Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft
File:                     1lcpIU0Paz-lGho4A32rjeSOBVg.mft (raw, json)
Hash identifier:          vKGx5oahUicXkT5GPcgOrpCnIK3zzODU5VEpVTapAQg=
Subject key identifier:   C9:C6:8D:29:2B:06:EE:02:5C:6B:44:B1:B6:90:DD:D7:0E:28:74:97
Authority key identifier: D6:57:29:21:4D:0F:6B:3F:A5:1A:1A:38:03:7D:AB:8D:E4:8E:05:58
Certificate issuer:       /CN=d65729214d0f6b3fa51a1a38037dab8de48e0558
Certificate serial:       0199FE7DD78EDEBD9181EAE4DBCA13AFA0EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1lcpIU0Paz-lGho4A32rjeSOBVg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft
Manifest number:          0744
Signing time:             Sun 19 Oct 2025 22:01:23 +0000
Manifest this update:     Sun 19 Oct 2025 22:01:23 +0000
Manifest next update:     Mon 20 Oct 2025 22:01:23 +0000
Files and hashes:         1: 1lcpIU0Paz-lGho4A32rjeSOBVg.crl (hash: pxowTfy2QQ6doSVpCczo4GNUMP5vENHt/7G0oDQ4KzU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1lcpIU0Paz-lGho4A32rjeSOBVg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:7d:d7:8e:de:bd:91:81:ea:e4:db:ca:13:af:a0:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d65729214d0f6b3fa51a1a38037dab8de48e0558
        Validity
            Not Before: Oct 19 22:01:23 2025 GMT
            Not After : Oct 20 22:01:23 2025 GMT
        Subject: CN=c9c68d292b06ee025c6b44b1b690ddd70e287497
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:d3:6b:9a:7a:c6:61:26:82:17:f3:d3:c2:84:
                    f9:29:a0:a3:9d:09:4d:4c:87:9c:d0:4a:03:d8:ce:
                    01:c8:76:49:d1:74:5d:ce:05:3b:2b:b0:5a:e6:81:
                    e6:94:f0:47:f4:27:b2:ab:82:27:9a:90:af:8c:44:
                    83:8a:f6:e9:f3:07:c5:1c:c5:d6:4e:f6:8e:cd:d7:
                    07:ba:35:25:fc:d2:72:14:25:a8:c5:3d:00:45:06:
                    f8:bb:30:4a:2b:dd:8e:ac:cb:fc:a2:89:cf:b2:f0:
                    00:19:f0:b5:e7:35:69:ff:aa:ba:92:1d:2a:d4:35:
                    38:bc:a9:3d:b0:f8:5f:c0:70:fd:9c:c9:23:00:8e:
                    a3:af:38:e0:29:ff:ca:1f:88:44:2c:31:96:4a:c9:
                    4e:2f:b6:4a:f1:7f:44:ab:09:aa:e4:0c:da:2d:89:
                    88:5e:ab:1a:17:55:40:78:12:bd:9c:2a:41:51:d6:
                    c9:4d:0b:4f:13:ba:d5:9a:da:d8:38:e2:90:4c:60:
                    8a:8d:72:21:53:80:b3:b8:4f:fa:94:97:c1:db:30:
                    6c:fa:87:3b:f8:61:74:c5:3c:b5:cb:21:94:05:14:
                    0d:f0:21:06:a9:34:89:36:0d:b1:e5:68:cd:8e:a1:
                    48:d7:9c:1b:a9:50:29:02:90:31:52:69:63:2b:33:
                    d1:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:C6:8D:29:2B:06:EE:02:5C:6B:44:B1:B6:90:DD:D7:0E:28:74:97
            X509v3 Authority Key Identifier:
                keyid:D6:57:29:21:4D:0F:6B:3F:A5:1A:1A:38:03:7D:AB:8D:E4:8E:05:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1lcpIU0Paz-lGho4A32rjeSOBVg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:9b:b0:70:29:04:e5:f0:52:46:a1:08:90:83:68:9e:fc:d3:
         d9:2c:8e:da:fe:00:cc:38:50:a3:11:a5:1f:c9:c6:37:07:13:
         a6:eb:09:d2:89:06:07:58:38:76:ad:23:6f:98:d2:07:f8:ff:
         71:4a:7c:20:5f:c6:1c:79:fe:9e:fe:01:b5:ce:cf:ca:4c:31:
         db:d1:fb:70:bf:aa:a3:55:6e:51:82:bb:fb:41:3e:da:41:f9:
         d7:ce:d3:90:51:98:64:ae:f6:61:df:bf:bc:89:11:fb:63:d1:
         59:13:26:08:06:cd:96:19:b3:ea:08:ae:d9:c8:d9:fa:f3:a7:
         a7:46:70:66:9d:5d:56:7c:73:31:0d:4c:a8:a8:a8:bc:ff:0e:
         8f:cf:a9:08:1b:5a:50:b7:79:a5:3f:bf:70:e5:6e:59:31:4d:
         2b:d5:98:40:40:b0:54:ff:4a:a9:e4:96:2c:dc:e7:ac:53:6d:
         4f:ca:93:a7:7c:b7:31:4a:da:bf:aa:61:1c:be:1c:0f:72:03:
         b1:a5:7c:e9:17:0d:6b:56:be:5c:f6:e3:a4:74:28:0b:78:11:
         9e:85:18:61:70:33:bc:17:43:c2:67:22:fb:2b:b2:d5:b1:9a:
         2d:a8:15:95:c5:37:9e:39:19:2c:bf:fe:2f:22:8e:b3:26:0f:
         e7:98:03:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+fdeO3r2Rgerk28oTr6DqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2NTcyOTIxNGQwZjZiM2ZhNTFhMWEzODAzN2RhYjhkZTQ4
ZTA1NTgwHhcNMjUxMDE5MjIwMTIzWhcNMjUxMDIwMjIwMTIzWjAzMTEwLwYDVQQD
EyhjOWM2OGQyOTJiMDZlZTAyNWM2YjQ0YjFiNjkwZGRkNzBlMjg3NDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNNrmnrGYSaCF/PTwoT5KaCjnQlN
TIec0EoD2M4ByHZJ0XRdzgU7K7Ba5oHmlPBH9Ceyq4InmpCvjESDivbp8wfFHMXW
TvaOzdcHujUl/NJyFCWoxT0ARQb4uzBKK92OrMv8oonPsvAAGfC15zVp/6q6kh0q
1DU4vKk9sPhfwHD9nMkjAI6jrzjgKf/KH4hELDGWSslOL7ZK8X9Eqwmq5AzaLYmI
XqsaF1VAeBK9nCpBUdbJTQtPE7rVmtrYOOKQTGCKjXIhU4CzuE/6lJfB2zBs+oc7
+GF0xTy1yyGUBRQN8CEGqTSJNg2x5WjNjqFI15wbqVApApAxUmljKzPR8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMnGjSkrBu4CXGtEsbaQ3dcOKHSXMB8GA1UdIwQY
MBaAFNZXKSFND2s/pRoaOAN9q43kjgVYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWxjcElVMFBhei1sR2hvNEEzMnJqZVNPQlZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8wODViZDMtYzM0Zi00OGNmLTlhNzMt
ZWM0M2ZkNmMyMjdhLzEvMWxjcElVMFBhei1sR2hvNEEzMnJqZVNPQlZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8wODViZDMtYzM0Zi00OGNmLTlhNzMtZWM0M2ZkNmMyMjdh
LzEvMWxjcElVMFBhei1sR2hvNEEzMnJqZVNPQlZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASZuwcCkE
5fBSRqEIkINonvzT2SyO2v4AzDhQoxGlH8nGNwcTpusJ0okGB1g4dq0jb5jSB/j/
cUp8IF/GHHn+nv4Btc7Pykwx29H7cL+qo1VuUYK7+0E+2kH5187TkFGYZK72Yd+/
vIkR+2PRWRMmCAbNlhmz6giu2cjZ+vOnp0ZwZp1dVnxzMQ1MqKiovP8Oj8+pCBta
ULd5pT+/cOVuWTFNK9WYQECwVP9KqeSWLNznrFNtT8qTp3y3MUrav6phHL4cD3ID
saV86RcNa1a+XPbjpHQoC3gRnoUYYXAzvBdDwmci+yuy1bGaLagVlcU3njkZLL/+
LyKOsyYP55gDfQ==
-----END CERTIFICATE-----