Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft
File:                     lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft (raw, json)
Hash identifier:          w1TUg+dlpeyoDuD1mmC9PDnkF2BpKqBxMgR+fJmu4wI=
Subject key identifier:   C9:A5:7E:3A:89:53:2A:0F:0B:52:3E:8E:ED:DD:B8:51:4A:22:D5:54
Authority key identifier: 94:75:ED:DC:A9:5B:73:66:53:A4:C9:F9:D9:15:40:D2:D3:EF:B5:3D
Certificate issuer:       /CN=9475eddca95b736653a4c9f9d91540d2d3efb53d
Certificate serial:       019A4EF57D477497FDDD36FC2B07AEDB0582
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft
Manifest number:          034A
Signing time:             Tue 04 Nov 2025 13:01:42 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:42 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:42 +0000
Files and hashes:         1: lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl (hash: lKleBVXqVqqP/6Lrz2SMaL6d4hgSOnJrswV3wsGo5l0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:7d:47:74:97:fd:dd:36:fc:2b:07:ae:db:05:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9475eddca95b736653a4c9f9d91540d2d3efb53d
        Validity
            Not Before: Nov  4 13:01:42 2025 GMT
            Not After : Nov  5 13:01:42 2025 GMT
        Subject: CN=c9a57e3a89532a0f0b523e8eedddb8514a22d554
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:2d:3e:2d:9c:47:37:07:05:5c:87:e4:33:fb:
                    4a:a7:a7:8e:e2:4d:3a:87:84:b2:bb:50:27:cc:8c:
                    1a:7e:d2:df:8e:9f:dd:b3:39:47:7a:95:68:4c:8b:
                    92:12:83:83:03:f0:36:5d:c5:cc:4a:5e:76:9b:da:
                    9f:f9:46:5b:6d:ed:25:64:51:be:58:34:e2:df:f1:
                    23:46:6e:79:62:72:ea:aa:0a:8a:ea:7f:d9:64:91:
                    a0:24:61:ff:38:35:4f:f1:9a:18:be:12:2c:58:a7:
                    76:fb:c6:ee:d3:a7:31:6e:a6:7a:a4:fc:52:c5:dc:
                    e2:a3:e5:b4:aa:5c:9f:17:cb:b2:47:95:01:c8:af:
                    8c:91:5d:0e:9f:02:6a:2d:58:95:26:c3:38:23:05:
                    c0:1b:da:2c:c1:80:fe:21:d4:e1:71:66:64:b8:10:
                    f0:39:96:51:67:52:b4:fb:c5:61:b2:69:60:c1:e8:
                    97:9c:fc:d7:c0:9e:7d:06:89:24:15:8f:f0:33:e6:
                    97:15:c7:43:a7:3a:d3:15:70:f8:4d:46:41:ea:77:
                    9e:62:07:0b:0c:99:ee:68:18:a4:62:d2:a5:b4:cf:
                    05:2f:d9:4d:b4:60:62:99:aa:0d:bb:a6:c0:4c:fb:
                    89:d3:3d:dd:41:c6:48:fd:c2:8e:3b:c3:33:d3:d7:
                    1b:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:A5:7E:3A:89:53:2A:0F:0B:52:3E:8E:ED:DD:B8:51:4A:22:D5:54
            X509v3 Authority Key Identifier:
                keyid:94:75:ED:DC:A9:5B:73:66:53:A4:C9:F9:D9:15:40:D2:D3:EF:B5:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:a8:53:b1:f2:7c:ea:77:07:6d:8c:16:35:c1:df:0c:b6:4e:
         21:82:de:12:53:f6:4c:f0:6e:1f:47:f9:11:9c:ca:83:c3:28:
         40:2b:e1:71:50:c1:95:07:a4:f3:ef:ef:46:9b:b6:a8:31:f1:
         27:0b:d2:cb:6d:12:ba:95:3d:99:27:c3:1a:6f:7f:a9:94:5b:
         50:85:ab:d2:82:1e:37:d0:59:30:37:4f:19:57:9c:1f:03:df:
         03:4b:bf:0e:81:6c:e4:ba:a4:c5:47:7c:72:15:f6:d9:25:94:
         7c:f7:2a:5d:8c:d2:e7:26:2f:ad:91:47:b6:da:6f:1c:8f:2c:
         3b:2b:10:ed:9d:e4:24:5b:13:da:e4:21:30:80:17:e1:a3:26:
         f0:b4:96:6c:f5:be:bd:99:47:88:73:d7:50:35:91:a7:93:03:
         f5:8c:39:7f:8e:19:fd:02:8e:60:00:16:d7:1c:5d:a6:42:05:
         88:de:3a:35:b7:e3:d3:d2:2e:94:50:b9:99:76:8e:c8:dd:ac:
         0c:02:47:6e:35:ef:8e:a1:1b:6a:a7:df:57:41:73:c7:d4:f2:
         d8:e6:6b:e6:0a:23:d3:5c:00:36:00:ee:4a:c6:27:d8:80:11:
         db:57:60:be:fb:bc:34:d2:50:cd:96:b7:34:f4:f0:37:3f:16:
         1c:d8:ee:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9X1HdJf93Tb8Kweu2wWCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NzVlZGRjYTk1YjczNjY1M2E0YzlmOWQ5MTU0MGQyZDNl
ZmI1M2QwHhcNMjUxMTA0MTMwMTQyWhcNMjUxMTA1MTMwMTQyWjAzMTEwLwYDVQQD
EyhjOWE1N2UzYTg5NTMyYTBmMGI1MjNlOGVlZGRkYjg1MTRhMjJkNTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhi0+LZxHNwcFXIfkM/tKp6eO4k06
h4Syu1AnzIwaftLfjp/dszlHepVoTIuSEoODA/A2XcXMSl52m9qf+UZbbe0lZFG+
WDTi3/EjRm55YnLqqgqK6n/ZZJGgJGH/ODVP8ZoYvhIsWKd2+8bu06cxbqZ6pPxS
xdzio+W0qlyfF8uyR5UByK+MkV0OnwJqLViVJsM4IwXAG9oswYD+IdThcWZkuBDw
OZZRZ1K0+8VhsmlgweiXnPzXwJ59BokkFY/wM+aXFcdDpzrTFXD4TUZB6neeYgcL
DJnuaBikYtKltM8FL9lNtGBimaoNu6bATPuJ0z3dQcZI/cKOO8Mz09cbqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMmlfjqJUyoPC1I+ju3duFFKItVUMB8GA1UdIwQY
MBaAFJR17dypW3NmU6TJ+dkVQNLT77U9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yM2NhMjEtYmNlYi00MzNlLWI3ZDkt
N2IwMDM5ODRiODYzLzEvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yM2NhMjEtYmNlYi00MzNlLWI3ZDktN2IwMDM5ODRiODYz
LzEvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC6hTsfJ8
6ncHbYwWNcHfDLZOIYLeElP2TPBuH0f5EZzKg8MoQCvhcVDBlQek8+/vRpu2qDHx
JwvSy20SupU9mSfDGm9/qZRbUIWr0oIeN9BZMDdPGVecHwPfA0u/DoFs5LqkxUd8
chX22SWUfPcqXYzS5yYvrZFHttpvHI8sOysQ7Z3kJFsT2uQhMIAX4aMm8LSWbPW+
vZlHiHPXUDWRp5MD9Yw5f44Z/QKOYAAW1xxdpkIFiN46Nbfj09IulFC5mXaOyN2s
DAJHbjXvjqEbaqffV0Fzx9Ty2OZr5goj01wANgDuSsYn2IAR21dgvvu8NNJQzZa3
NPTwNz8WHNjumA==
-----END CERTIFICATE-----