Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.mft
File:                     geY5cEKnqWRfwS91nQJhldfL_Vg.mft (raw, json)
Hash identifier:          qUETSraZJrDBbyfMEziabebDwp3bKx2EwJi2fW830EU=
Subject key identifier:   BC:DB:5A:F7:B1:54:C8:75:4B:87:4D:6F:EC:83:14:06:6D:FB:D0:A9
Authority key identifier: 81:E6:39:70:42:A7:A9:64:5F:C1:2F:75:9D:02:61:95:D7:CB:FD:58
Certificate issuer:       /CN=81e6397042a7a9645fc12f759d026195d7cbfd58
Certificate serial:       0198D4E08249BF7CBD72195C94A5B99FE7F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/geY5cEKnqWRfwS91nQJhldfL_Vg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.mft
Manifest number:          0D54
Signing time:             Sat 23 Aug 2025 03:02:19 +0000
Manifest this update:     Sat 23 Aug 2025 03:02:19 +0000
Manifest next update:     Sun 24 Aug 2025 03:02:19 +0000
Files and hashes:         1: geY5cEKnqWRfwS91nQJhldfL_Vg.crl (hash: l5Oci8wOWygVuokO2Hosf92RIf06JqSkmR0aDPjzLL8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/geY5cEKnqWRfwS91nQJhldfL_Vg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:02:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:82:49:bf:7c:bd:72:19:5c:94:a5:b9:9f:e7:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81e6397042a7a9645fc12f759d026195d7cbfd58
        Validity
            Not Before: Aug 23 03:02:19 2025 GMT
            Not After : Aug 24 03:02:19 2025 GMT
        Subject: CN=bcdb5af7b154c8754b874d6fec8314066dfbd0a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:19:b5:d1:82:da:d1:be:cd:48:87:a7:e5:4b:
                    03:67:fa:4a:4e:17:e3:bd:5c:54:28:06:46:70:88:
                    6d:00:4a:74:dc:a4:e2:30:23:86:75:2e:d5:85:14:
                    25:e2:fc:88:8f:2f:00:c5:31:4e:08:94:27:49:d6:
                    ca:48:43:16:be:b7:3b:f1:d1:ae:29:53:fa:7c:37:
                    54:9a:fe:a9:05:ec:1b:c7:fa:20:fb:37:64:42:d4:
                    51:09:db:5e:e9:83:02:89:b3:60:cd:3e:c2:c0:3b:
                    e3:b7:e8:d5:b8:6b:5b:08:25:cc:d7:2c:b7:f2:39:
                    ef:71:8d:f6:02:d6:b5:68:f5:b5:04:98:cf:c1:6e:
                    35:76:2f:3e:89:17:e8:e2:e9:01:dc:26:8a:d3:d2:
                    37:bd:4b:2a:38:a6:e0:b3:ae:78:7e:e3:0f:7d:e8:
                    41:81:70:25:ab:b5:ee:6e:64:f0:c7:1d:cd:5d:cb:
                    fd:6d:8f:b1:c6:e2:7f:92:83:00:ec:be:44:5d:3f:
                    49:4e:b5:e6:7c:c2:d1:8c:e4:84:96:4d:c2:36:62:
                    23:3c:f8:93:fd:5a:03:d0:b6:4f:a1:5a:e9:a5:cf:
                    05:71:94:02:7b:91:3e:ec:0b:88:19:40:c7:af:c0:
                    10:14:1e:a3:a5:bb:72:26:f4:29:52:dd:85:ef:0a:
                    b5:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:DB:5A:F7:B1:54:C8:75:4B:87:4D:6F:EC:83:14:06:6D:FB:D0:A9
            X509v3 Authority Key Identifier:
                keyid:81:E6:39:70:42:A7:A9:64:5F:C1:2F:75:9D:02:61:95:D7:CB:FD:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/geY5cEKnqWRfwS91nQJhldfL_Vg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:a9:5e:3a:7b:ce:e1:b3:b8:7f:64:1c:92:8b:4f:11:82:f9:
         08:da:0c:f1:52:ae:73:c4:87:c0:eb:45:e8:da:86:68:36:9e:
         ed:94:f0:b5:6b:bd:8e:4c:5f:80:00:a7:86:a3:2f:fb:8b:2a:
         83:84:27:b5:c2:7e:94:53:62:17:cf:c7:dc:3a:b7:d2:32:6d:
         83:3c:cf:c7:b7:65:36:b9:aa:a2:69:c1:66:aa:5b:a5:d6:75:
         01:c5:f0:c4:40:2f:46:a4:47:23:fc:eb:00:d9:66:ff:e2:1e:
         4c:a1:42:83:c6:a7:94:d6:3a:16:6a:05:d4:4d:37:79:af:50:
         14:0a:ce:1d:a0:d1:57:73:b4:e1:de:4d:4d:b6:20:32:29:ef:
         0c:e4:fe:4c:01:09:b4:7b:1c:f9:67:10:62:59:24:ab:4a:61:
         21:86:66:57:86:b5:b5:a4:16:ae:28:f3:22:c5:98:e7:b0:75:
         b3:fe:6a:5f:ba:2d:6f:5d:78:03:8a:a3:05:9b:74:07:4e:dd:
         31:1e:70:7c:bd:89:1a:9b:cc:3f:d6:78:a8:3d:c2:91:db:f0:
         df:ae:f1:88:ba:67:3f:c5:96:4f:96:18:10:0c:7b:ab:a8:9c:
         b2:32:4d:98:fa:55:0a:01:ef:0f:88:24:b5:5f:63:bd:9c:34:
         82:37:c1:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4IJJv3y9chlclKW5n+f0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZTYzOTcwNDJhN2E5NjQ1ZmMxMmY3NTlkMDI2MTk1ZDdj
YmZkNTgwHhcNMjUwODIzMDMwMjE5WhcNMjUwODI0MDMwMjE5WjAzMTEwLwYDVQQD
EyhiY2RiNWFmN2IxNTRjODc1NGI4NzRkNmZlYzgzMTQwNjZkZmJkMGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBm10YLa0b7NSIen5UsDZ/pKThfj
vVxUKAZGcIhtAEp03KTiMCOGdS7VhRQl4vyIjy8AxTFOCJQnSdbKSEMWvrc78dGu
KVP6fDdUmv6pBewbx/og+zdkQtRRCdte6YMCibNgzT7CwDvjt+jVuGtbCCXM1yy3
8jnvcY32Ata1aPW1BJjPwW41di8+iRfo4ukB3CaK09I3vUsqOKbgs654fuMPfehB
gXAlq7XubmTwxx3NXcv9bY+xxuJ/koMA7L5EXT9JTrXmfMLRjOSElk3CNmIjPPiT
/VoD0LZPoVrppc8FcZQCe5E+7AuIGUDHr8AQFB6jpbtyJvQpUt2F7wq1zQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLzbWvexVMh1S4dNb+yDFAZt+9CpMB8GA1UdIwQY
MBaAFIHmOXBCp6lkX8EvdZ0CYZXXy/1YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2VZNWNFS25xV1Jmd1M5MW5RSmhsZGZMX1ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjhmMWItZjNmMS00ZjFiLTlhYzQt
NWNhNmE3YWQwNWZhLzEvZ2VZNWNFS25xV1Jmd1M5MW5RSmhsZGZMX1ZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjhmMWItZjNmMS00ZjFiLTlhYzQtNWNhNmE3YWQwNWZh
LzEvZ2VZNWNFS25xV1Jmd1M5MW5RSmhsZGZMX1ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcqleOnvO
4bO4f2QckotPEYL5CNoM8VKuc8SHwOtF6NqGaDae7ZTwtWu9jkxfgACnhqMv+4sq
g4QntcJ+lFNiF8/H3Dq30jJtgzzPx7dlNrmqomnBZqpbpdZ1AcXwxEAvRqRHI/zr
ANlm/+IeTKFCg8anlNY6FmoF1E03ea9QFArOHaDRV3O04d5NTbYgMinvDOT+TAEJ
tHsc+WcQYlkkq0phIYZmV4a1taQWrijzIsWY57B1s/5qX7otb114A4qjBZt0B07d
MR5wfL2JGpvMP9Z4qD3Ckdvw367xiLpnP8WWT5YYEAx7q6icsjJNmPpVCgHvD4gk
tV9jvZw0gjfBVg==
-----END CERTIFICATE-----