Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/6b0dc9-c1b9-4fae-acd9-6bff1c0e68ae/1/lkyqlAOgjTc7kLcQpW0-roE5T_A.mft
File:                     lkyqlAOgjTc7kLcQpW0-roE5T_A.mft (raw, json)
Hash identifier:          NzPsFpYo/A7LIrQpLalSrZqsXbzDv36Iy3WBdilel9s=
Subject key identifier:   C0:87:47:83:C3:B9:D3:EB:4C:46:6D:F3:CA:FB:1C:29:C2:13:C4:45
Authority key identifier: 96:4C:AA:94:03:A0:8D:37:3B:90:B7:10:A5:6D:3E:AE:81:39:4F:F0
Certificate issuer:       /CN=964caa9403a08d373b90b710a56d3eae81394ff0
Certificate serial:       0199FC591C92ABFEACBF7FD3AB87FB26538C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lkyqlAOgjTc7kLcQpW0-roE5T_A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/6b0dc9-c1b9-4fae-acd9-6bff1c0e68ae/1/lkyqlAOgjTc7kLcQpW0-roE5T_A.mft
Manifest number:          166F
Signing time:             Sun 19 Oct 2025 12:02:02 +0000
Manifest this update:     Sun 19 Oct 2025 12:02:02 +0000
Manifest next update:     Mon 20 Oct 2025 12:02:02 +0000
Files and hashes:         1: lkyqlAOgjTc7kLcQpW0-roE5T_A.crl (hash: NiY/aE5DKRbbxIYebOjFcE1i9YUBIdoMVKnMKLx67y0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/6b0dc9-c1b9-4fae-acd9-6bff1c0e68ae/1/lkyqlAOgjTc7kLcQpW0-roE5T_A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/6b0dc9-c1b9-4fae-acd9-6bff1c0e68ae/1/lkyqlAOgjTc7kLcQpW0-roE5T_A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lkyqlAOgjTc7kLcQpW0-roE5T_A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:59:1c:92:ab:fe:ac:bf:7f:d3:ab:87:fb:26:53:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=964caa9403a08d373b90b710a56d3eae81394ff0
        Validity
            Not Before: Oct 19 12:02:02 2025 GMT
            Not After : Oct 20 12:02:02 2025 GMT
        Subject: CN=c0874783c3b9d3eb4c466df3cafb1c29c213c445
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:bd:56:01:36:d6:a3:1b:10:57:9e:20:2e:c9:
                    4d:c8:b3:32:8c:6c:36:50:e7:38:78:b6:8e:0e:52:
                    44:a2:6a:f6:e5:e5:f9:b4:1c:3e:33:d7:15:67:0c:
                    c1:a8:52:57:e7:5e:6c:63:32:c3:ec:b9:36:c7:c2:
                    11:75:bb:ae:3a:60:f1:35:a5:db:10:9f:98:d1:a2:
                    ce:2f:61:93:5f:4e:7f:8e:74:1e:56:18:f2:06:8d:
                    ee:32:25:4d:e6:5c:69:75:25:6c:d8:dd:66:ed:3c:
                    a5:93:eb:12:e2:d1:08:b2:10:e6:9d:58:ac:3d:92:
                    d1:93:11:16:ad:42:1d:ed:34:2d:40:39:6d:24:64:
                    82:04:e4:3c:a1:dd:35:31:58:25:68:55:79:2b:0b:
                    70:db:44:6e:80:d5:34:19:9c:44:76:1c:0c:bd:14:
                    8d:18:87:b3:0c:38:4a:08:dc:c1:ee:4e:35:ca:47:
                    44:2a:0e:18:91:c4:5d:54:57:51:50:e5:58:71:4c:
                    bb:36:bd:e4:ae:9e:75:ac:5b:dc:ba:60:21:37:e6:
                    8d:dc:00:f9:f2:b9:b9:df:c8:b6:aa:26:2c:db:32:
                    86:db:6b:4b:33:82:38:cf:d8:2f:7c:78:9d:3f:cf:
                    cd:2e:f6:21:74:2a:01:44:5e:05:85:cb:7b:a2:6b:
                    91:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:87:47:83:C3:B9:D3:EB:4C:46:6D:F3:CA:FB:1C:29:C2:13:C4:45
            X509v3 Authority Key Identifier:
                keyid:96:4C:AA:94:03:A0:8D:37:3B:90:B7:10:A5:6D:3E:AE:81:39:4F:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lkyqlAOgjTc7kLcQpW0-roE5T_A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/6b0dc9-c1b9-4fae-acd9-6bff1c0e68ae/1/lkyqlAOgjTc7kLcQpW0-roE5T_A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/6b0dc9-c1b9-4fae-acd9-6bff1c0e68ae/1/lkyqlAOgjTc7kLcQpW0-roE5T_A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:8a:ad:8c:1c:d2:5e:87:ba:69:36:9a:6b:f4:28:a7:29:e2:
         bc:db:48:7a:ec:89:97:0d:7e:79:1a:ac:b5:65:36:84:aa:67:
         19:85:79:dc:2f:bf:3f:e2:a7:ad:4c:f9:ea:99:1f:a8:20:dc:
         e0:c9:21:c5:cb:39:dc:d4:f2:a2:db:e8:26:e5:0b:23:b1:d1:
         8f:e0:68:53:b6:15:d9:8f:11:59:5c:19:1f:e3:6f:49:01:37:
         c2:56:63:a0:ab:11:92:0b:55:b1:e3:92:ea:75:f9:b5:49:69:
         2e:e0:34:c0:0f:17:32:10:d7:2b:30:93:60:6a:0c:46:b3:69:
         83:2a:a5:df:9e:78:c8:d5:9c:a2:45:69:d1:51:10:03:e4:1c:
         af:ae:8e:f6:4a:8f:f3:21:29:04:f5:8e:db:c3:0c:45:e3:28:
         c8:8c:e8:6b:69:fa:f1:ab:5a:73:a8:95:94:96:cf:e2:8d:45:
         3e:9e:43:02:45:c2:7d:2c:43:89:4e:cf:eb:90:b5:da:57:11:
         7e:96:5f:70:1a:76:63:17:f7:a7:2f:30:67:de:04:c6:33:10:
         97:15:72:61:c3:73:0b:e2:03:e5:cd:83:27:5a:75:b2:04:f4:
         e1:4d:18:6b:02:9b:c5:cd:c3:07:24:03:1f:be:4b:97:d3:b7:
         f7:2c:56:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WRySq/6sv3/Tq4f7JlOMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2NGNhYTk0MDNhMDhkMzczYjkwYjcxMGE1NmQzZWFlODEz
OTRmZjAwHhcNMjUxMDE5MTIwMjAyWhcNMjUxMDIwMTIwMjAyWjAzMTEwLwYDVQQD
EyhjMDg3NDc4M2MzYjlkM2ViNGM0NjZkZjNjYWZiMWMyOWMyMTNjNDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArb1WATbWoxsQV54gLslNyLMyjGw2
UOc4eLaODlJEomr25eX5tBw+M9cVZwzBqFJX515sYzLD7Lk2x8IRdbuuOmDxNaXb
EJ+Y0aLOL2GTX05/jnQeVhjyBo3uMiVN5lxpdSVs2N1m7Tylk+sS4tEIshDmnVis
PZLRkxEWrUId7TQtQDltJGSCBOQ8od01MVglaFV5Kwtw20RugNU0GZxEdhwMvRSN
GIezDDhKCNzB7k41ykdEKg4YkcRdVFdRUOVYcUy7Nr3krp51rFvcumAhN+aN3AD5
8rm538i2qiYs2zKG22tLM4I4z9gvfHidP8/NLvYhdCoBRF4Fhct7omuR4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMCHR4PDudPrTEZt88r7HCnCE8RFMB8GA1UdIwQY
MBaAFJZMqpQDoI03O5C3EKVtPq6BOU/wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGt5cWxBT2dqVGM3a0xjUXBXMC1yb0U1VF9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS82YjBkYzktYzFiOS00ZmFlLWFjZDkt
NmJmZjFjMGU2OGFlLzEvbGt5cWxBT2dqVGM3a0xjUXBXMC1yb0U1VF9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS82YjBkYzktYzFiOS00ZmFlLWFjZDktNmJmZjFjMGU2OGFl
LzEvbGt5cWxBT2dqVGM3a0xjUXBXMC1yb0U1VF9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr4qtjBzS
Xoe6aTaaa/QopynivNtIeuyJlw1+eRqstWU2hKpnGYV53C+/P+KnrUz56pkfqCDc
4Mkhxcs53NTyotvoJuULI7HRj+BoU7YV2Y8RWVwZH+NvSQE3wlZjoKsRkgtVseOS
6nX5tUlpLuA0wA8XMhDXKzCTYGoMRrNpgyql3554yNWcokVp0VEQA+Qcr66O9kqP
8yEpBPWO28MMReMoyIzoa2n68atac6iVlJbP4o1FPp5DAkXCfSxDiU7P65C12lcR
fpZfcBp2Yxf3py8wZ94ExjMQlxVyYcNzC+ID5c2DJ1p1sgT04U0YawKbxc3DByQD
H75Ll9O39yxWXA==
-----END CERTIFICATE-----