Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft
File:                     leN5E1KsgsnSB0NCTNxhcAlvT68.mft (raw, json)
Hash identifier:          aQcuzlPc45Bj/LHNqs447AvZKNWyOnsFXYHR7ZZ1Xgc=
Subject key identifier:   2D:56:46:B7:49:E4:64:9A:C0:43:CF:F9:96:DA:6D:19:19:84:0D:7B
Authority key identifier: 95:E3:79:13:52:AC:82:C9:D2:07:43:42:4C:DC:61:70:09:6F:4F:AF
Certificate issuer:       /CN=95e3791352ac82c9d20743424cdc6170096f4faf
Certificate serial:       0199FBEB72607F991E56358946EE5A9EE0C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/leN5E1KsgsnSB0NCTNxhcAlvT68.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft
Manifest number:          16DE
Signing time:             Sun 19 Oct 2025 10:02:15 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:15 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:15 +0000
Files and hashes:         1: leN5E1KsgsnSB0NCTNxhcAlvT68.crl (hash: ta4kunrP5/tLFAdF0+nIdKPq/edAlUvUjJcDinh6yvs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/leN5E1KsgsnSB0NCTNxhcAlvT68.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:02:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:72:60:7f:99:1e:56:35:89:46:ee:5a:9e:e0:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95e3791352ac82c9d20743424cdc6170096f4faf
        Validity
            Not Before: Oct 19 10:02:15 2025 GMT
            Not After : Oct 20 10:02:15 2025 GMT
        Subject: CN=2d5646b749e4649ac043cff996da6d1919840d7b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:36:0b:4b:79:98:c8:89:97:45:f4:15:7c:1a:
                    c2:a4:5a:b7:52:3a:53:e7:2a:69:aa:ce:83:02:a2:
                    c3:17:14:9a:03:59:ea:7a:e8:cf:85:d3:f0:8b:ff:
                    3f:2f:0e:d2:24:e7:23:73:5a:32:84:a7:06:1b:4e:
                    b8:6d:71:c7:f5:f5:5b:d4:01:9f:84:8e:cd:33:88:
                    ed:f8:82:ac:3e:3f:1b:d6:45:77:42:ab:86:a9:bd:
                    2a:33:9a:29:32:a3:44:72:18:8b:f5:05:de:7a:2d:
                    90:8a:81:21:62:06:0f:65:89:2f:81:03:12:bd:a3:
                    a5:95:03:37:cf:cd:82:12:e5:e3:57:65:69:65:26:
                    24:56:03:32:06:00:be:62:c4:b8:af:8c:51:ed:64:
                    65:7c:1e:8c:72:2e:dc:18:7a:39:71:00:02:7a:a5:
                    58:3c:96:92:17:37:08:30:6b:35:af:d1:c2:81:6e:
                    a1:62:36:f2:f1:39:1d:1d:ec:b0:db:a6:f6:f5:c6:
                    83:2a:10:28:da:e1:c8:01:f1:bd:9d:2c:6a:68:77:
                    a1:b3:4c:8f:34:94:a5:b6:68:32:ee:5b:eb:28:71:
                    44:33:4e:3d:85:02:f9:21:62:ad:4d:84:ac:c6:df:
                    8e:00:5b:11:6d:50:c6:1c:f4:ca:5b:8c:eb:b0:9e:
                    94:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:56:46:B7:49:E4:64:9A:C0:43:CF:F9:96:DA:6D:19:19:84:0D:7B
            X509v3 Authority Key Identifier:
                keyid:95:E3:79:13:52:AC:82:C9:D2:07:43:42:4C:DC:61:70:09:6F:4F:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/leN5E1KsgsnSB0NCTNxhcAlvT68.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:b8:9f:50:32:3d:1f:09:0d:5e:49:d2:59:2e:14:8f:c2:c6:
         cd:90:3c:65:7f:23:15:61:19:b6:f0:10:75:2c:16:f4:ff:23:
         68:03:33:61:d5:ab:bc:e9:9d:f4:89:f8:8a:1e:b3:02:b5:a1:
         7e:04:63:c1:82:2c:17:27:69:09:df:3f:f2:68:18:87:bc:9d:
         83:89:2d:4d:46:69:2f:8b:0a:e8:e2:65:88:57:77:65:45:dc:
         0b:4c:3b:b4:fb:2d:36:1c:4b:3e:fd:d2:1b:cc:cf:c8:07:fa:
         e1:42:f7:63:45:08:f9:09:13:4f:5a:76:62:2a:3b:be:0f:7c:
         28:61:7d:1f:cb:18:cc:5d:02:75:54:bc:4f:67:d5:5c:92:b2:
         dd:d7:b8:0b:e6:25:e3:fd:9a:e8:d1:61:97:d8:b9:dd:19:74:
         6f:28:fd:bc:28:0e:b1:39:4f:e0:83:87:82:c3:d8:80:05:f1:
         c7:54:c9:0a:2d:c3:4b:05:7d:26:03:d4:05:e9:d4:af:a6:8d:
         69:7e:df:99:5a:95:e0:ef:0e:d5:5e:43:98:49:54:ba:41:7e:
         4c:b4:4c:f9:27:5f:26:ef:ad:b4:9d:e0:50:79:07:9d:c8:7c:
         ed:41:72:50:76:fb:b5:7c:92:93:ec:0a:fa:b6:fc:2e:92:0f:
         c8:52:6e:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn763Jgf5keVjWJRu5anuDEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZTM3OTEzNTJhYzgyYzlkMjA3NDM0MjRjZGM2MTcwMDk2
ZjRmYWYwHhcNMjUxMDE5MTAwMjE1WhcNMjUxMDIwMTAwMjE1WjAzMTEwLwYDVQQD
EygyZDU2NDZiNzQ5ZTQ2NDlhYzA0M2NmZjk5NmRhNmQxOTE5ODQwZDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujYLS3mYyImXRfQVfBrCpFq3UjpT
5yppqs6DAqLDFxSaA1nqeujPhdPwi/8/Lw7SJOcjc1oyhKcGG064bXHH9fVb1AGf
hI7NM4jt+IKsPj8b1kV3QquGqb0qM5opMqNEchiL9QXeei2QioEhYgYPZYkvgQMS
vaOllQM3z82CEuXjV2VpZSYkVgMyBgC+YsS4r4xR7WRlfB6Mci7cGHo5cQACeqVY
PJaSFzcIMGs1r9HCgW6hYjby8TkdHeyw26b29caDKhAo2uHIAfG9nSxqaHehs0yP
NJSltmgy7lvrKHFEM049hQL5IWKtTYSsxt+OAFsRbVDGHPTKW4zrsJ6UXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC1WRrdJ5GSawEPP+ZbabRkZhA17MB8GA1UdIwQY
MBaAFJXjeRNSrILJ0gdDQkzcYXAJb0+vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGVONUUxS3Nnc25TQjBOQ1ROeGhjQWx2VDY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xYTQ3MmYtYTEzNy00MmM5LWFjOWYt
NGMyYzBjOGYyNDYyLzEvbGVONUUxS3Nnc25TQjBOQ1ROeGhjQWx2VDY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xYTQ3MmYtYTEzNy00MmM5LWFjOWYtNGMyYzBjOGYyNDYy
LzEvbGVONUUxS3Nnc25TQjBOQ1ROeGhjQWx2VDY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYbifUDI9
HwkNXknSWS4Uj8LGzZA8ZX8jFWEZtvAQdSwW9P8jaAMzYdWrvOmd9In4ih6zArWh
fgRjwYIsFydpCd8/8mgYh7ydg4ktTUZpL4sK6OJliFd3ZUXcC0w7tPstNhxLPv3S
G8zPyAf64UL3Y0UI+QkTT1p2Yio7vg98KGF9H8sYzF0CdVS8T2fVXJKy3de4C+Yl
4/2a6NFhl9i53Rl0byj9vCgOsTlP4IOHgsPYgAXxx1TJCi3DSwV9JgPUBenUr6aN
aX7fmVqV4O8O1V5DmElUukF+TLRM+SdfJu+ttJ3gUHkHnch87UFyUHb7tXySk+wK
+rb8LpIPyFJusA==
-----END CERTIFICATE-----