Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft
File:                     sgzLpAbArQxb4AB22ZgLNIhWmoo.mft (raw, json)
Hash identifier:          WIXG51BQQGfBAzttuMCi8XL2MR/DG86TQ4bTIozqPw8=
Subject key identifier:   54:52:3F:E0:BC:61:F6:7A:52:CB:F3:85:D1:EC:49:F3:EF:83:68:41
Authority key identifier: B2:0C:CB:A4:06:C0:AD:0C:5B:E0:00:76:D9:98:0B:34:88:56:9A:8A
Certificate issuer:       /CN=b20ccba406c0ad0c5be00076d9980b3488569a8a
Certificate serial:       0199FDD9DC0E7174BC42188454FB7A4BB4D2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sgzLpAbArQxb4AB22ZgLNIhWmoo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft
Manifest number:          11C8
Signing time:             Sun 19 Oct 2025 19:02:17 +0000
Manifest this update:     Sun 19 Oct 2025 19:02:17 +0000
Manifest next update:     Mon 20 Oct 2025 19:02:17 +0000
Files and hashes:         1: sgzLpAbArQxb4AB22ZgLNIhWmoo.crl (hash: a6P/OO5xC9k3By22SrXwpoct85bWGrD6GZffAEd0m3E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sgzLpAbArQxb4AB22ZgLNIhWmoo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:dc:0e:71:74:bc:42:18:84:54:fb:7a:4b:b4:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b20ccba406c0ad0c5be00076d9980b3488569a8a
        Validity
            Not Before: Oct 19 19:02:17 2025 GMT
            Not After : Oct 20 19:02:17 2025 GMT
        Subject: CN=54523fe0bc61f67a52cbf385d1ec49f3ef836841
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:0c:08:22:63:e9:f2:a4:92:d2:bb:ad:9a:41:
                    ad:cd:0d:49:d6:8f:54:f4:12:48:51:07:ba:e2:9e:
                    96:26:a7:c8:d1:45:25:d9:33:7d:68:6a:80:a6:d0:
                    28:1f:a2:f6:31:a6:fb:d6:62:b2:72:e7:e6:99:a6:
                    98:c5:f9:bb:89:f7:1e:aa:53:0b:91:d7:a0:e1:08:
                    00:81:ee:44:d1:7c:ef:ef:0b:1d:ae:c5:ab:b6:3c:
                    1a:8a:ae:16:d4:8d:ec:e8:5a:ed:de:16:e3:9c:f4:
                    b1:d8:9f:f8:71:96:94:b8:7e:8c:e2:d1:f6:64:4c:
                    38:0f:38:2c:42:e2:84:fa:ed:84:9f:38:80:f5:11:
                    a1:48:44:b2:a2:57:fb:bb:69:b6:86:f0:c6:b9:2e:
                    a9:bb:50:95:f1:dd:2b:55:2e:dc:bf:c2:f7:96:9a:
                    ce:44:7a:2c:8c:81:1f:01:13:d0:94:8f:f2:e6:d5:
                    b8:b8:57:2c:21:d6:cd:96:05:c8:90:26:fb:77:bc:
                    ff:d6:63:2a:ec:88:7a:0c:ea:7c:c7:b5:8d:b0:c8:
                    bd:33:0e:6f:40:13:69:a2:b9:63:df:d3:d5:0c:70:
                    e3:d7:99:3f:11:59:4e:81:bc:f1:92:9c:f8:5f:6f:
                    6b:9e:a2:7a:02:48:08:63:1d:77:1a:fb:86:53:c7:
                    4e:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:52:3F:E0:BC:61:F6:7A:52:CB:F3:85:D1:EC:49:F3:EF:83:68:41
            X509v3 Authority Key Identifier:
                keyid:B2:0C:CB:A4:06:C0:AD:0C:5B:E0:00:76:D9:98:0B:34:88:56:9A:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sgzLpAbArQxb4AB22ZgLNIhWmoo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:11:42:e0:f0:2d:20:ed:69:41:40:69:b1:28:35:ce:15:1f:
         ba:fb:f2:81:c4:fb:0a:43:88:14:0b:b3:61:45:49:c9:ee:64:
         52:92:37:10:ce:dd:16:0e:47:83:d5:19:61:8b:28:fe:b2:aa:
         91:98:49:e5:08:37:e5:6a:52:db:4f:de:92:98:8a:0f:1a:d5:
         3b:ca:e9:ca:f4:bb:f1:27:68:13:72:a3:de:87:57:5c:d5:9f:
         3d:32:98:f2:21:9d:f7:f9:e8:ea:ab:84:68:87:38:ec:81:b6:
         f0:2a:97:fe:d3:59:04:38:8f:6e:3a:f5:2f:29:5a:e2:f0:4c:
         32:a5:a2:2a:c0:52:bd:31:26:73:99:69:31:ab:c1:5b:83:73:
         89:91:4c:33:06:a3:46:7f:a8:57:2b:e2:d1:b4:13:b2:5b:a8:
         5c:8c:31:9a:bb:80:29:f7:27:5c:08:67:5e:a7:2b:e2:b2:69:
         26:c2:65:1b:1f:04:67:a8:42:02:7b:a6:e0:a7:3e:ad:a3:1f:
         47:98:81:6e:e4:7a:41:0d:92:2f:98:61:38:04:cd:0f:10:c3:
         e3:a5:6d:5e:4f:65:cf:1b:7c:71:0e:62:c1:7f:9d:ab:5f:d6:
         7f:ae:e1:27:d5:79:de:18:7e:dc:3a:80:06:08:07:40:37:1a:
         e7:72:8b:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92dwOcXS8QhiEVPt6S7TSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMGNjYmE0MDZjMGFkMGM1YmUwMDA3NmQ5OTgwYjM0ODg1
NjlhOGEwHhcNMjUxMDE5MTkwMjE3WhcNMjUxMDIwMTkwMjE3WjAzMTEwLwYDVQQD
Eyg1NDUyM2ZlMGJjNjFmNjdhNTJjYmYzODVkMWVjNDlmM2VmODM2ODQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7QwIImPp8qSS0rutmkGtzQ1J1o9U
9BJIUQe64p6WJqfI0UUl2TN9aGqAptAoH6L2Mab71mKycufmmaaYxfm7ifceqlML
kdeg4QgAge5E0Xzv7wsdrsWrtjwaiq4W1I3s6Frt3hbjnPSx2J/4cZaUuH6M4tH2
ZEw4DzgsQuKE+u2EnziA9RGhSESyolf7u2m2hvDGuS6pu1CV8d0rVS7cv8L3lprO
RHosjIEfARPQlI/y5tW4uFcsIdbNlgXIkCb7d7z/1mMq7Ih6DOp8x7WNsMi9Mw5v
QBNporlj39PVDHDj15k/EVlOgbzxkpz4X29rnqJ6AkgIYx13GvuGU8dOGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFRSP+C8YfZ6UsvzhdHsSfPvg2hBMB8GA1UdIwQY
MBaAFLIMy6QGwK0MW+AAdtmYCzSIVpqKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2d6THBBYkFyUXhiNEFCMjJaZ0xOSWhXbW9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83NDNhNTAtZDdmNC00MmQxLWEwOWQt
N2NhOTNlY2IyMjM0LzEvc2d6THBBYkFyUXhiNEFCMjJaZ0xOSWhXbW9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83NDNhNTAtZDdmNC00MmQxLWEwOWQtN2NhOTNlY2IyMjM0
LzEvc2d6THBBYkFyUXhiNEFCMjJaZ0xOSWhXbW9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqBFC4PAt
IO1pQUBpsSg1zhUfuvvygcT7CkOIFAuzYUVJye5kUpI3EM7dFg5Hg9UZYYso/rKq
kZhJ5Qg35WpS20/ekpiKDxrVO8rpyvS78SdoE3Kj3odXXNWfPTKY8iGd9/no6quE
aIc47IG28CqX/tNZBDiPbjr1Lyla4vBMMqWiKsBSvTEmc5lpMavBW4NziZFMMwaj
Rn+oVyvi0bQTsluoXIwxmruAKfcnXAhnXqcr4rJpJsJlGx8EZ6hCAnum4Kc+raMf
R5iBbuR6QQ2SL5hhOATNDxDD46VtXk9lzxt8cQ5iwX+dq1/Wf67hJ9V53hh+3DqA
BggHQDca53KLtw==
-----END CERTIFICATE-----