Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/37fd9d-61e6-4df3-9c07-6b6ad0456b65/1/LphQiZ2cq14AM9C-lyKn6zBdfGA.mft
File:                     LphQiZ2cq14AM9C-lyKn6zBdfGA.mft (raw, json)
Hash identifier:          rR0gcSUumtjcI2Pln09H4/8lzeO38XuFCOTWvbnCCY0=
Subject key identifier:   4C:CC:C9:6E:76:EC:11:C3:83:46:C8:09:09:9E:0C:08:CC:B9:55:A2
Authority key identifier: 2E:98:50:89:9D:9C:AB:5E:00:33:D0:BE:97:22:A7:EB:30:5D:7C:60
Certificate issuer:       /CN=2e9850899d9cab5e0033d0be9722a7eb305d7c60
Certificate serial:       019A50E32B2E93B09F9F7DC0830146135ACD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LphQiZ2cq14AM9C-lyKn6zBdfGA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/37fd9d-61e6-4df3-9c07-6b6ad0456b65/1/LphQiZ2cq14AM9C-lyKn6zBdfGA.mft
Manifest number:          170B
Signing time:             Tue 04 Nov 2025 22:00:56 +0000
Manifest this update:     Tue 04 Nov 2025 22:00:56 +0000
Manifest next update:     Wed 05 Nov 2025 22:00:56 +0000
Files and hashes:         1: LphQiZ2cq14AM9C-lyKn6zBdfGA.crl (hash: HsoPfWv+a4yprm0lwJCLXJ6ZBEDl1iuqEvY/+soYrgU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/37fd9d-61e6-4df3-9c07-6b6ad0456b65/1/LphQiZ2cq14AM9C-lyKn6zBdfGA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/37fd9d-61e6-4df3-9c07-6b6ad0456b65/1/LphQiZ2cq14AM9C-lyKn6zBdfGA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LphQiZ2cq14AM9C-lyKn6zBdfGA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 22:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:e3:2b:2e:93:b0:9f:9f:7d:c0:83:01:46:13:5a:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e9850899d9cab5e0033d0be9722a7eb305d7c60
        Validity
            Not Before: Nov  4 22:00:56 2025 GMT
            Not After : Nov  5 22:00:56 2025 GMT
        Subject: CN=4cccc96e76ec11c38346c809099e0c08ccb955a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:47:7f:31:39:84:77:d4:48:81:89:76:e9:06:
                    9c:cf:30:49:2a:77:cb:dd:6b:0e:5c:ff:33:db:df:
                    ce:e7:b5:f9:26:d4:10:b9:47:8d:50:ff:8a:68:f4:
                    1b:81:66:ad:b4:2b:8c:05:e3:7f:94:0c:fe:d3:53:
                    a1:43:c8:f7:a7:6f:44:f0:f9:5b:f1:b8:db:31:7d:
                    b9:45:24:42:21:14:67:76:d1:0b:a2:3d:2d:70:81:
                    26:2d:f6:a6:13:e9:0e:3a:ed:8e:20:ac:37:39:11:
                    59:1b:36:8d:6b:3d:fc:41:9e:27:d8:38:d4:30:7e:
                    7b:65:c4:e9:c7:76:de:e2:cd:24:ef:fb:23:6d:78:
                    05:0c:8d:e6:74:4b:08:b8:69:1b:78:89:05:a3:b5:
                    92:1a:18:ad:15:05:70:ad:f5:a3:ee:2a:a2:ac:cf:
                    41:80:df:14:91:31:47:db:35:84:ba:b0:fa:97:94:
                    86:d1:75:27:4a:9c:b4:61:ca:47:2a:1e:21:3f:71:
                    07:2d:7d:9e:05:d0:89:94:73:a6:b1:25:87:64:a3:
                    df:41:8a:b6:fa:be:c9:4c:4c:66:12:b0:39:04:3b:
                    30:38:f4:98:43:5d:db:22:4e:fe:ca:ce:aa:d6:fa:
                    00:3a:33:f6:a0:3f:5a:16:1c:59:0b:c8:e1:44:18:
                    f4:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:CC:C9:6E:76:EC:11:C3:83:46:C8:09:09:9E:0C:08:CC:B9:55:A2
            X509v3 Authority Key Identifier:
                keyid:2E:98:50:89:9D:9C:AB:5E:00:33:D0:BE:97:22:A7:EB:30:5D:7C:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LphQiZ2cq14AM9C-lyKn6zBdfGA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/37fd9d-61e6-4df3-9c07-6b6ad0456b65/1/LphQiZ2cq14AM9C-lyKn6zBdfGA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/37fd9d-61e6-4df3-9c07-6b6ad0456b65/1/LphQiZ2cq14AM9C-lyKn6zBdfGA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:a2:8f:a6:1a:60:32:76:b5:ea:14:d4:bf:45:52:ba:f1:eb:
         26:79:42:74:fa:f0:45:90:84:7f:28:cd:9c:8c:90:17:f8:c9:
         ba:56:b5:ef:e9:c2:66:fe:db:cd:d7:d6:ed:b5:8d:ba:a1:a6:
         83:f1:92:ab:e4:2e:1b:5e:70:b5:42:33:c6:55:e0:27:84:e9:
         12:35:b4:4e:89:1a:9f:89:e0:04:25:30:b4:e3:e1:a0:26:8b:
         8d:d1:33:fb:47:99:26:96:9b:a2:f0:df:10:ac:fa:2f:a0:fc:
         da:a4:1b:d6:ba:df:4f:c7:16:61:ea:83:88:b6:53:c2:a9:2a:
         a4:c7:f5:04:05:a5:2c:af:b8:4e:5b:f7:2d:fc:f1:4c:26:af:
         06:21:8c:bb:2f:25:2f:fa:1f:24:75:86:b8:18:f2:ee:63:ec:
         bd:74:8f:29:cd:ea:49:d9:cb:9e:d5:2b:89:08:a6:85:0a:e4:
         a7:81:c8:27:14:5c:66:11:ad:45:aa:fb:1a:c5:8b:c5:fa:8b:
         5b:ca:21:78:f2:4d:0f:d4:23:4f:4b:e7:f5:92:2c:05:6a:13:
         0f:50:48:dd:4d:84:27:d8:0e:33:38:5f:dc:16:8d:ae:bb:fd:
         21:f6:9d:63:eb:fe:5d:36:7a:c5:d1:f1:56:a9:32:dc:45:9e:
         43:81:3d:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ4ysuk7Cfn33AgwFGE1rNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlOTg1MDg5OWQ5Y2FiNWUwMDMzZDBiZTk3MjJhN2ViMzA1
ZDdjNjAwHhcNMjUxMTA0MjIwMDU2WhcNMjUxMTA1MjIwMDU2WjAzMTEwLwYDVQQD
Eyg0Y2NjYzk2ZTc2ZWMxMWMzODM0NmM4MDkwOTllMGMwOGNjYjk1NWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUd/MTmEd9RIgYl26QaczzBJKnfL
3WsOXP8z29/O57X5JtQQuUeNUP+KaPQbgWattCuMBeN/lAz+01OhQ8j3p29E8Plb
8bjbMX25RSRCIRRndtELoj0tcIEmLfamE+kOOu2OIKw3ORFZGzaNaz38QZ4n2DjU
MH57ZcTpx3be4s0k7/sjbXgFDI3mdEsIuGkbeIkFo7WSGhitFQVwrfWj7iqirM9B
gN8UkTFH2zWEurD6l5SG0XUnSpy0YcpHKh4hP3EHLX2eBdCJlHOmsSWHZKPfQYq2
+r7JTExmErA5BDswOPSYQ13bIk7+ys6q1voAOjP2oD9aFhxZC8jhRBj0qQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEzMyW527BHDg0bICQmeDAjMuVWiMB8GA1UdIwQY
MBaAFC6YUImdnKteADPQvpcip+swXXxgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHBoUWlaMmNxMTRBTTlDLWx5S242ekJkZkdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8zN2ZkOWQtNjFlNi00ZGYzLTljMDct
NmI2YWQwNDU2YjY1LzEvTHBoUWlaMmNxMTRBTTlDLWx5S242ekJkZkdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8zN2ZkOWQtNjFlNi00ZGYzLTljMDctNmI2YWQwNDU2YjY1
LzEvTHBoUWlaMmNxMTRBTTlDLWx5S242ekJkZkdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAaKPphpg
Mna16hTUv0VSuvHrJnlCdPrwRZCEfyjNnIyQF/jJula17+nCZv7bzdfW7bWNuqGm
g/GSq+QuG15wtUIzxlXgJ4TpEjW0Tokan4ngBCUwtOPhoCaLjdEz+0eZJpabovDf
EKz6L6D82qQb1rrfT8cWYeqDiLZTwqkqpMf1BAWlLK+4Tlv3LfzxTCavBiGMuy8l
L/ofJHWGuBjy7mPsvXSPKc3qSdnLntUriQimhQrkp4HIJxRcZhGtRar7GsWLxfqL
W8ohePJND9QjT0vn9ZIsBWoTD1BI3U2EJ9gOMzhf3BaNrrv9IfadY+v+XTZ6xdHx
Vqky3EWeQ4E9tQ==
-----END CERTIFICATE-----