Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/cd41ba-2ea7-474f-8941-5fdb3228fe1f/1/L5FDTuFsYTNOwnDfVox3oLXeBSo.mft
File:                     L5FDTuFsYTNOwnDfVox3oLXeBSo.mft (raw, json)
Hash identifier:          JTX6GB4EwGglBs6r9rLZKYOFtE9kitJtHcxjVZVjPkc=
Subject key identifier:   A0:71:43:96:0E:37:4A:72:35:87:38:52:5B:5F:99:9F:B2:92:89:9A
Authority key identifier: 2F:91:43:4E:E1:6C:61:33:4E:C2:70:DF:56:8C:77:A0:B5:DE:05:2A
Certificate issuer:       /CN=2f91434ee16c61334ec270df568c77a0b5de052a
Certificate serial:       0199FE46B81679045E631A2A34D2C4AD2118
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L5FDTuFsYTNOwnDfVox3oLXeBSo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/cd41ba-2ea7-474f-8941-5fdb3228fe1f/1/L5FDTuFsYTNOwnDfVox3oLXeBSo.mft
Manifest number:          0DC8
Signing time:             Sun 19 Oct 2025 21:01:11 +0000
Manifest this update:     Sun 19 Oct 2025 21:01:11 +0000
Manifest next update:     Mon 20 Oct 2025 21:01:11 +0000
Files and hashes:         1: L5FDTuFsYTNOwnDfVox3oLXeBSo.crl (hash: Zc2cgzvbKbjGP9D9TI5BGzA2hZ0cLprf2l33/nSAxmY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b6/cd41ba-2ea7-474f-8941-5fdb3228fe1f/1/L5FDTuFsYTNOwnDfVox3oLXeBSo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b6/cd41ba-2ea7-474f-8941-5fdb3228fe1f/1/L5FDTuFsYTNOwnDfVox3oLXeBSo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/L5FDTuFsYTNOwnDfVox3oLXeBSo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:46:b8:16:79:04:5e:63:1a:2a:34:d2:c4:ad:21:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f91434ee16c61334ec270df568c77a0b5de052a
        Validity
            Not Before: Oct 19 21:01:11 2025 GMT
            Not After : Oct 20 21:01:11 2025 GMT
        Subject: CN=a07143960e374a72358738525b5f999fb292899a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:40:b3:a1:40:f2:7a:69:ff:53:04:b7:fc:48:
                    28:ba:6d:c3:50:70:0b:8d:9d:2b:4b:2c:fe:f5:41:
                    34:1d:b1:25:f8:5a:ce:2e:c3:21:6b:95:47:fc:87:
                    01:5e:03:ff:b5:c3:96:e2:c2:e1:15:c1:71:c9:fc:
                    75:08:99:75:3f:62:4a:68:9c:79:be:40:30:01:62:
                    56:6d:f4:f5:a9:3a:9d:c2:c0:21:c5:c4:3e:a5:54:
                    11:56:91:92:c8:19:04:0d:ee:a7:44:b9:0b:94:d8:
                    85:cd:fc:af:c0:89:00:ee:15:c0:31:02:fb:da:4b:
                    a7:72:e4:0c:9e:fd:9f:d4:67:30:91:2e:56:31:2d:
                    56:a0:4a:c8:2b:20:02:ec:ed:34:e4:4f:70:d2:2e:
                    f2:77:20:06:a0:e6:4a:3a:d2:5e:64:26:db:80:cf:
                    1d:69:c7:8f:c6:20:ce:a6:d4:ca:55:5e:94:87:50:
                    45:29:ef:c8:39:60:60:d8:68:11:18:80:b9:5d:ea:
                    82:70:3a:50:8e:47:01:f8:fb:6a:11:ca:36:28:d7:
                    a9:6a:35:c3:05:5d:44:c0:d2:4d:70:5e:23:5d:67:
                    6c:49:c2:b7:c3:33:ad:ba:39:fc:7e:37:28:ac:3c:
                    7e:28:fa:1d:d4:4e:cb:a3:2c:8e:fc:eb:98:7e:09:
                    3d:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:71:43:96:0E:37:4A:72:35:87:38:52:5B:5F:99:9F:B2:92:89:9A
            X509v3 Authority Key Identifier:
                keyid:2F:91:43:4E:E1:6C:61:33:4E:C2:70:DF:56:8C:77:A0:B5:DE:05:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L5FDTuFsYTNOwnDfVox3oLXeBSo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/cd41ba-2ea7-474f-8941-5fdb3228fe1f/1/L5FDTuFsYTNOwnDfVox3oLXeBSo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/cd41ba-2ea7-474f-8941-5fdb3228fe1f/1/L5FDTuFsYTNOwnDfVox3oLXeBSo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:72:43:06:2b:a7:96:76:e5:63:e7:3c:8f:35:21:ea:a1:0f:
         2c:a9:2a:37:3e:c8:8f:10:4d:a9:97:61:92:ae:46:ac:d9:53:
         98:b3:7a:9c:e0:a7:55:02:a0:b8:92:c2:b2:ca:6f:9b:c7:f2:
         2e:ee:55:d8:1f:40:e8:c1:5e:07:02:7e:54:bb:1c:5d:24:19:
         be:27:f0:bc:3d:d1:a5:34:85:97:45:93:5f:4a:6f:e9:cd:04:
         77:1f:0e:c0:92:de:2b:5b:64:2c:ad:8e:f9:0b:33:ce:d1:c1:
         7c:2d:0e:ba:cc:94:44:e9:cd:6c:80:31:2f:4d:33:42:77:e6:
         58:ed:11:52:1b:cf:72:39:be:c0:b9:27:aa:65:ae:4f:ca:1b:
         7d:7b:32:b1:1f:76:76:c8:55:89:02:54:7c:12:06:b7:74:ea:
         23:fe:f1:fe:23:07:ef:7d:2f:1a:e6:1c:4f:db:e4:c0:32:25:
         62:fe:3e:cd:52:7f:5b:f9:c7:78:22:4f:2b:00:50:fa:06:83:
         a1:68:af:76:f1:d1:f0:8a:5e:9f:20:61:77:52:96:9a:9f:5c:
         72:4c:40:fb:c4:e2:bb:17:bf:e7:7b:7a:61:13:f2:b1:30:55:
         1a:5d:a4:6e:6d:e1:c3:12:ad:71:c3:26:5b:fe:86:cb:fa:fd:
         cd:1f:1c:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+RrgWeQReYxoqNNLErSEYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmOTE0MzRlZTE2YzYxMzM0ZWMyNzBkZjU2OGM3N2EwYjVk
ZTA1MmEwHhcNMjUxMDE5MjEwMTExWhcNMjUxMDIwMjEwMTExWjAzMTEwLwYDVQQD
EyhhMDcxNDM5NjBlMzc0YTcyMzU4NzM4NTI1YjVmOTk5ZmIyOTI4OTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUCzoUDyemn/UwS3/Egoum3DUHAL
jZ0rSyz+9UE0HbEl+FrOLsMha5VH/IcBXgP/tcOW4sLhFcFxyfx1CJl1P2JKaJx5
vkAwAWJWbfT1qTqdwsAhxcQ+pVQRVpGSyBkEDe6nRLkLlNiFzfyvwIkA7hXAMQL7
2kuncuQMnv2f1GcwkS5WMS1WoErIKyAC7O005E9w0i7ydyAGoOZKOtJeZCbbgM8d
acePxiDOptTKVV6Uh1BFKe/IOWBg2GgRGIC5XeqCcDpQjkcB+PtqEco2KNepajXD
BV1EwNJNcF4jXWdsScK3wzOtujn8fjcorDx+KPod1E7LoyyO/OuYfgk91QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKBxQ5YON0pyNYc4UltfmZ+ykomaMB8GA1UdIwQY
MBaAFC+RQ07hbGEzTsJw31aMd6C13gUqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDVGRFR1RnNZVE5Pd25EZlZveDNvTFhlQlNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9jZDQxYmEtMmVhNy00NzRmLTg5NDEt
NWZkYjMyMjhmZTFmLzEvTDVGRFR1RnNZVE5Pd25EZlZveDNvTFhlQlNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9jZDQxYmEtMmVhNy00NzRmLTg5NDEtNWZkYjMyMjhmZTFm
LzEvTDVGRFR1RnNZVE5Pd25EZlZveDNvTFhlQlNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtXJDBiun
lnblY+c8jzUh6qEPLKkqNz7IjxBNqZdhkq5GrNlTmLN6nOCnVQKguJLCsspvm8fy
Lu5V2B9A6MFeBwJ+VLscXSQZvifwvD3RpTSFl0WTX0pv6c0Edx8OwJLeK1tkLK2O
+QszztHBfC0OusyUROnNbIAxL00zQnfmWO0RUhvPcjm+wLknqmWuT8obfXsysR92
dshViQJUfBIGt3TqI/7x/iMH730vGuYcT9vkwDIlYv4+zVJ/W/nHeCJPKwBQ+gaD
oWivdvHR8IpenyBhd1KWmp9cckxA+8Tiuxe/53t6YRPysTBVGl2kbm3hwxKtccMm
W/6Gy/r9zR8czA==
-----END CERTIFICATE-----