Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft
File:                     lPO2Epw0Od376Q21BkyAZt6GSnI.mft (raw, json)
Hash identifier:          72iKI6de3/mNrytZnOnX7I7IiGJgBosa5236CIMCLGE=
Subject key identifier:   8E:99:3A:D7:C3:CD:D1:53:9B:E3:9B:B2:03:A5:CB:17:40:A6:4C:D2
Authority key identifier: 94:F3:B6:12:9C:34:39:DD:FB:E9:0D:B5:06:4C:80:66:DE:86:4A:72
Certificate issuer:       /CN=94f3b6129c3439ddfbe90db5064c8066de864a72
Certificate serial:       0198D5161A197999DD82391632336E54551E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft
Manifest number:          055D
Signing time:             Sat 23 Aug 2025 04:00:52 +0000
Manifest this update:     Sat 23 Aug 2025 04:00:52 +0000
Manifest next update:     Sun 24 Aug 2025 04:00:52 +0000
Files and hashes:         1: lPO2Epw0Od376Q21BkyAZt6GSnI.crl (hash: oAsH54Sb4hbzJBI8UB/uHeLzLSTn1SJ9KPIENHRZe4I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 04:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:16:1a:19:79:99:dd:82:39:16:32:33:6e:54:55:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94f3b6129c3439ddfbe90db5064c8066de864a72
        Validity
            Not Before: Aug 23 04:00:52 2025 GMT
            Not After : Aug 24 04:00:52 2025 GMT
        Subject: CN=8e993ad7c3cdd1539be39bb203a5cb1740a64cd2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:0a:6e:79:4e:a2:6d:a8:da:25:26:be:96:a9:
                    4c:21:5a:e9:13:f2:8f:84:a5:38:c6:19:a4:4e:af:
                    48:21:10:0b:a9:5f:1f:da:09:34:ef:b3:07:4e:aa:
                    47:48:a9:f3:ce:7b:49:13:6a:b6:2e:d3:31:07:1e:
                    25:cb:ae:e2:78:a5:8a:aa:17:7d:d3:95:fc:2f:b0:
                    08:6f:6b:dc:cd:78:22:99:c1:b3:7e:70:74:0c:61:
                    f5:fc:b5:a1:90:d6:10:40:c6:d9:9e:53:f2:a8:fa:
                    63:a9:d5:41:59:2e:5a:69:6b:aa:33:ef:c3:f6:af:
                    7f:e0:2d:9d:c7:c4:32:0d:e3:f1:08:c3:05:cc:8d:
                    8d:97:b6:12:df:db:36:46:9f:92:d9:83:53:b7:8b:
                    6b:94:8d:15:42:4f:f0:5a:ad:16:53:d0:d8:cb:f2:
                    06:4b:20:13:c5:c7:ec:50:f2:92:3c:3e:ba:af:c4:
                    a7:71:b1:c5:7b:53:af:56:75:42:28:a2:4f:3d:b4:
                    53:6e:41:4d:9b:0e:e3:02:da:71:64:c7:1a:15:cb:
                    cd:55:0e:5d:aa:e1:a2:81:82:0c:47:d6:42:a2:0d:
                    b9:13:da:c0:bd:ef:ec:a6:02:14:7f:1c:a1:02:1b:
                    1a:57:15:c2:0f:dd:86:de:76:35:20:b6:14:92:23:
                    57:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:99:3A:D7:C3:CD:D1:53:9B:E3:9B:B2:03:A5:CB:17:40:A6:4C:D2
            X509v3 Authority Key Identifier:
                keyid:94:F3:B6:12:9C:34:39:DD:FB:E9:0D:B5:06:4C:80:66:DE:86:4A:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:f5:8e:d5:38:52:11:98:e3:86:1d:95:91:ab:ce:6b:8d:c6:
         81:f3:5b:81:cc:44:17:5c:00:d8:15:83:a8:52:0c:5e:50:90:
         69:5a:cc:2d:a7:ad:08:c2:2e:16:84:80:34:f1:b4:d6:d5:44:
         f1:3a:12:56:43:e3:9b:65:4e:19:f7:e6:0b:67:1e:ff:d5:19:
         78:5a:a6:c0:30:d8:63:6b:8d:47:ce:4d:a0:85:09:7c:23:dc:
         5a:0e:6e:17:5b:de:d4:f8:0b:c9:9a:9f:33:1c:78:0b:d5:99:
         9e:1b:67:12:ab:d1:99:a4:99:78:cd:2b:1e:4b:bb:92:f3:68:
         95:53:3c:7d:1a:3d:60:9b:a2:e4:6c:16:08:ce:23:7f:ca:78:
         1c:24:dc:41:91:77:91:5f:9d:8b:e5:8e:a8:64:b8:2d:5f:20:
         ff:ce:d0:eb:45:aa:3a:dd:05:65:79:dc:bd:3c:60:e7:cb:40:
         59:43:c4:0d:4e:cc:ad:ee:3b:b9:74:b3:a4:b1:36:66:53:19:
         04:77:81:19:c1:d7:f0:f7:0a:61:f9:91:94:ae:fb:28:50:04:
         0a:52:9b:28:d6:ed:7b:fd:93:13:93:4c:b4:6c:75:d1:32:ab:
         4e:a2:d3:a7:a3:6d:db:ff:8d:37:8a:2f:f9:a8:29:1f:1e:c8:
         82:9f:f3:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFhoZeZndgjkWMjNuVFUeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZjNiNjEyOWMzNDM5ZGRmYmU5MGRiNTA2NGM4MDY2ZGU4
NjRhNzIwHhcNMjUwODIzMDQwMDUyWhcNMjUwODI0MDQwMDUyWjAzMTEwLwYDVQQD
Eyg4ZTk5M2FkN2MzY2RkMTUzOWJlMzliYjIwM2E1Y2IxNzQwYTY0Y2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQpueU6ibajaJSa+lqlMIVrpE/KP
hKU4xhmkTq9IIRALqV8f2gk077MHTqpHSKnzzntJE2q2LtMxBx4ly67ieKWKqhd9
05X8L7AIb2vczXgimcGzfnB0DGH1/LWhkNYQQMbZnlPyqPpjqdVBWS5aaWuqM+/D
9q9/4C2dx8QyDePxCMMFzI2Nl7YS39s2Rp+S2YNTt4trlI0VQk/wWq0WU9DYy/IG
SyATxcfsUPKSPD66r8SncbHFe1OvVnVCKKJPPbRTbkFNmw7jAtpxZMcaFcvNVQ5d
quGigYIMR9ZCog25E9rAve/spgIUfxyhAhsaVxXCD92G3nY1ILYUkiNXHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI6ZOtfDzdFTm+ObsgOlyxdApkzSMB8GA1UdIwQY
MBaAFJTzthKcNDnd++kNtQZMgGbehkpyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9kNDM1NzItYWQ5MS00NGFkLWFmYTEt
YjMzODJlNGFhN2MzLzEvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9kNDM1NzItYWQ5MS00NGFkLWFmYTEtYjMzODJlNGFhN2Mz
LzEvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhfWO1ThS
EZjjhh2VkavOa43GgfNbgcxEF1wA2BWDqFIMXlCQaVrMLaetCMIuFoSANPG01tVE
8ToSVkPjm2VOGffmC2ce/9UZeFqmwDDYY2uNR85NoIUJfCPcWg5uF1ve1PgLyZqf
Mxx4C9WZnhtnEqvRmaSZeM0rHku7kvNolVM8fRo9YJui5GwWCM4jf8p4HCTcQZF3
kV+di+WOqGS4LV8g/87Q60WqOt0FZXncvTxg58tAWUPEDU7Mre47uXSzpLE2ZlMZ
BHeBGcHX8PcKYfmRlK77KFAEClKbKNbte/2TE5NMtGx10TKrTqLTp6Nt2/+NN4ov
+agpHx7Igp/zQA==
-----END CERTIFICATE-----