Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
File:                     Lokc9xG_fhxC4ILWoviaBL7rldE.mft (raw, json)
Hash identifier:          2RALeHPWoVryYpwiddE5poF2uSkRZer8DOIGVJeNPZA=
Subject key identifier:   CB:72:FE:1C:84:98:F3:6E:8D:32:83:9F:AB:74:C4:0D:79:2D:1D:4F
Authority key identifier: 2E:89:1C:F7:11:BF:7E:1C:42:E0:82:D6:A2:F8:9A:04:BE:EB:95:D1
Certificate issuer:       /CN=2e891cf711bf7e1c42e082d6a2f89a04beeb95d1
Certificate serial:       0199FC58D77F016F2C000085D7136C1EF564
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
Manifest number:          02E6
Signing time:             Sun 19 Oct 2025 12:01:44 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:44 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:44 +0000
Files and hashes:         1: Lokc9xG_fhxC4ILWoviaBL7rldE.crl (hash: 4QGq/IJh71oRbUIqtjfldT6gwn3Y8snhjrIJtZyQdJI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:d7:7f:01:6f:2c:00:00:85:d7:13:6c:1e:f5:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e891cf711bf7e1c42e082d6a2f89a04beeb95d1
        Validity
            Not Before: Oct 19 12:01:44 2025 GMT
            Not After : Oct 20 12:01:44 2025 GMT
        Subject: CN=cb72fe1c8498f36e8d32839fab74c40d792d1d4f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:8b:da:9d:69:b8:00:56:be:d9:30:8d:ef:8d:
                    aa:06:4e:27:c4:6f:56:d5:10:65:ab:62:51:c1:94:
                    fc:1e:64:46:58:31:22:6d:88:5b:a2:46:f4:f0:16:
                    9d:be:47:ea:24:67:8c:26:c4:b8:df:d9:ce:f6:46:
                    ad:3a:c2:23:45:2e:8e:f8:cb:a1:37:76:17:e2:44:
                    84:9d:a3:e5:28:6a:16:da:bc:28:b0:7c:77:16:d1:
                    1d:ee:c6:f0:07:14:3b:a0:b3:72:0c:01:f6:3b:52:
                    f5:18:24:9d:dd:4d:2a:44:13:fa:c9:06:fe:bf:05:
                    4d:59:ab:09:2f:26:62:44:f0:de:c6:54:0b:1a:fb:
                    e1:73:0b:af:33:51:d7:1a:ff:2f:e7:79:ff:b7:35:
                    60:b0:a8:5d:e4:46:11:25:bf:97:67:68:30:d6:c5:
                    a0:c9:b3:e1:ca:f7:ee:ba:cb:89:81:8c:30:ea:94:
                    c1:10:60:cb:d0:b1:50:ea:34:8b:c0:66:9e:b7:16:
                    e2:35:a2:99:9a:8d:18:2b:41:4a:b4:4c:ed:32:c4:
                    5e:2b:3c:4b:24:1a:d4:02:85:ac:c4:20:99:fe:9a:
                    a1:bb:ee:2f:1a:d5:4d:f2:10:e3:e2:3b:1e:e7:6c:
                    ff:d1:53:eb:0a:c8:e4:19:09:d6:58:ee:4d:37:ad:
                    a3:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:72:FE:1C:84:98:F3:6E:8D:32:83:9F:AB:74:C4:0D:79:2D:1D:4F
            X509v3 Authority Key Identifier:
                keyid:2E:89:1C:F7:11:BF:7E:1C:42:E0:82:D6:A2:F8:9A:04:BE:EB:95:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:44:48:26:31:64:d0:17:cd:58:3a:dd:0b:37:01:f7:50:a9:
         94:96:5e:4a:0a:dc:da:ef:69:2b:7d:5c:73:a9:4f:36:ed:fa:
         d3:18:2d:ce:aa:7e:61:1c:9e:71:62:d0:e6:6f:bc:ba:17:27:
         50:b7:bd:6a:ba:14:e7:b9:cc:13:2c:6a:e9:95:a6:19:ae:48:
         9e:ea:57:c4:25:66:70:50:70:a9:77:f5:6f:c9:e3:91:70:98:
         b2:a6:4c:06:b7:47:5b:db:a8:b2:c0:7a:10:25:ce:52:b7:07:
         03:19:18:fb:83:a9:77:c0:4c:f0:bd:43:6b:c2:00:39:b0:83:
         38:69:92:f2:e9:af:7c:50:41:01:ef:df:20:06:5c:8c:66:d7:
         ab:51:66:94:4b:52:f4:36:d1:03:b9:29:39:b5:d4:6b:9d:21:
         5f:55:40:8c:62:2c:d9:2d:b0:e6:05:e2:b8:9e:d6:54:09:39:
         a2:2b:56:48:74:09:56:24:33:c4:dd:61:1b:0a:47:85:00:59:
         b5:d1:9c:67:9f:c1:80:7e:b1:b1:76:48:d1:52:0b:de:69:d8:
         61:bd:0a:c7:12:fc:35:36:c6:0e:4e:d1:96:05:24:c0:a3:7f:
         81:52:e6:73:bd:05:f0:0f:24:28:29:93:94:90:81:23:c9:9f:
         bd:cf:9d:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WNd/AW8sAACF1xNsHvVkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODkxY2Y3MTFiZjdlMWM0MmUwODJkNmEyZjg5YTA0YmVl
Yjk1ZDEwHhcNMjUxMDE5MTIwMTQ0WhcNMjUxMDIwMTIwMTQ0WjAzMTEwLwYDVQQD
EyhjYjcyZmUxYzg0OThmMzZlOGQzMjgzOWZhYjc0YzQwZDc5MmQxZDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApovanWm4AFa+2TCN742qBk4nxG9W
1RBlq2JRwZT8HmRGWDEibYhbokb08BadvkfqJGeMJsS439nO9katOsIjRS6O+Muh
N3YX4kSEnaPlKGoW2rwosHx3FtEd7sbwBxQ7oLNyDAH2O1L1GCSd3U0qRBP6yQb+
vwVNWasJLyZiRPDexlQLGvvhcwuvM1HXGv8v53n/tzVgsKhd5EYRJb+XZ2gw1sWg
ybPhyvfuusuJgYww6pTBEGDL0LFQ6jSLwGaetxbiNaKZmo0YK0FKtEztMsReKzxL
JBrUAoWsxCCZ/pqhu+4vGtVN8hDj4jse52z/0VPrCsjkGQnWWO5NN62jBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMty/hyEmPNujTKDn6t0xA15LR1PMB8GA1UdIwQY
MBaAFC6JHPcRv34cQuCC1qL4mgS+65XRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS81MGI1NTAtZjg1ZS00ODliLTg0NzMt
ZTAzNjUzODFiYjg1LzEvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS81MGI1NTAtZjg1ZS00ODliLTg0NzMtZTAzNjUzODFiYjg1
LzEvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQERIJjFk
0BfNWDrdCzcB91CplJZeSgrc2u9pK31cc6lPNu360xgtzqp+YRyecWLQ5m+8uhcn
ULe9aroU57nMEyxq6ZWmGa5InupXxCVmcFBwqXf1b8njkXCYsqZMBrdHW9uossB6
ECXOUrcHAxkY+4Opd8BM8L1Da8IAObCDOGmS8umvfFBBAe/fIAZcjGbXq1FmlEtS
9DbRA7kpObXUa50hX1VAjGIs2S2w5gXiuJ7WVAk5oitWSHQJViQzxN1hGwpHhQBZ
tdGcZ5/BgH6xsXZI0VIL3mnYYb0KxxL8NTbGDk7RlgUkwKN/gVLmc70F8A8kKCmT
lJCBI8mfvc+dlw==
-----END CERTIFICATE-----