Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.mft
File:                     ltTArxW-ONL8XjD-NFdHXTS3g5o.mft (raw, json)
Hash identifier:          OPCxtcu+49X5RjKi/HyYi77exJwz/qZuBa+zGHUsQ/w=
Subject key identifier:   57:CA:19:42:AD:B6:4D:EB:DE:9B:C0:4B:82:4C:C2:34:75:EE:54:21
Authority key identifier: 96:D4:C0:AF:15:BE:38:D2:FC:5E:30:FE:34:57:47:5D:34:B7:83:9A
Certificate issuer:       /CN=96d4c0af15be38d2fc5e30fe3457475d34b7839a
Certificate serial:       019A4D073136CB1CF1531EE034AC4ED00AA7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ltTArxW-ONL8XjD-NFdHXTS3g5o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.mft
Manifest number:          137C
Signing time:             Tue 04 Nov 2025 04:01:48 +0000
Manifest this update:     Tue 04 Nov 2025 04:01:48 +0000
Manifest next update:     Wed 05 Nov 2025 04:01:48 +0000
Files and hashes:         1: ltTArxW-ONL8XjD-NFdHXTS3g5o.crl (hash: ej7b/Yg41qhfzi2sEngDbT8BAOiZ+fIu0Hl/QjZ1xKQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ltTArxW-ONL8XjD-NFdHXTS3g5o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 04:01:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:07:31:36:cb:1c:f1:53:1e:e0:34:ac:4e:d0:0a:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=96d4c0af15be38d2fc5e30fe3457475d34b7839a
        Validity
            Not Before: Nov  4 04:01:48 2025 GMT
            Not After : Nov  5 04:01:48 2025 GMT
        Subject: CN=57ca1942adb64debde9bc04b824cc23475ee5421
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:6f:b0:d4:7c:3c:a7:59:fb:47:76:43:b8:ea:
                    88:3b:d1:79:02:11:38:79:0c:2f:91:49:8f:f7:dd:
                    3a:cb:99:85:86:1f:00:72:ae:8b:5e:fc:cd:0f:71:
                    0d:84:8c:b5:8f:c8:a1:55:2e:4d:30:5f:66:32:9f:
                    61:f2:14:52:bc:f2:9b:89:88:70:94:d3:6d:2b:69:
                    30:9b:66:c5:05:70:0d:d9:ea:4c:24:e3:01:a1:a6:
                    d5:8e:9a:8f:29:ed:e8:b4:06:b8:cb:94:57:50:bc:
                    fb:2b:51:1f:ed:08:47:1f:2b:c8:d6:73:eb:41:08:
                    4e:08:e6:76:43:2c:4c:a7:e0:60:92:59:eb:2c:69:
                    53:10:e1:aa:57:e4:38:e6:a8:ca:fb:cc:df:6e:7d:
                    95:34:0a:78:39:73:59:bd:4e:7b:9c:52:6d:eb:66:
                    85:26:50:6f:e3:77:35:dd:e7:c3:d9:f8:7f:4a:10:
                    42:a1:c6:06:76:69:b0:6c:5e:0d:7c:c2:64:5f:88:
                    50:91:82:63:d8:1e:04:4f:96:46:53:a0:07:f2:5f:
                    f3:99:61:1e:2e:7d:52:3d:1a:f0:34:4c:5f:e6:14:
                    d1:4f:40:e5:43:af:3a:73:cb:5a:77:e6:03:48:7a:
                    ed:58:5a:d1:d7:d4:02:25:5e:47:29:6d:11:12:0b:
                    80:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:CA:19:42:AD:B6:4D:EB:DE:9B:C0:4B:82:4C:C2:34:75:EE:54:21
            X509v3 Authority Key Identifier:
                keyid:96:D4:C0:AF:15:BE:38:D2:FC:5E:30:FE:34:57:47:5D:34:B7:83:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ltTArxW-ONL8XjD-NFdHXTS3g5o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:d5:82:d5:62:51:d5:0c:d1:79:23:46:10:b3:70:da:8f:77:
         13:5c:ef:cf:e0:6d:a1:f6:cc:e6:ba:1b:af:ed:ec:0a:b6:60:
         48:0b:3d:56:2f:6b:b5:33:bd:36:32:46:66:69:e5:1a:5c:34:
         31:50:27:17:f1:91:4c:22:33:a0:a5:f2:35:16:f5:6c:c0:f6:
         b0:16:a8:f5:58:c0:53:d9:ff:92:75:0c:1c:b2:e2:79:c7:b2:
         82:83:bd:62:19:87:58:ad:80:be:e8:2c:e1:e4:1b:29:50:fb:
         24:25:dc:f2:bc:be:a8:c2:1c:06:f2:37:b6:e7:44:49:58:33:
         7f:48:6e:8b:c9:24:72:f7:5f:50:5f:3c:78:c9:a0:73:e0:3c:
         29:11:1d:e6:90:9e:09:b8:d3:74:02:00:ad:ee:e6:b2:94:5e:
         77:57:79:8e:85:88:2d:98:78:3d:15:c8:17:19:6f:76:2f:fc:
         c0:b8:2f:0a:51:d3:9a:7f:3d:80:7d:b2:01:8c:5b:4b:af:02:
         ef:ae:ac:dd:3b:87:43:c5:17:c5:63:10:2b:91:a3:aa:2b:bd:
         ff:52:f1:b6:2f:5c:dd:ac:c4:15:d6:4d:b8:54:a9:d4:ae:39:
         67:b6:e8:f2:9e:ee:be:26:eb:8a:22:73:77:c9:e4:b8:d6:04:
         08:3b:62:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNBzE2yxzxUx7gNKxO0AqnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2ZDRjMGFmMTViZTM4ZDJmYzVlMzBmZTM0NTc0NzVkMzRi
NzgzOWEwHhcNMjUxMTA0MDQwMTQ4WhcNMjUxMTA1MDQwMTQ4WjAzMTEwLwYDVQQD
Eyg1N2NhMTk0MmFkYjY0ZGViZGU5YmMwNGI4MjRjYzIzNDc1ZWU1NDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwm+w1Hw8p1n7R3ZDuOqIO9F5AhE4
eQwvkUmP9906y5mFhh8Acq6LXvzND3ENhIy1j8ihVS5NMF9mMp9h8hRSvPKbiYhw
lNNtK2kwm2bFBXAN2epMJOMBoabVjpqPKe3otAa4y5RXULz7K1Ef7QhHHyvI1nPr
QQhOCOZ2QyxMp+BgklnrLGlTEOGqV+Q45qjK+8zfbn2VNAp4OXNZvU57nFJt62aF
JlBv43c13efD2fh/ShBCocYGdmmwbF4NfMJkX4hQkYJj2B4ET5ZGU6AH8l/zmWEe
Ln1SPRrwNExf5hTRT0DlQ686c8tad+YDSHrtWFrR19QCJV5HKW0REguAlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFfKGUKttk3r3pvAS4JMwjR17lQhMB8GA1UdIwQY
MBaAFJbUwK8VvjjS/F4w/jRXR100t4OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHRUQXJ4Vy1PTkw4WGpELU5GZEhYVFMzZzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iMWIxMjgtNGYxMC00ODZlLWExZWUt
OTUyZjZmYzAyNjcyLzEvbHRUQXJ4Vy1PTkw4WGpELU5GZEhYVFMzZzVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iMWIxMjgtNGYxMC00ODZlLWExZWUtOTUyZjZmYzAyNjcy
LzEvbHRUQXJ4Vy1PTkw4WGpELU5GZEhYVFMzZzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZtWC1WJR
1QzReSNGELNw2o93E1zvz+BtofbM5robr+3sCrZgSAs9Vi9rtTO9NjJGZmnlGlw0
MVAnF/GRTCIzoKXyNRb1bMD2sBao9VjAU9n/knUMHLLieceygoO9YhmHWK2Avugs
4eQbKVD7JCXc8ry+qMIcBvI3tudESVgzf0hui8kkcvdfUF88eMmgc+A8KREd5pCe
CbjTdAIAre7mspRed1d5joWILZh4PRXIFxlvdi/8wLgvClHTmn89gH2yAYxbS68C
766s3TuHQ8UXxWMQK5Gjqiu9/1Lxti9c3azEFdZNuFSp1K45Z7bo8p7uvibriiJz
d8nkuNYECDti8Q==
-----END CERTIFICATE-----