Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft
File:                     LsJnz2xrO4jpahG_KemnOlWMXkA.mft (raw, json)
Hash identifier:          YZNwUH1l6dxI51ZdA57QRNA4jkJYirArOhy1g+E+Y/0=
Subject key identifier:   A1:9F:C6:6F:6E:99:2C:6C:E7:CB:8E:E0:D5:FD:89:A5:35:E9:FB:F6
Authority key identifier: 2E:C2:67:CF:6C:6B:3B:88:E9:6A:11:BF:29:E9:A7:3A:55:8C:5E:40
Certificate issuer:       /CN=2ec267cf6c6b3b88e96a11bf29e9a73a558c5e40
Certificate serial:       019A71EEB72C7C7FEF2C13A3EC03A7CF3DF9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LsJnz2xrO4jpahG_KemnOlWMXkA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft
Manifest number:          16AE
Signing time:             Tue 11 Nov 2025 08:01:01 +0000
Manifest this update:     Tue 11 Nov 2025 08:01:01 +0000
Manifest next update:     Wed 12 Nov 2025 08:01:01 +0000
Files and hashes:         1: LsJnz2xrO4jpahG_KemnOlWMXkA.crl (hash: x3yoIAfFZdru5GHif4NCKYNVJ4kWNg8un2gt3t+3kus=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LsJnz2xrO4jpahG_KemnOlWMXkA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 08:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:ee:b7:2c:7c:7f:ef:2c:13:a3:ec:03:a7:cf:3d:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ec267cf6c6b3b88e96a11bf29e9a73a558c5e40
        Validity
            Not Before: Nov 11 08:01:01 2025 GMT
            Not After : Nov 12 08:01:01 2025 GMT
        Subject: CN=a19fc66f6e992c6ce7cb8ee0d5fd89a535e9fbf6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:3d:51:da:4f:98:97:0c:4e:3b:3d:9f:7d:3b:
                    54:8c:73:e2:06:96:32:06:e2:95:00:fc:60:ff:de:
                    84:b2:60:78:0d:e6:e6:33:ee:11:78:c4:b9:3d:c3:
                    3d:5a:74:cc:03:ea:7a:e4:36:9a:60:db:63:40:18:
                    79:23:53:5b:1c:f0:60:b7:19:f6:e3:3c:32:f6:2e:
                    02:62:d8:87:cb:d4:3d:c2:7e:fb:5c:a5:8b:30:69:
                    bd:38:a8:4e:79:eb:39:0c:2f:a1:ba:db:d9:1d:0d:
                    64:42:bd:d0:4a:fe:dc:c6:c9:46:6a:8e:f2:7c:66:
                    87:83:03:58:16:ec:78:26:52:79:56:6d:9c:2d:bd:
                    43:9d:ac:c1:2e:e6:f6:5a:aa:22:f7:c4:67:fb:f1:
                    41:5f:64:a7:b2:78:d7:54:4a:e4:cb:c9:41:77:33:
                    e8:d9:40:5d:c3:b0:45:5f:d8:d9:03:ce:95:15:e0:
                    48:ce:c2:4b:bc:89:b8:d5:5f:b9:f0:18:62:1c:f7:
                    62:88:ab:d9:c6:18:1c:29:19:7f:fa:c2:b7:76:93:
                    8f:58:51:b1:ad:b8:03:9a:82:9b:24:19:6e:76:af:
                    5f:3d:3a:87:a4:6d:d9:d4:bc:02:c3:bc:61:59:c3:
                    3e:7e:01:2c:72:eb:47:37:b3:73:83:c6:ac:9c:88:
                    4e:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:9F:C6:6F:6E:99:2C:6C:E7:CB:8E:E0:D5:FD:89:A5:35:E9:FB:F6
            X509v3 Authority Key Identifier:
                keyid:2E:C2:67:CF:6C:6B:3B:88:E9:6A:11:BF:29:E9:A7:3A:55:8C:5E:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LsJnz2xrO4jpahG_KemnOlWMXkA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:e0:d1:5b:85:12:25:2b:c3:a6:55:bf:e2:78:30:8a:41:23:
         03:8a:31:d2:15:61:d3:d9:a3:28:43:de:98:33:00:42:a9:40:
         31:ba:7e:3d:0a:73:1d:e3:ed:a5:47:4e:70:e5:6e:66:91:3e:
         a9:e5:57:b8:a2:cc:42:da:4b:fd:71:92:0d:41:40:0c:03:32:
         48:09:26:e9:62:5b:49:39:fc:28:ce:50:59:8e:ee:e4:6d:9c:
         84:0d:00:0e:ec:9b:3d:db:3b:f9:f4:0f:dd:94:37:9c:56:fe:
         90:a5:ac:4a:67:fa:9a:a5:a0:86:4f:74:41:c8:32:4c:00:67:
         61:e5:5b:6a:ae:de:64:ff:20:6d:f9:e9:6b:ff:71:3d:c1:2f:
         54:32:6f:ad:c7:ce:6f:41:f7:cb:83:e1:b1:89:e2:ae:f5:1a:
         b3:44:20:f1:ad:4b:4c:4c:fd:98:7d:55:08:00:08:71:28:ee:
         a8:d8:b6:de:da:8a:d6:2e:89:63:e9:4a:de:93:98:c7:6d:c2:
         72:f5:05:c9:60:09:8b:31:91:99:4f:5f:bc:61:ea:15:df:ce:
         41:79:af:76:6a:24:50:b4:5a:9c:8f:82:db:47:c0:c8:16:82:
         90:7a:f8:93:35:28:78:5b:e3:35:b8:b5:14:3b:4b:26:83:b3:
         09:ed:47:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7rcsfH/vLBOj7AOnzz35MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlYzI2N2NmNmM2YjNiODhlOTZhMTFiZjI5ZTlhNzNhNTU4
YzVlNDAwHhcNMjUxMTExMDgwMTAxWhcNMjUxMTEyMDgwMTAxWjAzMTEwLwYDVQQD
EyhhMTlmYzY2ZjZlOTkyYzZjZTdjYjhlZTBkNWZkODlhNTM1ZTlmYmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoT1R2k+YlwxOOz2ffTtUjHPiBpYy
BuKVAPxg/96EsmB4DebmM+4ReMS5PcM9WnTMA+p65DaaYNtjQBh5I1NbHPBgtxn2
4zwy9i4CYtiHy9Q9wn77XKWLMGm9OKhOees5DC+hutvZHQ1kQr3QSv7cxslGao7y
fGaHgwNYFux4JlJ5Vm2cLb1DnazBLub2Wqoi98Rn+/FBX2SnsnjXVErky8lBdzPo
2UBdw7BFX9jZA86VFeBIzsJLvIm41V+58BhiHPdiiKvZxhgcKRl/+sK3dpOPWFGx
rbgDmoKbJBludq9fPTqHpG3Z1LwCw7xhWcM+fgEscutHN7Nzg8asnIhOowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKGfxm9umSxs58uO4NX9iaU16fv2MB8GA1UdIwQY
MBaAFC7CZ89sazuI6WoRvynppzpVjF5AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHNKbnoyeHJPNGpwYWhHX0tlbW5PbFdNWGtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9jZWEwMWItZWU5NC00YTAyLThkNjIt
MGRjMDFmYzg4MTQxLzEvTHNKbnoyeHJPNGpwYWhHX0tlbW5PbFdNWGtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9jZWEwMWItZWU5NC00YTAyLThkNjItMGRjMDFmYzg4MTQx
LzEvTHNKbnoyeHJPNGpwYWhHX0tlbW5PbFdNWGtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIeDRW4US
JSvDplW/4ngwikEjA4ox0hVh09mjKEPemDMAQqlAMbp+PQpzHePtpUdOcOVuZpE+
qeVXuKLMQtpL/XGSDUFADAMySAkm6WJbSTn8KM5QWY7u5G2chA0ADuybPds7+fQP
3ZQ3nFb+kKWsSmf6mqWghk90QcgyTABnYeVbaq7eZP8gbfnpa/9xPcEvVDJvrcfO
b0H3y4PhsYnirvUas0Qg8a1LTEz9mH1VCAAIcSjuqNi23tqK1i6JY+lK3pOYx23C
cvUFyWAJizGRmU9fvGHqFd/OQXmvdmokULRanI+C20fAyBaCkHr4kzUoeFvjNbi1
FDtLJoOzCe1H7w==
-----END CERTIFICATE-----