Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft
File:                     lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft (raw, json)
Hash identifier:          kLYglpj0jhNVZYneXQbNmGisS4fMeOIoR7NF1rNey6M=
Subject key identifier:   E1:E3:22:55:88:2C:C0:27:65:7C:1E:84:5F:03:70:FD:05:68:0B:97
Authority key identifier: 94:62:21:F7:9A:BE:A6:D3:C0:C3:48:06:42:59:0D:D0:AE:0C:AA:3B
Certificate issuer:       /CN=946221f79abea6d3c0c3480642590dd0ae0caa3b
Certificate serial:       019A71B7EEB42479D415614527349F27549C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lGIh95q-ptPAw0gGQlkN0K4Mqjs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft
Manifest number:          141F
Signing time:             Tue 11 Nov 2025 07:01:10 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:10 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:10 +0000
Files and hashes:         1: lGIh95q-ptPAw0gGQlkN0K4Mqjs.crl (hash: De80aPCezH7tDDggjfFKq2ksqiTlML9w55QTYXC7XnQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lGIh95q-ptPAw0gGQlkN0K4Mqjs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:ee:b4:24:79:d4:15:61:45:27:34:9f:27:54:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=946221f79abea6d3c0c3480642590dd0ae0caa3b
        Validity
            Not Before: Nov 11 07:01:10 2025 GMT
            Not After : Nov 12 07:01:10 2025 GMT
        Subject: CN=e1e32255882cc027657c1e845f0370fd05680b97
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:15:84:4d:92:bf:a2:c1:65:a4:13:2d:6f:b7:
                    70:b2:55:8e:bb:34:41:e9:72:d4:c8:73:5d:3a:8c:
                    c7:31:b9:4c:3f:de:04:fa:dd:0c:11:90:83:e4:9e:
                    bb:c8:59:59:37:44:5b:70:83:2b:40:aa:cb:0b:a0:
                    b9:5b:85:6d:a6:b2:3b:b4:3e:8c:d6:0a:82:c5:ba:
                    f7:11:db:ee:89:fd:f1:5d:29:7f:63:cb:79:cc:f1:
                    50:28:ff:4e:0f:4f:6e:37:fd:60:72:23:74:43:2f:
                    bc:90:f7:8d:d5:8a:5a:b3:54:8c:e5:a5:05:5d:e4:
                    b2:7b:fe:93:8a:ad:f2:cd:fa:93:ba:ea:6c:32:40:
                    18:7e:38:e6:7e:78:e7:39:d3:02:ed:d1:bd:b0:96:
                    97:e1:ee:63:08:87:39:21:54:e1:48:69:ef:95:98:
                    7f:27:01:31:08:c2:8a:84:87:25:c8:2c:7d:8d:a1:
                    f5:6c:e4:ba:e9:fa:2e:8c:88:7b:43:22:60:0d:b5:
                    3e:f8:cb:d3:bb:8d:36:2e:7f:4a:62:2c:22:14:0e:
                    ca:a7:f0:0a:75:07:0a:8d:6b:61:4a:05:51:83:79:
                    d6:f0:3d:cb:06:a6:cb:80:5e:98:e7:8f:eb:60:c2:
                    7b:d1:73:a0:b1:28:b9:2f:f4:f8:5f:74:ac:51:2b:
                    7c:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:E3:22:55:88:2C:C0:27:65:7C:1E:84:5F:03:70:FD:05:68:0B:97
            X509v3 Authority Key Identifier:
                keyid:94:62:21:F7:9A:BE:A6:D3:C0:C3:48:06:42:59:0D:D0:AE:0C:AA:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lGIh95q-ptPAw0gGQlkN0K4Mqjs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:a9:a2:44:92:cb:5d:6e:cd:49:67:92:14:19:d6:c0:dc:0e:
         a8:d3:5a:41:f8:f3:b6:02:f3:52:13:67:ba:23:b3:ff:fe:df:
         d7:67:72:3a:74:64:8b:8f:d4:e3:42:d0:8c:ae:66:61:a4:1a:
         09:9d:85:a0:ea:e3:f5:77:f1:97:22:19:49:d7:0f:a8:b8:66:
         8b:d0:2c:a1:e1:68:05:f8:06:f5:12:56:b4:37:d4:b6:29:57:
         06:43:f7:7c:8b:6c:de:b3:98:44:09:93:16:7f:14:73:13:77:
         18:0b:bc:e0:80:b5:1f:2f:91:1a:0a:b4:9f:da:ff:1b:ef:fa:
         c6:11:bf:1a:8a:dd:03:46:dc:ce:d6:a1:7c:db:13:8a:32:a4:
         cc:6f:ae:17:7a:81:28:94:43:3f:a0:87:ca:4b:77:ed:ae:3f:
         87:1c:8b:a3:0a:3d:66:b6:73:4d:68:bb:92:ce:3b:3b:7c:cc:
         40:ff:57:2e:14:ba:6d:8c:e5:fe:17:e0:bc:c9:bb:34:0e:bd:
         db:11:54:54:ca:ea:6e:83:09:82:1e:78:04:22:de:a7:da:e6:
         4c:61:11:c7:14:e2:dd:79:61:0f:08:4e:0f:53:9a:04:42:0c:
         77:33:3c:3c:25:4f:39:c6:e8:34:06:d2:ad:b0:a9:9f:3a:cd:
         71:ec:d2:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt+60JHnUFWFFJzSfJ1ScMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NjIyMWY3OWFiZWE2ZDNjMGMzNDgwNjQyNTkwZGQwYWUw
Y2FhM2IwHhcNMjUxMTExMDcwMTEwWhcNMjUxMTEyMDcwMTEwWjAzMTEwLwYDVQQD
EyhlMWUzMjI1NTg4MmNjMDI3NjU3YzFlODQ1ZjAzNzBmZDA1NjgwYjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0hWETZK/osFlpBMtb7dwslWOuzRB
6XLUyHNdOozHMblMP94E+t0MEZCD5J67yFlZN0RbcIMrQKrLC6C5W4VtprI7tD6M
1gqCxbr3Edvuif3xXSl/Y8t5zPFQKP9OD09uN/1gciN0Qy+8kPeN1Ypas1SM5aUF
XeSye/6Tiq3yzfqTuupsMkAYfjjmfnjnOdMC7dG9sJaX4e5jCIc5IVThSGnvlZh/
JwExCMKKhIclyCx9jaH1bOS66foujIh7QyJgDbU++MvTu402Ln9KYiwiFA7Kp/AK
dQcKjWthSgVRg3nW8D3LBqbLgF6Y54/rYMJ70XOgsSi5L/T4X3SsUSt8DQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOHjIlWILMAnZXwehF8DcP0FaAuXMB8GA1UdIwQY
MBaAFJRiIfeavqbTwMNIBkJZDdCuDKo7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEdJaDk1cS1wdFBBdzBnR1Fsa04wSzRNcWpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi84ZDlhYTUtZDUyYS00ODZmLWI2NGMt
N2M2MDVkMzIxNjVkLzEvbEdJaDk1cS1wdFBBdzBnR1Fsa04wSzRNcWpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi84ZDlhYTUtZDUyYS00ODZmLWI2NGMtN2M2MDVkMzIxNjVk
LzEvbEdJaDk1cS1wdFBBdzBnR1Fsa04wSzRNcWpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM6miRJLL
XW7NSWeSFBnWwNwOqNNaQfjztgLzUhNnuiOz//7f12dyOnRki4/U40LQjK5mYaQa
CZ2FoOrj9XfxlyIZSdcPqLhmi9AsoeFoBfgG9RJWtDfUtilXBkP3fIts3rOYRAmT
Fn8UcxN3GAu84IC1Hy+RGgq0n9r/G+/6xhG/GordA0bcztahfNsTijKkzG+uF3qB
KJRDP6CHykt37a4/hxyLowo9ZrZzTWi7ks47O3zMQP9XLhS6bYzl/hfgvMm7NA69
2xFUVMrqboMJgh54BCLep9rmTGERxxTi3XlhDwhOD1OaBEIMdzM8PCVPOcboNAbS
rbCpnzrNcezSWw==
-----END CERTIFICATE-----