Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
File:                     2LlxoaILZPFCUYAfj0NKQHX36pE.mft (raw, json)
Hash identifier:          ccd0Uex7fLazu7W8qcn9g+HPRDkhzhCmbCJ45UoIa2E=
Subject key identifier:   AB:8B:7E:3F:DE:EC:03:F5:4B:E5:7C:69:5F:3A:8E:DE:25:D0:84:40
Authority key identifier: D8:B9:71:A1:A2:0B:64:F1:42:51:80:1F:8F:43:4A:40:75:F7:EA:91
Certificate issuer:       /CN=d8b971a1a20b64f14251801f8f434a4075f7ea91
Certificate serial:       0199FC21B65CFDC1B59B7E7FB1D633451E98
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
Manifest number:          0391
Signing time:             Sun 19 Oct 2025 11:01:31 +0000
Manifest this update:     Sun 19 Oct 2025 11:01:31 +0000
Manifest next update:     Mon 20 Oct 2025 11:01:31 +0000
Files and hashes:         1: 2LlxoaILZPFCUYAfj0NKQHX36pE.crl (hash: 1w9rFjGcbZPg8oq43vY0LuMkCLpVVTVcU1BNOsrq4eU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:21:b6:5c:fd:c1:b5:9b:7e:7f:b1:d6:33:45:1e:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8b971a1a20b64f14251801f8f434a4075f7ea91
        Validity
            Not Before: Oct 19 11:01:31 2025 GMT
            Not After : Oct 20 11:01:31 2025 GMT
        Subject: CN=ab8b7e3fdeec03f54be57c695f3a8ede25d08440
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:24:7b:80:13:54:4c:35:1e:7e:f4:55:ca:e6:
                    a5:c5:e7:5a:eb:10:5a:ca:d7:4d:fd:36:26:68:8b:
                    fb:88:cf:85:e2:e2:16:64:4c:3b:10:a8:b8:91:50:
                    cb:ab:ae:95:6c:1c:50:9b:00:13:34:fd:c2:ff:ec:
                    f9:db:63:59:64:5c:bc:f9:c8:b6:14:68:d9:9d:08:
                    2b:be:8c:25:bb:f2:73:0a:80:6f:c9:e1:f1:a7:6b:
                    01:23:8f:74:ba:ca:33:12:ed:3e:90:d9:c1:3b:7d:
                    bc:44:d8:ed:39:ca:38:2c:aa:9b:89:24:c3:d4:31:
                    a4:89:2e:81:8f:13:af:a7:4a:ff:e5:66:10:08:68:
                    ec:d0:0f:c1:3a:56:17:48:8a:79:d4:33:21:96:59:
                    26:62:d6:8a:4c:95:dd:0e:c4:aa:9c:f0:e9:f4:55:
                    95:9c:d4:b0:db:5b:2f:a0:96:43:62:7a:2e:e7:fc:
                    76:50:03:5f:f5:0f:6b:3c:f5:34:7b:62:ef:61:69:
                    80:8e:fe:8a:96:fb:3c:14:0b:df:7b:02:02:8a:db:
                    b3:8c:b7:11:98:a8:1d:73:67:96:1a:a6:6e:8a:40:
                    d3:4e:57:c3:1a:e6:da:16:d3:57:f4:29:f2:ad:60:
                    d5:e9:1e:3f:3a:f5:b1:ec:25:c2:73:b6:e9:a0:66:
                    74:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:8B:7E:3F:DE:EC:03:F5:4B:E5:7C:69:5F:3A:8E:DE:25:D0:84:40
            X509v3 Authority Key Identifier:
                keyid:D8:B9:71:A1:A2:0B:64:F1:42:51:80:1F:8F:43:4A:40:75:F7:EA:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:95:45:4a:75:fc:17:d9:b6:1f:d8:f8:be:bb:64:d0:d2:04:
         cd:71:3d:8a:b7:89:5d:e6:63:31:24:20:97:4d:66:ab:60:b8:
         b0:71:b2:49:01:7a:de:ab:a0:85:5d:3c:39:49:90:e7:18:11:
         a3:14:6c:ea:c3:95:cf:7a:53:39:aa:28:09:1e:d9:45:0f:69:
         21:26:ea:09:09:9e:5a:0a:5c:c8:97:8f:25:d0:0d:1d:30:1b:
         cc:84:d8:34:e1:dd:11:02:ab:4d:57:1f:b0:23:7d:9e:92:56:
         99:3a:7f:f4:29:18:e5:1b:22:3b:a7:15:5a:2b:06:71:db:6a:
         32:87:72:fc:c5:4c:58:88:be:1a:12:6e:e8:dd:08:24:0a:e9:
         c2:4b:93:a4:29:69:29:c7:fc:58:5a:b8:39:de:a1:64:e2:b8:
         39:9c:93:94:af:1d:4e:b3:d4:0a:b3:6e:33:71:a4:e8:d6:bc:
         38:d6:52:a3:06:d0:ca:f4:8e:58:ac:64:2d:2a:e1:01:96:1f:
         78:39:a7:58:ff:e7:7b:a6:fb:4b:ad:46:32:e0:3b:20:dd:b5:
         81:c0:21:80:a4:62:fb:43:a3:ca:80:b8:5f:b1:59:f7:40:71:
         7a:f7:fd:6a:ab:cd:e2:dd:27:41:91:6c:ce:c4:37:a0:96:5c:
         38:64:fc:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8IbZc/cG1m35/sdYzRR6YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4Yjk3MWExYTIwYjY0ZjE0MjUxODAxZjhmNDM0YTQwNzVm
N2VhOTEwHhcNMjUxMDE5MTEwMTMxWhcNMjUxMDIwMTEwMTMxWjAzMTEwLwYDVQQD
EyhhYjhiN2UzZmRlZWMwM2Y1NGJlNTdjNjk1ZjNhOGVkZTI1ZDA4NDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7iR7gBNUTDUefvRVyualxeda6xBa
ytdN/TYmaIv7iM+F4uIWZEw7EKi4kVDLq66VbBxQmwATNP3C/+z522NZZFy8+ci2
FGjZnQgrvowlu/JzCoBvyeHxp2sBI490usozEu0+kNnBO328RNjtOco4LKqbiSTD
1DGkiS6BjxOvp0r/5WYQCGjs0A/BOlYXSIp51DMhllkmYtaKTJXdDsSqnPDp9FWV
nNSw21svoJZDYnou5/x2UANf9Q9rPPU0e2LvYWmAjv6Klvs8FAvfewICituzjLcR
mKgdc2eWGqZuikDTTlfDGubaFtNX9CnyrWDV6R4/OvWx7CXCc7bpoGZ0wQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKuLfj/e7AP1S+V8aV86jt4l0IRAMB8GA1UdIwQY
MBaAFNi5caGiC2TxQlGAH49DSkB19+qRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85YmQ2NjktMmFiYi00OTliLWE5MWYt
NDQ0NWE0ZDc4NmQ0LzEvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85YmQ2NjktMmFiYi00OTliLWE5MWYtNDQ0NWE0ZDc4NmQ0
LzEvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArZVFSnX8
F9m2H9j4vrtk0NIEzXE9ireJXeZjMSQgl01mq2C4sHGySQF63qughV08OUmQ5xgR
oxRs6sOVz3pTOaooCR7ZRQ9pISbqCQmeWgpcyJePJdANHTAbzITYNOHdEQKrTVcf
sCN9npJWmTp/9CkY5RsiO6cVWisGcdtqMody/MVMWIi+GhJu6N0IJArpwkuTpClp
Kcf8WFq4Od6hZOK4OZyTlK8dTrPUCrNuM3Gk6Na8ONZSowbQyvSOWKxkLSrhAZYf
eDmnWP/ne6b7S61GMuA7IN21gcAhgKRi+0OjyoC4X7FZ90Bxevf9aqvN4t0nQZFs
zsQ3oJZcOGT8Tw==
-----END CERTIFICATE-----