Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/dc9224-3cd7-437d-a1dc-e8c39cf66b3f/1/lPhZ34Ux35GpQAj0tJIKQSPrDws.mft
File:                     lPhZ34Ux35GpQAj0tJIKQSPrDws.mft (raw, json)
Hash identifier:          HAF+Q+9FFX5GnfrL0TjIyLTBNOPHsLb9QRLdISwloP8=
Subject key identifier:   3E:86:1F:04:18:0D:78:56:40:E0:9D:F5:BD:D7:A5:A6:49:8F:3F:32
Authority key identifier: 94:F8:59:DF:85:31:DF:91:A9:40:08:F4:B4:92:0A:41:23:EB:0F:0B
Certificate issuer:       /CN=94f859df8531df91a94008f4b4920a4123eb0f0b
Certificate serial:       0199FDD9CFCFC79C32E046E46E7FA1F73CD9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lPhZ34Ux35GpQAj0tJIKQSPrDws.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/dc9224-3cd7-437d-a1dc-e8c39cf66b3f/1/lPhZ34Ux35GpQAj0tJIKQSPrDws.mft
Manifest number:          156A
Signing time:             Sun 19 Oct 2025 19:02:14 +0000
Manifest this update:     Sun 19 Oct 2025 19:02:14 +0000
Manifest next update:     Mon 20 Oct 2025 19:02:14 +0000
Files and hashes:         1: lPhZ34Ux35GpQAj0tJIKQSPrDws.crl (hash: z/WjML9uALQa8HsnazN9hkEjkzR0E78We92o55VdM9k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/dc9224-3cd7-437d-a1dc-e8c39cf66b3f/1/lPhZ34Ux35GpQAj0tJIKQSPrDws.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/dc9224-3cd7-437d-a1dc-e8c39cf66b3f/1/lPhZ34Ux35GpQAj0tJIKQSPrDws.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lPhZ34Ux35GpQAj0tJIKQSPrDws.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 19:02:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:cf:cf:c7:9c:32:e0:46:e4:6e:7f:a1:f7:3c:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94f859df8531df91a94008f4b4920a4123eb0f0b
        Validity
            Not Before: Oct 19 19:02:14 2025 GMT
            Not After : Oct 20 19:02:14 2025 GMT
        Subject: CN=3e861f04180d785640e09df5bdd7a5a6498f3f32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:f1:c3:16:6d:5a:6a:96:cf:d7:d9:30:a2:f3:
                    fa:da:8d:c9:9e:82:9d:be:7e:2e:1b:5d:2a:23:86:
                    90:44:4d:36:21:1f:2c:4d:f2:12:29:a1:3d:b0:c4:
                    c0:9c:f9:89:27:e5:3e:42:cb:1e:69:24:91:df:42:
                    50:ee:65:d8:f1:56:92:14:cb:83:f5:84:bf:0b:64:
                    9b:f8:1d:26:44:24:b1:23:1a:2a:97:63:18:17:7e:
                    7b:93:0a:8e:90:6a:d7:d3:7c:e4:c3:38:ec:eb:5b:
                    43:68:f4:d9:de:09:01:81:02:5b:8c:be:e9:ac:dc:
                    fb:12:2c:9d:a9:e0:a4:16:c4:d2:3f:dc:98:fc:aa:
                    bb:f3:cf:64:82:bb:20:7b:6d:45:f8:7e:dd:3b:c6:
                    77:a8:44:88:bb:f2:f4:9a:b6:3b:b0:dd:e4:88:3b:
                    a9:f6:5f:67:3c:d7:a2:25:38:10:37:bd:ec:9a:bc:
                    a3:42:fb:88:cb:65:93:dc:6d:cb:c7:2a:9a:e4:13:
                    3c:d5:10:00:e5:5e:e7:c2:93:2d:3b:6b:a6:06:65:
                    05:d5:5a:15:fa:e5:46:91:50:db:3b:48:79:8f:23:
                    ef:63:aa:a6:88:5a:ed:b1:e4:65:0a:53:9d:4e:5c:
                    17:89:93:24:b9:00:26:38:29:f5:18:c2:95:78:04:
                    cb:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:86:1F:04:18:0D:78:56:40:E0:9D:F5:BD:D7:A5:A6:49:8F:3F:32
            X509v3 Authority Key Identifier:
                keyid:94:F8:59:DF:85:31:DF:91:A9:40:08:F4:B4:92:0A:41:23:EB:0F:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lPhZ34Ux35GpQAj0tJIKQSPrDws.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/dc9224-3cd7-437d-a1dc-e8c39cf66b3f/1/lPhZ34Ux35GpQAj0tJIKQSPrDws.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/dc9224-3cd7-437d-a1dc-e8c39cf66b3f/1/lPhZ34Ux35GpQAj0tJIKQSPrDws.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:20:7e:6e:b4:14:4d:95:6c:5d:f4:61:bb:4c:72:5d:7b:ec:
         97:c1:c8:5c:48:53:d2:a3:ee:ab:00:b3:80:16:7e:1a:ed:36:
         f9:b6:ce:13:c2:a0:76:34:96:4e:d8:9c:37:76:20:ce:ee:b4:
         19:0e:4b:23:45:2b:c3:7f:d1:66:82:b9:6d:1d:95:e8:4a:e7:
         69:46:e0:2a:d9:a0:bb:87:9c:57:d6:e6:1b:84:db:67:d2:4a:
         31:a8:a0:bd:37:fd:9e:77:b9:8e:24:6a:52:12:5d:e8:34:7f:
         9f:42:c7:16:e2:43:0c:fd:92:44:87:32:af:12:a6:8e:8f:d0:
         ed:79:b2:be:8d:4f:6e:3c:7f:e5:1d:f1:20:e6:d1:83:52:6a:
         06:11:1a:d4:a5:65:b3:41:2a:41:59:cf:c7:16:ee:8c:e8:8e:
         56:85:6c:5a:2d:db:dd:bc:70:26:e7:43:f1:85:5d:23:71:54:
         c6:33:63:dd:d2:4f:c4:a7:24:be:c6:73:03:fa:9b:9c:dc:09:
         4c:eb:eb:8e:8b:c5:5b:8f:13:7e:8f:98:67:b3:aa:f7:1d:47:
         aa:3d:d7:8e:05:67:46:10:2a:0a:ee:e5:a6:65:e8:cd:f2:9d:
         d0:ad:a8:97:45:c9:b5:e9:0c:30:b5:b9:0a:1f:8c:02:55:62:
         1a:b0:d2:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92c/Px5wy4Ebkbn+h9zzZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0Zjg1OWRmODUzMWRmOTFhOTQwMDhmNGI0OTIwYTQxMjNl
YjBmMGIwHhcNMjUxMDE5MTkwMjE0WhcNMjUxMDIwMTkwMjE0WjAzMTEwLwYDVQQD
EygzZTg2MWYwNDE4MGQ3ODU2NDBlMDlkZjViZGQ3YTVhNjQ5OGYzZjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvHDFm1aapbP19kwovP62o3JnoKd
vn4uG10qI4aQRE02IR8sTfISKaE9sMTAnPmJJ+U+QsseaSSR30JQ7mXY8VaSFMuD
9YS/C2Sb+B0mRCSxIxoql2MYF357kwqOkGrX03zkwzjs61tDaPTZ3gkBgQJbjL7p
rNz7EiydqeCkFsTSP9yY/Kq7889kgrsge21F+H7dO8Z3qESIu/L0mrY7sN3kiDup
9l9nPNeiJTgQN73smryjQvuIy2WT3G3Lxyqa5BM81RAA5V7nwpMtO2umBmUF1VoV
+uVGkVDbO0h5jyPvY6qmiFrtseRlClOdTlwXiZMkuQAmOCn1GMKVeATLNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD6GHwQYDXhWQOCd9b3XpaZJjz8yMB8GA1UdIwQY
MBaAFJT4Wd+FMd+RqUAI9LSSCkEj6w8LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFBoWjM0VXgzNUdwUUFqMHRKSUtRU1ByRHdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9kYzkyMjQtM2NkNy00MzdkLWExZGMt
ZThjMzljZjY2YjNmLzEvbFBoWjM0VXgzNUdwUUFqMHRKSUtRU1ByRHdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9kYzkyMjQtM2NkNy00MzdkLWExZGMtZThjMzljZjY2YjNm
LzEvbFBoWjM0VXgzNUdwUUFqMHRKSUtRU1ByRHdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWSB+brQU
TZVsXfRhu0xyXXvsl8HIXEhT0qPuqwCzgBZ+Gu02+bbOE8KgdjSWTticN3Ygzu60
GQ5LI0Urw3/RZoK5bR2V6ErnaUbgKtmgu4ecV9bmG4TbZ9JKMaigvTf9nne5jiRq
UhJd6DR/n0LHFuJDDP2SRIcyrxKmjo/Q7Xmyvo1Pbjx/5R3xIObRg1JqBhEa1KVl
s0EqQVnPxxbujOiOVoVsWi3b3bxwJudD8YVdI3FUxjNj3dJPxKckvsZzA/qbnNwJ
TOvrjovFW48Tfo+YZ7Oq9x1Hqj3XjgVnRhAqCu7lpmXozfKd0K2ol0XJtekMMLW5
Ch+MAlViGrDS9w==
-----END CERTIFICATE-----