Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/7bd8f3-4753-42cd-8ff3-6333186589a9/1/lg5oyDibCdw0VGSkAK8nZWjn-Wo.mft
File:                     lg5oyDibCdw0VGSkAK8nZWjn-Wo.mft (raw, json)
Hash identifier:          u4LOGoXta4KsWRjWmT8yMwWXVaGSK/hNSqPOfGgAIBo=
Subject key identifier:   6B:74:F0:2E:22:36:60:20:4F:0D:DD:2A:3E:53:5A:E8:68:0F:61:A1
Authority key identifier: 96:0E:68:C8:38:9B:09:DC:34:54:64:A4:00:AF:27:65:68:E7:F9:6A
Certificate issuer:       /CN=960e68c8389b09dc345464a400af276568e7f96a
Certificate serial:       019A51873835A04333FE312745FF43F8ABA0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lg5oyDibCdw0VGSkAK8nZWjn-Wo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/7bd8f3-4753-42cd-8ff3-6333186589a9/1/lg5oyDibCdw0VGSkAK8nZWjn-Wo.mft
Manifest number:          0F90
Signing time:             Wed 05 Nov 2025 01:00:07 +0000
Manifest this update:     Wed 05 Nov 2025 01:00:07 +0000
Manifest next update:     Thu 06 Nov 2025 01:00:07 +0000
Files and hashes:         1: lg5oyDibCdw0VGSkAK8nZWjn-Wo.crl (hash: qeYj0aSvEhEbMLBTUXlVxvsfDk5lb1lzwx9mW4GHch8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/7bd8f3-4753-42cd-8ff3-6333186589a9/1/lg5oyDibCdw0VGSkAK8nZWjn-Wo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/7bd8f3-4753-42cd-8ff3-6333186589a9/1/lg5oyDibCdw0VGSkAK8nZWjn-Wo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lg5oyDibCdw0VGSkAK8nZWjn-Wo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 22:37:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:51:87:38:35:a0:43:33:fe:31:27:45:ff:43:f8:ab:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=960e68c8389b09dc345464a400af276568e7f96a
        Validity
            Not Before: Nov  5 01:00:07 2025 GMT
            Not After : Nov  6 01:00:07 2025 GMT
        Subject: CN=6b74f02e223660204f0ddd2a3e535ae8680f61a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:97:ce:da:2e:be:1b:cf:0f:d0:b0:3e:38:0a:
                    e8:c1:a0:47:b7:32:40:99:90:e3:c4:35:46:d8:45:
                    0b:fb:c7:d1:3a:40:50:18:46:3c:a7:f3:5f:ea:d5:
                    c1:50:55:e5:c8:6e:83:e9:c3:fa:f0:ad:3f:6d:97:
                    11:1c:44:d2:9e:68:9e:95:a1:47:ef:d8:66:09:f5:
                    99:48:b8:9f:67:dc:76:eb:f4:f2:76:68:0b:36:86:
                    d9:e2:64:0e:bf:4b:dc:42:d5:c7:dc:39:4f:ed:b9:
                    d4:16:19:fc:5f:3f:93:76:e5:c1:bb:a3:9f:40:63:
                    07:bd:e8:79:da:aa:70:13:26:19:e9:2d:45:36:63:
                    65:3a:bc:72:e2:35:29:c0:ff:a6:7c:94:ba:43:7d:
                    6f:e9:82:6a:d8:f0:05:b9:1e:51:e8:a7:a6:4c:d8:
                    45:86:f4:b2:d3:d1:d0:3f:73:91:e5:cf:71:bd:27:
                    06:04:d6:88:41:bf:55:89:6c:34:03:f8:05:73:81:
                    10:c3:79:d2:3f:41:00:5f:a8:e4:fe:cd:1f:36:d8:
                    04:9c:4c:b9:a3:2d:b3:cd:32:6d:1f:1a:55:79:4f:
                    e6:98:60:bb:92:ea:f2:34:68:ff:08:4f:91:48:5c:
                    2a:0b:08:84:e0:fb:4d:60:4f:2d:a0:aa:b8:a7:80:
                    d9:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:74:F0:2E:22:36:60:20:4F:0D:DD:2A:3E:53:5A:E8:68:0F:61:A1
            X509v3 Authority Key Identifier:
                keyid:96:0E:68:C8:38:9B:09:DC:34:54:64:A4:00:AF:27:65:68:E7:F9:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lg5oyDibCdw0VGSkAK8nZWjn-Wo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/7bd8f3-4753-42cd-8ff3-6333186589a9/1/lg5oyDibCdw0VGSkAK8nZWjn-Wo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/7bd8f3-4753-42cd-8ff3-6333186589a9/1/lg5oyDibCdw0VGSkAK8nZWjn-Wo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:fa:cb:c8:75:dc:0f:ad:68:28:1d:ad:9e:67:c1:2f:c3:ff:
         6d:fb:48:c7:3b:cf:89:ec:ac:f2:3b:19:cd:8e:a2:c3:f5:8c:
         e8:39:f2:5f:fd:45:95:0f:c0:9a:41:9c:03:f2:b4:7f:45:9f:
         93:b4:f9:1d:36:1b:d2:7e:9e:d7:34:99:fc:c4:25:d0:f6:44:
         15:da:cd:8f:48:22:df:20:92:0c:0f:ee:ab:1e:9d:1b:b9:d9:
         a4:44:ab:90:98:ff:4b:96:ad:d4:39:44:a8:cc:da:0e:c7:df:
         27:59:5e:dc:8d:a8:7f:5b:1c:91:fe:9f:fb:4c:63:dc:c3:38:
         f2:e9:60:ad:82:9f:44:b4:f5:45:fd:53:c7:43:c3:22:1e:5d:
         2e:f2:d7:b4:61:2c:2b:c8:80:ef:fb:cf:74:34:2c:c4:25:f5:
         ec:61:ab:4f:7d:10:8f:a8:2b:c4:ed:c8:26:dd:24:72:54:74:
         19:a1:a0:12:a7:46:a2:8b:bb:f7:0f:22:b4:74:1f:20:a5:8a:
         a3:ef:72:e1:71:6c:c7:a0:0d:2b:e4:b1:12:9a:f9:ee:86:b5:
         68:86:7d:40:74:c8:55:19:7e:6a:82:c2:a8:22:2a:63:64:9a:
         42:cc:a0:ba:95:49:12:f8:a7:ac:c7:4d:fa:66:04:98:01:3e:
         c0:94:93:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRhzg1oEMz/jEnRf9D+KugMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MGU2OGM4Mzg5YjA5ZGMzNDU0NjRhNDAwYWYyNzY1Njhl
N2Y5NmEwHhcNMjUxMTA1MDEwMDA3WhcNMjUxMTA2MDEwMDA3WjAzMTEwLwYDVQQD
Eyg2Yjc0ZjAyZTIyMzY2MDIwNGYwZGRkMmEzZTUzNWFlODY4MGY2MWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15fO2i6+G88P0LA+OArowaBHtzJA
mZDjxDVG2EUL+8fROkBQGEY8p/Nf6tXBUFXlyG6D6cP68K0/bZcRHETSnmielaFH
79hmCfWZSLifZ9x26/TydmgLNobZ4mQOv0vcQtXH3DlP7bnUFhn8Xz+TduXBu6Of
QGMHveh52qpwEyYZ6S1FNmNlOrxy4jUpwP+mfJS6Q31v6YJq2PAFuR5R6KemTNhF
hvSy09HQP3OR5c9xvScGBNaIQb9ViWw0A/gFc4EQw3nSP0EAX6jk/s0fNtgEnEy5
oy2zzTJtHxpVeU/mmGC7kuryNGj/CE+RSFwqCwiE4PtNYE8toKq4p4DZQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGt08C4iNmAgTw3dKj5TWuhoD2GhMB8GA1UdIwQY
MBaAFJYOaMg4mwncNFRkpACvJ2Vo5/lqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGc1b3lEaWJDZHcwVkdTa0FLOG5aV2puLVdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy83YmQ4ZjMtNDc1My00MmNkLThmZjMt
NjMzMzE4NjU4OWE5LzEvbGc1b3lEaWJDZHcwVkdTa0FLOG5aV2puLVdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy83YmQ4ZjMtNDc1My00MmNkLThmZjMtNjMzMzE4NjU4OWE5
LzEvbGc1b3lEaWJDZHcwVkdTa0FLOG5aV2puLVdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAffrLyHXc
D61oKB2tnmfBL8P/bftIxzvPieys8jsZzY6iw/WM6DnyX/1FlQ/AmkGcA/K0f0Wf
k7T5HTYb0n6e1zSZ/MQl0PZEFdrNj0gi3yCSDA/uqx6dG7nZpESrkJj/S5at1DlE
qMzaDsffJ1le3I2of1sckf6f+0xj3MM48ulgrYKfRLT1Rf1Tx0PDIh5dLvLXtGEs
K8iA7/vPdDQsxCX17GGrT30Qj6grxO3IJt0kclR0GaGgEqdGoou79w8itHQfIKWK
o+9y4XFsx6ANK+SxEpr57oa1aIZ9QHTIVRl+aoLCqCIqY2SaQsygupVJEvinrMdN
+mYEmAE+wJSTCw==
-----END CERTIFICATE-----