Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.mft
File:                     ehKIruzRFJyedF-YZT5okK-iU6s.mft (raw, json)
Hash identifier:          Eixg9dQEPuWKV53g3sevlluVr/nrIGmJTOedsQTzuXk=
Subject key identifier:   52:D6:3D:AE:7E:39:69:9B:AC:E8:67:2D:41:7B:E5:A3:D8:27:33:0B
Authority key identifier: 7A:12:88:AE:EC:D1:14:9C:9E:74:5F:98:65:3E:68:90:AF:A2:53:AB
Certificate issuer:       /CN=7a1288aeecd1149c9e745f98653e6890afa253ab
Certificate serial:       0199FC8FBE6F618E4037FD189673661B1662
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ehKIruzRFJyedF-YZT5okK-iU6s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.mft
Manifest number:          01D0
Signing time:             Sun 19 Oct 2025 13:01:42 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:42 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:42 +0000
Files and hashes:         1: ehKIruzRFJyedF-YZT5okK-iU6s.crl (hash: 7cgkUGnLqGJqBtDv5HCWYaNtkjDPpF7+BLdbdpg6lEs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ehKIruzRFJyedF-YZT5okK-iU6s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:be:6f:61:8e:40:37:fd:18:96:73:66:1b:16:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a1288aeecd1149c9e745f98653e6890afa253ab
        Validity
            Not Before: Oct 19 13:01:42 2025 GMT
            Not After : Oct 20 13:01:42 2025 GMT
        Subject: CN=52d63dae7e39699bace8672d417be5a3d827330b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:ea:65:0a:0b:c1:03:5b:f4:e0:d3:9c:e5:01:
                    17:ac:32:c2:23:63:e5:17:1e:b9:78:23:27:fa:02:
                    63:94:e2:1e:da:6b:e4:06:a2:ef:d7:2c:28:7a:37:
                    1b:86:b8:35:92:12:16:d7:0b:af:38:c0:a3:72:ee:
                    c3:c3:23:1c:bb:f5:6c:a1:77:70:19:07:7b:a8:0c:
                    83:6b:76:02:9c:67:20:85:32:9a:02:84:9a:e5:f6:
                    3f:05:12:34:5c:7b:61:02:5d:7a:c3:5c:4c:08:36:
                    5c:d0:e2:55:33:bb:c2:53:22:27:63:35:f1:72:40:
                    85:f3:0d:f0:e0:19:07:3f:5c:ec:bb:4f:73:a9:46:
                    8b:92:33:9b:fd:14:c9:41:98:4c:7e:d3:b9:95:94:
                    cf:93:96:f8:e4:e4:85:6f:a0:92:b2:b8:1c:de:8b:
                    9e:15:00:96:10:8a:b8:00:ec:e7:1e:68:3c:c4:97:
                    5d:20:11:36:fb:8f:f0:38:ed:eb:48:89:3a:9e:73:
                    9a:c4:18:b0:89:45:e4:cc:fd:9c:57:cb:e8:ff:ad:
                    5f:c2:3b:69:6f:7c:05:ad:13:f7:6a:b9:95:ce:68:
                    31:b1:2e:29:22:45:f5:e5:0b:fc:52:49:88:3b:ba:
                    ec:cc:b2:f0:b0:24:1c:de:51:90:0e:b6:c6:65:98:
                    6b:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:D6:3D:AE:7E:39:69:9B:AC:E8:67:2D:41:7B:E5:A3:D8:27:33:0B
            X509v3 Authority Key Identifier:
                keyid:7A:12:88:AE:EC:D1:14:9C:9E:74:5F:98:65:3E:68:90:AF:A2:53:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ehKIruzRFJyedF-YZT5okK-iU6s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:ac:e7:b4:0e:64:e0:8f:c0:57:bc:71:87:a9:62:dd:bb:38:
         ec:56:92:90:37:ab:be:e1:63:01:aa:87:58:d8:16:96:55:8b:
         c4:ee:d1:bf:4f:64:f0:6a:4b:46:4e:2c:80:70:2d:57:e9:8a:
         2e:f7:b8:e1:b4:4c:83:22:b7:d1:a1:ef:bb:54:c7:07:d3:cb:
         68:fd:7e:b7:e8:fe:80:4f:b1:02:9b:10:ce:6e:76:81:77:01:
         90:ed:9c:d0:d4:03:d9:27:de:d5:92:52:8e:e0:cb:df:b6:d1:
         3d:49:3f:ec:14:de:68:e1:cd:ce:33:ee:b0:b1:ca:0a:d6:55:
         39:cd:cc:3b:ba:b9:19:d4:b9:ad:d4:b5:40:dc:57:c7:e2:85:
         94:54:ca:1e:6f:b1:c7:36:e0:0b:ad:9b:4a:05:e6:93:65:e5:
         20:ea:00:1d:2d:7e:2e:03:12:63:de:e1:f3:ca:65:9f:51:78:
         1c:bf:65:fc:41:89:ab:dd:a7:50:cb:2e:83:6e:36:57:0b:06:
         5e:26:c4:8f:fa:84:40:fc:fb:a4:0c:30:c9:4a:57:d9:a6:a8:
         cc:a7:24:3c:ea:46:d0:b2:09:47:0e:ac:90:4b:41:33:14:ba:
         b8:07:6c:ff:2c:4d:7e:35:5f:59:e3:30:b8:c6:e1:c5:79:73:
         df:0c:0e:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j75vYY5AN/0YlnNmGxZiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMTI4OGFlZWNkMTE0OWM5ZTc0NWY5ODY1M2U2ODkwYWZh
MjUzYWIwHhcNMjUxMDE5MTMwMTQyWhcNMjUxMDIwMTMwMTQyWjAzMTEwLwYDVQQD
Eyg1MmQ2M2RhZTdlMzk2OTliYWNlODY3MmQ0MTdiZTVhM2Q4MjczMzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteplCgvBA1v04NOc5QEXrDLCI2Pl
Fx65eCMn+gJjlOIe2mvkBqLv1ywoejcbhrg1khIW1wuvOMCjcu7DwyMcu/VsoXdw
GQd7qAyDa3YCnGcghTKaAoSa5fY/BRI0XHthAl16w1xMCDZc0OJVM7vCUyInYzXx
ckCF8w3w4BkHP1zsu09zqUaLkjOb/RTJQZhMftO5lZTPk5b45OSFb6CSsrgc3oue
FQCWEIq4AOznHmg8xJddIBE2+4/wOO3rSIk6nnOaxBiwiUXkzP2cV8vo/61fwjtp
b3wFrRP3armVzmgxsS4pIkX15Qv8UkmIO7rszLLwsCQc3lGQDrbGZZhrrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFLWPa5+OWmbrOhnLUF75aPYJzMLMB8GA1UdIwQY
MBaAFHoSiK7s0RScnnRfmGU+aJCvolOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWhLSXJ1elJGSnllZEYtWVpUNW9rSy1pVTZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9iNGYzZDAtYjFkMS00NmJlLWExOTAt
OGUyMDI3Njk1ZDA3LzEvZWhLSXJ1elJGSnllZEYtWVpUNW9rSy1pVTZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9iNGYzZDAtYjFkMS00NmJlLWExOTAtOGUyMDI3Njk1ZDA3
LzEvZWhLSXJ1elJGSnllZEYtWVpUNW9rSy1pVTZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYqzntA5k
4I/AV7xxh6li3bs47FaSkDervuFjAaqHWNgWllWLxO7Rv09k8GpLRk4sgHAtV+mK
Lve44bRMgyK30aHvu1THB9PLaP1+t+j+gE+xApsQzm52gXcBkO2c0NQD2Sfe1ZJS
juDL37bRPUk/7BTeaOHNzjPusLHKCtZVOc3MO7q5GdS5rdS1QNxXx+KFlFTKHm+x
xzbgC62bSgXmk2XlIOoAHS1+LgMSY97h88pln1F4HL9l/EGJq92nUMsug242VwsG
XibEj/qEQPz7pAwwyUpX2aaozKckPOpG0LIJRw6skEtBMxS6uAds/yxNfjVfWeMw
uMbhxXlz3wwOKA==
-----END CERTIFICATE-----