Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft
File:                     lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft (raw, json)
Hash identifier:          ANR56wjAB7J2gLNpdy4jruc4Gbr+s0dqP+vdoUYnARs=
Subject key identifier:   D3:2D:27:61:EA:D0:03:EE:F0:6F:04:91:A1:56:66:F9:9D:91:93:5B
Authority key identifier: 94:75:ED:DC:A9:5B:73:66:53:A4:C9:F9:D9:15:40:D2:D3:EF:B5:3D
Certificate issuer:       /CN=9475eddca95b736653a4c9f9d91540d2d3efb53d
Certificate serial:       0199FBEBDB5A9BB8EBAF4A91D0F1EC65C560
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft
Manifest number:          031F
Signing time:             Sun 19 Oct 2025 10:02:42 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:42 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:42 +0000
Files and hashes:         1: lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl (hash: m5dX10th6+9VhVMhnoGz/DzorVg1P8Q6BoGCnl1vqBg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:db:5a:9b:b8:eb:af:4a:91:d0:f1:ec:65:c5:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9475eddca95b736653a4c9f9d91540d2d3efb53d
        Validity
            Not Before: Oct 19 10:02:42 2025 GMT
            Not After : Oct 20 10:02:42 2025 GMT
        Subject: CN=d32d2761ead003eef06f0491a15666f99d91935b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:c1:1f:12:00:4c:22:eb:14:16:b5:a6:64:aa:
                    68:ee:f9:c8:b9:8a:bc:ad:54:0a:07:ae:e5:55:07:
                    ab:95:29:b1:57:c8:4b:9a:08:b2:69:b6:5a:26:b8:
                    a4:1a:f2:c1:7c:8f:b4:f7:89:c8:7b:14:ec:7a:e6:
                    26:73:e1:9b:05:61:af:6b:63:86:f1:28:e7:c7:ff:
                    39:01:a4:45:b3:c3:ca:62:cf:a0:64:78:e2:48:65:
                    28:69:8f:67:0c:32:23:dd:ad:4d:4f:1c:0e:97:3c:
                    3a:0f:2a:b7:b9:2d:e7:25:bf:9e:0c:2b:ca:b0:6a:
                    89:c4:40:f8:91:fe:a5:96:ba:ec:db:57:99:16:f0:
                    e6:2f:88:a4:22:90:a5:6b:74:47:6d:34:44:f4:aa:
                    e3:5d:bc:6d:ac:77:d0:ba:08:53:b3:b7:c7:50:e7:
                    e4:98:fa:2c:05:4c:57:65:30:5b:65:ec:1e:45:5f:
                    04:4a:3b:c9:1c:d2:90:8c:33:6e:93:9b:3a:2a:25:
                    53:da:59:25:da:5e:99:4a:a6:47:fa:0e:69:1b:8b:
                    3c:08:b3:5f:01:c6:47:fb:dd:1d:f7:55:88:19:43:
                    8e:ca:0e:e7:44:c4:c8:3a:44:c2:78:81:e0:a6:c0:
                    3c:f5:f5:c2:a6:d1:3b:c3:bd:76:14:82:e5:69:87:
                    57:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:2D:27:61:EA:D0:03:EE:F0:6F:04:91:A1:56:66:F9:9D:91:93:5B
            X509v3 Authority Key Identifier:
                keyid:94:75:ED:DC:A9:5B:73:66:53:A4:C9:F9:D9:15:40:D2:D3:EF:B5:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:04:08:12:47:ca:7e:6a:1e:6c:3a:b5:06:ef:7c:9d:60:a2:
         f4:74:56:c1:bf:75:ce:b3:b1:ce:de:e5:86:96:ef:e8:40:8f:
         70:b4:c5:bb:4c:36:16:cd:12:8c:1b:a0:a4:47:e5:4b:9b:8e:
         46:d3:d0:3c:da:a9:04:94:d7:44:7b:d6:21:1f:e0:e0:a7:3b:
         b2:f4:26:58:34:81:33:a4:84:da:16:45:55:d8:e4:b1:d4:93:
         2e:59:93:85:5c:90:48:d6:f7:ca:01:e5:b4:18:0e:ad:2e:a5:
         5b:5c:be:50:b0:6f:35:30:e7:33:56:a7:d2:7a:43:eb:b2:2f:
         aa:6e:94:d0:e3:fe:56:3b:c0:3e:62:e1:10:d7:99:49:d8:e1:
         70:16:22:84:b3:f8:0c:0c:af:c3:6c:44:03:ab:77:cc:d3:22:
         d6:ec:93:63:4e:82:db:8a:53:d7:88:8c:65:6f:81:05:00:70:
         57:ee:fb:38:1a:bd:a0:5b:2a:88:41:8d:77:3e:7b:5d:29:eb:
         4e:31:86:33:a2:31:06:4f:65:cd:aa:cc:95:90:bf:da:7b:1e:
         09:54:c4:09:8f:8f:f3:b9:55:2e:34:34:61:5c:b9:ed:e0:ab:
         54:8b:bc:39:c0:fe:11:be:5b:0c:68:b5:39:2c:dc:5e:a5:2c:
         f9:b2:25:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn769tam7jrr0qR0PHsZcVgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NzVlZGRjYTk1YjczNjY1M2E0YzlmOWQ5MTU0MGQyZDNl
ZmI1M2QwHhcNMjUxMDE5MTAwMjQyWhcNMjUxMDIwMTAwMjQyWjAzMTEwLwYDVQQD
EyhkMzJkMjc2MWVhZDAwM2VlZjA2ZjA0OTFhMTU2NjZmOTlkOTE5MzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1sEfEgBMIusUFrWmZKpo7vnIuYq8
rVQKB67lVQerlSmxV8hLmgiyabZaJrikGvLBfI+094nIexTseuYmc+GbBWGva2OG
8Sjnx/85AaRFs8PKYs+gZHjiSGUoaY9nDDIj3a1NTxwOlzw6Dyq3uS3nJb+eDCvK
sGqJxED4kf6llrrs21eZFvDmL4ikIpCla3RHbTRE9KrjXbxtrHfQughTs7fHUOfk
mPosBUxXZTBbZeweRV8ESjvJHNKQjDNuk5s6KiVT2lkl2l6ZSqZH+g5pG4s8CLNf
AcZH+90d91WIGUOOyg7nRMTIOkTCeIHgpsA89fXCptE7w712FILlaYdXrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNMtJ2Hq0APu8G8EkaFWZvmdkZNbMB8GA1UdIwQY
MBaAFJR17dypW3NmU6TJ+dkVQNLT77U9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yM2NhMjEtYmNlYi00MzNlLWI3ZDkt
N2IwMDM5ODRiODYzLzEvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yM2NhMjEtYmNlYi00MzNlLWI3ZDktN2IwMDM5ODRiODYz
LzEvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgAQIEkfK
fmoebDq1Bu98nWCi9HRWwb91zrOxzt7lhpbv6ECPcLTFu0w2Fs0SjBugpEflS5uO
RtPQPNqpBJTXRHvWIR/g4Kc7svQmWDSBM6SE2hZFVdjksdSTLlmThVyQSNb3ygHl
tBgOrS6lW1y+ULBvNTDnM1an0npD67Ivqm6U0OP+VjvAPmLhENeZSdjhcBYihLP4
DAyvw2xEA6t3zNMi1uyTY06C24pT14iMZW+BBQBwV+77OBq9oFsqiEGNdz57XSnr
TjGGM6IxBk9lzarMlZC/2nseCVTECY+P87lVLjQ0YVy57eCrVIu8OcD+Eb5bDGi1
OSzcXqUs+bIlLA==
-----END CERTIFICATE-----