Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft
File:                     lPO2Epw0Od376Q21BkyAZt6GSnI.mft (raw, json)
Hash identifier:          4JlrQAAROcQSNJvQVJXSFsp4g0/J0StxIMFS6DhW3Fc=
Subject key identifier:   2A:C0:3B:54:61:98:2E:00:8C:50:E1:FA:7B:9D:96:85:63:10:73:95
Authority key identifier: 94:F3:B6:12:9C:34:39:DD:FB:E9:0D:B5:06:4C:80:66:DE:86:4A:72
Certificate issuer:       /CN=94f3b6129c3439ddfbe90db5064c8066de864a72
Certificate serial:       0199FC58429F9379C45A65B0BD4083F2E258
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft
Manifest number:          05F6
Signing time:             Sun 19 Oct 2025 12:01:06 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:06 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:06 +0000
Files and hashes:         1: lPO2Epw0Od376Q21BkyAZt6GSnI.crl (hash: rtoCkFuHCmj9FEZU+avS3vjv1E5xgXHNhCqU/BFiL/A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:42:9f:93:79:c4:5a:65:b0:bd:40:83:f2:e2:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94f3b6129c3439ddfbe90db5064c8066de864a72
        Validity
            Not Before: Oct 19 12:01:06 2025 GMT
            Not After : Oct 20 12:01:06 2025 GMT
        Subject: CN=2ac03b5461982e008c50e1fa7b9d968563107395
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:70:89:b1:49:b1:ae:3a:ac:8f:3d:80:9d:98:
                    9f:b0:e1:88:ca:7a:8f:91:d8:7d:ae:68:88:b6:30:
                    fc:68:21:2d:46:6e:f4:01:c5:d2:27:ec:fa:e6:76:
                    d6:24:d4:e0:36:13:7f:cd:ad:98:f1:34:a5:40:6d:
                    fc:d1:1b:7f:45:fa:31:64:d3:ba:42:e1:f3:e9:49:
                    79:dd:f6:e2:57:3c:8d:8b:3a:7f:90:d0:39:9c:da:
                    11:72:14:5e:c3:86:46:61:23:ae:06:f3:8f:01:a6:
                    2d:ba:ec:dc:c9:ba:d1:22:67:bd:37:16:0b:0e:5b:
                    ce:5f:af:20:68:fc:c1:8c:be:4a:45:c9:5a:86:31:
                    e0:e4:bb:ed:30:9d:84:15:a4:ad:e5:18:2a:f5:46:
                    e5:c1:87:4d:26:f5:3b:9f:38:26:76:4f:86:f8:3a:
                    f2:0e:a3:ab:26:af:ac:74:1f:c5:29:92:ae:03:94:
                    70:e2:f3:bd:fb:4c:70:a7:a7:0d:c6:07:31:bd:cc:
                    10:07:c2:2a:ef:e3:1a:b0:6a:61:c2:3e:3d:d3:d4:
                    61:3b:5d:3a:13:75:88:3f:de:ca:3e:3b:77:c7:68:
                    8a:1c:45:86:fc:88:dc:7d:af:33:a7:76:ad:81:00:
                    75:5c:4e:c9:c6:22:92:15:17:2d:34:ca:b6:b7:85:
                    70:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:C0:3B:54:61:98:2E:00:8C:50:E1:FA:7B:9D:96:85:63:10:73:95
            X509v3 Authority Key Identifier:
                keyid:94:F3:B6:12:9C:34:39:DD:FB:E9:0D:B5:06:4C:80:66:DE:86:4A:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:a7:db:bd:c1:de:47:83:b9:73:2f:e6:dc:7e:ea:9c:67:f8:
         7b:fb:72:9d:a7:b2:1d:bd:ff:3c:e9:1c:54:16:1e:da:61:73:
         1b:83:7f:0c:3a:29:98:dd:38:1d:c7:9f:5e:79:d0:aa:41:1a:
         f8:ad:95:15:c2:b7:33:06:e6:c6:c2:04:14:db:98:b4:6c:88:
         61:cc:3b:ae:b0:ae:53:cc:6d:68:6b:4c:76:67:d3:4f:36:38:
         9d:54:6a:d3:2f:67:41:f4:bc:d9:47:d3:0b:c1:39:f7:d4:d2:
         1a:e6:ab:fa:d7:2e:15:5c:dd:a1:9a:85:39:a8:45:13:75:cc:
         d3:d7:0e:ca:a8:83:63:8c:35:e4:01:55:7f:52:ef:b4:15:d6:
         03:ce:9f:25:bd:25:49:1f:d0:c6:fb:f6:40:42:d6:4f:a7:e7:
         23:ea:75:81:4d:b1:03:d0:4f:e7:92:bb:9a:4f:74:2c:ca:78:
         72:c7:1e:4d:9c:02:0a:eb:74:39:6a:a1:5f:ce:71:cf:cb:38:
         f6:39:4d:07:42:29:de:74:b7:1c:6f:fd:22:d0:1d:72:6c:a0:
         a6:92:b5:eb:1c:e1:c7:f6:8c:5f:6a:0a:bb:ad:bd:89:40:b6:
         f7:ec:c1:77:c4:28:2e:56:c7:f7:48:55:11:02:ea:b8:27:11:
         d7:e7:32:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WEKfk3nEWmWwvUCD8uJYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZjNiNjEyOWMzNDM5ZGRmYmU5MGRiNTA2NGM4MDY2ZGU4
NjRhNzIwHhcNMjUxMDE5MTIwMTA2WhcNMjUxMDIwMTIwMTA2WjAzMTEwLwYDVQQD
EygyYWMwM2I1NDYxOTgyZTAwOGM1MGUxZmE3YjlkOTY4NTYzMTA3Mzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3CJsUmxrjqsjz2AnZifsOGIynqP
kdh9rmiItjD8aCEtRm70AcXSJ+z65nbWJNTgNhN/za2Y8TSlQG380Rt/RfoxZNO6
QuHz6Ul53fbiVzyNizp/kNA5nNoRchRew4ZGYSOuBvOPAaYtuuzcybrRIme9NxYL
DlvOX68gaPzBjL5KRclahjHg5LvtMJ2EFaSt5Rgq9UblwYdNJvU7nzgmdk+G+Dry
DqOrJq+sdB/FKZKuA5Rw4vO9+0xwp6cNxgcxvcwQB8Iq7+MasGphwj4909RhO106
E3WIP97KPjt3x2iKHEWG/Ijcfa8zp3atgQB1XE7JxiKSFRctNMq2t4Vw+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCrAO1RhmC4AjFDh+nudloVjEHOVMB8GA1UdIwQY
MBaAFJTzthKcNDnd++kNtQZMgGbehkpyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9kNDM1NzItYWQ5MS00NGFkLWFmYTEt
YjMzODJlNGFhN2MzLzEvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9kNDM1NzItYWQ5MS00NGFkLWFmYTEtYjMzODJlNGFhN2Mz
LzEvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoqfbvcHe
R4O5cy/m3H7qnGf4e/tynaeyHb3/POkcVBYe2mFzG4N/DDopmN04HcefXnnQqkEa
+K2VFcK3MwbmxsIEFNuYtGyIYcw7rrCuU8xtaGtMdmfTTzY4nVRq0y9nQfS82UfT
C8E599TSGuar+tcuFVzdoZqFOahFE3XM09cOyqiDY4w15AFVf1LvtBXWA86fJb0l
SR/Qxvv2QELWT6fnI+p1gU2xA9BP55K7mk90LMp4csceTZwCCut0OWqhX85xz8s4
9jlNB0Ip3nS3HG/9ItAdcmygppK16xzhx/aMX2oKu629iUC29+zBd8QoLlbH90hV
EQLquCcR1+cypA==
-----END CERTIFICATE-----