Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft
File:                     2lNAluw_e_xU1lT84PAWitlmIs0.mft (raw, json)
Hash identifier:          ywxewAES8fab0+w2kEaGK28rUT36OpTq6yOI+mFVSmQ=
Subject key identifier:   94:95:04:91:2D:62:D8:30:95:C9:9F:9E:C1:DB:FD:76:AB:BC:E3:45
Authority key identifier: DA:53:40:96:EC:3F:7B:FC:54:D6:54:FC:E0:F0:16:8A:D9:66:22:CD
Certificate issuer:       /CN=da534096ec3f7bfc54d654fce0f0168ad96622cd
Certificate serial:       0199FB7C8937056C8519C2D63C5DBAF6B329
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft
Manifest number:          0447
Signing time:             Sun 19 Oct 2025 08:01:06 +0000
Manifest this update:     Sun 19 Oct 2025 08:01:06 +0000
Manifest next update:     Mon 20 Oct 2025 08:01:06 +0000
Files and hashes:         1: 2lNAluw_e_xU1lT84PAWitlmIs0.crl (hash: 0Ce3y4qhS2dJBtFZyV1f9bXWp1TIBq4plR0XIDWVly8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:7c:89:37:05:6c:85:19:c2:d6:3c:5d:ba:f6:b3:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da534096ec3f7bfc54d654fce0f0168ad96622cd
        Validity
            Not Before: Oct 19 08:01:06 2025 GMT
            Not After : Oct 20 08:01:06 2025 GMT
        Subject: CN=949504912d62d83095c99f9ec1dbfd76abbce345
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:d0:f4:43:36:be:d6:d2:9b:40:bc:76:59:09:
                    11:79:16:3e:72:f1:c2:15:e6:b1:5c:ef:33:4b:39:
                    ab:57:67:0b:26:ad:83:39:e4:a3:92:02:3d:99:e2:
                    0b:9c:a2:72:db:d5:af:91:a9:5c:74:63:f3:c2:e0:
                    a0:1d:b0:d3:49:18:b5:c8:04:26:7f:bd:8f:a3:14:
                    6a:7e:fd:d4:2c:cb:81:82:93:09:c6:6b:ee:a2:92:
                    1e:54:ff:da:68:4d:55:74:71:4f:9f:b0:2c:54:5f:
                    27:bc:05:ab:1c:7f:41:b1:8c:68:be:e3:f4:fd:a3:
                    17:a6:41:23:48:5e:ba:ea:24:e6:99:32:81:37:16:
                    89:4a:94:2d:13:31:2e:40:fc:03:1c:6b:4d:6c:f9:
                    19:86:9b:69:d1:b5:42:2f:b2:9a:2b:10:c4:5a:db:
                    8a:d5:eb:cb:ad:ec:08:d5:1d:8a:30:65:e5:1f:4d:
                    05:7d:92:dc:e9:7f:cc:6e:86:46:4d:d2:46:08:9f:
                    1a:50:8f:fe:58:05:b3:17:a0:04:d5:60:d6:3b:38:
                    11:d5:62:6e:dd:39:e5:b4:d4:18:49:34:f5:a5:a8:
                    ab:84:4f:00:00:94:0e:0f:fd:2d:ba:74:7e:91:67:
                    84:cd:f7:0f:92:b8:d4:d8:f4:42:49:b1:6d:8d:cf:
                    78:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:95:04:91:2D:62:D8:30:95:C9:9F:9E:C1:DB:FD:76:AB:BC:E3:45
            X509v3 Authority Key Identifier:
                keyid:DA:53:40:96:EC:3F:7B:FC:54:D6:54:FC:E0:F0:16:8A:D9:66:22:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:93:68:de:b9:c9:04:c9:86:4a:37:b7:41:4c:b8:f7:c3:f9:
         54:01:6c:61:21:d9:6f:42:fb:8e:b8:2b:69:1f:ab:a4:0d:03:
         1f:8f:0f:82:59:4d:08:95:d9:6b:0e:57:6e:0d:21:0e:a0:e7:
         09:97:83:3f:93:e3:e2:1f:6c:4f:f0:c8:71:a5:9c:0c:c9:a4:
         09:36:01:13:7f:43:6c:5d:cd:db:cc:03:48:b9:43:d5:56:03:
         c3:d7:0a:ea:4a:77:de:07:cc:64:7c:c3:9d:e9:c1:75:92:5a:
         8f:62:3f:18:30:1f:b2:f2:00:3f:32:b6:58:ff:17:af:bc:3f:
         32:c0:81:29:90:c8:92:ee:53:67:b0:08:13:8a:dd:8f:52:f1:
         7c:19:28:04:04:90:bb:ca:8e:93:24:b4:ed:18:5e:28:8d:fd:
         ca:04:f4:38:70:60:da:30:d2:69:06:55:e6:3b:f2:91:f0:c7:
         e9:30:26:91:31:39:1f:45:b6:cb:21:2f:49:f8:90:50:9d:ec:
         b7:77:f0:8a:60:60:18:c9:0f:bf:36:4b:bc:68:c0:0e:a0:54:
         0a:48:a4:6d:91:92:82:00:e3:c9:b3:d1:3c:2e:42:cc:40:b0:
         f4:93:16:41:65:b1:f1:62:d7:5b:78:33:a7:4e:69:cd:23:67:
         9c:e9:f4:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7fIk3BWyFGcLWPF269rMpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNTM0MDk2ZWMzZjdiZmM1NGQ2NTRmY2UwZjAxNjhhZDk2
NjIyY2QwHhcNMjUxMDE5MDgwMTA2WhcNMjUxMDIwMDgwMTA2WjAzMTEwLwYDVQQD
Eyg5NDk1MDQ5MTJkNjJkODMwOTVjOTlmOWVjMWRiZmQ3NmFiYmNlMzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdD0Qza+1tKbQLx2WQkReRY+cvHC
FeaxXO8zSzmrV2cLJq2DOeSjkgI9meILnKJy29WvkalcdGPzwuCgHbDTSRi1yAQm
f72PoxRqfv3ULMuBgpMJxmvuopIeVP/aaE1VdHFPn7AsVF8nvAWrHH9BsYxovuP0
/aMXpkEjSF666iTmmTKBNxaJSpQtEzEuQPwDHGtNbPkZhptp0bVCL7KaKxDEWtuK
1evLrewI1R2KMGXlH00FfZLc6X/MboZGTdJGCJ8aUI/+WAWzF6AE1WDWOzgR1WJu
3TnltNQYSTT1pairhE8AAJQOD/0tunR+kWeEzfcPkrjU2PRCSbFtjc94AQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJSVBJEtYtgwlcmfnsHb/XarvONFMB8GA1UdIwQY
MBaAFNpTQJbsP3v8VNZU/ODwForZZiLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi80MDUyYjUtYjU5ZS00MzNmLTg3YWEt
ODZmMmExYWY0ZDc5LzEvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi80MDUyYjUtYjU5ZS00MzNmLTg3YWEtODZmMmExYWY0ZDc5
LzEvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW5No3rnJ
BMmGSje3QUy498P5VAFsYSHZb0L7jrgraR+rpA0DH48PgllNCJXZaw5Xbg0hDqDn
CZeDP5Pj4h9sT/DIcaWcDMmkCTYBE39DbF3N28wDSLlD1VYDw9cK6kp33gfMZHzD
nenBdZJaj2I/GDAfsvIAPzK2WP8Xr7w/MsCBKZDIku5TZ7AIE4rdj1LxfBkoBASQ
u8qOkyS07RheKI39ygT0OHBg2jDSaQZV5jvykfDH6TAmkTE5H0W2yyEvSfiQUJ3s
t3fwimBgGMkPvzZLvGjADqBUCkikbZGSggDjybPRPC5CzECw9JMWQWWx8WLXW3gz
p05pzSNnnOn0Yw==
-----END CERTIFICATE-----