Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft
File:                     lPO2Epw0Od376Q21BkyAZt6GSnI.mft (raw, json)
Hash identifier:          hGlqRb3qc2tqUKZfja1znbkO5G8uk+8wSO1hf9x3JHU=
Subject key identifier:   C3:CE:86:22:27:07:A0:3B:96:8A:88:39:15:2F:F2:28:39:C0:E5:9F
Authority key identifier: 94:F3:B6:12:9C:34:39:DD:FB:E9:0D:B5:06:4C:80:66:DE:86:4A:72
Certificate issuer:       /CN=94f3b6129c3439ddfbe90db5064c8066de864a72
Certificate serial:       019A4F62946153F4C13C178AF702602F1F55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft
Manifest number:          0621
Signing time:             Tue 04 Nov 2025 15:00:51 +0000
Manifest this update:     Tue 04 Nov 2025 15:00:51 +0000
Manifest next update:     Wed 05 Nov 2025 15:00:51 +0000
Files and hashes:         1: lPO2Epw0Od376Q21BkyAZt6GSnI.crl (hash: 3vr4i/9krBojGDiP7tSVM9eaZzvlyaacXXy7/RWe4m0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 15:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:62:94:61:53:f4:c1:3c:17:8a:f7:02:60:2f:1f:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94f3b6129c3439ddfbe90db5064c8066de864a72
        Validity
            Not Before: Nov  4 15:00:51 2025 GMT
            Not After : Nov  5 15:00:51 2025 GMT
        Subject: CN=c3ce86222707a03b968a8839152ff22839c0e59f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:6e:19:3e:08:8e:52:37:e3:0d:7d:be:da:30:
                    59:d1:e1:b9:77:d2:16:39:b8:48:05:20:c9:43:fc:
                    ae:77:ab:56:69:18:9b:9f:69:af:3f:c7:0f:d6:b9:
                    13:6f:15:a8:ab:b1:43:06:11:24:4e:9e:ba:83:09:
                    e1:e2:c6:1d:f6:fc:f7:6f:3d:36:a0:85:d9:0b:b7:
                    b1:6c:d6:f5:8e:dc:d0:b2:b2:b3:2d:07:21:ec:72:
                    ef:43:65:56:cd:78:0f:7e:b1:c3:69:8b:bd:49:53:
                    4a:14:4b:3b:26:a3:96:1e:53:0e:db:55:30:cb:ba:
                    3b:a0:df:6c:41:db:c9:5c:eb:ad:9c:5a:27:29:de:
                    c0:25:b1:8f:e8:be:5c:44:e7:b4:1e:e7:77:d5:ef:
                    cb:62:a8:4b:3a:69:e4:1d:97:54:a1:ad:31:f2:aa:
                    df:ae:b5:7d:d6:4f:50:0e:8c:b1:ef:df:a7:82:07:
                    d7:cc:49:0a:97:85:81:fc:3b:86:6a:88:1c:db:72:
                    76:f8:db:fd:18:6b:f5:40:85:05:ab:8a:a4:95:52:
                    75:c4:84:b6:ed:a7:62:7b:a5:93:a8:fa:c7:f6:eb:
                    28:66:ad:1c:50:c2:67:f3:2a:fc:82:bd:2a:af:a0:
                    64:eb:a6:3d:e0:b9:93:b5:54:ef:39:40:0d:8e:e1:
                    64:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:CE:86:22:27:07:A0:3B:96:8A:88:39:15:2F:F2:28:39:C0:E5:9F
            X509v3 Authority Key Identifier:
                keyid:94:F3:B6:12:9C:34:39:DD:FB:E9:0D:B5:06:4C:80:66:DE:86:4A:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:b2:eb:7d:c2:3f:ce:ae:ad:41:d9:ef:86:9a:be:48:c4:b8:
         eb:7e:8c:03:ec:d5:18:e4:32:fc:72:55:2b:6f:6f:4a:5d:89:
         81:39:cb:69:5c:41:03:8e:d6:b3:0b:af:dd:94:cd:69:cc:49:
         54:f8:04:62:e9:02:14:d1:04:92:88:5d:72:46:37:24:83:52:
         61:29:8a:c8:49:74:97:a2:16:94:7a:df:fa:75:35:96:92:45:
         15:ab:85:65:06:5c:22:c5:d0:3c:04:76:a7:96:37:f5:00:35:
         64:74:31:e1:07:1a:b3:28:5b:4e:fe:8c:1e:36:0a:e1:6c:95:
         06:13:31:86:e1:cd:73:7c:cf:52:60:60:3d:c7:0a:a5:0f:7f:
         59:43:ae:2f:ff:d6:2f:f7:c5:13:5a:32:99:fc:47:1e:65:0d:
         89:c8:a9:df:ff:28:b9:ac:d0:28:42:07:f8:4b:4a:57:a5:36:
         ed:f8:a7:24:1e:38:13:55:8d:ed:ee:09:b3:a5:c4:cf:1d:a0:
         04:68:b1:86:0c:8d:83:d5:ee:ff:46:94:38:84:2e:ea:1f:57:
         6f:08:fd:ad:df:0d:1e:35:10:9a:7f:bd:db:75:c3:11:8a:d6:
         53:59:66:ae:93:34:8a:42:97:e3:0b:0e:ab:f7:7c:1b:1c:6c:
         0f:5d:d5:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYpRhU/TBPBeK9wJgLx9VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZjNiNjEyOWMzNDM5ZGRmYmU5MGRiNTA2NGM4MDY2ZGU4
NjRhNzIwHhcNMjUxMTA0MTUwMDUxWhcNMjUxMTA1MTUwMDUxWjAzMTEwLwYDVQQD
EyhjM2NlODYyMjI3MDdhMDNiOTY4YTg4MzkxNTJmZjIyODM5YzBlNTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv24ZPgiOUjfjDX2+2jBZ0eG5d9IW
ObhIBSDJQ/yud6tWaRibn2mvP8cP1rkTbxWoq7FDBhEkTp66gwnh4sYd9vz3bz02
oIXZC7exbNb1jtzQsrKzLQch7HLvQ2VWzXgPfrHDaYu9SVNKFEs7JqOWHlMO21Uw
y7o7oN9sQdvJXOutnFonKd7AJbGP6L5cROe0Hud31e/LYqhLOmnkHZdUoa0x8qrf
rrV91k9QDoyx79+nggfXzEkKl4WB/DuGaogc23J2+Nv9GGv1QIUFq4qklVJ1xIS2
7adie6WTqPrH9usoZq0cUMJn8yr8gr0qr6Bk66Y94LmTtVTvOUANjuFkgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMPOhiInB6A7loqIORUv8ig5wOWfMB8GA1UdIwQY
MBaAFJTzthKcNDnd++kNtQZMgGbehkpyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9kNDM1NzItYWQ5MS00NGFkLWFmYTEt
YjMzODJlNGFhN2MzLzEvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9kNDM1NzItYWQ5MS00NGFkLWFmYTEtYjMzODJlNGFhN2Mz
LzEvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgLLrfcI/
zq6tQdnvhpq+SMS4636MA+zVGOQy/HJVK29vSl2JgTnLaVxBA47Wswuv3ZTNacxJ
VPgEYukCFNEEkohdckY3JINSYSmKyEl0l6IWlHrf+nU1lpJFFauFZQZcIsXQPAR2
p5Y39QA1ZHQx4QcasyhbTv6MHjYK4WyVBhMxhuHNc3zPUmBgPccKpQ9/WUOuL//W
L/fFE1oymfxHHmUNicip3/8ouazQKEIH+EtKV6U27finJB44E1WN7e4Js6XEzx2g
BGixhgyNg9Xu/0aUOIQu6h9Xbwj9rd8NHjUQmn+923XDEYrWU1lmrpM0ikKX4wsO
q/d8GxxsD13V4g==
-----END CERTIFICATE-----