Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft
File:                     lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft (raw, json)
Hash identifier:          Yt8KJf/B7S0DQfBaGPc9oE9v2ds3bFKw3QO2JlFFUa0=
Subject key identifier:   C9:52:8B:29:0E:82:37:CF:73:D6:5D:D2:CC:78:BC:16:F5:13:4A:ED
Authority key identifier: 95:4C:F7:21:C0:8C:8E:9B:C5:24:2D:56:19:66:77:21:73:50:45:5C
Certificate issuer:       /CN=954cf721c08c8e9bc5242d56196677217350455c
Certificate serial:       0199FBEC140F9026E33B44E1038C39F47897
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft
Manifest number:          0701
Signing time:             Sun 19 Oct 2025 10:02:56 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:56 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:56 +0000
Files and hashes:         1: lUz3IcCMjpvFJC1WGWZ3IXNQRVw.crl (hash: kXa9dXOyw/0kW6Jq8OGGFzRzLbFGgdHknzF8f4d484w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:02:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ec:14:0f:90:26:e3:3b:44:e1:03:8c:39:f4:78:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=954cf721c08c8e9bc5242d56196677217350455c
        Validity
            Not Before: Oct 19 10:02:56 2025 GMT
            Not After : Oct 20 10:02:56 2025 GMT
        Subject: CN=c9528b290e8237cf73d65dd2cc78bc16f5134aed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:22:ef:d4:92:96:81:0e:51:c9:e6:4f:5d:9d:
                    0b:43:ec:66:2c:3b:f3:1e:df:47:08:05:92:48:45:
                    35:75:61:d4:0f:b3:b4:39:ba:db:ba:45:88:f2:51:
                    03:c1:4a:3c:d6:a7:38:da:b9:43:31:6a:66:29:2d:
                    bc:30:93:67:b5:01:f1:ea:73:0e:00:a8:8d:d2:ef:
                    4a:f0:0d:84:bc:77:c8:a6:52:da:df:43:9e:72:6e:
                    96:ef:60:01:85:94:60:c0:57:f7:03:a4:59:9c:31:
                    d6:7b:9e:d0:bb:56:a0:33:90:22:c6:20:26:78:07:
                    f8:5e:1c:a7:1d:c6:f4:94:5b:ae:3b:ca:97:34:33:
                    83:45:f1:b2:8f:af:ae:0f:c1:b3:35:6f:9d:58:e8:
                    ae:9b:3b:79:b7:40:4c:38:6c:40:4f:ba:80:13:f2:
                    0c:ea:8b:68:70:c8:21:d3:62:13:8e:30:7a:00:18:
                    58:5e:e8:c1:30:7f:17:9c:56:2d:b9:47:4d:03:38:
                    7a:b4:d4:48:b9:07:8a:7d:24:80:b2:74:aa:ad:4e:
                    83:6b:58:f6:ac:54:8d:29:e6:9e:ac:d8:a4:03:d6:
                    a7:0a:e8:b0:99:15:97:88:9a:0d:d8:2b:30:f7:96:
                    78:3b:e8:dc:cd:a4:75:b6:53:03:6d:40:8f:ad:8f:
                    f1:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:52:8B:29:0E:82:37:CF:73:D6:5D:D2:CC:78:BC:16:F5:13:4A:ED
            X509v3 Authority Key Identifier:
                keyid:95:4C:F7:21:C0:8C:8E:9B:C5:24:2D:56:19:66:77:21:73:50:45:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:4d:26:90:41:25:05:ba:ed:02:6d:b9:2e:a3:41:45:fc:02:
         62:cf:ad:c6:56:db:4b:cc:f4:cb:48:ae:ec:86:53:c3:dc:ea:
         b7:78:b1:35:d6:20:ae:c9:72:77:c3:bb:1d:f3:d0:9f:88:6d:
         d6:9f:c3:97:df:c0:ab:d6:ae:05:0c:43:0d:85:8f:7a:ae:f8:
         02:2a:c6:9c:d7:22:38:50:5d:ac:05:00:e4:5e:93:55:52:41:
         b2:78:74:f7:62:e9:75:69:70:21:32:2c:bc:1f:d1:d0:d9:7a:
         ee:87:c4:ae:07:95:c7:dc:05:3f:50:31:93:2a:f3:be:b8:4c:
         9f:ca:d3:0c:21:f8:50:36:a4:d5:7a:e0:ec:d2:f1:fc:c6:96:
         09:40:31:71:13:9d:65:f8:b9:9f:99:34:6f:cd:ca:9a:73:d8:
         33:b5:43:7b:55:7b:dd:ed:56:b6:a0:b3:2a:2a:6d:4c:25:57:
         c2:93:48:a8:1e:ba:cd:6c:d5:6c:54:0b:ca:f6:74:d8:e4:31:
         a3:20:60:ea:f4:43:44:be:8c:42:e3:28:8b:43:8a:84:2e:65:
         d5:e8:38:f1:42:cc:76:c1:8e:84:b3:e9:d9:50:74:b2:e5:05:
         67:09:25:94:02:1f:d0:12:44:c7:68:36:0a:fa:48:94:3a:ad:
         b6:ee:05:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn77BQPkCbjO0ThA4w59HiXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NGNmNzIxYzA4YzhlOWJjNTI0MmQ1NjE5NjY3NzIxNzM1
MDQ1NWMwHhcNMjUxMDE5MTAwMjU2WhcNMjUxMDIwMTAwMjU2WjAzMTEwLwYDVQQD
EyhjOTUyOGIyOTBlODIzN2NmNzNkNjVkZDJjYzc4YmMxNmY1MTM0YWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyLv1JKWgQ5RyeZPXZ0LQ+xmLDvz
Ht9HCAWSSEU1dWHUD7O0ObrbukWI8lEDwUo81qc42rlDMWpmKS28MJNntQHx6nMO
AKiN0u9K8A2EvHfIplLa30Oecm6W72ABhZRgwFf3A6RZnDHWe57Qu1agM5AixiAm
eAf4XhynHcb0lFuuO8qXNDODRfGyj6+uD8GzNW+dWOiumzt5t0BMOGxAT7qAE/IM
6otocMgh02ITjjB6ABhYXujBMH8XnFYtuUdNAzh6tNRIuQeKfSSAsnSqrU6Da1j2
rFSNKeaerNikA9anCuiwmRWXiJoN2Csw95Z4O+jczaR1tlMDbUCPrY/xPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMlSiykOgjfPc9Zd0sx4vBb1E0rtMB8GA1UdIwQY
MBaAFJVM9yHAjI6bxSQtVhlmdyFzUEVcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFV6M0ljQ01qcHZGSkMxV0dXWjNJWE5RUlZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8yODIzZGQtMjVhMS00NGEwLWJmYzEt
Y2JiZDA4YWQzZWMyLzEvbFV6M0ljQ01qcHZGSkMxV0dXWjNJWE5RUlZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8yODIzZGQtMjVhMS00NGEwLWJmYzEtY2JiZDA4YWQzZWMy
LzEvbFV6M0ljQ01qcHZGSkMxV0dXWjNJWE5RUlZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj00mkEEl
BbrtAm25LqNBRfwCYs+txlbbS8z0y0iu7IZTw9zqt3ixNdYgrslyd8O7HfPQn4ht
1p/Dl9/Aq9auBQxDDYWPeq74AirGnNciOFBdrAUA5F6TVVJBsnh092LpdWlwITIs
vB/R0Nl67ofErgeVx9wFP1AxkyrzvrhMn8rTDCH4UDak1Xrg7NLx/MaWCUAxcROd
Zfi5n5k0b83KmnPYM7VDe1V73e1WtqCzKiptTCVXwpNIqB66zWzVbFQLyvZ02OQx
oyBg6vRDRL6MQuMoi0OKhC5l1eg48ULMdsGOhLPp2VB0suUFZwkllAIf0BJEx2g2
CvpIlDqttu4FTg==
-----END CERTIFICATE-----