Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/4ef629-12e2-4d99-9b4a-336623afe898/1/lM53iNLj_vf8ANXOEz19bcAPhik.mft
File:                     lM53iNLj_vf8ANXOEz19bcAPhik.mft (raw, json)
Hash identifier:          F0YyBTrsUsApztajbHGoCjgIOuNyF7f9XgFb2XfIuHM=
Subject key identifier:   D9:1F:8F:4D:AB:C1:43:DC:B8:0C:23:69:8F:2D:9E:E0:DF:12:4D:5B
Authority key identifier: 94:CE:77:88:D2:E3:FE:F7:FC:00:D5:CE:13:3D:7D:6D:C0:0F:86:29
Certificate issuer:       /CN=94ce7788d2e3fef7fc00d5ce133d7d6dc00f8629
Certificate serial:       0199FC58464924CA0D115FE1EDC35EB45A74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lM53iNLj_vf8ANXOEz19bcAPhik.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/96/4ef629-12e2-4d99-9b4a-336623afe898/1/lM53iNLj_vf8ANXOEz19bcAPhik.mft
Manifest number:          0E58
Signing time:             Sun 19 Oct 2025 12:01:07 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:07 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:07 +0000
Files and hashes:         1: lM53iNLj_vf8ANXOEz19bcAPhik.crl (hash: 7Rz/UV8t+cutP5PVu0pGxE0suDhKwXG+QfiaSiT9XjY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/96/4ef629-12e2-4d99-9b4a-336623afe898/1/lM53iNLj_vf8ANXOEz19bcAPhik.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/96/4ef629-12e2-4d99-9b4a-336623afe898/1/lM53iNLj_vf8ANXOEz19bcAPhik.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lM53iNLj_vf8ANXOEz19bcAPhik.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:46:49:24:ca:0d:11:5f:e1:ed:c3:5e:b4:5a:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94ce7788d2e3fef7fc00d5ce133d7d6dc00f8629
        Validity
            Not Before: Oct 19 12:01:07 2025 GMT
            Not After : Oct 20 12:01:07 2025 GMT
        Subject: CN=d91f8f4dabc143dcb80c23698f2d9ee0df124d5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:cd:dc:8e:2c:3d:22:00:a0:16:a3:b3:51:42:
                    7b:0a:0b:85:5b:e8:50:ed:20:ad:c2:49:1b:2c:8a:
                    0d:4c:fe:e2:54:b7:84:1e:f9:86:fc:e0:74:af:6b:
                    04:5b:7c:57:a5:32:05:29:25:23:24:1d:8a:97:73:
                    d7:35:f0:87:85:16:9b:f4:d6:33:bb:4b:7c:ae:d0:
                    3c:b9:dc:c1:bc:b2:ca:76:b6:2f:03:e3:c0:63:4a:
                    2e:6d:58:50:df:cc:73:14:e4:0a:77:6d:63:ef:0f:
                    94:98:c1:a6:d6:e5:5f:b5:95:63:1f:d1:59:94:cc:
                    08:d7:ba:3d:ad:dc:5c:f9:e4:7f:2f:69:4b:c5:3d:
                    d5:4c:a0:02:a0:a5:01:c9:a5:1b:71:86:6e:3d:bc:
                    5a:0a:1e:c9:5d:d6:71:29:54:b1:9c:ff:80:3f:79:
                    d1:39:87:c0:76:10:46:e6:e3:6f:75:96:aa:a3:53:
                    ce:ef:00:d8:6b:2c:e8:3b:b5:30:70:97:83:48:d7:
                    de:fd:02:cf:03:0c:b3:f3:4d:c6:80:dd:0f:b1:52:
                    0e:55:cd:0e:39:19:15:fb:fd:47:6f:94:e0:01:1f:
                    dc:05:b0:0d:94:7e:2f:59:74:d5:8f:86:e4:75:cb:
                    03:08:88:09:48:c7:49:c1:f5:2e:59:fe:86:70:16:
                    38:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:1F:8F:4D:AB:C1:43:DC:B8:0C:23:69:8F:2D:9E:E0:DF:12:4D:5B
            X509v3 Authority Key Identifier:
                keyid:94:CE:77:88:D2:E3:FE:F7:FC:00:D5:CE:13:3D:7D:6D:C0:0F:86:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lM53iNLj_vf8ANXOEz19bcAPhik.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/4ef629-12e2-4d99-9b4a-336623afe898/1/lM53iNLj_vf8ANXOEz19bcAPhik.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/96/4ef629-12e2-4d99-9b4a-336623afe898/1/lM53iNLj_vf8ANXOEz19bcAPhik.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:bf:4c:98:17:41:a4:60:3e:1a:5f:c2:5b:78:09:bd:5d:a3:
         31:cd:52:f4:e5:c5:1a:5f:4b:c1:66:d8:ce:cc:8e:ac:9d:34:
         bb:ce:fc:41:98:80:16:8a:ff:af:14:35:c0:72:c5:36:6c:29:
         f2:24:e0:24:05:45:30:26:74:85:36:40:52:24:44:74:36:c5:
         96:71:fa:54:ad:21:f7:58:da:6e:8e:33:78:5c:2a:e0:e8:d7:
         16:56:1d:10:e5:3f:2d:ed:37:ea:d4:18:fa:95:86:e2:1a:03:
         79:45:43:00:f0:71:b6:a9:d7:b2:54:c2:c8:14:ac:34:c3:28:
         ef:68:93:1f:b3:e8:54:5f:b4:0a:4f:48:7f:df:7d:13:a0:79:
         eb:e2:eb:5f:96:b2:e2:64:df:e0:13:36:b9:bf:b5:38:0f:8c:
         16:a5:f3:47:5a:87:fc:32:14:ee:84:37:b6:ff:15:c6:7a:ea:
         10:a4:c3:a2:a5:8a:c5:e2:3a:3e:49:43:82:f5:f4:99:fb:74:
         19:51:0a:0c:fa:28:12:a3:53:03:cb:66:d5:78:31:c8:3d:90:
         ab:0d:f9:02:e1:bc:4e:fd:37:e4:f6:49:88:85:cf:01:42:ef:
         80:27:c9:39:d1:5d:00:07:2f:84:69:01:02:4a:f5:c4:d1:f7:
         97:d7:4f:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WEZJJMoNEV/h7cNetFp0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0Y2U3Nzg4ZDJlM2ZlZjdmYzAwZDVjZTEzM2Q3ZDZkYzAw
Zjg2MjkwHhcNMjUxMDE5MTIwMTA3WhcNMjUxMDIwMTIwMTA3WjAzMTEwLwYDVQQD
EyhkOTFmOGY0ZGFiYzE0M2RjYjgwYzIzNjk4ZjJkOWVlMGRmMTI0ZDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu83cjiw9IgCgFqOzUUJ7CguFW+hQ
7SCtwkkbLIoNTP7iVLeEHvmG/OB0r2sEW3xXpTIFKSUjJB2Kl3PXNfCHhRab9NYz
u0t8rtA8udzBvLLKdrYvA+PAY0oubVhQ38xzFOQKd21j7w+UmMGm1uVftZVjH9FZ
lMwI17o9rdxc+eR/L2lLxT3VTKACoKUByaUbcYZuPbxaCh7JXdZxKVSxnP+AP3nR
OYfAdhBG5uNvdZaqo1PO7wDYayzoO7UwcJeDSNfe/QLPAwyz803GgN0PsVIOVc0O
ORkV+/1Hb5TgAR/cBbANlH4vWXTVj4bkdcsDCIgJSMdJwfUuWf6GcBY4RQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNkfj02rwUPcuAwjaY8tnuDfEk1bMB8GA1UdIwQY
MBaAFJTOd4jS4/73/ADVzhM9fW3AD4YpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE01M2lOTGpfdmY4QU5YT0V6MTliY0FQaGlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni80ZWY2MjktMTJlMi00ZDk5LTliNGEt
MzM2NjIzYWZlODk4LzEvbE01M2lOTGpfdmY4QU5YT0V6MTliY0FQaGlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni80ZWY2MjktMTJlMi00ZDk5LTliNGEtMzM2NjIzYWZlODk4
LzEvbE01M2lOTGpfdmY4QU5YT0V6MTliY0FQaGlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF79MmBdB
pGA+Gl/CW3gJvV2jMc1S9OXFGl9LwWbYzsyOrJ00u878QZiAFor/rxQ1wHLFNmwp
8iTgJAVFMCZ0hTZAUiREdDbFlnH6VK0h91jabo4zeFwq4OjXFlYdEOU/Le036tQY
+pWG4hoDeUVDAPBxtqnXslTCyBSsNMMo72iTH7PoVF+0Ck9If999E6B56+LrX5ay
4mTf4BM2ub+1OA+MFqXzR1qH/DIU7oQ3tv8VxnrqEKTDoqWKxeI6PklDgvX0mft0
GVEKDPooEqNTA8tm1XgxyD2Qqw35AuG8Tv035PZJiIXPAULvgCfJOdFdAAcvhGkB
Akr1xNH3l9dPDA==
-----END CERTIFICATE-----