Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/1e0180-db3a-46a5-b31b-b599723fc053/1/LONOJrtlYwuGk29JaTU-18hplcg.mft
File:                     LONOJrtlYwuGk29JaTU-18hplcg.mft (raw, json)
Hash identifier:          by7TAyZJFaIBw9tO1DWrtZ80nVaYFzisdcbcU+l5Mag=
Subject key identifier:   06:68:C6:10:E8:AB:3B:38:62:F3:28:E3:B3:88:66:75:33:95:F1:35
Authority key identifier: 2C:E3:4E:26:BB:65:63:0B:86:93:6F:49:69:35:3E:D7:C8:69:95:C8
Certificate issuer:       /CN=2ce34e26bb65630b86936f4969353ed7c86995c8
Certificate serial:       019A7301C1FCFABBBF8812F2F86A85BE97FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LONOJrtlYwuGk29JaTU-18hplcg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/1e0180-db3a-46a5-b31b-b599723fc053/1/LONOJrtlYwuGk29JaTU-18hplcg.mft
Manifest number:          165A
Signing time:             Tue 11 Nov 2025 13:01:26 +0000
Manifest this update:     Tue 11 Nov 2025 13:01:26 +0000
Manifest next update:     Wed 12 Nov 2025 13:01:26 +0000
Files and hashes:         1: LONOJrtlYwuGk29JaTU-18hplcg.crl (hash: CJEjZqvvCUi2wAVvpmT7jqPEiQ4j9ufhSjzbbyL7q3I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/1e0180-db3a-46a5-b31b-b599723fc053/1/LONOJrtlYwuGk29JaTU-18hplcg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/1e0180-db3a-46a5-b31b-b599723fc053/1/LONOJrtlYwuGk29JaTU-18hplcg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LONOJrtlYwuGk29JaTU-18hplcg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:01:c1:fc:fa:bb:bf:88:12:f2:f8:6a:85:be:97:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ce34e26bb65630b86936f4969353ed7c86995c8
        Validity
            Not Before: Nov 11 13:01:26 2025 GMT
            Not After : Nov 12 13:01:26 2025 GMT
        Subject: CN=0668c610e8ab3b3862f328e3b38866753395f135
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:fb:0f:75:c6:f6:15:67:49:97:67:ac:f2:59:
                    85:92:3e:fe:67:32:e0:52:f1:c9:98:aa:02:6d:29:
                    b8:0e:8a:fc:c8:7f:f2:ba:b5:9b:41:0c:bd:8b:10:
                    45:9e:d8:2e:33:63:dc:47:58:2d:56:1c:b0:f4:c6:
                    ca:8d:3d:ce:da:5e:88:5b:a6:f7:98:98:68:53:d1:
                    58:3a:6d:9c:ac:61:c7:63:31:57:23:56:91:14:56:
                    69:1c:1e:d0:c0:ad:0a:5b:92:ac:58:b9:ca:7c:85:
                    cc:0f:22:02:bd:5c:a3:c2:2c:6e:22:bd:06:61:ab:
                    60:bb:3c:cf:be:1b:0b:1b:45:f6:f6:6c:fc:9f:43:
                    4f:b8:1b:e9:e5:d1:e7:a8:e2:2e:cf:ba:5d:ad:ad:
                    14:f2:60:93:d2:95:45:d8:09:df:64:b8:a4:51:df:
                    39:e0:04:87:6c:68:1c:f3:b4:0e:bf:48:44:40:cf:
                    9a:fd:3f:35:66:00:db:57:4c:14:64:e5:b5:5b:55:
                    c7:f1:ac:eb:d1:b8:09:77:28:1a:ec:86:7c:bf:15:
                    63:2c:ba:6b:5e:bb:93:f0:1a:f1:e2:20:6c:52:92:
                    a9:1e:f2:ec:c8:c9:30:1d:11:b1:53:81:41:ab:5c:
                    c6:f4:e7:4e:a0:c5:3f:4a:c4:4f:ed:27:fb:bf:c7:
                    ba:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:68:C6:10:E8:AB:3B:38:62:F3:28:E3:B3:88:66:75:33:95:F1:35
            X509v3 Authority Key Identifier:
                keyid:2C:E3:4E:26:BB:65:63:0B:86:93:6F:49:69:35:3E:D7:C8:69:95:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LONOJrtlYwuGk29JaTU-18hplcg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/1e0180-db3a-46a5-b31b-b599723fc053/1/LONOJrtlYwuGk29JaTU-18hplcg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/1e0180-db3a-46a5-b31b-b599723fc053/1/LONOJrtlYwuGk29JaTU-18hplcg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:56:39:04:fe:82:74:51:e2:b9:96:1b:3c:4c:c9:96:2f:f9:
         38:5f:26:cb:3a:5b:17:0e:1d:56:d3:9f:1e:ba:b1:e3:2a:58:
         55:55:d8:2c:a6:06:f2:61:f7:3b:04:38:da:50:48:1b:e9:16:
         ed:e0:a3:f9:f6:3a:13:09:70:10:72:09:84:3b:98:79:df:34:
         ba:02:8f:44:ab:08:cd:01:38:33:65:1a:73:35:f6:f8:e3:14:
         06:6a:c9:ee:45:77:8e:fa:37:9c:39:eb:6e:e1:11:f2:c8:f7:
         30:f5:78:74:e9:ee:5f:81:e4:0e:ef:c4:fb:81:56:08:95:89:
         72:7e:0d:6a:10:01:84:b8:74:1a:b4:c3:2d:bf:b1:d8:4b:4f:
         e5:a8:4d:22:16:cb:f8:99:f0:e3:af:51:fe:3f:07:53:a3:a5:
         04:ea:54:52:86:ae:43:b2:b3:22:29:81:cd:6e:f4:f0:43:a0:
         f3:03:1a:e8:cf:7c:e4:10:5c:7c:74:f7:49:6d:b2:84:ff:53:
         26:a8:0e:88:f4:8d:ba:28:cb:ba:2a:74:06:4c:87:10:1a:96:
         fd:11:d1:f6:ad:53:8b:c7:8f:c0:14:cd:69:28:66:4d:d8:a9:
         b6:40:2c:49:da:19:28:2c:39:ba:fe:6d:74:44:62:d1:68:4c:
         13:72:96:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAcH8+ru/iBLy+GqFvpf9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjZTM0ZTI2YmI2NTYzMGI4NjkzNmY0OTY5MzUzZWQ3Yzg2
OTk1YzgwHhcNMjUxMTExMTMwMTI2WhcNMjUxMTEyMTMwMTI2WjAzMTEwLwYDVQQD
EygwNjY4YzYxMGU4YWIzYjM4NjJmMzI4ZTNiMzg4NjY3NTMzOTVmMTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvsPdcb2FWdJl2es8lmFkj7+ZzLg
UvHJmKoCbSm4Dor8yH/yurWbQQy9ixBFntguM2PcR1gtVhyw9MbKjT3O2l6IW6b3
mJhoU9FYOm2crGHHYzFXI1aRFFZpHB7QwK0KW5KsWLnKfIXMDyICvVyjwixuIr0G
YatguzzPvhsLG0X29mz8n0NPuBvp5dHnqOIuz7pdra0U8mCT0pVF2AnfZLikUd85
4ASHbGgc87QOv0hEQM+a/T81ZgDbV0wUZOW1W1XH8azr0bgJdyga7IZ8vxVjLLpr
XruT8Brx4iBsUpKpHvLsyMkwHRGxU4FBq1zG9OdOoMU/SsRP7Sf7v8e6hQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAZoxhDoqzs4YvMo47OIZnUzlfE1MB8GA1UdIwQY
MBaAFCzjTia7ZWMLhpNvSWk1PtfIaZXIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTE9OT0pydGxZd3VHazI5SmFUVS0xOGhwbGNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8xZTAxODAtZGIzYS00NmE1LWIzMWIt
YjU5OTcyM2ZjMDUzLzEvTE9OT0pydGxZd3VHazI5SmFUVS0xOGhwbGNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8xZTAxODAtZGIzYS00NmE1LWIzMWItYjU5OTcyM2ZjMDUz
LzEvTE9OT0pydGxZd3VHazI5SmFUVS0xOGhwbGNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXlY5BP6C
dFHiuZYbPEzJli/5OF8myzpbFw4dVtOfHrqx4ypYVVXYLKYG8mH3OwQ42lBIG+kW
7eCj+fY6EwlwEHIJhDuYed80ugKPRKsIzQE4M2UaczX2+OMUBmrJ7kV3jvo3nDnr
buER8sj3MPV4dOnuX4HkDu/E+4FWCJWJcn4NahABhLh0GrTDLb+x2EtP5ahNIhbL
+Jnw469R/j8HU6OlBOpUUoauQ7KzIimBzW708EOg8wMa6M985BBcfHT3SW2yhP9T
JqgOiPSNuijLuip0BkyHEBqW/RHR9q1Ti8ePwBTNaShmTdiptkAsSdoZKCw5uv5t
dERi0WhME3KW0g==
-----END CERTIFICATE-----