Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/edc41e-352e-412b-9ae6-a0951ef7dfcd/1/lkptHqRrxAuqMavE9ByQZn7-Nu0.mft
File:                     lkptHqRrxAuqMavE9ByQZn7-Nu0.mft (raw, json)
Hash identifier:          BtVn49mMiYtoORlBcytYFqthGayQHUW5SR1l9XOFDKg=
Subject key identifier:   A6:59:81:FD:28:A2:27:69:F0:3A:41:60:88:01:D4:8F:7F:CF:F7:7F
Authority key identifier: 96:4A:6D:1E:A4:6B:C4:0B:AA:31:AB:C4:F4:1C:90:66:7E:FE:36:ED
Certificate issuer:       /CN=964a6d1ea46bc40baa31abc4f41c90667efe36ed
Certificate serial:       0199FBEC09B02F6E6283D6CE77311890B6B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lkptHqRrxAuqMavE9ByQZn7-Nu0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/edc41e-352e-412b-9ae6-a0951ef7dfcd/1/lkptHqRrxAuqMavE9ByQZn7-Nu0.mft
Manifest number:          07AE
Signing time:             Sun 19 Oct 2025 10:02:54 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:54 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:54 +0000
Files and hashes:         1: lkptHqRrxAuqMavE9ByQZn7-Nu0.crl (hash: Vj0lspS78S0gzNp7BvzXRCbBZPJfBgJG/2cHTJriPZ8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/edc41e-352e-412b-9ae6-a0951ef7dfcd/1/lkptHqRrxAuqMavE9ByQZn7-Nu0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/edc41e-352e-412b-9ae6-a0951ef7dfcd/1/lkptHqRrxAuqMavE9ByQZn7-Nu0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lkptHqRrxAuqMavE9ByQZn7-Nu0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ec:09:b0:2f:6e:62:83:d6:ce:77:31:18:90:b6:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=964a6d1ea46bc40baa31abc4f41c90667efe36ed
        Validity
            Not Before: Oct 19 10:02:54 2025 GMT
            Not After : Oct 20 10:02:54 2025 GMT
        Subject: CN=a65981fd28a22769f03a41608801d48f7fcff77f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:eb:d2:74:03:a7:80:31:3e:74:30:de:8b:29:
                    ce:84:ad:04:d0:93:8d:9e:49:3b:89:d4:1c:2e:fd:
                    c4:d2:7a:1a:0b:d5:a9:d4:0f:2b:ed:fd:f1:fd:5c:
                    42:da:b1:6b:b2:00:21:06:b6:2a:33:fb:e8:60:ff:
                    31:cb:97:95:ea:64:8c:ba:68:66:cd:cc:6c:c1:a4:
                    00:c0:a9:3c:7f:c9:07:d7:7d:67:7c:30:2c:ac:a5:
                    0a:ce:4b:8d:52:d5:20:f7:0c:88:b8:e4:c7:c3:a3:
                    0f:98:8b:86:89:9a:10:8b:1f:48:d8:c2:03:f4:0e:
                    54:f1:5b:09:61:40:fd:c5:80:ff:10:bb:f8:99:49:
                    71:15:bf:ca:82:89:26:c9:81:98:b6:da:c3:0d:c5:
                    3a:cf:c5:36:c9:ef:10:32:8b:c3:3e:a1:0c:ac:02:
                    f7:b6:96:b0:5b:fc:73:fa:8c:7c:90:e9:1d:50:85:
                    55:39:6e:e0:d2:44:c5:38:6a:d7:95:21:54:96:88:
                    43:cd:84:d6:00:8e:a6:9d:10:4d:01:c0:e1:d5:f2:
                    29:2d:56:7d:02:3e:27:f7:ce:36:70:9a:1c:a2:b0:
                    6b:cd:75:38:c4:f6:df:72:45:25:96:73:aa:63:b0:
                    4b:d9:3c:2a:4a:09:65:d2:48:9a:3a:ad:63:e4:7a:
                    76:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:59:81:FD:28:A2:27:69:F0:3A:41:60:88:01:D4:8F:7F:CF:F7:7F
            X509v3 Authority Key Identifier:
                keyid:96:4A:6D:1E:A4:6B:C4:0B:AA:31:AB:C4:F4:1C:90:66:7E:FE:36:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lkptHqRrxAuqMavE9ByQZn7-Nu0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/edc41e-352e-412b-9ae6-a0951ef7dfcd/1/lkptHqRrxAuqMavE9ByQZn7-Nu0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/edc41e-352e-412b-9ae6-a0951ef7dfcd/1/lkptHqRrxAuqMavE9ByQZn7-Nu0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:b0:09:e1:8e:ec:f1:2a:76:28:8c:04:eb:80:73:1d:c7:db:
         38:a9:b7:51:cf:87:e6:36:55:47:39:e6:7b:32:c1:eb:e3:8e:
         76:b0:53:c1:fd:11:77:ca:ca:67:7f:6c:89:44:21:46:55:34:
         b7:08:d4:8d:41:0a:50:e0:2a:aa:66:cb:6b:50:9b:4c:c2:63:
         42:8f:e6:48:0a:b0:b0:ab:c3:cd:4d:29:29:fd:45:46:17:5e:
         3f:cb:6d:da:c6:2a:09:64:43:e0:4c:01:0a:3b:8f:11:9e:cd:
         5a:18:ca:c1:b5:e2:26:b2:59:bd:cd:cb:32:b1:8b:d2:f6:76:
         03:f7:83:29:d6:87:0d:7c:84:70:ce:94:68:bd:b4:fa:d2:35:
         e7:4a:f1:fd:4c:85:cf:24:f4:18:4f:e2:f9:1b:59:99:13:03:
         94:01:08:ee:14:b8:1d:9d:51:1d:20:c0:c5:ed:1d:b8:37:c4:
         9d:d4:4b:34:19:94:01:fe:61:7f:4b:03:20:7d:93:49:a0:e3:
         69:17:04:d8:0f:d8:ad:b0:a0:7a:6d:f0:d5:27:63:87:de:54:
         cd:ca:f6:52:58:66:69:93:3d:5d:ef:9b:b3:d0:ad:30:c6:6b:
         a9:ad:39:e4:1a:ee:82:01:6a:09:25:a4:49:ef:d0:c8:23:9a:
         fd:3e:52:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn77AmwL25ig9bOdzEYkLawMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2NGE2ZDFlYTQ2YmM0MGJhYTMxYWJjNGY0MWM5MDY2N2Vm
ZTM2ZWQwHhcNMjUxMDE5MTAwMjU0WhcNMjUxMDIwMTAwMjU0WjAzMTEwLwYDVQQD
EyhhNjU5ODFmZDI4YTIyNzY5ZjAzYTQxNjA4ODAxZDQ4ZjdmY2ZmNzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvevSdAOngDE+dDDeiynOhK0E0JON
nkk7idQcLv3E0noaC9Wp1A8r7f3x/VxC2rFrsgAhBrYqM/voYP8xy5eV6mSMumhm
zcxswaQAwKk8f8kH131nfDAsrKUKzkuNUtUg9wyIuOTHw6MPmIuGiZoQix9I2MID
9A5U8VsJYUD9xYD/ELv4mUlxFb/KgokmyYGYttrDDcU6z8U2ye8QMovDPqEMrAL3
tpawW/xz+ox8kOkdUIVVOW7g0kTFOGrXlSFUlohDzYTWAI6mnRBNAcDh1fIpLVZ9
Aj4n9842cJocorBrzXU4xPbfckUllnOqY7BL2TwqSgll0kiaOq1j5Hp2NwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKZZgf0ooidp8DpBYIgB1I9/z/d/MB8GA1UdIwQY
MBaAFJZKbR6ka8QLqjGrxPQckGZ+/jbtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGtwdEhxUnJ4QXVxTWF2RTlCeVFabjctTnUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lZGM0MWUtMzUyZS00MTJiLTlhZTYt
YTA5NTFlZjdkZmNkLzEvbGtwdEhxUnJ4QXVxTWF2RTlCeVFabjctTnUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lZGM0MWUtMzUyZS00MTJiLTlhZTYtYTA5NTFlZjdkZmNk
LzEvbGtwdEhxUnJ4QXVxTWF2RTlCeVFabjctTnUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMbAJ4Y7s
8Sp2KIwE64BzHcfbOKm3Uc+H5jZVRznmezLB6+OOdrBTwf0Rd8rKZ39siUQhRlU0
twjUjUEKUOAqqmbLa1CbTMJjQo/mSAqwsKvDzU0pKf1FRhdeP8tt2sYqCWRD4EwB
CjuPEZ7NWhjKwbXiJrJZvc3LMrGL0vZ2A/eDKdaHDXyEcM6UaL20+tI150rx/UyF
zyT0GE/i+RtZmRMDlAEI7hS4HZ1RHSDAxe0duDfEndRLNBmUAf5hf0sDIH2TSaDj
aRcE2A/YrbCgem3w1Sdjh95Uzcr2UlhmaZM9Xe+bs9CtMMZrqa055BruggFqCSWk
Se/QyCOa/T5SBA==
-----END CERTIFICATE-----