Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
File:                     52vcVigM5dn89QMlGKfsm2HizO0.mft (raw, json)
Hash identifier:          Q/ADWVgDWKrxtl96rPYosfj25GMjO6OUgaYrN87VMdU=
Subject key identifier:   72:51:19:0F:86:CC:F3:D1:B6:3B:00:1C:70:37:D8:2A:AA:AD:C9:00
Authority key identifier: E7:6B:DC:56:28:0C:E5:D9:FC:F5:03:25:18:A7:EC:9B:61:E2:CC:ED
Certificate issuer:       /CN=e76bdc56280ce5d9fcf5032518a7ec9b61e2cced
Certificate serial:       0199FDDA51267A4B5093D656D78A9D6DAAA7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
Manifest number:          11AC
Signing time:             Sun 19 Oct 2025 19:02:47 +0000
Manifest this update:     Sun 19 Oct 2025 19:02:47 +0000
Manifest next update:     Mon 20 Oct 2025 19:02:47 +0000
Files and hashes:         1: 52vcVigM5dn89QMlGKfsm2HizO0.crl (hash: YIzfsr9cNTyPiplq4U1TC7tWhb88rJezWsNjBHzR6zQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:da:51:26:7a:4b:50:93:d6:56:d7:8a:9d:6d:aa:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e76bdc56280ce5d9fcf5032518a7ec9b61e2cced
        Validity
            Not Before: Oct 19 19:02:47 2025 GMT
            Not After : Oct 20 19:02:47 2025 GMT
        Subject: CN=7251190f86ccf3d1b63b001c7037d82aaaadc900
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:4b:d8:6e:fb:b9:a7:c5:dc:af:0d:10:2a:8e:
                    dd:81:9d:f8:47:90:5c:6e:90:d3:d3:0c:06:c2:64:
                    80:3a:b2:f2:24:c5:ea:fb:54:87:4b:a7:10:f8:9d:
                    a7:9c:41:0d:75:54:39:11:45:63:e5:3c:44:38:e2:
                    fc:c7:bd:25:a5:52:73:eb:4c:70:89:87:55:d1:5f:
                    da:35:fb:bd:5a:59:cb:a6:d9:1b:f6:aa:7c:7b:55:
                    05:22:4d:7f:00:db:58:42:13:11:10:3a:fd:40:9f:
                    9f:f3:71:d4:62:cb:95:f7:6b:73:51:42:fe:14:72:
                    79:39:da:1a:2f:6a:15:27:5e:29:01:05:a5:18:03:
                    f1:a8:b5:bd:21:67:af:46:81:6f:f4:37:2c:b0:eb:
                    1b:d0:79:97:6a:a9:6c:7b:28:b8:4f:ce:33:bc:ac:
                    8d:51:d9:bb:b7:17:ea:8b:3b:e9:fc:3d:7f:c6:91:
                    57:9a:05:c9:d1:a8:20:7d:8d:87:6c:40:a6:73:df:
                    9d:0b:fb:5a:70:b7:20:8d:1e:be:10:31:f2:3d:d5:
                    d6:06:f3:c1:68:d8:87:1f:95:fb:a0:9d:9b:df:dc:
                    2b:84:97:da:ab:66:57:3a:41:1f:61:24:53:60:4c:
                    14:e6:81:8d:dc:c9:75:53:5a:1b:44:0c:ad:bc:e7:
                    78:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:51:19:0F:86:CC:F3:D1:B6:3B:00:1C:70:37:D8:2A:AA:AD:C9:00
            X509v3 Authority Key Identifier:
                keyid:E7:6B:DC:56:28:0C:E5:D9:FC:F5:03:25:18:A7:EC:9B:61:E2:CC:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:54:7d:55:c7:5a:f6:fe:06:18:a9:f1:5f:bf:6b:60:e9:0f:
         1e:a8:6e:91:d2:de:32:5e:70:87:ce:95:59:95:ee:24:e3:de:
         83:9d:b9:d5:24:49:73:4a:fe:1e:59:4f:e3:c2:fc:9a:5a:8e:
         c1:c4:0b:59:49:55:73:79:a5:78:03:2b:4d:20:82:80:04:ba:
         66:1f:86:e9:f8:73:a9:3d:ae:5c:8d:e6:97:f4:6f:18:94:02:
         6a:26:99:d8:10:09:0e:18:6d:52:38:61:0e:ad:46:c1:b6:cb:
         a9:a8:38:bc:93:8d:40:16:eb:3f:4c:f4:a4:9a:4f:73:1e:e3:
         4d:89:47:b8:80:cc:31:34:5a:52:07:e8:9e:76:af:de:04:0d:
         1f:bb:ce:c5:1b:ca:62:f8:7f:f0:af:7c:c7:09:9e:8b:d5:70:
         20:59:5f:f8:3e:5e:50:06:54:bc:47:51:58:8d:8f:5d:d4:04:
         d5:ed:12:67:81:84:df:44:37:93:66:10:7e:68:5b:1a:a5:e8:
         d0:9c:10:57:13:f9:a5:f6:e8:99:9d:31:e9:16:56:72:e5:c4:
         99:bd:98:64:d4:04:3f:e5:40:45:7e:f9:0f:18:0c:73:3a:84:
         12:24:5c:88:eb:9f:7f:c6:d0:e1:16:ce:16:cd:23:0b:3f:ac:
         dd:61:72:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92lEmektQk9ZW14qdbaqnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NmJkYzU2MjgwY2U1ZDlmY2Y1MDMyNTE4YTdlYzliNjFl
MmNjZWQwHhcNMjUxMDE5MTkwMjQ3WhcNMjUxMDIwMTkwMjQ3WjAzMTEwLwYDVQQD
Eyg3MjUxMTkwZjg2Y2NmM2QxYjYzYjAwMWM3MDM3ZDgyYWFhYWRjOTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEvYbvu5p8Xcrw0QKo7dgZ34R5Bc
bpDT0wwGwmSAOrLyJMXq+1SHS6cQ+J2nnEENdVQ5EUVj5TxEOOL8x70lpVJz60xw
iYdV0V/aNfu9WlnLptkb9qp8e1UFIk1/ANtYQhMREDr9QJ+f83HUYsuV92tzUUL+
FHJ5OdoaL2oVJ14pAQWlGAPxqLW9IWevRoFv9DcssOsb0HmXaqlseyi4T84zvKyN
Udm7txfqizvp/D1/xpFXmgXJ0aggfY2HbECmc9+dC/tacLcgjR6+EDHyPdXWBvPB
aNiHH5X7oJ2b39wrhJfaq2ZXOkEfYSRTYEwU5oGN3Ml1U1obRAytvOd4aQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHJRGQ+GzPPRtjsAHHA32CqqrckAMB8GA1UdIwQY
MBaAFOdr3FYoDOXZ/PUDJRin7Jth4sztMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8zZGRkNmEtMzAyNS00MTk2LTg0YzIt
ZjFjMjRhODEzOWRiLzEvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8zZGRkNmEtMzAyNS00MTk2LTg0YzItZjFjMjRhODEzOWRi
LzEvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWlR9Vcda
9v4GGKnxX79rYOkPHqhukdLeMl5wh86VWZXuJOPeg5251SRJc0r+HllP48L8mlqO
wcQLWUlVc3mleAMrTSCCgAS6Zh+G6fhzqT2uXI3ml/RvGJQCaiaZ2BAJDhhtUjhh
Dq1GwbbLqag4vJONQBbrP0z0pJpPcx7jTYlHuIDMMTRaUgfonnav3gQNH7vOxRvK
Yvh/8K98xwmei9VwIFlf+D5eUAZUvEdRWI2PXdQE1e0SZ4GE30Q3k2YQfmhbGqXo
0JwQVxP5pfbomZ0x6RZWcuXEmb2YZNQEP+VARX75DxgMczqEEiRciOuff8bQ4RbO
Fs0jCz+s3WFypg==
-----END CERTIFICATE-----