Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.mft
File:                     PtWjaKny40iTSpFIiEVZQ2I_lus.mft (raw, json)
Hash identifier:          wJS7T4wG63AMoA20q+SFrnb++aRhiZ3hAikh4h6h1NA=
Subject key identifier:   88:ED:45:FF:0B:9B:72:B8:CB:0D:76:22:4E:2B:BB:F2:14:11:83:A8
Authority key identifier: 3E:D5:A3:68:A9:F2:E3:48:93:4A:91:48:88:45:59:43:62:3F:96:EB
Certificate issuer:       /CN=3ed5a368a9f2e348934a914888455943623f96eb
Certificate serial:       019A71B7EBD3F3F26CF263BFA6D5FA5CE18D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PtWjaKny40iTSpFIiEVZQ2I_lus.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.mft
Manifest number:          1302
Signing time:             Tue 11 Nov 2025 07:01:10 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:10 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:10 +0000
Files and hashes:         1: PtWjaKny40iTSpFIiEVZQ2I_lus.crl (hash: oLJgrfnSt0gQ1+aH7NSMzNPGwBWiYQGDf9u9CPQWTog=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PtWjaKny40iTSpFIiEVZQ2I_lus.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:eb:d3:f3:f2:6c:f2:63:bf:a6:d5:fa:5c:e1:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ed5a368a9f2e348934a914888455943623f96eb
        Validity
            Not Before: Nov 11 07:01:10 2025 GMT
            Not After : Nov 12 07:01:10 2025 GMT
        Subject: CN=88ed45ff0b9b72b8cb0d76224e2bbbf2141183a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:3a:79:ea:7b:35:86:f8:18:0f:f3:52:1f:8c:
                    d4:93:6d:4d:a0:8e:ea:29:8e:f6:41:ed:f7:3f:02:
                    0c:c0:10:3d:80:22:82:30:e3:17:01:58:07:2b:81:
                    87:a6:d2:45:b0:df:b9:a2:3b:bf:bc:7c:68:bc:86:
                    e3:fc:53:14:49:76:d6:1f:79:bd:08:ea:ef:4b:40:
                    61:5c:89:36:d6:61:4f:12:8e:18:19:89:a5:23:6d:
                    66:a1:5d:91:22:45:5d:26:65:7e:a0:09:6a:a3:ed:
                    ff:34:fa:1c:eb:f4:c3:a1:04:65:99:97:27:6a:da:
                    b8:8a:c1:b0:c4:f2:47:c8:62:c2:9d:03:7f:90:85:
                    1b:ad:f1:bd:ea:03:07:48:0c:59:c8:a5:74:84:26:
                    13:70:e0:39:da:ac:aa:3e:f7:5e:8f:58:4c:76:86:
                    62:06:b1:72:8b:64:49:3e:d5:11:54:5c:05:33:0e:
                    4d:17:59:f5:0d:32:d8:cb:93:76:75:94:9e:a0:f1:
                    c2:9b:cb:0d:21:e2:9e:87:40:73:de:59:81:b3:60:
                    79:ce:6d:d8:b6:0e:d7:a9:01:77:d2:18:3f:9a:be:
                    11:3a:64:20:02:d0:20:1b:78:bc:66:fd:32:c4:ea:
                    1c:c2:b5:68:a4:5d:44:b3:11:b4:80:2a:8e:13:c0:
                    4c:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:ED:45:FF:0B:9B:72:B8:CB:0D:76:22:4E:2B:BB:F2:14:11:83:A8
            X509v3 Authority Key Identifier:
                keyid:3E:D5:A3:68:A9:F2:E3:48:93:4A:91:48:88:45:59:43:62:3F:96:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PtWjaKny40iTSpFIiEVZQ2I_lus.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c3:05:47:a8:d4:09:f0:9c:60:49:41:88:c7:44:5f:b0:c0:b0:
         0d:35:08:e7:ff:3d:c0:25:d9:99:3f:29:9b:c6:51:d0:d5:ae:
         12:46:9b:be:b2:4a:f6:6b:f5:05:da:6d:7e:ba:13:3d:6e:87:
         0a:9c:90:7a:df:63:4c:d2:11:80:4d:7b:b1:b2:c8:1c:b4:d9:
         f1:dc:d3:d9:c0:62:cf:21:6c:98:8e:1c:ee:fa:7b:68:93:d9:
         3b:6a:30:bb:67:10:30:7a:b0:a5:60:12:52:da:cc:1d:bb:ef:
         d1:1e:37:4d:46:8a:2d:b2:49:18:07:35:ed:16:12:0c:5e:42:
         f6:a2:8a:d3:f5:01:d7:41:fe:5e:88:5d:ef:41:30:cf:a5:6c:
         c2:6b:35:97:87:f7:e9:8b:c9:9a:9a:05:83:d4:75:07:a4:3a:
         df:4e:b9:10:5a:34:59:14:51:03:15:5d:89:d6:72:a4:0c:eb:
         0d:36:86:c5:ed:ff:80:2e:ac:d4:eb:b9:65:10:e5:d1:f4:dd:
         2b:b1:fe:72:36:70:98:52:ef:85:fe:ee:72:7a:27:e7:bf:ba:
         93:f0:b8:87:15:84:17:03:8e:54:58:c5:e8:f9:46:e7:a1:9a:
         89:76:ef:c5:c8:81:f6:c6:6b:aa:97:da:e1:76:8c:ed:1b:a3:
         70:ae:ed:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt+vT8/Js8mO/ptX6XOGNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZDVhMzY4YTlmMmUzNDg5MzRhOTE0ODg4NDU1OTQzNjIz
Zjk2ZWIwHhcNMjUxMTExMDcwMTEwWhcNMjUxMTEyMDcwMTEwWjAzMTEwLwYDVQQD
Eyg4OGVkNDVmZjBiOWI3MmI4Y2IwZDc2MjI0ZTJiYmJmMjE0MTE4M2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDp56ns1hvgYD/NSH4zUk21NoI7q
KY72Qe33PwIMwBA9gCKCMOMXAVgHK4GHptJFsN+5oju/vHxovIbj/FMUSXbWH3m9
COrvS0BhXIk21mFPEo4YGYmlI21moV2RIkVdJmV+oAlqo+3/NPoc6/TDoQRlmZcn
atq4isGwxPJHyGLCnQN/kIUbrfG96gMHSAxZyKV0hCYTcOA52qyqPvdej1hMdoZi
BrFyi2RJPtURVFwFMw5NF1n1DTLYy5N2dZSeoPHCm8sNIeKeh0Bz3lmBs2B5zm3Y
tg7XqQF30hg/mr4ROmQgAtAgG3i8Zv0yxOocwrVopF1EsxG0gCqOE8BMTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIjtRf8Lm3K4yw12Ik4ru/IUEYOoMB8GA1UdIwQY
MBaAFD7Vo2ip8uNIk0qRSIhFWUNiP5brMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHRXamFLbnk0MGlUU3BGSWlFVlpRMklfbHVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84YzcwYzQtOTA2MC00ZmZjLThhZDMt
NmYwMTdlMWYxZWVkLzEvUHRXamFLbnk0MGlUU3BGSWlFVlpRMklfbHVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84YzcwYzQtOTA2MC00ZmZjLThhZDMtNmYwMTdlMWYxZWVk
LzEvUHRXamFLbnk0MGlUU3BGSWlFVlpRMklfbHVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwwVHqNQJ
8JxgSUGIx0RfsMCwDTUI5/89wCXZmT8pm8ZR0NWuEkabvrJK9mv1BdptfroTPW6H
CpyQet9jTNIRgE17sbLIHLTZ8dzT2cBizyFsmI4c7vp7aJPZO2owu2cQMHqwpWAS
UtrMHbvv0R43TUaKLbJJGAc17RYSDF5C9qKK0/UB10H+Xohd70Ewz6Vswms1l4f3
6YvJmpoFg9R1B6Q63065EFo0WRRRAxVdidZypAzrDTaGxe3/gC6s1Ou5ZRDl0fTd
K7H+cjZwmFLvhf7ucnon57+6k/C4hxWEFwOOVFjF6PlG56GaiXbvxciB9sZrqpfa
4XaM7RujcK7toA==
-----END CERTIFICATE-----