Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.mft
File:                     lKTi_J7qzc9bD1CrkyhM07CUIXE.mft (raw, json)
Hash identifier:          y7wsiajq/EpwKqz/rPttDt6gJv+TuEO1S5yc2ZqA0XA=
Subject key identifier:   91:83:65:CB:4C:06:2F:1E:D7:05:A1:80:0B:1F:6E:70:D1:CB:07:44
Authority key identifier: 94:A4:E2:FC:9E:EA:CD:CF:5B:0F:50:AB:93:28:4C:D3:B0:94:21:71
Certificate issuer:       /CN=94a4e2fc9eeacdcf5b0f50ab93284cd3b0942171
Certificate serial:       0199FFC8A0C7836D3C10970A75117156F550
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lKTi_J7qzc9bD1CrkyhM07CUIXE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.mft
Manifest number:          0EA3
Signing time:             Mon 20 Oct 2025 04:02:42 +0000
Manifest this update:     Mon 20 Oct 2025 04:02:42 +0000
Manifest next update:     Tue 21 Oct 2025 04:02:42 +0000
Files and hashes:         1: lKTi_J7qzc9bD1CrkyhM07CUIXE.crl (hash: l+HyWPYd18DUoOEDrL8ZY6kdIiUUaVWQ8K3zwfWVaSU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lKTi_J7qzc9bD1CrkyhM07CUIXE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c8:a0:c7:83:6d:3c:10:97:0a:75:11:71:56:f5:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94a4e2fc9eeacdcf5b0f50ab93284cd3b0942171
        Validity
            Not Before: Oct 20 04:02:42 2025 GMT
            Not After : Oct 21 04:02:42 2025 GMT
        Subject: CN=918365cb4c062f1ed705a1800b1f6e70d1cb0744
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:3e:2d:45:2e:2a:6e:c8:33:47:21:96:91:57:
                    0a:32:5b:d3:08:b3:dc:a9:60:f5:f3:69:e4:9e:07:
                    98:39:b1:98:8c:df:28:80:b6:3a:09:51:70:ab:e1:
                    f6:df:52:2d:89:60:b9:c4:8a:9f:b4:82:e1:3e:6b:
                    3f:8d:12:c4:2f:54:28:13:ce:1f:44:50:0f:8f:38:
                    12:d0:0a:4f:13:84:87:1d:48:f9:d3:f4:43:a6:1d:
                    f5:dd:b0:4c:c4:e4:ac:64:7f:bc:89:1a:b4:52:f9:
                    51:84:b2:a6:94:5e:51:2d:a8:04:b2:b2:e9:b1:68:
                    a8:f2:c7:a2:29:73:84:ab:6c:b8:bf:ae:00:1b:21:
                    87:55:59:ef:ff:a2:c7:27:0d:83:00:ab:99:f6:ee:
                    52:6e:9f:2a:bf:c1:b5:bb:e8:e3:8b:5b:e9:fe:cd:
                    1f:e6:c6:9e:aa:de:9d:4b:e7:a7:ff:cc:d1:22:a3:
                    c8:60:c4:81:53:09:be:3d:52:75:69:32:01:45:65:
                    b5:8a:66:94:3b:c7:04:8e:2c:a2:2c:2a:77:ee:a2:
                    8e:be:2b:55:09:c9:33:68:ab:49:af:52:31:68:c4:
                    46:ea:d2:40:3b:f3:5d:c3:c8:d9:37:42:71:f6:29:
                    47:40:3b:76:70:dc:e4:b9:79:82:a9:65:9a:6b:75:
                    c0:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:83:65:CB:4C:06:2F:1E:D7:05:A1:80:0B:1F:6E:70:D1:CB:07:44
            X509v3 Authority Key Identifier:
                keyid:94:A4:E2:FC:9E:EA:CD:CF:5B:0F:50:AB:93:28:4C:D3:B0:94:21:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lKTi_J7qzc9bD1CrkyhM07CUIXE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:d3:30:25:a7:63:38:25:ff:41:c6:5a:6d:c2:43:ce:fb:61:
         55:90:09:85:ae:c9:29:54:ee:11:6c:2e:75:c0:bc:aa:a6:a0:
         28:6d:89:dc:19:f7:53:b9:84:64:32:5a:9c:f4:8a:ea:14:67:
         de:9d:1f:fa:30:93:05:aa:66:cb:5f:67:d0:bc:5c:3f:6d:f3:
         a4:5a:9c:5a:49:2b:e9:37:71:90:cd:39:18:a8:21:ea:e4:7e:
         2d:aa:99:9a:2c:92:1a:a7:66:c1:30:0c:ab:43:94:bf:35:a4:
         ec:48:7e:ee:a2:69:d8:61:5c:7f:fd:dc:5b:86:fc:19:9d:de:
         fe:65:09:db:66:75:c1:3e:ff:3c:5b:a7:59:3e:cb:45:d7:97:
         3a:69:8e:82:74:e9:00:99:cb:b4:8d:cf:78:51:44:31:2f:e6:
         bf:8d:f5:43:e7:cf:66:59:2a:c6:75:97:19:4c:d6:0b:97:3a:
         63:e5:b4:2a:87:63:39:1b:c0:7e:f3:09:80:55:f5:66:0f:0f:
         62:b8:30:63:07:44:38:2f:9c:c2:60:8e:c8:ef:fd:52:ce:01:
         34:fa:c1:a0:01:44:be:08:c6:55:8a:33:b7:41:40:ed:c4:c4:
         11:f4:38:62:9a:2a:4e:21:59:b8:3b:ad:6c:37:05:bf:ee:88:
         ff:6e:7b:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yKDHg208EJcKdRFxVvVQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0YTRlMmZjOWVlYWNkY2Y1YjBmNTBhYjkzMjg0Y2QzYjA5
NDIxNzEwHhcNMjUxMDIwMDQwMjQyWhcNMjUxMDIxMDQwMjQyWjAzMTEwLwYDVQQD
Eyg5MTgzNjVjYjRjMDYyZjFlZDcwNWExODAwYjFmNmU3MGQxY2IwNzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyj4tRS4qbsgzRyGWkVcKMlvTCLPc
qWD182nkngeYObGYjN8ogLY6CVFwq+H231ItiWC5xIqftILhPms/jRLEL1QoE84f
RFAPjzgS0ApPE4SHHUj50/RDph313bBMxOSsZH+8iRq0UvlRhLKmlF5RLagEsrLp
sWio8seiKXOEq2y4v64AGyGHVVnv/6LHJw2DAKuZ9u5Sbp8qv8G1u+jji1vp/s0f
5saeqt6dS+en/8zRIqPIYMSBUwm+PVJ1aTIBRWW1imaUO8cEjiyiLCp37qKOvitV
CckzaKtJr1IxaMRG6tJAO/Ndw8jZN0Jx9ilHQDt2cNzkuXmCqWWaa3XAOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJGDZctMBi8e1wWhgAsfbnDRywdEMB8GA1UdIwQY
MBaAFJSk4vye6s3PWw9Qq5MoTNOwlCFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEtUaV9KN3F6YzliRDFDcmt5aE0wN0NVSVhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZmY3YTctMjdjYi00MDcyLWIzM2It
MDI0OGQ2YWZkNjNmLzEvbEtUaV9KN3F6YzliRDFDcmt5aE0wN0NVSVhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zZmY3YTctMjdjYi00MDcyLWIzM2ItMDI0OGQ2YWZkNjNm
LzEvbEtUaV9KN3F6YzliRDFDcmt5aE0wN0NVSVhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAptMwJadj
OCX/QcZabcJDzvthVZAJha7JKVTuEWwudcC8qqagKG2J3Bn3U7mEZDJanPSK6hRn
3p0f+jCTBapmy19n0LxcP23zpFqcWkkr6TdxkM05GKgh6uR+LaqZmiySGqdmwTAM
q0OUvzWk7Eh+7qJp2GFcf/3cW4b8GZ3e/mUJ22Z1wT7/PFunWT7LRdeXOmmOgnTp
AJnLtI3PeFFEMS/mv431Q+fPZlkqxnWXGUzWC5c6Y+W0KodjORvAfvMJgFX1Zg8P
YrgwYwdEOC+cwmCOyO/9Us4BNPrBoAFEvgjGVYozt0FA7cTEEfQ4YpoqTiFZuDut
bDcFv+6I/257IA==
-----END CERTIFICATE-----