Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft
File:                     pr640lzi1AsMuuWcEeKSvTcXDfo.mft (raw, json)
Hash identifier:          Rfc9S3ocMGtlXAmlfbo4z5pLKEQe77Wl052v2uFXXY0=
Subject key identifier:   D3:BF:5E:7D:48:BF:A3:7A:1A:74:95:73:4A:77:42:1A:45:67:23:05
Authority key identifier: A6:BE:B8:D2:5C:E2:D4:0B:0C:BA:E5:9C:11:E2:92:BD:37:17:0D:FA
Certificate issuer:       /CN=a6beb8d25ce2d40b0cbae59c11e292bd37170dfa
Certificate serial:       0199FCC678EDB0C51E57061BC939C7E2D10C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pr640lzi1AsMuuWcEeKSvTcXDfo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft
Manifest number:          10DA
Signing time:             Sun 19 Oct 2025 14:01:29 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:29 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:29 +0000
Files and hashes:         1: pr640lzi1AsMuuWcEeKSvTcXDfo.crl (hash: NV5KdkxzSBAFwAVEvYSYH/9wxceaENnLQfSk/Gi9DPQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pr640lzi1AsMuuWcEeKSvTcXDfo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:78:ed:b0:c5:1e:57:06:1b:c9:39:c7:e2:d1:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a6beb8d25ce2d40b0cbae59c11e292bd37170dfa
        Validity
            Not Before: Oct 19 14:01:29 2025 GMT
            Not After : Oct 20 14:01:29 2025 GMT
        Subject: CN=d3bf5e7d48bfa37a1a7495734a77421a45672305
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:8f:85:59:9a:5f:41:b6:cd:4a:d9:20:11:1d:
                    6e:0d:65:9d:a7:b1:a0:6e:5f:87:9a:13:7f:28:8a:
                    fe:64:0f:cc:51:a9:66:bb:ff:79:dc:8c:83:85:2d:
                    c3:6e:ca:e6:8e:9c:28:0e:63:82:75:c5:b5:97:f9:
                    0b:fe:50:07:7b:68:0b:c2:04:ba:24:02:9f:a9:bc:
                    eb:a6:6a:51:48:9e:f6:01:5b:1c:31:2e:96:29:13:
                    a5:18:b0:06:fd:9a:e1:5b:9a:4a:e6:f7:ce:95:2f:
                    d3:a0:22:25:3e:d8:5c:22:b4:27:db:96:a2:44:7d:
                    54:96:bb:6d:a8:f7:5b:fb:ff:c7:c6:8a:d8:8b:b4:
                    0a:87:82:bc:c9:e9:d7:46:d9:23:56:4d:6b:ab:1e:
                    47:3c:b1:b5:3e:16:55:cd:87:28:1b:cd:e6:90:04:
                    17:fa:4d:68:45:40:51:67:9c:3e:0f:af:54:72:0b:
                    48:bc:33:2d:a2:1e:87:54:47:af:f0:00:b6:2b:83:
                    65:e9:e0:f5:29:bb:62:a1:7b:00:45:03:66:14:c3:
                    7a:45:06:97:78:a8:ff:d8:71:b8:2a:69:d0:60:08:
                    cb:0d:f8:66:45:ba:1a:6d:4b:a4:e1:df:6b:8e:3f:
                    92:a0:04:a9:7f:6c:cd:2a:28:79:f1:da:32:96:b7:
                    c8:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:BF:5E:7D:48:BF:A3:7A:1A:74:95:73:4A:77:42:1A:45:67:23:05
            X509v3 Authority Key Identifier:
                keyid:A6:BE:B8:D2:5C:E2:D4:0B:0C:BA:E5:9C:11:E2:92:BD:37:17:0D:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pr640lzi1AsMuuWcEeKSvTcXDfo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:16:26:5f:c9:e8:dd:94:19:15:2d:c4:00:ec:6e:c0:70:cb:
         50:f4:87:1e:71:0b:b1:45:8e:79:51:23:61:1f:01:e4:1f:f1:
         95:e8:fa:c5:5b:e9:18:14:2f:51:80:d9:12:10:2e:25:56:f4:
         b5:cc:4b:1b:ed:a1:de:3c:0e:84:9a:31:4f:e4:9c:47:0f:22:
         38:49:e0:7c:30:87:fe:86:87:a4:3e:de:d0:9c:8b:f4:d0:22:
         6a:a5:38:c0:f8:fc:bd:03:ef:7e:8b:21:3c:a9:20:80:be:c0:
         34:ac:9a:88:3c:72:2d:a1:6f:e6:2f:7c:40:7c:02:88:41:9f:
         77:b8:42:ad:e9:5a:3e:4f:f7:b3:86:f5:e9:2b:a1:f3:2a:f3:
         a5:45:3b:aa:f4:05:bb:98:5c:83:ef:d8:0a:74:56:44:2e:b7:
         0d:9f:a2:31:92:08:fe:72:67:aa:3d:92:99:11:0b:28:b7:1b:
         da:a5:25:28:e2:67:17:20:9a:cb:00:95:a4:20:2f:64:8a:fa:
         f3:be:30:24:ae:f1:df:ce:50:72:a4:bd:b9:b3:0c:77:1d:9e:
         32:a3:7c:46:b8:1f:29:55:20:3d:76:30:93:48:9a:27:cf:6b:
         5c:db:04:eb:ba:c5:d2:46:60:e0:29:a7:61:1a:55:f2:23:f7:
         54:ba:4f:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xnjtsMUeVwYbyTnH4tEMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2YmViOGQyNWNlMmQ0MGIwY2JhZTU5YzExZTI5MmJkMzcx
NzBkZmEwHhcNMjUxMDE5MTQwMTI5WhcNMjUxMDIwMTQwMTI5WjAzMTEwLwYDVQQD
EyhkM2JmNWU3ZDQ4YmZhMzdhMWE3NDk1NzM0YTc3NDIxYTQ1NjcyMzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxY+FWZpfQbbNStkgER1uDWWdp7Gg
bl+HmhN/KIr+ZA/MUalmu/953IyDhS3DbsrmjpwoDmOCdcW1l/kL/lAHe2gLwgS6
JAKfqbzrpmpRSJ72AVscMS6WKROlGLAG/ZrhW5pK5vfOlS/ToCIlPthcIrQn25ai
RH1UlrttqPdb+//HxorYi7QKh4K8yenXRtkjVk1rqx5HPLG1PhZVzYcoG83mkAQX
+k1oRUBRZ5w+D69UcgtIvDMtoh6HVEev8AC2K4Nl6eD1KbtioXsARQNmFMN6RQaX
eKj/2HG4KmnQYAjLDfhmRboabUuk4d9rjj+SoASpf2zNKih58doylrfI1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNO/Xn1Iv6N6GnSVc0p3QhpFZyMFMB8GA1UdIwQY
MBaAFKa+uNJc4tQLDLrlnBHikr03Fw36MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHI2NDBsemkxQXNNdXVXY0VlS1N2VGNYRGZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS81NDI0ZDktNTM0OC00ZjZmLTkzOTAt
NDVhNDBhMjFiOGQzLzEvcHI2NDBsemkxQXNNdXVXY0VlS1N2VGNYRGZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS81NDI0ZDktNTM0OC00ZjZmLTkzOTAtNDVhNDBhMjFiOGQz
LzEvcHI2NDBsemkxQXNNdXVXY0VlS1N2VGNYRGZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQxYmX8no
3ZQZFS3EAOxuwHDLUPSHHnELsUWOeVEjYR8B5B/xlej6xVvpGBQvUYDZEhAuJVb0
tcxLG+2h3jwOhJoxT+ScRw8iOEngfDCH/oaHpD7e0JyL9NAiaqU4wPj8vQPvfosh
PKkggL7ANKyaiDxyLaFv5i98QHwCiEGfd7hCrelaPk/3s4b16Suh8yrzpUU7qvQF
u5hcg+/YCnRWRC63DZ+iMZII/nJnqj2SmRELKLcb2qUlKOJnFyCaywCVpCAvZIr6
874wJK7x385QcqS9ubMMdx2eMqN8RrgfKVUgPXYwk0iaJ89rXNsE67rF0kZg4Cmn
YRpV8iP3VLpPPw==
-----END CERTIFICATE-----