Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft
File:                     lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft (raw, json)
Hash identifier:          /P31pM/9YIlkRhSAAwqsnwADRW50X3/nioKfjld0kjU=
Subject key identifier:   23:FD:D9:D7:F4:DB:BE:2A:4E:19:76:F6:15:95:1D:A8:02:D5:C8:A1
Authority key identifier: 95:4C:F7:21:C0:8C:8E:9B:C5:24:2D:56:19:66:77:21:73:50:45:5C
Certificate issuer:       /CN=954cf721c08c8e9bc5242d56196677217350455c
Certificate serial:       019A52D18D8D0B3D452A9E37F9BB6792B246
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft
Manifest number:          072E
Signing time:             Wed 05 Nov 2025 07:00:56 +0000
Manifest this update:     Wed 05 Nov 2025 07:00:56 +0000
Manifest next update:     Thu 06 Nov 2025 07:00:56 +0000
Files and hashes:         1: lUz3IcCMjpvFJC1WGWZ3IXNQRVw.crl (hash: KHsdFNKdQegW+9j2Tqa8a115RailUgqjTe1fl+UaGlE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 03:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:52:d1:8d:8d:0b:3d:45:2a:9e:37:f9:bb:67:92:b2:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=954cf721c08c8e9bc5242d56196677217350455c
        Validity
            Not Before: Nov  5 07:00:56 2025 GMT
            Not After : Nov  6 07:00:56 2025 GMT
        Subject: CN=23fdd9d7f4dbbe2a4e1976f615951da802d5c8a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:b1:2a:85:82:26:fe:15:3a:b5:6a:99:c8:40:
                    43:87:44:f1:75:31:16:b6:a2:e3:90:38:d6:b4:8b:
                    79:85:0c:7f:87:de:be:41:77:a9:2e:5b:09:dd:d4:
                    67:3a:71:34:a1:8e:4b:3e:ea:9e:db:31:f2:3e:fe:
                    17:9c:d6:a2:65:bd:c2:df:b3:d8:49:7f:d1:ed:ba:
                    c3:57:d7:0c:3f:af:77:8a:7a:69:d0:67:b5:1e:f6:
                    11:35:34:cd:e2:46:6f:ff:a4:d3:56:39:ce:f4:eb:
                    1b:44:06:c3:67:1d:db:84:f4:bb:fb:28:42:c3:fa:
                    c7:4f:62:9f:eb:5e:3c:48:f7:08:7c:7d:0e:bf:97:
                    40:cd:56:28:0f:2d:d0:c4:ff:a1:5c:66:1f:a8:0f:
                    68:7b:00:04:26:f5:d4:d3:b0:62:58:5b:ef:2e:db:
                    a8:65:89:b5:8a:3c:bd:39:56:f5:49:35:3c:c6:5c:
                    19:05:e0:c5:e7:7a:19:0c:41:4b:d7:e3:09:a5:f3:
                    3d:71:c9:6a:ee:22:a0:0f:77:dc:79:a3:35:a0:76:
                    f9:9e:b0:8b:00:32:8d:9e:b1:97:c0:61:b6:ad:63:
                    e3:66:6f:97:e8:5b:58:90:13:10:d2:32:b0:d9:52:
                    1d:47:40:bc:b3:02:08:1d:5b:d1:a7:57:1f:e1:6d:
                    b8:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:FD:D9:D7:F4:DB:BE:2A:4E:19:76:F6:15:95:1D:A8:02:D5:C8:A1
            X509v3 Authority Key Identifier:
                keyid:95:4C:F7:21:C0:8C:8E:9B:C5:24:2D:56:19:66:77:21:73:50:45:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:08:0b:18:fd:72:69:81:6a:44:5e:08:91:7b:83:99:d1:28:
         1a:9c:fe:8b:8e:a8:9d:e9:ee:e8:39:9d:98:54:ae:06:c1:65:
         c8:fa:df:2d:60:b4:7d:8c:33:52:7a:78:65:7e:91:bc:01:74:
         33:72:e3:bf:c9:3e:5b:a0:d2:33:88:53:fc:64:80:38:a6:67:
         3f:91:6a:d8:c7:44:3f:5e:2a:19:2b:47:93:43:31:b0:cd:f5:
         a0:71:1f:60:f0:70:c4:ea:01:d8:98:1c:de:1b:50:59:e0:86:
         e6:3f:ed:98:10:82:d0:ff:f9:ae:eb:8c:1f:72:3a:9c:51:32:
         9e:31:3c:ba:e5:1b:67:e4:8c:1c:4b:4c:10:86:b9:c6:60:3a:
         73:44:15:c1:5d:99:26:a7:0e:e8:69:5b:eb:b1:e8:8d:1d:ec:
         67:20:a8:56:ab:ed:be:64:ba:27:a9:24:6b:c5:2f:3a:d9:59:
         a6:99:23:67:11:74:d1:2d:4b:9a:0e:c1:b6:99:90:73:81:97:
         1c:7b:fa:e0:98:9b:1a:59:e5:70:39:b0:af:20:ba:11:0c:1f:
         26:23:91:ff:ee:b0:2c:46:9e:d6:72:d9:3c:b9:e9:39:8f:fd:
         22:c4:54:5a:73:04:ea:74:49:99:08:4e:67:62:58:6e:c7:fd:
         44:2d:5a:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0Y2NCz1FKp43+btnkrJGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NGNmNzIxYzA4YzhlOWJjNTI0MmQ1NjE5NjY3NzIxNzM1
MDQ1NWMwHhcNMjUxMTA1MDcwMDU2WhcNMjUxMTA2MDcwMDU2WjAzMTEwLwYDVQQD
EygyM2ZkZDlkN2Y0ZGJiZTJhNGUxOTc2ZjYxNTk1MWRhODAyZDVjOGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbEqhYIm/hU6tWqZyEBDh0TxdTEW
tqLjkDjWtIt5hQx/h96+QXepLlsJ3dRnOnE0oY5LPuqe2zHyPv4XnNaiZb3C37PY
SX/R7brDV9cMP693inpp0Ge1HvYRNTTN4kZv/6TTVjnO9OsbRAbDZx3bhPS7+yhC
w/rHT2Kf6148SPcIfH0Ov5dAzVYoDy3QxP+hXGYfqA9oewAEJvXU07BiWFvvLtuo
ZYm1ijy9OVb1STU8xlwZBeDF53oZDEFL1+MJpfM9cclq7iKgD3fceaM1oHb5nrCL
ADKNnrGXwGG2rWPjZm+X6FtYkBMQ0jKw2VIdR0C8swIIHVvRp1cf4W24ZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCP92df0274qThl29hWVHagC1cihMB8GA1UdIwQY
MBaAFJVM9yHAjI6bxSQtVhlmdyFzUEVcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFV6M0ljQ01qcHZGSkMxV0dXWjNJWE5RUlZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8yODIzZGQtMjVhMS00NGEwLWJmYzEt
Y2JiZDA4YWQzZWMyLzEvbFV6M0ljQ01qcHZGSkMxV0dXWjNJWE5RUlZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8yODIzZGQtMjVhMS00NGEwLWJmYzEtY2JiZDA4YWQzZWMy
LzEvbFV6M0ljQ01qcHZGSkMxV0dXWjNJWE5RUlZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMwgLGP1y
aYFqRF4IkXuDmdEoGpz+i46onenu6DmdmFSuBsFlyPrfLWC0fYwzUnp4ZX6RvAF0
M3Ljv8k+W6DSM4hT/GSAOKZnP5Fq2MdEP14qGStHk0MxsM31oHEfYPBwxOoB2Jgc
3htQWeCG5j/tmBCC0P/5ruuMH3I6nFEynjE8uuUbZ+SMHEtMEIa5xmA6c0QVwV2Z
JqcO6Glb67HojR3sZyCoVqvtvmS6J6kka8UvOtlZppkjZxF00S1Lmg7BtpmQc4GX
HHv64JibGlnlcDmwryC6EQwfJiOR/+6wLEae1nLZPLnpOY/9IsRUWnME6nRJmQhO
Z2JYbsf9RC1apQ==
-----END CERTIFICATE-----