Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft
File:                     L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft (raw, json)
Hash identifier:          68xeic2a/PMcsopdwF3+gWQUN3BCVG25sB3W17w9l3E=
Subject key identifier:   DF:B1:EE:5D:CB:7F:43:5A:7E:B7:92:64:0B:D2:58:59:33:F5:AA:20
Authority key identifier: 2F:70:53:26:64:34:3C:B3:D2:89:70:23:A1:27:F6:0B:A9:17:A5:DD
Certificate issuer:       /CN=2f70532664343cb3d2897023a127f60ba917a5dd
Certificate serial:       0199FC58D2F5688F35852985DA416282493F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft
Manifest number:          0CD4
Signing time:             Sun 19 Oct 2025 12:01:43 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:43 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:43 +0000
Files and hashes:         1: L3BTJmQ0PLPSiXAjoSf2C6kXpd0.crl (hash: GnpVY33/61MGiENA71YnEmgsnlzrX3bt+B+PbHuzWig=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:d2:f5:68:8f:35:85:29:85:da:41:62:82:49:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f70532664343cb3d2897023a127f60ba917a5dd
        Validity
            Not Before: Oct 19 12:01:43 2025 GMT
            Not After : Oct 20 12:01:43 2025 GMT
        Subject: CN=dfb1ee5dcb7f435a7eb792640bd2585933f5aa20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:af:ce:d9:33:11:c9:49:b3:37:2e:8b:c9:92:
                    0f:59:f9:b0:12:c2:5d:34:39:b7:08:d3:d3:50:d5:
                    f2:db:0d:3e:92:4b:1a:32:00:b0:32:42:55:67:d6:
                    c0:a1:a8:47:6b:cf:57:c5:c9:b2:fe:1e:c1:72:59:
                    3f:e0:7e:68:7d:76:00:d9:c8:fd:37:7b:e6:e4:37:
                    62:d8:7a:a6:f9:46:01:ae:3b:02:5e:b1:03:54:12:
                    ff:d2:da:c6:df:ab:fd:f0:12:f0:e4:a0:94:85:a8:
                    11:a4:ae:22:50:7c:a3:3e:71:7d:e1:a3:2f:0f:ee:
                    bd:b1:de:a9:93:26:5b:33:3a:8f:53:d4:e4:24:8e:
                    b1:97:6c:9e:54:93:cf:60:61:de:0e:0a:b1:7e:f2:
                    01:82:d5:0e:e4:3b:0a:8b:ee:45:4f:ae:81:87:2f:
                    5d:0a:f7:7c:e5:33:12:03:f5:6b:8a:b2:08:70:52:
                    b2:ca:95:f8:9a:ae:fb:cc:52:8d:10:a0:1e:68:bb:
                    ad:3c:04:3f:0c:28:23:bc:f5:f5:da:40:7f:10:be:
                    84:12:00:d2:79:3a:31:8e:90:a6:98:64:6a:2c:80:
                    46:98:c6:18:df:18:3e:19:23:87:de:43:67:35:ff:
                    7b:aa:d7:fb:48:fd:a5:d5:1d:7f:31:94:f5:a1:51:
                    93:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:B1:EE:5D:CB:7F:43:5A:7E:B7:92:64:0B:D2:58:59:33:F5:AA:20
            X509v3 Authority Key Identifier:
                keyid:2F:70:53:26:64:34:3C:B3:D2:89:70:23:A1:27:F6:0B:A9:17:A5:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:91:2b:41:45:93:01:aa:23:b6:fc:54:d7:29:4c:e3:bc:e5:
         f8:0f:27:4f:54:ce:ca:3b:80:bf:ed:2a:7c:56:82:9e:98:23:
         9b:12:62:73:90:bd:dd:b2:94:09:53:3f:3a:8a:73:4c:b3:93:
         cd:ae:8e:29:18:fc:b1:5f:01:0b:fa:a9:65:a1:29:ca:d6:92:
         e1:90:08:f0:0c:51:5a:58:e0:55:6e:00:71:03:a0:42:a3:da:
         17:ff:90:68:19:8f:9b:45:a2:55:16:30:71:5f:66:c1:45:cb:
         31:05:48:da:2d:93:f8:68:5f:93:76:da:02:be:ea:61:19:39:
         9e:82:76:da:ac:19:44:6f:1c:d0:dc:45:d0:d6:06:8f:85:00:
         82:7b:ec:b7:c0:b3:9b:4a:d4:37:97:90:07:69:a4:39:d0:95:
         ac:59:66:d9:c8:29:27:33:f3:d6:83:26:46:e5:37:81:ab:d1:
         dd:19:86:f7:d7:a2:07:0d:d0:2d:fa:88:da:07:50:fc:92:fc:
         7e:7a:29:d7:10:19:35:59:b4:9f:0c:98:e6:f7:58:77:50:ec:
         74:85:54:2c:e1:b4:e4:e8:58:90:06:5f:3c:a4:8f:11:bc:fa:
         b0:b4:ce:ca:83:2b:f7:78:28:ad:81:bc:f4:c5:35:2e:01:b8:
         eb:79:4e:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WNL1aI81hSmF2kFigkk/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNzA1MzI2NjQzNDNjYjNkMjg5NzAyM2ExMjdmNjBiYTkx
N2E1ZGQwHhcNMjUxMDE5MTIwMTQzWhcNMjUxMDIwMTIwMTQzWjAzMTEwLwYDVQQD
EyhkZmIxZWU1ZGNiN2Y0MzVhN2ViNzkyNjQwYmQyNTg1OTMzZjVhYTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAva/O2TMRyUmzNy6LyZIPWfmwEsJd
NDm3CNPTUNXy2w0+kksaMgCwMkJVZ9bAoahHa89Xxcmy/h7Bclk/4H5ofXYA2cj9
N3vm5Ddi2Hqm+UYBrjsCXrEDVBL/0trG36v98BLw5KCUhagRpK4iUHyjPnF94aMv
D+69sd6pkyZbMzqPU9TkJI6xl2yeVJPPYGHeDgqxfvIBgtUO5DsKi+5FT66Bhy9d
Cvd85TMSA/VrirIIcFKyypX4mq77zFKNEKAeaLutPAQ/DCgjvPX12kB/EL6EEgDS
eToxjpCmmGRqLIBGmMYY3xg+GSOH3kNnNf97qtf7SP2l1R1/MZT1oVGT4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN+x7l3Lf0NafreSZAvSWFkz9aogMB8GA1UdIwQY
MBaAFC9wUyZkNDyz0olwI6En9gupF6XdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDNCVEptUTBQTFBTaVhBam9TZjJDNmtYcGQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC82YzU5YzAtZWNkOC00NzI3LWIxZGUt
MzE1YTc5ZjU5ZTE4LzEvTDNCVEptUTBQTFBTaVhBam9TZjJDNmtYcGQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC82YzU5YzAtZWNkOC00NzI3LWIxZGUtMzE1YTc5ZjU5ZTE4
LzEvTDNCVEptUTBQTFBTaVhBam9TZjJDNmtYcGQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVpErQUWT
AaojtvxU1ylM47zl+A8nT1TOyjuAv+0qfFaCnpgjmxJic5C93bKUCVM/OopzTLOT
za6OKRj8sV8BC/qpZaEpytaS4ZAI8AxRWljgVW4AcQOgQqPaF/+QaBmPm0WiVRYw
cV9mwUXLMQVI2i2T+Ghfk3baAr7qYRk5noJ22qwZRG8c0NxF0NYGj4UAgnvst8Cz
m0rUN5eQB2mkOdCVrFlm2cgpJzPz1oMmRuU3gavR3RmG99eiBw3QLfqI2gdQ/JL8
fnop1xAZNVm0nwyY5vdYd1DsdIVULOG05OhYkAZfPKSPEbz6sLTOyoMr93gorYG8
9MU1LgG463lOtQ==
-----END CERTIFICATE-----