Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft
File:                     leN5E1KsgsnSB0NCTNxhcAlvT68.mft (raw, json)
Hash identifier:          NzRYUA7MKAeq/UfZQlT0Y2z1KIOAdg0PXU/FBbXPTF4=
Subject key identifier:   68:8B:2C:92:E1:3B:52:D4:44:DD:5B:F6:A8:36:32:B4:EF:12:28:3B
Authority key identifier: 95:E3:79:13:52:AC:82:C9:D2:07:43:42:4C:DC:61:70:09:6F:4F:AF
Certificate issuer:       /CN=95e3791352ac82c9d20743424cdc6170096f4faf
Certificate serial:       019A54C0D24C8A36EBCF1E653F374C705471
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/leN5E1KsgsnSB0NCTNxhcAlvT68.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft
Manifest number:          170C
Signing time:             Wed 05 Nov 2025 16:01:54 +0000
Manifest this update:     Wed 05 Nov 2025 16:01:54 +0000
Manifest next update:     Thu 06 Nov 2025 16:01:54 +0000
Files and hashes:         1: leN5E1KsgsnSB0NCTNxhcAlvT68.crl (hash: gc/aw+kEFupswj4X2Ay+uM6b0bUbWvv3ul0JdT5Cv/U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/leN5E1KsgsnSB0NCTNxhcAlvT68.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 16:01:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:54:c0:d2:4c:8a:36:eb:cf:1e:65:3f:37:4c:70:54:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95e3791352ac82c9d20743424cdc6170096f4faf
        Validity
            Not Before: Nov  5 16:01:54 2025 GMT
            Not After : Nov  6 16:01:54 2025 GMT
        Subject: CN=688b2c92e13b52d444dd5bf6a83632b4ef12283b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:ff:93:c5:7f:dd:66:cd:dd:87:b8:a8:05:1d:
                    d4:f4:46:f5:24:c7:83:08:16:b1:0e:54:c2:0e:b4:
                    c1:a8:2d:3d:fc:28:ea:59:22:bb:06:cf:1a:ff:92:
                    fc:56:3f:bd:24:00:2b:b3:fb:ff:92:d4:b4:40:99:
                    fe:c6:c2:2f:45:03:d8:b6:bc:0e:b9:91:02:de:5b:
                    f9:68:85:8a:23:0a:b2:f9:98:04:5f:5d:ec:3c:c7:
                    45:8b:f4:fa:d1:3d:b5:52:10:16:8d:23:68:ba:4f:
                    61:89:6a:d0:d6:d7:df:4f:e9:63:0c:5d:8b:f8:c1:
                    d5:5d:d8:2a:60:7f:1e:4c:2d:3c:20:2d:2d:aa:a3:
                    5e:d7:29:66:08:d1:33:41:4b:0f:bb:33:c0:de:3a:
                    73:c8:71:80:65:75:8d:19:87:f0:5b:03:3c:f8:68:
                    cf:8e:ed:f4:a3:6c:a3:f5:85:25:68:a0:08:d8:34:
                    f4:02:27:65:7f:52:a6:31:67:11:2c:c3:64:db:ee:
                    6f:6a:42:ad:e8:d1:0e:46:ad:59:39:30:39:9d:04:
                    86:96:01:67:43:a1:44:70:5c:da:20:c9:20:4f:1d:
                    4b:e1:c3:11:64:5a:89:2a:75:43:c9:58:b6:8d:c9:
                    c1:06:e7:2f:58:c9:30:d2:1c:31:91:c8:24:65:d1:
                    47:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:8B:2C:92:E1:3B:52:D4:44:DD:5B:F6:A8:36:32:B4:EF:12:28:3B
            X509v3 Authority Key Identifier:
                keyid:95:E3:79:13:52:AC:82:C9:D2:07:43:42:4C:DC:61:70:09:6F:4F:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/leN5E1KsgsnSB0NCTNxhcAlvT68.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:04:3c:44:0b:2c:38:85:4b:5c:37:2b:55:70:ad:ad:4f:fa:
         07:b3:dc:80:5b:7a:d7:3c:9f:1e:db:83:16:07:86:3c:ad:3a:
         ea:ed:2b:d4:48:1a:2f:f3:32:b7:2e:cb:9e:c2:09:ba:e8:3b:
         9b:53:b2:18:b2:3d:e7:03:79:61:5f:a7:68:a5:3f:de:83:97:
         98:8b:23:68:72:83:d5:e1:48:2d:19:e9:d7:19:c6:9b:18:85:
         d5:03:59:ba:37:5f:a8:f5:3d:1e:f1:13:83:64:78:49:d0:c9:
         e8:cf:72:9b:60:f5:63:8b:5b:3e:63:6d:07:ff:ed:95:c0:22:
         ec:1e:a1:e9:66:88:cf:0b:95:88:41:94:0c:e5:b4:bf:af:8f:
         55:9a:88:35:98:2d:e4:f2:4c:e5:9d:7d:b9:8c:7f:e6:0d:9a:
         73:d5:47:21:80:7e:13:46:de:91:ec:9f:76:78:09:0d:87:a1:
         b1:3b:82:fb:83:5b:61:d9:42:42:a2:9d:ba:30:66:c9:4c:d6:
         82:37:e1:2d:1a:ff:20:59:0a:04:14:e7:0f:98:93:25:33:24:
         06:48:fa:6a:68:ad:38:46:bb:af:de:5c:61:ec:1a:5e:87:af:
         d2:ba:72:ba:5b:37:0f:18:fd:00:6d:0e:2b:b8:01:54:7f:ab:
         5c:9b:98:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpUwNJMijbrzx5lPzdMcFRxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZTM3OTEzNTJhYzgyYzlkMjA3NDM0MjRjZGM2MTcwMDk2
ZjRmYWYwHhcNMjUxMTA1MTYwMTU0WhcNMjUxMTA2MTYwMTU0WjAzMTEwLwYDVQQD
Eyg2ODhiMmM5MmUxM2I1MmQ0NDRkZDViZjZhODM2MzJiNGVmMTIyODNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/+TxX/dZs3dh7ioBR3U9Eb1JMeD
CBaxDlTCDrTBqC09/CjqWSK7Bs8a/5L8Vj+9JAArs/v/ktS0QJn+xsIvRQPYtrwO
uZEC3lv5aIWKIwqy+ZgEX13sPMdFi/T60T21UhAWjSNouk9hiWrQ1tffT+ljDF2L
+MHVXdgqYH8eTC08IC0tqqNe1ylmCNEzQUsPuzPA3jpzyHGAZXWNGYfwWwM8+GjP
ju30o2yj9YUlaKAI2DT0Aidlf1KmMWcRLMNk2+5vakKt6NEORq1ZOTA5nQSGlgFn
Q6FEcFzaIMkgTx1L4cMRZFqJKnVDyVi2jcnBBucvWMkw0hwxkcgkZdFHNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGiLLJLhO1LURN1b9qg2MrTvEig7MB8GA1UdIwQY
MBaAFJXjeRNSrILJ0gdDQkzcYXAJb0+vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGVONUUxS3Nnc25TQjBOQ1ROeGhjQWx2VDY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xYTQ3MmYtYTEzNy00MmM5LWFjOWYt
NGMyYzBjOGYyNDYyLzEvbGVONUUxS3Nnc25TQjBOQ1ROeGhjQWx2VDY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xYTQ3MmYtYTEzNy00MmM5LWFjOWYtNGMyYzBjOGYyNDYy
LzEvbGVONUUxS3Nnc25TQjBOQ1ROeGhjQWx2VDY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAAQ8RAss
OIVLXDcrVXCtrU/6B7PcgFt61zyfHtuDFgeGPK066u0r1EgaL/Myty7LnsIJuug7
m1OyGLI95wN5YV+naKU/3oOXmIsjaHKD1eFILRnp1xnGmxiF1QNZujdfqPU9HvET
g2R4SdDJ6M9ym2D1Y4tbPmNtB//tlcAi7B6h6WaIzwuViEGUDOW0v6+PVZqINZgt
5PJM5Z19uYx/5g2ac9VHIYB+E0bekeyfdngJDYehsTuC+4NbYdlCQqKdujBmyUzW
gjfhLRr/IFkKBBTnD5iTJTMkBkj6amitOEa7r95cYewaXoev0rpyuls3Dxj9AG0O
K7gBVH+rXJuYvw==
-----END CERTIFICATE-----