Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/fbc8b5-c5f5-40b8-8a74-bfafb29371cf/1/v5ulghwIWljj4dM6TvQem3YQXuU.mft
File:                     v5ulghwIWljj4dM6TvQem3YQXuU.mft (raw, json)
Hash identifier:          kYQoVTvifSO6AfwwWfQt3xABlDKVwhOPtMuqLd3lHXY=
Subject key identifier:   05:D6:29:FF:7E:2E:75:92:51:DC:1C:CE:E9:92:FA:3E:D8:FC:09:E6
Authority key identifier: BF:9B:A5:82:1C:08:5A:58:E3:E1:D3:3A:4E:F4:1E:9B:76:10:5E:E5
Certificate issuer:       /CN=bf9ba5821c085a58e3e1d33a4ef41e9b76105ee5
Certificate serial:       019A05918B7382C6C7D0A4BD9657D7C43EEB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v5ulghwIWljj4dM6TvQem3YQXuU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/fbc8b5-c5f5-40b8-8a74-bfafb29371cf/1/v5ulghwIWljj4dM6TvQem3YQXuU.mft
Manifest number:          12AB
Signing time:             Tue 21 Oct 2025 07:00:15 +0000
Manifest this update:     Tue 21 Oct 2025 07:00:15 +0000
Manifest next update:     Wed 22 Oct 2025 07:00:15 +0000
Files and hashes:         1: v5ulghwIWljj4dM6TvQem3YQXuU.crl (hash: cjtkwSnkR+pznmbcfR/JRPCdyqelglae+tqTW3Ug07M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/fbc8b5-c5f5-40b8-8a74-bfafb29371cf/1/v5ulghwIWljj4dM6TvQem3YQXuU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/fbc8b5-c5f5-40b8-8a74-bfafb29371cf/1/v5ulghwIWljj4dM6TvQem3YQXuU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/v5ulghwIWljj4dM6TvQem3YQXuU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 22 Oct 2025 07:00:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:05:91:8b:73:82:c6:c7:d0:a4:bd:96:57:d7:c4:3e:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf9ba5821c085a58e3e1d33a4ef41e9b76105ee5
        Validity
            Not Before: Oct 21 07:00:15 2025 GMT
            Not After : Oct 22 07:00:15 2025 GMT
        Subject: CN=05d629ff7e2e759251dc1ccee992fa3ed8fc09e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:e3:c3:b1:e3:a2:fe:3c:63:2f:41:57:a3:44:
                    03:d1:f7:e9:5a:93:56:e3:4e:32:94:74:cf:d9:1f:
                    3a:ce:02:75:3e:79:6f:91:87:e9:70:fd:f6:cf:d5:
                    b0:2f:dd:f6:27:12:bf:12:ec:e1:40:3b:ff:53:85:
                    4d:c0:5f:14:5a:07:dd:2b:d4:84:f7:5c:dd:4e:2b:
                    ea:0f:bc:26:15:89:a9:93:33:bd:58:22:e1:3b:cd:
                    59:11:f1:96:3a:2d:e2:26:b0:0a:c0:3a:aa:b6:7b:
                    f5:2c:f9:92:37:fd:db:14:6b:9b:7f:1f:57:f2:50:
                    90:b1:db:a0:21:c1:06:51:7e:fe:2a:d3:f0:ed:0b:
                    29:3b:94:99:67:98:ff:80:39:b5:fb:cc:c8:d1:b8:
                    fa:2f:f8:05:61:8f:03:54:81:02:05:3e:41:07:98:
                    ee:26:36:91:1b:60:e6:66:c5:9e:97:84:29:53:90:
                    87:71:69:42:73:3f:73:81:94:47:69:d3:f8:6d:b7:
                    76:44:b6:93:7c:93:96:21:3c:83:72:01:7f:9f:f7:
                    f0:b8:90:cd:ba:99:66:f3:b5:1b:49:de:38:04:98:
                    33:03:5a:e8:5c:e1:cd:2a:19:08:b3:6e:e6:c3:96:
                    d8:88:1c:1d:6a:a0:44:c3:23:f8:6c:40:cb:3e:28:
                    1f:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:D6:29:FF:7E:2E:75:92:51:DC:1C:CE:E9:92:FA:3E:D8:FC:09:E6
            X509v3 Authority Key Identifier:
                keyid:BF:9B:A5:82:1C:08:5A:58:E3:E1:D3:3A:4E:F4:1E:9B:76:10:5E:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v5ulghwIWljj4dM6TvQem3YQXuU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/fbc8b5-c5f5-40b8-8a74-bfafb29371cf/1/v5ulghwIWljj4dM6TvQem3YQXuU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/fbc8b5-c5f5-40b8-8a74-bfafb29371cf/1/v5ulghwIWljj4dM6TvQem3YQXuU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:c2:f8:0e:e6:d4:3b:4e:7a:52:2f:66:04:bd:6e:fb:ff:dd:
         56:44:e7:5c:34:af:24:23:b1:13:96:06:18:0f:61:49:1a:7d:
         39:56:0f:6f:4a:1c:7a:d1:59:91:18:63:09:58:7b:fe:24:d1:
         b1:13:54:ea:1f:d4:e9:99:ac:60:9b:5f:cc:34:e9:19:81:2d:
         1e:df:81:13:60:01:82:eb:1d:f3:a5:a1:60:ed:b6:f8:87:19:
         8f:a4:ef:51:71:b0:be:93:03:ba:30:51:71:d5:c2:90:7d:d5:
         c9:6a:39:a7:e4:7a:d3:70:21:27:60:28:a4:5b:c7:ad:9b:07:
         d4:7f:1b:74:d9:bf:5f:9d:ea:a9:1c:3a:31:c4:13:1a:e5:4a:
         61:89:a5:44:ab:13:97:7d:35:97:72:4c:c7:29:f5:3a:01:d2:
         31:47:c5:90:fc:2e:7f:16:5a:27:ab:3b:88:f1:58:46:01:59:
         1b:7b:a3:1a:81:eb:2c:a0:6d:0c:c8:39:f0:d1:8b:00:81:34:
         1f:75:9f:ca:e0:7b:5e:f7:54:57:c7:08:af:e1:5a:02:3a:49:
         3c:03:4d:84:75:89:e8:3c:f8:7c:05:5f:cf:e4:c5:21:de:72:
         18:8f:b3:76:f1:da:cf:e9:c2:58:c3:11:dc:6d:fa:30:21:25:
         e9:7b:1f:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoFkYtzgsbH0KS9llfXxD7rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmOWJhNTgyMWMwODVhNThlM2UxZDMzYTRlZjQxZTliNzYx
MDVlZTUwHhcNMjUxMDIxMDcwMDE1WhcNMjUxMDIyMDcwMDE1WjAzMTEwLwYDVQQD
EygwNWQ2MjlmZjdlMmU3NTkyNTFkYzFjY2VlOTkyZmEzZWQ4ZmMwOWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1uPDseOi/jxjL0FXo0QD0ffpWpNW
404ylHTP2R86zgJ1PnlvkYfpcP32z9WwL932JxK/EuzhQDv/U4VNwF8UWgfdK9SE
91zdTivqD7wmFYmpkzO9WCLhO81ZEfGWOi3iJrAKwDqqtnv1LPmSN/3bFGubfx9X
8lCQsdugIcEGUX7+KtPw7QspO5SZZ5j/gDm1+8zI0bj6L/gFYY8DVIECBT5BB5ju
JjaRG2DmZsWel4QpU5CHcWlCcz9zgZRHadP4bbd2RLaTfJOWITyDcgF/n/fwuJDN
uplm87UbSd44BJgzA1roXOHNKhkIs27mw5bYiBwdaqBEwyP4bEDLPigfjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAXWKf9+LnWSUdwczumS+j7Y/AnmMB8GA1UdIwQY
MBaAFL+bpYIcCFpY4+HTOk70Hpt2EF7lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjV1bGdod0lXbGpqNGRNNlR2UWVtM1lRWHVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9mYmM4YjUtYzVmNS00MGI4LThhNzQt
YmZhZmIyOTM3MWNmLzEvdjV1bGdod0lXbGpqNGRNNlR2UWVtM1lRWHVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9mYmM4YjUtYzVmNS00MGI4LThhNzQtYmZhZmIyOTM3MWNm
LzEvdjV1bGdod0lXbGpqNGRNNlR2UWVtM1lRWHVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW8L4DubU
O056Ui9mBL1u+//dVkTnXDSvJCOxE5YGGA9hSRp9OVYPb0ocetFZkRhjCVh7/iTR
sRNU6h/U6ZmsYJtfzDTpGYEtHt+BE2ABgusd86WhYO22+IcZj6TvUXGwvpMDujBR
cdXCkH3VyWo5p+R603AhJ2AopFvHrZsH1H8bdNm/X53qqRw6McQTGuVKYYmlRKsT
l301l3JMxyn1OgHSMUfFkPwufxZaJ6s7iPFYRgFZG3ujGoHrLKBtDMg58NGLAIE0
H3WfyuB7XvdUV8cIr+FaAjpJPANNhHWJ6Dz4fAVfz+TFId5yGI+zdvHaz+nCWMMR
3G36MCEl6Xsfgg==
-----END CERTIFICATE-----