raw, json)
Hash identifier:          z2E2xWgyGgJWG8U6akIlUDWNjkCBLj6FUJdaXMnflvw=
Subject key identifier:   83:D0:4A:11:67:56:65:20:B5:79:A7:70:EB:DE:C3:2D:95:C6:3D:71
Authority key identifier: 5E:52:14:15:8A:F3:10:FF:A9:C3:15:29:83:43:F4:C3:E6:6A:EC:9A
Certificate issuer:       /CN=5e5214158af310ffa9c315298343f4c3e66aec9a
Certificate serial:       0199FC58A64CBA28CA36714455EC457C5BF0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.mft
Manifest number:          072E
Signing time:             Sun 19 Oct 2025 12:01:32 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:32 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:32 +0000
Files and hashes:         1: XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.crl (hash: JBOj803pWGhLgMeUM7s+WM2B+S/1WR/rptCEs7Vg6l8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:a6:4c:ba:28:ca:36:71:44:55:ec:45:7c:5b:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e5214158af310ffa9c315298343f4c3e66aec9a
        Validity
            Not Before: Oct 19 12:01:32 2025 GMT
            Not After : Oct 20 12:01:32 2025 GMT
        Subject: CN=83d04a1167566520b579a770ebdec32d95c63d71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:1b:14:f3:ad:b5:c2:75:e2:91:58:a7:ee:e5:
                    4b:99:73:18:ac:50:c4:91:4c:42:26:a4:a0:0a:14:
                    33:54:64:6e:07:3d:65:71:6a:c0:ee:c9:0c:c7:bd:
                    26:c4:bf:61:2a:d9:dd:55:14:d7:dc:8f:c0:44:60:
                    d4:00:f6:47:a2:1e:a9:e5:61:08:21:d4:7c:3d:09:
                    05:48:45:67:dc:b3:7e:3f:af:3b:ef:ce:d3:06:fa:
                    b6:e6:3f:6b:db:32:5b:1d:cb:ae:27:b6:b3:ec:c5:
                    db:52:a9:84:6b:fd:42:69:2b:58:53:42:b5:d0:16:
                    45:5d:bd:ac:03:a8:a0:62:f0:20:fc:13:90:9b:cd:
                    00:8f:ff:9c:ef:05:86:5e:18:70:f4:dc:02:52:1a:
                    dc:a7:b4:3c:b0:97:9e:60:a9:3b:d7:63:ac:d5:0b:
                    c2:ee:aa:0c:cd:77:68:ac:61:6f:4f:0a:8d:90:bb:
                    0c:75:20:9a:01:46:8d:39:2c:d4:dd:a6:19:28:a7:
                    05:f3:ef:70:2c:67:28:45:1f:c9:6d:68:20:e9:90:
                    a1:79:5a:d9:ea:52:11:b3:df:9d:5f:1f:65:9b:91:
                    38:34:0d:e7:83:9c:ea:08:3a:d4:b4:34:d9:64:dc:
                    7c:ad:e3:1c:73:76:e3:a6:81:0c:e8:4e:10:42:cf:
                    39:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:D0:4A:11:67:56:65:20:B5:79:A7:70:EB:DE:C3:2D:95:C6:3D:71
            X509v3 Authority Key Identifier:
                keyid:5E:52:14:15:8A:F3:10:FF:A9:C3:15:29:83:43:F4:C3:E6:6A:EC:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:15:fb:a6:7b:a5:60:a9:e7:13:3d:31:71:5f:35:da:1e:ee:
         73:ca:d2:6e:70:48:24:8c:6b:46:25:2f:f3:8c:34:f8:91:e9:
         d9:9a:6b:86:b2:64:17:5c:01:ad:28:12:63:6e:94:2b:d4:18:
         35:48:e7:24:2c:b4:d5:33:08:55:a0:15:12:52:7a:25:ec:f6:
         76:cb:92:07:67:3e:24:21:5d:b7:39:3b:1e:7a:e8:54:c5:93:
         20:3d:fa:4a:8e:e9:68:58:bb:71:e8:8f:36:be:22:a1:78:30:
         b7:c9:cd:84:4c:8f:bf:38:17:f6:5a:e2:f3:af:5a:f8:71:1d:
         03:a0:3c:72:98:50:41:69:bd:de:fb:37:46:02:86:fa:e9:07:
         12:c8:75:52:c3:5c:3b:0d:42:eb:0f:2f:d9:0a:ec:61:b9:fc:
         dd:e7:87:39:d4:db:d4:ed:69:f0:e1:f1:11:b6:d4:56:18:98:
         64:c2:32:7a:42:32:60:eb:f6:3a:4e:8b:5e:87:e5:51:d2:3e:
         15:01:9b:5f:8c:cb:54:da:60:25:f0:5e:c0:a2:26:26:dc:b5:
         98:ff:46:5c:ce:d7:f4:52:b5:f5:05:9d:54:9c:0e:38:11:7d:
         a1:8f:07:b0:4a:af:3c:0e:19:59:36:2e:98:9b:80:8b:7a:0b:
         bd:a9:36:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WKZMuijKNnFEVexFfFvwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNTIxNDE1OGFmMzEwZmZhOWMzMTUyOTgzNDNmNGMzZTY2
YWVjOWEwHhcNMjUxMDE5MTIwMTMyWhcNMjUxMDIwMTIwMTMyWjAzMTEwLwYDVQQD
Eyg4M2QwNGExMTY3NTY2NTIwYjU3OWE3NzBlYmRlYzMyZDk1YzYzZDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRsU8621wnXikVin7uVLmXMYrFDE
kUxCJqSgChQzVGRuBz1lcWrA7skMx70mxL9hKtndVRTX3I/ARGDUAPZHoh6p5WEI
IdR8PQkFSEVn3LN+P687787TBvq25j9r2zJbHcuuJ7az7MXbUqmEa/1CaStYU0K1
0BZFXb2sA6igYvAg/BOQm80Aj/+c7wWGXhhw9NwCUhrcp7Q8sJeeYKk712Os1QvC
7qoMzXdorGFvTwqNkLsMdSCaAUaNOSzU3aYZKKcF8+9wLGcoRR/JbWgg6ZCheVrZ
6lIRs9+dXx9lm5E4NA3ng5zqCDrUtDTZZNx8reMcc3bjpoEM6E4QQs85GQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIPQShFnVmUgtXmncOvewy2Vxj1xMB8GA1UdIwQY
MBaAFF5SFBWK8xD/qcMVKYND9MPmauyaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGxJVUZZcnpFUC1wd3hVcGcwUDB3LVpxN0pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9hOTkyZmUtYzFjZi00ZGU4LWJiYjAt
Zjk2ZjZmNzY5ODM4LzEvWGxJVUZZcnpFUC1wd3hVcGcwUDB3LVpxN0pvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9hOTkyZmUtYzFjZi00ZGU4LWJiYjAtZjk2ZjZmNzY5ODM4
LzEvWGxJVUZZcnpFUC1wd3hVcGcwUDB3LVpxN0pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFhX7pnul
YKnnEz0xcV812h7uc8rSbnBIJIxrRiUv84w0+JHp2ZprhrJkF1wBrSgSY26UK9QY
NUjnJCy01TMIVaAVElJ6Jez2dsuSB2c+JCFdtzk7HnroVMWTID36So7paFi7ceiP
Nr4ioXgwt8nNhEyPvzgX9lri869a+HEdA6A8cphQQWm93vs3RgKG+ukHEsh1UsNc
Ow1C6w8v2QrsYbn83eeHOdTb1O1p8OHxEbbUVhiYZMIyekIyYOv2Ok6LXoflUdI+
FQGbX4zLVNpgJfBewKImJty1mP9GXM7X9FK19QWdVJwOOBF9oY8HsEqvPA4ZWTYu
mJuAi3oLvak2NQ==
-----END CERTIFICATE-----