Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft
File:                     tY6n73bYACz8pmxSD3ybYIo5XZU.mft (raw, json)
Hash identifier:          AiHsARxl5YquJnySBkTeJ8l+tde5hhd21/N+uOz+18Y=
Subject key identifier:   49:4F:1D:BC:A6:65:75:82:BC:C9:0F:32:88:D1:66:37:DA:5A:79:4E
Authority key identifier: B5:8E:A7:EF:76:D8:00:2C:FC:A6:6C:52:0F:7C:9B:60:8A:39:5D:95
Certificate issuer:       /CN=b58ea7ef76d8002cfca66c520f7c9b608a395d95
Certificate serial:       0199FF2277B5AF3F652EFDF71551CBE80123
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tY6n73bYACz8pmxSD3ybYIo5XZU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft
Manifest number:          0674
Signing time:             Mon 20 Oct 2025 01:01:12 +0000
Manifest this update:     Mon 20 Oct 2025 01:01:12 +0000
Manifest next update:     Tue 21 Oct 2025 01:01:12 +0000
Files and hashes:         1: tY6n73bYACz8pmxSD3ybYIo5XZU.crl (hash: g9rUFHvj/IzU0XnWM3vHZZkfIfVg1AP9Kwx/IHP0hDM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tY6n73bYACz8pmxSD3ybYIo5XZU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:22:77:b5:af:3f:65:2e:fd:f7:15:51:cb:e8:01:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b58ea7ef76d8002cfca66c520f7c9b608a395d95
        Validity
            Not Before: Oct 20 01:01:12 2025 GMT
            Not After : Oct 21 01:01:12 2025 GMT
        Subject: CN=494f1dbca6657582bcc90f3288d16637da5a794e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:32:f3:a1:a9:71:ab:9d:0e:b8:27:93:a0:f0:
                    f2:e9:17:b2:99:f1:99:47:85:f5:20:4e:33:78:e8:
                    0f:f6:87:b5:5a:03:21:7d:51:70:36:5d:c8:26:d9:
                    ed:06:20:f8:74:3b:a1:c1:b6:08:11:0c:66:d2:76:
                    d8:a5:bc:b4:9b:c5:87:0e:7f:d9:96:af:69:bf:6d:
                    69:c2:d4:b9:26:4a:34:3b:8d:0d:b8:92:c6:70:d1:
                    40:b8:f0:18:f1:c0:fd:3b:61:25:46:6f:d9:af:01:
                    2f:63:3b:2a:cb:15:5c:bd:2a:0c:b0:9a:b0:1c:ea:
                    36:dc:08:42:54:b7:89:35:fd:40:55:9a:cd:bf:95:
                    a6:d3:c4:1b:f8:2b:61:a2:84:77:c5:56:be:9d:be:
                    51:a3:52:7a:e0:f8:bb:f1:c8:1f:d0:97:9f:b3:d1:
                    45:26:71:83:4b:37:65:db:9a:1d:ca:77:03:b5:51:
                    13:29:2f:99:09:dd:24:0c:9e:ab:8b:aa:a7:d5:81:
                    fc:fe:ff:b7:0a:ec:48:a5:69:fb:51:b0:c1:41:e9:
                    49:23:1a:ec:b9:73:c0:29:2d:7b:46:53:31:a4:33:
                    55:ce:3e:92:bf:0a:33:49:e4:9b:52:a8:ba:af:20:
                    27:21:47:1d:e5:f9:9c:d0:20:5f:f8:1d:95:03:38:
                    b6:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:4F:1D:BC:A6:65:75:82:BC:C9:0F:32:88:D1:66:37:DA:5A:79:4E
            X509v3 Authority Key Identifier:
                keyid:B5:8E:A7:EF:76:D8:00:2C:FC:A6:6C:52:0F:7C:9B:60:8A:39:5D:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tY6n73bYACz8pmxSD3ybYIo5XZU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:c7:51:f2:f1:98:38:71:67:45:fc:d0:1a:76:6f:63:8c:0a:
         da:60:7c:86:09:fb:38:5a:bc:2c:0b:0c:44:54:ec:5a:60:6b:
         e7:d3:0a:71:23:fa:82:77:e3:c3:d3:97:09:d4:8b:63:1b:e6:
         18:0c:1e:ba:d1:60:c6:f0:d1:d2:83:98:dc:92:ee:a1:0a:c6:
         20:44:7e:1b:c2:da:4e:9a:9d:e6:29:93:32:39:d6:05:da:93:
         5a:23:69:ea:5b:bc:7b:3e:bb:14:00:e5:7e:93:bb:af:3b:47:
         02:5f:01:55:c5:91:d5:ce:0a:21:8a:96:c2:81:09:d6:c0:a0:
         f4:65:bb:4a:87:67:53:b0:dc:ae:40:6d:82:df:a8:6b:5a:65:
         fe:58:1f:9c:e1:75:5c:18:78:5f:ec:95:a5:96:63:3d:b3:a0:
         64:b2:e9:f6:6a:df:5e:1d:e8:1a:f5:39:0e:34:e2:8a:ac:4b:
         6a:6c:29:03:3d:f9:c8:64:e8:ca:a5:11:d8:85:99:66:82:24:
         ef:15:4c:23:d8:7b:48:0c:0a:d6:61:c4:98:34:61:3c:e6:57:
         d9:da:ed:f0:9d:68:bd:1c:dd:00:28:60:a0:15:1d:12:91:71:
         57:9c:23:f0:94:e7:7f:fc:93:18:12:e0:9c:4f:0b:af:1d:5b:
         cd:21:e0:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/Ine1rz9lLv33FVHL6AEjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1OGVhN2VmNzZkODAwMmNmY2E2NmM1MjBmN2M5YjYwOGEz
OTVkOTUwHhcNMjUxMDIwMDEwMTEyWhcNMjUxMDIxMDEwMTEyWjAzMTEwLwYDVQQD
Eyg0OTRmMWRiY2E2NjU3NTgyYmNjOTBmMzI4OGQxNjYzN2RhNWE3OTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjLzoalxq50OuCeToPDy6ReymfGZ
R4X1IE4zeOgP9oe1WgMhfVFwNl3IJtntBiD4dDuhwbYIEQxm0nbYpby0m8WHDn/Z
lq9pv21pwtS5Jko0O40NuJLGcNFAuPAY8cD9O2ElRm/ZrwEvYzsqyxVcvSoMsJqw
HOo23AhCVLeJNf1AVZrNv5Wm08Qb+CthooR3xVa+nb5Ro1J64Pi78cgf0Jefs9FF
JnGDSzdl25odyncDtVETKS+ZCd0kDJ6ri6qn1YH8/v+3CuxIpWn7UbDBQelJIxrs
uXPAKS17RlMxpDNVzj6SvwozSeSbUqi6ryAnIUcd5fmc0CBf+B2VAzi2/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFElPHbymZXWCvMkPMojRZjfaWnlOMB8GA1UdIwQY
MBaAFLWOp+922AAs/KZsUg98m2CKOV2VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFk2bjczYllBQ3o4cG14U0QzeWJZSW81WFpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS80ZDk1YmEtOTlmYy00OTNlLWE1YzQt
NmI5ZmYyY2ZhMDdmLzEvdFk2bjczYllBQ3o4cG14U0QzeWJZSW81WFpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS80ZDk1YmEtOTlmYy00OTNlLWE1YzQtNmI5ZmYyY2ZhMDdm
LzEvdFk2bjczYllBQ3o4cG14U0QzeWJZSW81WFpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIcdR8vGY
OHFnRfzQGnZvY4wK2mB8hgn7OFq8LAsMRFTsWmBr59MKcSP6gnfjw9OXCdSLYxvm
GAweutFgxvDR0oOY3JLuoQrGIER+G8LaTpqd5imTMjnWBdqTWiNp6lu8ez67FADl
fpO7rztHAl8BVcWR1c4KIYqWwoEJ1sCg9GW7SodnU7DcrkBtgt+oa1pl/lgfnOF1
XBh4X+yVpZZjPbOgZLLp9mrfXh3oGvU5DjTiiqxLamwpAz35yGToyqUR2IWZZoIk
7xVMI9h7SAwK1mHEmDRhPOZX2drt8J1ovRzdAChgoBUdEpFxV5wj8JTnf/yTGBLg
nE8Lrx1bzSHg3A==
-----END CERTIFICATE-----