Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft
File:                     RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft (raw, json)
Hash identifier:          HjgPAj6U+ovUaBKd1nDI7FA2Qh0284xMKc15L/tLang=
Subject key identifier:   F2:FB:C6:87:87:0F:19:17:27:53:AC:AE:C5:2B:22:C2:9B:5B:7B:79
Authority key identifier: 44:B1:4B:1B:30:69:F5:0C:6E:25:C8:A2:4A:FC:61:71:1D:59:85:83
Certificate issuer:       /CN=44b14b1b3069f50c6e25c8a24afc61711d598583
Certificate serial:       0199FE100406B5D381ED0E98ED2B9E6BD446
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RLFLGzBp9QxuJciiSvxhcR1ZhYM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft
Manifest number:          01A2
Signing time:             Sun 19 Oct 2025 20:01:26 +0000
Manifest this update:     Sun 19 Oct 2025 20:01:26 +0000
Manifest next update:     Mon 20 Oct 2025 20:01:26 +0000
Files and hashes:         1: RLFLGzBp9QxuJciiSvxhcR1ZhYM.crl (hash: crn2mBzqNC9dbz1weStWOiW5WLSFpXAcLOxUabqqbYM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RLFLGzBp9QxuJciiSvxhcR1ZhYM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:10:04:06:b5:d3:81:ed:0e:98:ed:2b:9e:6b:d4:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44b14b1b3069f50c6e25c8a24afc61711d598583
        Validity
            Not Before: Oct 19 20:01:26 2025 GMT
            Not After : Oct 20 20:01:26 2025 GMT
        Subject: CN=f2fbc687870f19172753acaec52b22c29b5b7b79
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:00:7c:c4:6d:08:b8:74:9c:da:64:74:79:9e:
                    dd:63:3a:3e:09:88:6d:3a:e7:25:f1:da:56:98:60:
                    d4:1b:9f:ad:38:a2:5d:6c:b7:04:8a:83:a3:b7:92:
                    03:43:d9:e1:d2:ad:48:12:38:f0:47:79:0b:7a:7d:
                    92:d7:95:be:54:6f:96:5d:c8:4d:d3:27:7f:2a:77:
                    5d:a0:e5:97:81:c2:88:aa:78:6f:b8:a6:d4:73:52:
                    6b:1f:06:24:a0:09:8d:39:70:b6:55:7b:bf:64:0b:
                    b6:ec:18:42:cd:e9:d2:a4:af:5d:3e:73:b9:81:2c:
                    d5:75:74:79:d5:88:a1:6d:af:5e:cf:2b:8a:78:63:
                    b8:15:be:d2:df:71:b3:44:8d:f9:11:cd:06:69:80:
                    31:d6:c2:09:77:79:a7:a8:d5:94:0a:9d:7d:13:72:
                    f5:13:04:4d:09:49:de:11:b0:02:dc:7c:e4:15:2a:
                    20:f1:b0:d4:27:60:d0:97:09:d7:ed:74:43:9d:dd:
                    40:f5:a9:1f:71:ae:05:48:26:cf:63:e1:a9:04:3e:
                    4f:b7:6b:e8:52:ca:c0:0d:70:e6:d4:41:7c:ca:b4:
                    65:ba:61:19:81:43:0d:49:a4:e7:5e:76:c9:6b:c6:
                    22:f1:54:6d:20:fc:14:b2:7b:eb:37:58:19:a0:37:
                    48:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:FB:C6:87:87:0F:19:17:27:53:AC:AE:C5:2B:22:C2:9B:5B:7B:79
            X509v3 Authority Key Identifier:
                keyid:44:B1:4B:1B:30:69:F5:0C:6E:25:C8:A2:4A:FC:61:71:1D:59:85:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RLFLGzBp9QxuJciiSvxhcR1ZhYM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:59:2c:f4:47:58:da:11:a5:2f:c3:6d:94:99:ce:46:03:9c:
         fa:cc:bb:7d:73:2a:b8:bb:22:26:0b:f4:c4:2f:86:bc:28:93:
         14:ef:f0:c2:c0:cf:dd:e5:9a:bb:ca:20:9a:d2:e7:91:a0:c9:
         81:4f:0f:7b:2b:b8:a0:7e:76:da:11:a8:5b:f6:02:44:a6:0e:
         92:8f:2b:75:11:f4:03:01:b3:c9:d0:ae:21:61:7f:20:94:19:
         4d:3e:70:fb:37:09:a3:00:2d:27:20:25:31:a1:36:b9:7a:02:
         e8:5a:d8:cf:a4:ce:8d:14:b6:43:be:96:af:e1:15:7e:e2:1d:
         1b:ed:38:33:69:2e:ad:10:4a:b2:5b:60:2a:2c:a2:ed:ef:f4:
         2c:58:b2:29:b1:f9:f9:2c:b6:6a:20:5c:8f:07:ca:df:96:86:
         d6:b7:1a:6b:28:e9:ee:03:4c:05:f5:20:4a:4f:ba:9c:7c:05:
         88:c8:e3:79:50:f8:7d:94:19:ee:19:4f:c5:fe:c2:eb:97:ca:
         cd:35:30:77:d5:78:cc:91:da:84:09:1b:fd:8d:15:48:c4:2c:
         10:71:a5:3d:58:ee:17:86:52:a2:9e:aa:5f:14:a8:ec:bd:63:
         e7:f4:47:27:60:22:0e:75:26:bd:d6:33:30:58:05:1e:48:98:
         07:f7:6c:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+EAQGtdOB7Q6Y7Suea9RGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YjE0YjFiMzA2OWY1MGM2ZTI1YzhhMjRhZmM2MTcxMWQ1
OTg1ODMwHhcNMjUxMDE5MjAwMTI2WhcNMjUxMDIwMjAwMTI2WjAzMTEwLwYDVQQD
EyhmMmZiYzY4Nzg3MGYxOTE3Mjc1M2FjYWVjNTJiMjJjMjliNWI3Yjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwB8xG0IuHSc2mR0eZ7dYzo+CYht
Oucl8dpWmGDUG5+tOKJdbLcEioOjt5IDQ9nh0q1IEjjwR3kLen2S15W+VG+WXchN
0yd/KnddoOWXgcKIqnhvuKbUc1JrHwYkoAmNOXC2VXu/ZAu27BhCzenSpK9dPnO5
gSzVdXR51Yihba9ezyuKeGO4Fb7S33GzRI35Ec0GaYAx1sIJd3mnqNWUCp19E3L1
EwRNCUneEbAC3HzkFSog8bDUJ2DQlwnX7XRDnd1A9akfca4FSCbPY+GpBD5Pt2vo
UsrADXDm1EF8yrRlumEZgUMNSaTnXnbJa8Yi8VRtIPwUsnvrN1gZoDdIsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPL7xoeHDxkXJ1OsrsUrIsKbW3t5MB8GA1UdIwQY
MBaAFESxSxswafUMbiXIokr8YXEdWYWDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkxGTEd6QnA5UXh1SmNpaVN2eGhjUjFaaFlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9jZmNhYzAtNjljMC00MGYzLTk3ZmYt
YWNkNDM0NTZhZDkyLzEvUkxGTEd6QnA5UXh1SmNpaVN2eGhjUjFaaFlNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9jZmNhYzAtNjljMC00MGYzLTk3ZmYtYWNkNDM0NTZhZDky
LzEvUkxGTEd6QnA5UXh1SmNpaVN2eGhjUjFaaFlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk1ks9EdY
2hGlL8NtlJnORgOc+sy7fXMquLsiJgv0xC+GvCiTFO/wwsDP3eWau8ogmtLnkaDJ
gU8Peyu4oH522hGoW/YCRKYOko8rdRH0AwGzydCuIWF/IJQZTT5w+zcJowAtJyAl
MaE2uXoC6FrYz6TOjRS2Q76Wr+EVfuIdG+04M2kurRBKsltgKiyi7e/0LFiyKbH5
+Sy2aiBcjwfK35aG1rcaayjp7gNMBfUgSk+6nHwFiMjjeVD4fZQZ7hlPxf7C65fK
zTUwd9V4zJHahAkb/Y0VSMQsEHGlPVjuF4ZSop6qXxSo7L1j5/RHJ2AiDnUmvdYz
MFgFHkiYB/dsNQ==
-----END CERTIFICATE-----