Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/9d9112-f57e-49c7-a93b-d8549edf7cef/1/dLMSaPL_fozq3x3pX5fwsdKxX5Y.mft
File:                     dLMSaPL_fozq3x3pX5fwsdKxX5Y.mft (raw, json)
Hash identifier:          p/qBH6dgN0czcJbKQwA21TwbviFdxqMjb15pB3o/L+I=
Subject key identifier:   3B:1E:C4:45:1F:56:2C:53:38:14:6E:AC:A4:F8:E9:8D:2E:EC:48:7B
Authority key identifier: 74:B3:12:68:F2:FF:7E:8C:EA:DF:1D:E9:5F:97:F0:B1:D2:B1:5F:96
Certificate issuer:       /CN=74b31268f2ff7e8ceadf1de95f97f0b1d2b15f96
Certificate serial:       0199FC8FB076EB02608617889C22F55CB720
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dLMSaPL_fozq3x3pX5fwsdKxX5Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/9d9112-f57e-49c7-a93b-d8549edf7cef/1/dLMSaPL_fozq3x3pX5fwsdKxX5Y.mft
Manifest number:          11B4
Signing time:             Sun 19 Oct 2025 13:01:39 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:39 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:39 +0000
Files and hashes:         1: dLMSaPL_fozq3x3pX5fwsdKxX5Y.crl (hash: um4fuuC7y9RTMIaSotvzi+xAid19GXL6J1W0x3rtxn8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/9d9112-f57e-49c7-a93b-d8549edf7cef/1/dLMSaPL_fozq3x3pX5fwsdKxX5Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/9d9112-f57e-49c7-a93b-d8549edf7cef/1/dLMSaPL_fozq3x3pX5fwsdKxX5Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dLMSaPL_fozq3x3pX5fwsdKxX5Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:b0:76:eb:02:60:86:17:88:9c:22:f5:5c:b7:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74b31268f2ff7e8ceadf1de95f97f0b1d2b15f96
        Validity
            Not Before: Oct 19 13:01:39 2025 GMT
            Not After : Oct 20 13:01:39 2025 GMT
        Subject: CN=3b1ec4451f562c5338146eaca4f8e98d2eec487b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:a7:83:2b:e4:8c:78:d6:d5:95:b1:40:dd:32:
                    b6:b5:70:0c:00:b8:44:b5:cc:2c:b6:98:d4:3c:52:
                    41:86:33:b9:23:15:af:78:d2:bf:e4:88:9a:39:39:
                    70:67:32:4d:29:7b:72:b5:e0:50:7f:45:60:07:35:
                    c9:53:6a:35:84:ba:5b:8d:02:a3:ae:21:bf:74:48:
                    64:f4:07:14:66:6a:c8:9e:3c:d9:6b:a4:95:0f:0b:
                    54:43:57:51:98:fa:f2:4b:6f:4b:02:ed:ef:ce:d4:
                    dd:3f:85:47:8c:49:95:2b:de:f9:dc:4a:c4:10:c3:
                    78:73:b2:f8:c3:cc:95:22:2c:58:81:04:9c:eb:ec:
                    65:78:72:48:56:cf:22:01:77:f3:66:cb:36:9b:ad:
                    8c:c1:ff:b3:b5:0d:29:5d:fa:91:a9:3f:1b:f9:5d:
                    95:9c:df:c0:e4:95:ea:b8:a5:ae:b7:83:0a:0b:c8:
                    c2:fd:27:11:3f:39:f8:d2:46:55:d3:8c:28:7e:d9:
                    e0:e3:6c:dc:be:d0:ac:01:c2:a5:32:f4:fa:f2:06:
                    40:0f:54:65:89:9a:40:03:12:5c:31:ff:d4:dc:05:
                    d5:49:f2:89:a6:36:f5:72:22:19:91:bc:ae:56:e5:
                    45:6b:71:19:b0:eb:1a:ab:63:1e:27:99:d0:a5:4b:
                    21:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:1E:C4:45:1F:56:2C:53:38:14:6E:AC:A4:F8:E9:8D:2E:EC:48:7B
            X509v3 Authority Key Identifier:
                keyid:74:B3:12:68:F2:FF:7E:8C:EA:DF:1D:E9:5F:97:F0:B1:D2:B1:5F:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dLMSaPL_fozq3x3pX5fwsdKxX5Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/9d9112-f57e-49c7-a93b-d8549edf7cef/1/dLMSaPL_fozq3x3pX5fwsdKxX5Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/9d9112-f57e-49c7-a93b-d8549edf7cef/1/dLMSaPL_fozq3x3pX5fwsdKxX5Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:fb:14:e5:c2:c0:58:fc:bf:3e:ec:bf:0c:b9:8a:6b:33:58:
         a7:9c:a7:3f:b2:ba:14:25:99:a3:d7:84:2d:74:92:b3:06:b3:
         5b:7e:35:9d:77:22:9e:f9:9d:75:37:ea:6d:6e:d5:41:63:bd:
         32:a5:62:bf:7d:7e:70:ae:3e:bf:d2:f0:97:d9:e5:e1:b4:9c:
         72:e7:4c:55:57:d4:8f:32:d4:f3:2e:fc:b7:bc:27:ca:74:e2:
         5c:16:7e:d0:a9:c1:e9:71:7d:77:86:95:8a:60:1e:87:7e:f6:
         4d:9a:b4:51:fe:46:65:b4:15:0c:8c:fd:87:d3:cb:56:b1:c0:
         b0:87:9c:68:49:a7:85:71:6a:e7:e9:08:f0:b9:11:b5:2f:20:
         a3:43:d7:0a:94:d5:8f:77:a6:96:46:78:a5:d2:2d:f1:60:07:
         e0:cf:aa:f0:6f:d1:4b:8b:c1:ba:7d:92:72:b5:47:8f:4f:ee:
         26:31:79:8e:19:28:50:55:0b:15:f7:e3:89:ba:3d:08:84:3d:
         fd:33:2c:75:de:fd:f8:a9:e2:06:33:29:24:27:83:7d:7b:1b:
         f4:c7:d2:ef:f6:d1:18:f9:33:eb:f6:df:f9:1b:68:56:08:a7:
         b3:95:cc:e3:86:16:9a:81:32:13:be:08:ce:05:77:05:c4:9b:
         4c:aa:56:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j7B26wJghheInCL1XLcgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YjMxMjY4ZjJmZjdlOGNlYWRmMWRlOTVmOTdmMGIxZDJi
MTVmOTYwHhcNMjUxMDE5MTMwMTM5WhcNMjUxMDIwMTMwMTM5WjAzMTEwLwYDVQQD
EygzYjFlYzQ0NTFmNTYyYzUzMzgxNDZlYWNhNGY4ZTk4ZDJlZWM0ODdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6eDK+SMeNbVlbFA3TK2tXAMALhE
tcwstpjUPFJBhjO5IxWveNK/5IiaOTlwZzJNKXtyteBQf0VgBzXJU2o1hLpbjQKj
riG/dEhk9AcUZmrInjzZa6SVDwtUQ1dRmPryS29LAu3vztTdP4VHjEmVK9753ErE
EMN4c7L4w8yVIixYgQSc6+xleHJIVs8iAXfzZss2m62Mwf+ztQ0pXfqRqT8b+V2V
nN/A5JXquKWut4MKC8jC/ScRPzn40kZV04woftng42zcvtCsAcKlMvT68gZAD1Rl
iZpAAxJcMf/U3AXVSfKJpjb1ciIZkbyuVuVFa3EZsOsaq2MeJ5nQpUshtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDsexEUfVixTOBRurKT46Y0u7Eh7MB8GA1UdIwQY
MBaAFHSzEmjy/36M6t8d6V+X8LHSsV+WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZExNU2FQTF9mb3pxM3gzcFg1ZndzZEt4WDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS85ZDkxMTItZjU3ZS00OWM3LWE5M2It
ZDg1NDllZGY3Y2VmLzEvZExNU2FQTF9mb3pxM3gzcFg1ZndzZEt4WDVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS85ZDkxMTItZjU3ZS00OWM3LWE5M2ItZDg1NDllZGY3Y2Vm
LzEvZExNU2FQTF9mb3pxM3gzcFg1ZndzZEt4WDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgvsU5cLA
WPy/Puy/DLmKazNYp5ynP7K6FCWZo9eELXSSswazW341nXcinvmddTfqbW7VQWO9
MqViv31+cK4+v9Lwl9nl4bSccudMVVfUjzLU8y78t7wnynTiXBZ+0KnB6XF9d4aV
imAeh372TZq0Uf5GZbQVDIz9h9PLVrHAsIecaEmnhXFq5+kI8LkRtS8go0PXCpTV
j3emlkZ4pdIt8WAH4M+q8G/RS4vBun2ScrVHj0/uJjF5jhkoUFULFffjibo9CIQ9
/TMsdd79+KniBjMpJCeDfXsb9MfS7/bRGPkz6/bf+RtoVgins5XM44YWmoEyE74I
zgV3BcSbTKpWqg==
-----END CERTIFICATE-----