Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/a7011a-6e15-4e9b-ba9e-32d79cc49f22/1/l0mtdlnaE07UgHT025NBzodRffQ.mft
File:                     l0mtdlnaE07UgHT025NBzodRffQ.mft (raw, json)
Hash identifier:          RLeXXvTxGAw0EpjKMPYENKEEp0mKAhta68SoMwSJx1A=
Subject key identifier:   D8:E8:4E:EB:94:AB:E3:C4:9F:3C:6F:31:5C:9F:26:46:D1:36:3F:1C
Authority key identifier: 97:49:AD:76:59:DA:13:4E:D4:80:74:F4:DB:93:41:CE:87:51:7D:F4
Certificate issuer:       /CN=9749ad7659da134ed48074f4db9341ce87517df4
Certificate serial:       019A4EF561E4BAFBA2912095ECCF51F589DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l0mtdlnaE07UgHT025NBzodRffQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/a7011a-6e15-4e9b-ba9e-32d79cc49f22/1/l0mtdlnaE07UgHT025NBzodRffQ.mft
Manifest number:          140F
Signing time:             Tue 04 Nov 2025 13:01:35 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:35 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:35 +0000
Files and hashes:         1: l0mtdlnaE07UgHT025NBzodRffQ.crl (hash: ekORYZ+DB7m6BQVMdfxLrgIfgQtUc/W8jNYisJay+k4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f2/a7011a-6e15-4e9b-ba9e-32d79cc49f22/1/l0mtdlnaE07UgHT025NBzodRffQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f2/a7011a-6e15-4e9b-ba9e-32d79cc49f22/1/l0mtdlnaE07UgHT025NBzodRffQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/l0mtdlnaE07UgHT025NBzodRffQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 13:01:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:61:e4:ba:fb:a2:91:20:95:ec:cf:51:f5:89:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9749ad7659da134ed48074f4db9341ce87517df4
        Validity
            Not Before: Nov  4 13:01:35 2025 GMT
            Not After : Nov  5 13:01:35 2025 GMT
        Subject: CN=d8e84eeb94abe3c49f3c6f315c9f2646d1363f1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:0a:53:23:47:cd:8e:5f:4b:0a:63:d4:0f:bf:
                    fe:d4:3a:db:cc:35:47:b6:41:8c:4b:23:84:cb:97:
                    ef:af:39:f7:1e:60:27:ac:e7:23:5f:7f:bb:5d:e1:
                    04:ce:da:84:38:2e:c7:9b:10:48:ca:39:0b:33:10:
                    04:75:23:bd:03:2d:fe:c6:e3:2a:90:ed:bc:8c:da:
                    f7:1b:f7:89:92:d5:97:e2:aa:67:18:1e:82:22:5c:
                    56:9b:04:6e:92:8d:8e:75:6d:6e:bf:71:30:de:fe:
                    70:24:d5:c7:a6:63:76:a8:4c:9c:3c:14:76:c0:72:
                    50:c0:3e:fe:07:81:3f:c0:11:c1:2d:23:c4:0d:c7:
                    7c:01:5e:90:46:3d:8c:07:38:94:5e:d2:6a:50:df:
                    24:e5:74:be:c5:c9:fc:a9:44:57:ca:5a:f8:f4:05:
                    56:4d:71:7f:89:97:99:fb:64:96:8f:32:68:ef:3c:
                    6c:6e:d6:79:a1:59:71:4a:eb:81:8f:62:1c:d0:7c:
                    ce:27:e7:a4:17:97:f8:f0:22:e2:88:f8:75:9e:ea:
                    ab:85:5f:97:e5:1a:99:8d:d1:53:87:3b:53:76:fd:
                    b7:69:2d:36:89:74:99:6d:92:08:87:08:72:1b:c6:
                    5c:0a:28:e6:0b:44:a1:66:22:65:66:df:b8:2c:a3:
                    47:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:E8:4E:EB:94:AB:E3:C4:9F:3C:6F:31:5C:9F:26:46:D1:36:3F:1C
            X509v3 Authority Key Identifier:
                keyid:97:49:AD:76:59:DA:13:4E:D4:80:74:F4:DB:93:41:CE:87:51:7D:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l0mtdlnaE07UgHT025NBzodRffQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/a7011a-6e15-4e9b-ba9e-32d79cc49f22/1/l0mtdlnaE07UgHT025NBzodRffQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/a7011a-6e15-4e9b-ba9e-32d79cc49f22/1/l0mtdlnaE07UgHT025NBzodRffQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:e5:15:4e:a8:b9:2a:d3:bb:8e:8b:89:c2:50:da:3b:c0:3f:
         e7:52:69:b1:e1:59:a6:f6:b2:18:9e:75:d9:12:e2:ea:a9:51:
         c6:96:ca:98:34:a3:af:3a:6d:b7:79:86:11:e1:a9:af:59:0f:
         d7:95:aa:ce:77:c9:ce:d9:b4:64:ae:76:a6:4a:a1:a1:72:48:
         41:7f:6f:58:a9:7f:6d:b4:9a:60:65:37:26:98:c4:61:9a:37:
         22:2d:77:e9:fe:73:f9:c0:57:d7:42:03:ec:59:8b:3b:aa:7e:
         a4:73:8f:d6:bc:a8:e6:4b:52:5f:8e:df:68:ef:ae:63:e8:15:
         5f:4f:b1:51:da:af:a4:02:0f:0d:af:53:50:8f:21:3a:bc:ec:
         55:0a:a5:4e:6a:03:df:61:eb:c6:e7:80:5c:90:ff:1b:56:c8:
         ae:21:00:bf:6a:ac:f5:08:69:30:88:e5:88:46:b7:4a:d2:1d:
         0a:c9:34:c0:33:31:31:ee:50:e3:21:5b:b9:d1:c7:20:9b:8b:
         4f:51:aa:a8:c4:85:ad:18:61:b6:55:f3:0f:5c:c5:97:a9:b7:
         0b:89:42:ee:f3:5a:d8:ef:eb:90:89:8e:4d:84:6c:71:a5:cb:
         e9:8f:02:d5:c2:f5:07:a4:ed:d3:56:83:aa:7d:78:57:b3:fb:
         c3:4f:21:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9WHkuvuikSCV7M9R9YnfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NDlhZDc2NTlkYTEzNGVkNDgwNzRmNGRiOTM0MWNlODc1
MTdkZjQwHhcNMjUxMTA0MTMwMTM1WhcNMjUxMTA1MTMwMTM1WjAzMTEwLwYDVQQD
EyhkOGU4NGVlYjk0YWJlM2M0OWYzYzZmMzE1YzlmMjY0NmQxMzYzZjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwpTI0fNjl9LCmPUD7/+1DrbzDVH
tkGMSyOEy5fvrzn3HmAnrOcjX3+7XeEEztqEOC7HmxBIyjkLMxAEdSO9Ay3+xuMq
kO28jNr3G/eJktWX4qpnGB6CIlxWmwRuko2OdW1uv3Ew3v5wJNXHpmN2qEycPBR2
wHJQwD7+B4E/wBHBLSPEDcd8AV6QRj2MBziUXtJqUN8k5XS+xcn8qURXylr49AVW
TXF/iZeZ+2SWjzJo7zxsbtZ5oVlxSuuBj2Ic0HzOJ+ekF5f48CLiiPh1nuqrhV+X
5RqZjdFThztTdv23aS02iXSZbZIIhwhyG8ZcCijmC0ShZiJlZt+4LKNHFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNjoTuuUq+PEnzxvMVyfJkbRNj8cMB8GA1UdIwQY
MBaAFJdJrXZZ2hNO1IB09NuTQc6HUX30MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDBtdGRsbmFFMDdVZ0hUMDI1TkJ6b2RSZmZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9hNzAxMWEtNmUxNS00ZTliLWJhOWUt
MzJkNzljYzQ5ZjIyLzEvbDBtdGRsbmFFMDdVZ0hUMDI1TkJ6b2RSZmZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9hNzAxMWEtNmUxNS00ZTliLWJhOWUtMzJkNzljYzQ5ZjIy
LzEvbDBtdGRsbmFFMDdVZ0hUMDI1TkJ6b2RSZmZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUuUVTqi5
KtO7jouJwlDaO8A/51JpseFZpvayGJ512RLi6qlRxpbKmDSjrzptt3mGEeGpr1kP
15WqznfJztm0ZK52pkqhoXJIQX9vWKl/bbSaYGU3JpjEYZo3Ii136f5z+cBX10ID
7FmLO6p+pHOP1ryo5ktSX47faO+uY+gVX0+xUdqvpAIPDa9TUI8hOrzsVQqlTmoD
32HrxueAXJD/G1bIriEAv2qs9QhpMIjliEa3StIdCsk0wDMxMe5Q4yFbudHHIJuL
T1GqqMSFrRhhtlXzD1zFl6m3C4lC7vNa2O/rkImOTYRscaXL6Y8C1cL1B6Tt01aD
qn14V7P7w08h7w==
-----END CERTIFICATE-----