Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft
File:                     LsJnz2xrO4jpahG_KemnOlWMXkA.mft (raw, json)
Hash identifier:          Oe9CDVAxkXs++E3KllIRvIPD9RMv6rxurSW6XoHG3Ac=
Subject key identifier:   08:FA:CF:20:D7:FD:96:A9:26:73:A9:06:39:F8:A6:83:56:31:E4:C6
Authority key identifier: 2E:C2:67:CF:6C:6B:3B:88:E9:6A:11:BF:29:E9:A7:3A:55:8C:5E:40
Certificate issuer:       /CN=2ec267cf6c6b3b88e96a11bf29e9a73a558c5e40
Certificate serial:       0199FC215B9161BE86AC64311B7664333D2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LsJnz2xrO4jpahG_KemnOlWMXkA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft
Manifest number:          1671
Signing time:             Sun 19 Oct 2025 11:01:08 +0000
Manifest this update:     Sun 19 Oct 2025 11:01:08 +0000
Manifest next update:     Mon 20 Oct 2025 11:01:08 +0000
Files and hashes:         1: LsJnz2xrO4jpahG_KemnOlWMXkA.crl (hash: qdpe+Vwu5JVG/PA4qXPrb75ljbP6qkAKMqy0OJ40qH8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LsJnz2xrO4jpahG_KemnOlWMXkA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:21:5b:91:61:be:86:ac:64:31:1b:76:64:33:3d:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ec267cf6c6b3b88e96a11bf29e9a73a558c5e40
        Validity
            Not Before: Oct 19 11:01:08 2025 GMT
            Not After : Oct 20 11:01:08 2025 GMT
        Subject: CN=08facf20d7fd96a92673a90639f8a6835631e4c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:2d:ad:cb:1e:97:29:78:e1:d6:d7:68:75:0a:
                    db:79:84:1a:94:e6:12:16:69:81:c7:9a:ef:ef:ac:
                    45:f6:ca:d7:97:6a:32:00:89:f1:f5:99:03:2c:7c:
                    d4:56:08:d0:28:3e:d4:3a:d2:2c:63:82:7c:ad:20:
                    0b:79:13:06:40:60:12:a3:a9:88:9c:64:c2:e5:c4:
                    7b:b1:eb:d7:58:a3:33:f5:a2:0e:f9:a9:08:af:4f:
                    58:da:fd:d0:63:5f:a7:7c:23:e3:cd:f4:95:a7:16:
                    c9:6c:61:3d:9c:63:f8:31:c9:3a:fb:eb:7a:78:94:
                    d5:86:45:fe:21:ae:b5:61:cf:fd:f9:f8:b6:47:69:
                    9b:90:1d:58:f2:52:06:50:77:1f:67:81:bc:79:6d:
                    e9:d4:1a:a9:50:31:93:ae:ef:46:ee:4e:e1:14:c4:
                    73:00:62:53:b4:68:92:36:1e:87:bd:f3:02:a6:79:
                    ed:da:11:50:11:51:c0:88:57:d9:f2:89:d2:2e:22:
                    1f:25:de:fe:c1:4e:d2:7b:d0:52:a1:19:24:4b:6c:
                    90:b6:8d:61:25:e1:cf:1c:dc:fb:27:f6:d9:f0:a1:
                    94:46:98:46:ae:5d:4d:22:90:46:50:7b:9f:72:1a:
                    b1:27:0d:ee:3b:d6:64:94:92:41:90:b4:21:5c:84:
                    4a:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:FA:CF:20:D7:FD:96:A9:26:73:A9:06:39:F8:A6:83:56:31:E4:C6
            X509v3 Authority Key Identifier:
                keyid:2E:C2:67:CF:6C:6B:3B:88:E9:6A:11:BF:29:E9:A7:3A:55:8C:5E:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LsJnz2xrO4jpahG_KemnOlWMXkA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:41:c8:1f:cb:41:20:7c:0d:a1:b5:da:37:00:49:ac:41:06:
         f4:e4:64:e9:7e:52:40:d4:77:ce:96:6c:cc:a9:2a:f8:ef:7b:
         a1:d6:d3:84:2b:d7:51:12:98:d1:3e:6f:7e:18:8e:40:ab:aa:
         67:0b:16:41:bc:2a:79:20:a8:1b:1d:a9:4a:32:ed:6e:15:38:
         09:5a:44:e3:15:f0:3e:1e:74:01:5f:bd:35:17:f7:d9:07:0d:
         3f:84:f4:a2:04:97:c3:d8:76:6d:d8:af:ad:94:21:43:e7:d7:
         e8:91:ac:fd:ff:ff:d4:f0:6d:ac:a7:79:f6:b9:14:49:87:63:
         b1:ea:a1:38:96:ec:50:77:ba:52:d2:fe:31:b9:f2:51:7f:ae:
         32:87:74:ba:4d:62:98:2f:54:c7:6a:ac:c6:5f:1f:35:b8:f8:
         bb:d4:de:45:7a:30:ad:a9:40:62:2b:af:2f:af:1f:1c:e7:2b:
         0d:6e:3b:64:17:e5:a1:3e:df:af:6f:35:10:5b:32:5b:de:3c:
         98:48:bf:f9:82:97:d4:1f:71:fb:cb:cd:90:fa:01:c2:e5:6b:
         36:8d:15:e6:b4:e3:93:6e:73:fd:f7:0a:7c:22:31:48:e8:4a:
         96:d0:20:a1:42:5b:8c:07:fa:38:9f:c4:3c:90:f9:44:48:4c:
         cf:f5:56:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8IVuRYb6GrGQxG3ZkMz0rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlYzI2N2NmNmM2YjNiODhlOTZhMTFiZjI5ZTlhNzNhNTU4
YzVlNDAwHhcNMjUxMDE5MTEwMTA4WhcNMjUxMDIwMTEwMTA4WjAzMTEwLwYDVQQD
EygwOGZhY2YyMGQ3ZmQ5NmE5MjY3M2E5MDYzOWY4YTY4MzU2MzFlNGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApi2tyx6XKXjh1tdodQrbeYQalOYS
FmmBx5rv76xF9srXl2oyAInx9ZkDLHzUVgjQKD7UOtIsY4J8rSALeRMGQGASo6mI
nGTC5cR7sevXWKMz9aIO+akIr09Y2v3QY1+nfCPjzfSVpxbJbGE9nGP4Mck6++t6
eJTVhkX+Ia61Yc/9+fi2R2mbkB1Y8lIGUHcfZ4G8eW3p1BqpUDGTru9G7k7hFMRz
AGJTtGiSNh6HvfMCpnnt2hFQEVHAiFfZ8onSLiIfJd7+wU7Se9BSoRkkS2yQto1h
JeHPHNz7J/bZ8KGURphGrl1NIpBGUHufchqxJw3uO9ZklJJBkLQhXIRKbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAj6zyDX/ZapJnOpBjn4poNWMeTGMB8GA1UdIwQY
MBaAFC7CZ89sazuI6WoRvynppzpVjF5AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHNKbnoyeHJPNGpwYWhHX0tlbW5PbFdNWGtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9jZWEwMWItZWU5NC00YTAyLThkNjIt
MGRjMDFmYzg4MTQxLzEvTHNKbnoyeHJPNGpwYWhHX0tlbW5PbFdNWGtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9jZWEwMWItZWU5NC00YTAyLThkNjItMGRjMDFmYzg4MTQx
LzEvTHNKbnoyeHJPNGpwYWhHX0tlbW5PbFdNWGtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaUHIH8tB
IHwNobXaNwBJrEEG9ORk6X5SQNR3zpZszKkq+O97odbThCvXURKY0T5vfhiOQKuq
ZwsWQbwqeSCoGx2pSjLtbhU4CVpE4xXwPh50AV+9NRf32QcNP4T0ogSXw9h2bdiv
rZQhQ+fX6JGs/f//1PBtrKd59rkUSYdjseqhOJbsUHe6UtL+MbnyUX+uMod0uk1i
mC9Ux2qsxl8fNbj4u9TeRXowralAYiuvL68fHOcrDW47ZBfloT7fr281EFsyW948
mEi/+YKX1B9x+8vNkPoBwuVrNo0V5rTjk25z/fcKfCIxSOhKltAgoUJbjAf6OJ/E
PJD5REhMz/VWmA==
-----END CERTIFICATE-----