Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.mft
File:                     aiElvfZalVLVuOF6s2FaoQuAWXY.mft (raw, json)
Hash identifier:          SM3L4QBigoMKIApfmnyYR/G+BOHeYz3sMm26rqCuClo=
Subject key identifier:   CE:FE:E1:30:8B:F1:9C:73:81:20:BA:C8:3B:EC:F4:7B:21:2C:E3:38
Authority key identifier: 6A:21:25:BD:F6:5A:95:52:D5:B8:E1:7A:B3:61:5A:A1:0B:80:59:76
Certificate issuer:       /CN=6a2125bdf65a9552d5b8e17ab3615aa10b805976
Certificate serial:       0199FEEBFFEC2ABA532B2B37922C90C75AA2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aiElvfZalVLVuOF6s2FaoQuAWXY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.mft
Manifest number:          02E5
Signing time:             Mon 20 Oct 2025 00:01:43 +0000
Manifest this update:     Mon 20 Oct 2025 00:01:43 +0000
Manifest next update:     Tue 21 Oct 2025 00:01:43 +0000
Files and hashes:         1: aiElvfZalVLVuOF6s2FaoQuAWXY.crl (hash: QKWtJ93IQNrHH5Hh4hRs74n/vjSaV/xfRybQq/IDl9I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aiElvfZalVLVuOF6s2FaoQuAWXY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:eb:ff:ec:2a:ba:53:2b:2b:37:92:2c:90:c7:5a:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a2125bdf65a9552d5b8e17ab3615aa10b805976
        Validity
            Not Before: Oct 20 00:01:43 2025 GMT
            Not After : Oct 21 00:01:43 2025 GMT
        Subject: CN=cefee1308bf19c738120bac83becf47b212ce338
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:9d:84:4b:d4:8a:44:bc:7e:1f:8c:ab:9e:6d:
                    8c:82:e8:2d:e8:af:7d:f2:68:e3:91:f6:50:bb:fa:
                    41:eb:29:2f:2e:75:e3:5e:d4:2c:ee:f3:d9:94:ca:
                    c1:9f:32:3b:7a:35:32:d6:06:ea:a3:af:a5:64:33:
                    46:46:b4:6d:6a:96:46:71:2f:22:46:e4:c6:ae:0a:
                    d7:34:f5:79:18:14:5c:aa:7e:68:1c:28:7e:df:1e:
                    fc:02:96:65:8f:cb:14:45:16:11:98:80:29:d5:86:
                    4b:85:17:01:d5:f1:4f:50:d9:97:8b:b8:a4:1c:be:
                    da:ce:a7:a1:b5:89:7c:81:e0:f3:ff:b5:dc:6e:b7:
                    2a:4e:8e:e3:11:0e:95:03:0c:92:3f:fe:bf:06:4f:
                    99:f1:4d:d1:50:4f:9f:d1:c8:4f:55:ed:df:25:35:
                    b1:d0:c0:22:22:07:5e:09:c3:d8:b3:b4:c5:3c:be:
                    c2:06:b2:4a:90:88:8f:e3:06:a9:6e:c4:61:60:76:
                    a0:35:ab:f1:b3:8f:00:ab:dd:e0:29:51:9e:45:87:
                    c3:5f:b0:92:0c:c7:a9:ed:6b:4b:f6:50:89:1c:b4:
                    ca:6a:65:d6:ba:75:e8:49:d6:1c:d0:7a:7c:e5:04:
                    47:6b:3b:34:39:3d:16:9a:74:3c:6c:0a:b1:6e:3e:
                    b3:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:FE:E1:30:8B:F1:9C:73:81:20:BA:C8:3B:EC:F4:7B:21:2C:E3:38
            X509v3 Authority Key Identifier:
                keyid:6A:21:25:BD:F6:5A:95:52:D5:B8:E1:7A:B3:61:5A:A1:0B:80:59:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aiElvfZalVLVuOF6s2FaoQuAWXY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:1a:1d:2e:b8:43:6a:7c:a6:5b:1f:a0:23:76:6d:68:64:1e:
         89:5e:35:48:c1:a1:e4:34:60:49:42:5a:0f:d1:7f:4a:1f:cf:
         cb:47:1c:84:e7:ee:f4:1b:91:c4:a9:e4:c4:ea:64:93:0d:75:
         f9:8e:22:5b:ee:21:22:67:94:5f:1f:78:14:32:c6:8e:7c:73:
         62:36:29:7f:f4:fa:2f:1a:94:48:39:4d:5c:49:4b:90:60:3b:
         2f:04:2e:c6:4e:a5:20:1e:e6:9a:88:fd:7d:cb:f6:02:ca:0f:
         1e:ed:4c:31:53:b5:b3:f1:d6:19:1e:1b:d6:0e:47:f8:da:21:
         d5:70:5f:98:62:68:73:b8:4e:4d:16:51:af:0e:48:01:4b:ed:
         17:89:29:2b:f7:ad:d9:a8:8a:c8:0b:cd:2b:8e:9d:87:de:9e:
         1a:a8:97:a1:3d:74:71:2d:00:a3:8d:03:9e:db:a7:48:0b:0f:
         3f:70:ae:23:43:4f:65:75:d2:d8:18:bb:01:67:27:1f:16:bd:
         b3:48:29:9c:d7:84:4e:b5:ff:7e:61:ee:a1:b9:da:73:b2:fe:
         f1:f7:b8:a8:3e:a3:d0:ae:31:eb:ab:bb:08:74:d3:12:07:7d:
         65:cf:53:29:58:ac:4e:13:4b:62:eb:9e:ba:1b:6f:ac:ad:f1:
         31:ac:14:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+6//sKrpTKys3kiyQx1qiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhMjEyNWJkZjY1YTk1NTJkNWI4ZTE3YWIzNjE1YWExMGI4
MDU5NzYwHhcNMjUxMDIwMDAwMTQzWhcNMjUxMDIxMDAwMTQzWjAzMTEwLwYDVQQD
EyhjZWZlZTEzMDhiZjE5YzczODEyMGJhYzgzYmVjZjQ3YjIxMmNlMzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp52ES9SKRLx+H4yrnm2Mgugt6K99
8mjjkfZQu/pB6ykvLnXjXtQs7vPZlMrBnzI7ejUy1gbqo6+lZDNGRrRtapZGcS8i
RuTGrgrXNPV5GBRcqn5oHCh+3x78ApZlj8sURRYRmIAp1YZLhRcB1fFPUNmXi7ik
HL7azqehtYl8geDz/7XcbrcqTo7jEQ6VAwySP/6/Bk+Z8U3RUE+f0chPVe3fJTWx
0MAiIgdeCcPYs7TFPL7CBrJKkIiP4wapbsRhYHagNavxs48Aq93gKVGeRYfDX7CS
DMep7WtL9lCJHLTKamXWunXoSdYc0Hp85QRHazs0OT0WmnQ8bAqxbj6z8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM7+4TCL8ZxzgSC6yDvs9HshLOM4MB8GA1UdIwQY
MBaAFGohJb32WpVS1bjherNhWqELgFl2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWlFbHZmWmFsVkxWdU9GNnMyRmFvUXVBV1hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9mNWI2OGUtZTA5My00NmQ1LThkMGQt
NjNlZDIyY2FiYzkyLzEvYWlFbHZmWmFsVkxWdU9GNnMyRmFvUXVBV1hZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9mNWI2OGUtZTA5My00NmQ1LThkMGQtNjNlZDIyY2FiYzky
LzEvYWlFbHZmWmFsVkxWdU9GNnMyRmFvUXVBV1hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfxodLrhD
anymWx+gI3ZtaGQeiV41SMGh5DRgSUJaD9F/Sh/Py0cchOfu9BuRxKnkxOpkkw11
+Y4iW+4hImeUXx94FDLGjnxzYjYpf/T6LxqUSDlNXElLkGA7LwQuxk6lIB7mmoj9
fcv2AsoPHu1MMVO1s/HWGR4b1g5H+Noh1XBfmGJoc7hOTRZRrw5IAUvtF4kpK/et
2aiKyAvNK46dh96eGqiXoT10cS0Ao40DntunSAsPP3CuI0NPZXXS2Bi7AWcnHxa9
s0gpnNeETrX/fmHuobnac7L+8fe4qD6j0K4x66u7CHTTEgd9Zc9TKVisThNLYuue
uhtvrK3xMawUPQ==
-----END CERTIFICATE-----