Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/35b59e-bc27-4206-a7d9-53569aca3a5f/1/5-aiybui7N1AdLMVN1mDXoI6uOQ.mft
File:                     5-aiybui7N1AdLMVN1mDXoI6uOQ.mft (raw, json)
Hash identifier:          D4iGT5jU5btDq91u2D5JR+VKnmv1DHat68QsMTX3/FA=
Subject key identifier:   AE:E6:F1:C6:62:0E:18:27:D0:28:93:AA:8A:CF:2F:58:16:A2:C1:84
Authority key identifier: E7:E6:A2:C9:BB:A2:EC:DD:40:74:B3:15:37:59:83:5E:82:3A:B8:E4
Certificate issuer:       /CN=e7e6a2c9bba2ecdd4074b3153759835e823ab8e4
Certificate serial:       0199FBEBDE451E21AED5D2E683E9EF6265C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5-aiybui7N1AdLMVN1mDXoI6uOQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/35b59e-bc27-4206-a7d9-53569aca3a5f/1/5-aiybui7N1AdLMVN1mDXoI6uOQ.mft
Manifest number:          0DC2
Signing time:             Sun 19 Oct 2025 10:02:42 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:42 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:42 +0000
Files and hashes:         1: 5-aiybui7N1AdLMVN1mDXoI6uOQ.crl (hash: M9S8uczibDiya5nBW3iPJYlJWPhW55wAWDfdTCxXReE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7b/35b59e-bc27-4206-a7d9-53569aca3a5f/1/5-aiybui7N1AdLMVN1mDXoI6uOQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7b/35b59e-bc27-4206-a7d9-53569aca3a5f/1/5-aiybui7N1AdLMVN1mDXoI6uOQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5-aiybui7N1AdLMVN1mDXoI6uOQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:02:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:de:45:1e:21:ae:d5:d2:e6:83:e9:ef:62:65:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7e6a2c9bba2ecdd4074b3153759835e823ab8e4
        Validity
            Not Before: Oct 19 10:02:42 2025 GMT
            Not After : Oct 20 10:02:42 2025 GMT
        Subject: CN=aee6f1c6620e1827d02893aa8acf2f5816a2c184
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:ef:ad:03:97:1c:e8:a5:91:e2:01:e0:76:96:
                    b1:24:cc:63:de:3c:05:0b:55:21:d9:8c:04:f6:7c:
                    1a:95:3a:83:96:e5:1f:85:bf:8f:ca:d1:e4:e4:0b:
                    69:d1:61:d0:c6:e3:9a:c3:98:8d:15:3d:02:7c:20:
                    30:41:21:23:27:f5:14:ac:09:ec:57:b2:0f:72:69:
                    f5:56:68:d8:0f:ee:da:71:63:df:73:3c:9a:68:31:
                    5d:55:fd:68:1d:c4:73:68:90:75:a8:e3:e2:3c:81:
                    a0:7b:36:e0:4e:68:13:80:38:43:58:c0:54:f2:80:
                    1f:5a:a8:f4:12:7b:c5:48:e7:10:e7:ca:c0:c6:23:
                    eb:d5:ea:d2:94:85:65:f9:64:04:90:08:b4:16:e0:
                    7f:e3:22:8d:01:b6:ae:00:0a:3d:f3:d2:77:19:37:
                    bc:30:54:14:00:7f:6d:94:eb:ae:a7:7a:68:11:24:
                    d4:38:53:1c:0f:de:25:48:3e:b0:07:bb:69:ff:08:
                    36:dd:6b:49:36:9f:36:4b:97:4e:88:f6:8e:75:d9:
                    a9:9a:59:f0:f1:1d:ea:e2:c7:46:32:f2:74:42:41:
                    e9:29:20:1a:3a:b4:1c:54:d6:47:fb:86:f6:24:99:
                    d0:dd:c4:e1:32:be:15:39:80:56:ec:fc:e5:4a:a8:
                    11:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:E6:F1:C6:62:0E:18:27:D0:28:93:AA:8A:CF:2F:58:16:A2:C1:84
            X509v3 Authority Key Identifier:
                keyid:E7:E6:A2:C9:BB:A2:EC:DD:40:74:B3:15:37:59:83:5E:82:3A:B8:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5-aiybui7N1AdLMVN1mDXoI6uOQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/35b59e-bc27-4206-a7d9-53569aca3a5f/1/5-aiybui7N1AdLMVN1mDXoI6uOQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/35b59e-bc27-4206-a7d9-53569aca3a5f/1/5-aiybui7N1AdLMVN1mDXoI6uOQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:f8:3b:19:50:c0:84:93:de:49:4c:9c:ee:ef:a0:fb:90:ce:
         13:1c:bb:e6:09:5d:6e:32:71:f2:96:84:bc:97:40:01:18:1c:
         38:ef:e3:d5:e4:52:89:08:e4:6c:f3:2e:53:2c:e6:ca:d7:ad:
         02:cb:11:92:44:6c:20:b0:20:9a:69:ec:2a:ac:72:70:9f:bb:
         8f:19:63:74:62:8b:2c:9d:59:df:14:cc:00:e2:1e:1a:ae:9b:
         80:ce:45:27:90:61:e0:5a:37:92:6f:ef:75:b6:ac:25:7f:cc:
         eb:ca:cd:cb:47:7b:32:a3:a3:9b:82:41:9c:5e:b8:e1:d8:81:
         3e:83:c2:54:6d:b3:f8:a0:af:49:83:ec:1e:35:d6:aa:54:89:
         17:82:1b:86:42:6c:96:6b:9f:51:18:5f:be:a0:60:82:7c:b6:
         d0:c7:48:96:58:6e:d4:ad:60:64:b8:2b:b6:6c:e7:30:a5:80:
         84:2b:94:cb:31:e3:dd:e3:d1:7f:37:35:90:67:7a:a2:f2:07:
         97:7d:7e:09:78:a9:6b:b2:88:40:00:f8:e6:d6:ee:54:cc:16:
         01:89:03:36:75:8a:93:1d:ff:e4:e4:a0:7d:63:a6:96:e0:bc:
         37:b2:75:ad:87:57:fa:17:d3:bb:20:0e:d9:1a:b8:75:8e:a6:
         3e:b6:be:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7695FHiGu1dLmg+nvYmXDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ZTZhMmM5YmJhMmVjZGQ0MDc0YjMxNTM3NTk4MzVlODIz
YWI4ZTQwHhcNMjUxMDE5MTAwMjQyWhcNMjUxMDIwMTAwMjQyWjAzMTEwLwYDVQQD
EyhhZWU2ZjFjNjYyMGUxODI3ZDAyODkzYWE4YWNmMmY1ODE2YTJjMTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwu+tA5cc6KWR4gHgdpaxJMxj3jwF
C1Uh2YwE9nwalTqDluUfhb+PytHk5Atp0WHQxuOaw5iNFT0CfCAwQSEjJ/UUrAns
V7IPcmn1VmjYD+7acWPfczyaaDFdVf1oHcRzaJB1qOPiPIGgezbgTmgTgDhDWMBU
8oAfWqj0EnvFSOcQ58rAxiPr1erSlIVl+WQEkAi0FuB/4yKNAbauAAo989J3GTe8
MFQUAH9tlOuup3poESTUOFMcD94lSD6wB7tp/wg23WtJNp82S5dOiPaOddmpmlnw
8R3q4sdGMvJ0QkHpKSAaOrQcVNZH+4b2JJnQ3cThMr4VOYBW7PzlSqgRDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK7m8cZiDhgn0CiTqorPL1gWosGEMB8GA1UdIwQY
MBaAFOfmosm7ouzdQHSzFTdZg16COrjkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNS1haXlidWk3TjFBZExNVk4xbURYb0k2dU9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8zNWI1OWUtYmMyNy00MjA2LWE3ZDkt
NTM1NjlhY2EzYTVmLzEvNS1haXlidWk3TjFBZExNVk4xbURYb0k2dU9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8zNWI1OWUtYmMyNy00MjA2LWE3ZDktNTM1NjlhY2EzYTVm
LzEvNS1haXlidWk3TjFBZExNVk4xbURYb0k2dU9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYPg7GVDA
hJPeSUyc7u+g+5DOExy75gldbjJx8paEvJdAARgcOO/j1eRSiQjkbPMuUyzmytet
AssRkkRsILAgmmnsKqxycJ+7jxljdGKLLJ1Z3xTMAOIeGq6bgM5FJ5Bh4Fo3km/v
dbasJX/M68rNy0d7MqOjm4JBnF644diBPoPCVG2z+KCvSYPsHjXWqlSJF4IbhkJs
lmufURhfvqBggny20MdIllhu1K1gZLgrtmznMKWAhCuUyzHj3ePRfzc1kGd6ovIH
l31+CXipa7KIQAD45tbuVMwWAYkDNnWKkx3/5OSgfWOmluC8N7J1rYdX+hfTuyAO
2Rq4dY6mPra+0A==
-----END CERTIFICATE-----