Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/bb5912-17c7-4607-9472-e2152edf9f9c/1/L8tesBINBwkLEmJWxFo1KC1awKw.mft
File:                     L8tesBINBwkLEmJWxFo1KC1awKw.mft (raw, json)
Hash identifier:          cmxaRtCfQvNPA8/Dy76YzLietLFEBFrA7J4eQ6UiKmg=
Subject key identifier:   BC:16:E8:71:B2:11:7B:ED:1A:C8:0D:86:60:07:42:3F:FB:EC:3D:F7
Authority key identifier: 2F:CB:5E:B0:12:0D:07:09:0B:12:62:56:C4:5A:35:28:2D:5A:C0:AC
Certificate issuer:       /CN=2fcb5eb0120d07090b126256c45a35282d5ac0ac
Certificate serial:       019A71B84960DC2B3A997FBC1CE0F90456F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L8tesBINBwkLEmJWxFo1KC1awKw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/bb5912-17c7-4607-9472-e2152edf9f9c/1/L8tesBINBwkLEmJWxFo1KC1awKw.mft
Manifest number:          01D3
Signing time:             Tue 11 Nov 2025 07:01:34 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:34 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:34 +0000
Files and hashes:         1: L8tesBINBwkLEmJWxFo1KC1awKw.crl (hash: GhL9FUKAAOJqwnXl4wvrqKltIv8rKv8khxc9643wW74=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/bb5912-17c7-4607-9472-e2152edf9f9c/1/L8tesBINBwkLEmJWxFo1KC1awKw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/bb5912-17c7-4607-9472-e2152edf9f9c/1/L8tesBINBwkLEmJWxFo1KC1awKw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/L8tesBINBwkLEmJWxFo1KC1awKw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:49:60:dc:2b:3a:99:7f:bc:1c:e0:f9:04:56:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2fcb5eb0120d07090b126256c45a35282d5ac0ac
        Validity
            Not Before: Nov 11 07:01:34 2025 GMT
            Not After : Nov 12 07:01:34 2025 GMT
        Subject: CN=bc16e871b2117bed1ac80d866007423ffbec3df7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:ba:2a:0b:a0:e0:c6:94:14:8f:f7:2b:80:22:
                    93:4f:02:42:fe:93:b1:82:9f:7a:7e:93:94:3e:1f:
                    18:13:b7:cf:32:e9:8b:37:0b:ff:90:30:c2:47:5a:
                    07:39:44:38:2c:77:bb:f6:0d:c4:c0:e9:9a:b7:ed:
                    81:cb:da:20:da:c4:40:cb:3b:3e:cc:5d:c3:90:b8:
                    db:ea:4e:71:59:e8:54:86:c3:e2:70:e3:de:07:59:
                    c3:78:a6:8a:3d:60:a9:4b:d5:29:de:b3:4d:12:30:
                    32:c0:92:9c:e1:1d:e1:d6:37:34:31:23:b2:af:a6:
                    84:ea:10:fe:9c:5a:04:c2:aa:ea:a3:82:4b:8c:13:
                    99:33:7a:5b:9f:26:04:0d:d9:3b:72:52:7c:0b:b5:
                    90:35:c0:24:c1:ee:b4:8f:5a:e5:3d:3c:ce:a1:4f:
                    ac:eb:82:f2:bb:2c:32:81:66:2e:38:3c:61:ca:fb:
                    44:a8:c4:2d:50:d1:00:6b:69:da:b6:f0:9b:19:47:
                    bd:34:59:bb:95:1a:03:c8:71:7b:01:06:88:57:f7:
                    49:19:bf:cf:5a:32:a2:d4:c9:92:ad:2b:7a:6f:8c:
                    72:db:0a:1f:12:ed:83:48:39:e6:6d:a5:61:b3:9e:
                    87:f7:b7:0e:5e:6a:bb:2c:b3:27:2a:1c:ad:92:12:
                    f6:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:16:E8:71:B2:11:7B:ED:1A:C8:0D:86:60:07:42:3F:FB:EC:3D:F7
            X509v3 Authority Key Identifier:
                keyid:2F:CB:5E:B0:12:0D:07:09:0B:12:62:56:C4:5A:35:28:2D:5A:C0:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L8tesBINBwkLEmJWxFo1KC1awKw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/bb5912-17c7-4607-9472-e2152edf9f9c/1/L8tesBINBwkLEmJWxFo1KC1awKw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/bb5912-17c7-4607-9472-e2152edf9f9c/1/L8tesBINBwkLEmJWxFo1KC1awKw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c2:8c:49:ae:e3:85:a4:02:70:72:6b:96:86:46:d8:ef:07:d4:
         7e:e2:f1:cb:ba:72:19:85:a8:9c:72:72:a8:cd:2d:ea:6f:80:
         19:20:0e:a6:ea:dc:5c:45:77:57:21:6b:61:f9:49:8d:bc:ac:
         50:52:f5:95:54:86:bc:7e:4f:e3:4c:49:aa:c3:83:a3:3a:50:
         f5:b4:4a:a8:87:e0:65:9e:0a:1a:c7:61:2e:13:05:3f:9d:b5:
         a4:d6:7c:d2:55:ce:35:3d:af:41:9d:a1:92:86:b7:fd:a4:42:
         aa:38:2b:ae:b1:3f:f5:72:b2:fe:26:f3:17:7a:ce:6b:89:46:
         c3:91:c9:bf:7a:b7:a8:00:b6:55:1e:97:3e:60:1d:19:9a:50:
         9e:f7:9e:71:60:b4:5b:64:54:0c:01:a3:4a:ba:63:0a:4c:c2:
         bf:b2:79:c2:0f:2b:cf:86:51:8f:73:cf:0a:f3:a3:ef:c6:a5:
         18:ad:0d:bd:1d:8e:a6:76:ad:c3:ce:4e:0b:2d:66:71:6a:6c:
         6a:1f:78:96:21:f6:bd:6e:23:c2:23:99:3c:9f:3d:57:c9:19:
         6e:77:65:3c:41:3e:f1:54:d0:c0:cb:10:fc:c8:7c:48:db:79:
         8e:8c:1e:dd:00:8e:38:74:40:f8:01:79:1f:28:d7:5d:25:6e:
         58:8d:b4:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuElg3Cs6mX+8HOD5BFbwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmY2I1ZWIwMTIwZDA3MDkwYjEyNjI1NmM0NWEzNTI4MmQ1
YWMwYWMwHhcNMjUxMTExMDcwMTM0WhcNMjUxMTEyMDcwMTM0WjAzMTEwLwYDVQQD
EyhiYzE2ZTg3MWIyMTE3YmVkMWFjODBkODY2MDA3NDIzZmZiZWMzZGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7oqC6DgxpQUj/crgCKTTwJC/pOx
gp96fpOUPh8YE7fPMumLNwv/kDDCR1oHOUQ4LHe79g3EwOmat+2By9og2sRAyzs+
zF3DkLjb6k5xWehUhsPicOPeB1nDeKaKPWCpS9Up3rNNEjAywJKc4R3h1jc0MSOy
r6aE6hD+nFoEwqrqo4JLjBOZM3pbnyYEDdk7clJ8C7WQNcAkwe60j1rlPTzOoU+s
64LyuywygWYuODxhyvtEqMQtUNEAa2natvCbGUe9NFm7lRoDyHF7AQaIV/dJGb/P
WjKi1MmSrSt6b4xy2wofEu2DSDnmbaVhs56H97cOXmq7LLMnKhytkhL2IQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLwW6HGyEXvtGsgNhmAHQj/77D33MB8GA1UdIwQY
MBaAFC/LXrASDQcJCxJiVsRaNSgtWsCsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDh0ZXNCSU5Cd2tMRW1KV3hGbzFLQzFhd0t3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9iYjU5MTItMTdjNy00NjA3LTk0NzIt
ZTIxNTJlZGY5ZjljLzEvTDh0ZXNCSU5Cd2tMRW1KV3hGbzFLQzFhd0t3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9iYjU5MTItMTdjNy00NjA3LTk0NzItZTIxNTJlZGY5Zjlj
LzEvTDh0ZXNCSU5Cd2tMRW1KV3hGbzFLQzFhd0t3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwoxJruOF
pAJwcmuWhkbY7wfUfuLxy7pyGYWonHJyqM0t6m+AGSAOpurcXEV3VyFrYflJjbys
UFL1lVSGvH5P40xJqsODozpQ9bRKqIfgZZ4KGsdhLhMFP521pNZ80lXONT2vQZ2h
koa3/aRCqjgrrrE/9XKy/ibzF3rOa4lGw5HJv3q3qAC2VR6XPmAdGZpQnveecWC0
W2RUDAGjSrpjCkzCv7J5wg8rz4ZRj3PPCvOj78alGK0NvR2Opnatw85OCy1mcWps
ah94liH2vW4jwiOZPJ89V8kZbndlPEE+8VTQwMsQ/Mh8SNt5jowe3QCOOHRA+AF5
HyjXXSVuWI20+Q==
-----END CERTIFICATE-----