Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft
File:                     L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft (raw, json)
Hash identifier:          VDxPCS8BTYhHIvzlkQIrofMv8ipnEl4NLSEetd/pNmk=
Subject key identifier:   9C:5F:2E:80:5E:8E:6D:70:8B:0E:6A:21:AA:3E:E5:EE:22:55:67:93
Authority key identifier: 2F:70:53:26:64:34:3C:B3:D2:89:70:23:A1:27:F6:0B:A9:17:A5:DD
Certificate issuer:       /CN=2f70532664343cb3d2897023a127f60ba917a5dd
Certificate serial:       019A4D740F3E7912E2840FC3A0C202D6EF69
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft
Manifest number:          0CFE
Signing time:             Tue 04 Nov 2025 06:00:42 +0000
Manifest this update:     Tue 04 Nov 2025 06:00:42 +0000
Manifest next update:     Wed 05 Nov 2025 06:00:42 +0000
Files and hashes:         1: L3BTJmQ0PLPSiXAjoSf2C6kXpd0.crl (hash: PgoVCy27AOj2owVMavUYCK66h3PzM22DQXW52s9MIWQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 06:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:74:0f:3e:79:12:e2:84:0f:c3:a0:c2:02:d6:ef:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f70532664343cb3d2897023a127f60ba917a5dd
        Validity
            Not Before: Nov  4 06:00:42 2025 GMT
            Not After : Nov  5 06:00:42 2025 GMT
        Subject: CN=9c5f2e805e8e6d708b0e6a21aa3ee5ee22556793
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:cd:fb:f3:97:83:12:cd:e3:6c:c1:c8:9b:54:
                    24:a8:42:f2:dc:b0:64:7e:e9:53:05:7c:23:d3:6d:
                    56:14:97:91:d2:05:b3:4b:06:79:fa:ca:a8:fe:a7:
                    d4:4e:0e:4c:bf:cd:e5:03:19:be:7f:cf:7d:93:d3:
                    0d:69:a5:5f:fc:fa:3c:b3:06:57:7b:2e:47:6a:d9:
                    f9:03:9d:da:67:4e:6d:a8:cf:1a:f7:6f:a1:bb:70:
                    10:d3:d3:5a:bc:11:34:f2:10:f1:e3:6c:e6:61:33:
                    5f:e0:2a:bf:8a:3f:11:df:97:d9:73:6d:ce:56:01:
                    45:57:e6:40:af:d5:cf:79:4b:01:4e:d0:9f:71:91:
                    70:e7:97:62:b0:58:00:69:04:85:08:e6:40:86:f7:
                    47:4d:2c:5f:6d:da:6c:78:b3:4e:0c:96:20:a4:87:
                    19:20:f3:7c:60:41:71:e4:20:9d:12:a7:c0:bf:59:
                    ac:61:3e:09:82:24:fe:7c:8e:d7:35:c0:88:ff:59:
                    71:c6:81:05:0b:6d:6b:69:f3:32:63:a0:be:8f:31:
                    64:f8:a5:d7:cc:20:69:45:c2:b9:f4:48:bf:a7:fc:
                    30:ef:3d:49:25:73:cc:b6:6b:e4:6b:f0:0b:96:ee:
                    5b:05:ce:dc:08:be:38:2d:4b:f8:37:f6:c1:42:24:
                    1d:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:5F:2E:80:5E:8E:6D:70:8B:0E:6A:21:AA:3E:E5:EE:22:55:67:93
            X509v3 Authority Key Identifier:
                keyid:2F:70:53:26:64:34:3C:B3:D2:89:70:23:A1:27:F6:0B:A9:17:A5:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:9c:3c:ee:ac:e8:43:a5:df:74:74:ca:84:1d:55:6f:5c:ac:
         4f:be:5e:2d:72:f9:63:6a:9c:52:2d:5f:b3:c5:62:59:5d:ba:
         a4:21:0d:58:ac:d1:8a:0d:13:31:4e:4b:03:c8:6e:c2:98:4c:
         41:f4:78:a0:6e:15:99:a9:98:51:03:72:29:2a:67:83:c3:b4:
         a1:f0:37:d9:de:c2:76:bb:d9:60:78:d6:b9:6e:70:97:89:b0:
         5e:f4:a7:05:b0:2b:83:46:20:ef:7a:49:de:61:37:55:0c:21:
         6a:26:16:95:20:17:fb:ca:c5:74:49:a7:85:f1:43:20:49:26:
         e6:24:6e:da:94:a2:15:48:b4:0f:90:33:9a:80:ab:00:20:bb:
         c9:29:e5:44:35:0a:08:09:bc:de:75:53:23:14:c8:ba:e0:37:
         86:25:e0:c9:34:df:20:81:7d:39:59:61:4b:5e:75:ea:dd:14:
         c0:59:95:08:27:ad:eb:9e:a6:d0:4a:3f:2c:b1:cb:3c:fe:cf:
         c2:eb:e3:3a:cf:6f:07:08:4f:30:bf:a7:44:ef:2b:d7:2b:ee:
         09:53:fe:27:9c:eb:26:78:72:ba:f3:9a:41:1f:cb:fc:f6:06:
         a7:e1:f8:1f:06:c8:ca:e7:e4:0e:e9:69:8b:20:67:60:06:74:
         7d:7f:99:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNdA8+eRLihA/DoMIC1u9pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNzA1MzI2NjQzNDNjYjNkMjg5NzAyM2ExMjdmNjBiYTkx
N2E1ZGQwHhcNMjUxMTA0MDYwMDQyWhcNMjUxMTA1MDYwMDQyWjAzMTEwLwYDVQQD
Eyg5YzVmMmU4MDVlOGU2ZDcwOGIwZTZhMjFhYTNlZTVlZTIyNTU2NzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAps3785eDEs3jbMHIm1QkqELy3LBk
fulTBXwj021WFJeR0gWzSwZ5+sqo/qfUTg5Mv83lAxm+f899k9MNaaVf/Po8swZX
ey5Hatn5A53aZ05tqM8a92+hu3AQ09NavBE08hDx42zmYTNf4Cq/ij8R35fZc23O
VgFFV+ZAr9XPeUsBTtCfcZFw55disFgAaQSFCOZAhvdHTSxfbdpseLNODJYgpIcZ
IPN8YEFx5CCdEqfAv1msYT4JgiT+fI7XNcCI/1lxxoEFC21rafMyY6C+jzFk+KXX
zCBpRcK59Ei/p/ww7z1JJXPMtmvka/ALlu5bBc7cCL44LUv4N/bBQiQdiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJxfLoBejm1wiw5qIao+5e4iVWeTMB8GA1UdIwQY
MBaAFC9wUyZkNDyz0olwI6En9gupF6XdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDNCVEptUTBQTFBTaVhBam9TZjJDNmtYcGQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC82YzU5YzAtZWNkOC00NzI3LWIxZGUt
MzE1YTc5ZjU5ZTE4LzEvTDNCVEptUTBQTFBTaVhBam9TZjJDNmtYcGQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC82YzU5YzAtZWNkOC00NzI3LWIxZGUtMzE1YTc5ZjU5ZTE4
LzEvTDNCVEptUTBQTFBTaVhBam9TZjJDNmtYcGQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApZw87qzo
Q6XfdHTKhB1Vb1ysT75eLXL5Y2qcUi1fs8ViWV26pCENWKzRig0TMU5LA8huwphM
QfR4oG4VmamYUQNyKSpng8O0ofA32d7CdrvZYHjWuW5wl4mwXvSnBbArg0Yg73pJ
3mE3VQwhaiYWlSAX+8rFdEmnhfFDIEkm5iRu2pSiFUi0D5AzmoCrACC7ySnlRDUK
CAm83nVTIxTIuuA3hiXgyTTfIIF9OVlhS1516t0UwFmVCCet656m0Eo/LLHLPP7P
wuvjOs9vBwhPML+nRO8r1yvuCVP+J5zrJnhyuvOaQR/L/PYGp+H4HwbIyufkDulp
iyBnYAZ0fX+Z2A==
-----END CERTIFICATE-----