Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/37fd9d-61e6-4df3-9c07-6b6ad0456b65/1/LphQiZ2cq14AM9C-lyKn6zBdfGA.mft
File:                     LphQiZ2cq14AM9C-lyKn6zBdfGA.mft (raw, json)
Hash identifier:          6BbxHFWYMBxXJIpVzm/q7kKykbieD4jMMGY1lLrGIIg=
Subject key identifier:   59:AC:2F:80:99:21:8B:CA:7A:CF:65:D1:E3:7C:BD:8C:71:1A:76:F9
Authority key identifier: 2E:98:50:89:9D:9C:AB:5E:00:33:D0:BE:97:22:A7:EB:30:5D:7C:60
Certificate issuer:       /CN=2e9850899d9cab5e0033d0be9722a7eb305d7c60
Certificate serial:       019A71B8D1C15844F2C0DF5116B26CE7C9C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LphQiZ2cq14AM9C-lyKn6zBdfGA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/37fd9d-61e6-4df3-9c07-6b6ad0456b65/1/LphQiZ2cq14AM9C-lyKn6zBdfGA.mft
Manifest number:          171C
Signing time:             Tue 11 Nov 2025 07:02:09 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:09 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:09 +0000
Files and hashes:         1: LphQiZ2cq14AM9C-lyKn6zBdfGA.crl (hash: OliooYIG9ghWzFVt5sfHxkNJCSkmDN9KNHwZbMqb15U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/37fd9d-61e6-4df3-9c07-6b6ad0456b65/1/LphQiZ2cq14AM9C-lyKn6zBdfGA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/37fd9d-61e6-4df3-9c07-6b6ad0456b65/1/LphQiZ2cq14AM9C-lyKn6zBdfGA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LphQiZ2cq14AM9C-lyKn6zBdfGA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:d1:c1:58:44:f2:c0:df:51:16:b2:6c:e7:c9:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e9850899d9cab5e0033d0be9722a7eb305d7c60
        Validity
            Not Before: Nov 11 07:02:09 2025 GMT
            Not After : Nov 12 07:02:09 2025 GMT
        Subject: CN=59ac2f8099218bca7acf65d1e37cbd8c711a76f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:c2:1e:49:a3:e1:9d:3f:37:6f:a9:c4:11:93:
                    a3:96:7b:4a:ad:a9:68:20:66:f5:89:b9:76:5c:f6:
                    32:5e:fc:43:9c:8b:2c:ae:22:9b:54:bd:44:40:1a:
                    69:ad:ba:51:22:56:98:29:14:40:b6:29:9a:b4:ba:
                    ad:05:9e:65:9b:6b:59:50:3b:68:45:31:f7:37:1c:
                    6c:02:04:1f:8c:26:cd:08:3b:1b:3b:58:af:6a:33:
                    43:46:8a:36:c7:ec:95:dd:4a:a3:87:5d:20:60:12:
                    4f:28:b7:86:02:46:a7:95:b0:ac:80:89:80:c0:ce:
                    68:15:35:60:f0:b6:2e:d2:62:9b:26:41:c1:8c:13:
                    54:92:63:63:dd:60:66:e5:3b:cf:95:5f:ed:09:e5:
                    3e:78:2f:fa:72:fb:06:1b:c1:ba:f1:c5:bb:2d:99:
                    4a:82:23:c9:b5:93:c2:33:3d:75:0c:7f:36:04:69:
                    86:45:09:86:5a:33:40:d3:bb:52:a2:2a:49:13:e2:
                    46:4f:24:a5:48:0b:7c:dc:d1:7f:b0:85:f1:9c:c5:
                    10:6f:2f:07:7d:81:37:c4:35:0e:1b:4b:79:ba:45:
                    7b:eb:0d:a5:b4:93:d2:19:4f:22:2e:8d:93:51:9d:
                    3b:bc:94:04:dc:d9:13:da:4b:90:e6:c8:63:e5:0f:
                    1b:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:AC:2F:80:99:21:8B:CA:7A:CF:65:D1:E3:7C:BD:8C:71:1A:76:F9
            X509v3 Authority Key Identifier:
                keyid:2E:98:50:89:9D:9C:AB:5E:00:33:D0:BE:97:22:A7:EB:30:5D:7C:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LphQiZ2cq14AM9C-lyKn6zBdfGA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/37fd9d-61e6-4df3-9c07-6b6ad0456b65/1/LphQiZ2cq14AM9C-lyKn6zBdfGA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/37fd9d-61e6-4df3-9c07-6b6ad0456b65/1/LphQiZ2cq14AM9C-lyKn6zBdfGA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:1a:19:c1:56:9e:f3:69:35:53:d3:f8:08:07:de:8c:42:5f:
         55:00:b3:5f:b6:e6:83:92:76:ff:4f:68:75:8f:5d:93:3c:28:
         0e:8e:18:f1:ca:af:70:dd:b5:cd:ba:a7:13:8b:42:a7:e4:cd:
         2b:35:89:c3:ea:b2:8f:c5:0a:51:ec:2b:84:5d:3e:21:62:1c:
         74:31:8f:70:03:2b:09:7f:d5:a2:f6:31:92:b6:3a:82:7d:45:
         bd:63:f3:67:5c:43:4c:02:ef:fe:fc:8c:7f:f2:66:a4:a8:50:
         1b:4a:5d:37:0a:02:7e:7f:c7:9c:8c:cc:80:7f:34:49:a6:ff:
         91:cb:87:e2:9f:a3:36:87:16:f1:0b:5e:91:af:0f:64:5e:0c:
         84:1b:5c:35:05:65:14:33:41:e4:0e:7c:7f:32:6b:96:23:6d:
         52:b6:b1:61:78:0e:fb:24:56:52:7a:76:ca:1d:e4:38:36:eb:
         3f:43:7b:cc:05:5a:2e:af:67:7e:6d:46:53:e6:3a:79:1f:d3:
         13:02:3b:3e:f2:77:5c:fd:78:d6:35:1a:57:45:2b:95:78:09:
         61:17:65:9d:df:a3:ed:09:de:30:37:30:31:a1:15:0f:1b:4d:
         62:be:3b:c2:6f:8f:84:ed:13:bd:0d:83:22:cf:23:97:02:17:
         a3:09:38:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuNHBWETywN9RFrJs58nGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlOTg1MDg5OWQ5Y2FiNWUwMDMzZDBiZTk3MjJhN2ViMzA1
ZDdjNjAwHhcNMjUxMTExMDcwMjA5WhcNMjUxMTEyMDcwMjA5WjAzMTEwLwYDVQQD
Eyg1OWFjMmY4MDk5MjE4YmNhN2FjZjY1ZDFlMzdjYmQ4YzcxMWE3NmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0cIeSaPhnT83b6nEEZOjlntKralo
IGb1ibl2XPYyXvxDnIssriKbVL1EQBpprbpRIlaYKRRAtimatLqtBZ5lm2tZUDto
RTH3NxxsAgQfjCbNCDsbO1ivajNDRoo2x+yV3Uqjh10gYBJPKLeGAkanlbCsgImA
wM5oFTVg8LYu0mKbJkHBjBNUkmNj3WBm5TvPlV/tCeU+eC/6cvsGG8G68cW7LZlK
giPJtZPCMz11DH82BGmGRQmGWjNA07tSoipJE+JGTySlSAt83NF/sIXxnMUQby8H
fYE3xDUOG0t5ukV76w2ltJPSGU8iLo2TUZ07vJQE3NkT2kuQ5shj5Q8bGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFmsL4CZIYvKes9l0eN8vYxxGnb5MB8GA1UdIwQY
MBaAFC6YUImdnKteADPQvpcip+swXXxgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHBoUWlaMmNxMTRBTTlDLWx5S242ekJkZkdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8zN2ZkOWQtNjFlNi00ZGYzLTljMDct
NmI2YWQwNDU2YjY1LzEvTHBoUWlaMmNxMTRBTTlDLWx5S242ekJkZkdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8zN2ZkOWQtNjFlNi00ZGYzLTljMDctNmI2YWQwNDU2YjY1
LzEvTHBoUWlaMmNxMTRBTTlDLWx5S242ekJkZkdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnxoZwVae
82k1U9P4CAfejEJfVQCzX7bmg5J2/09odY9dkzwoDo4Y8cqvcN21zbqnE4tCp+TN
KzWJw+qyj8UKUewrhF0+IWIcdDGPcAMrCX/VovYxkrY6gn1FvWPzZ1xDTALv/vyM
f/JmpKhQG0pdNwoCfn/HnIzMgH80Sab/kcuH4p+jNocW8Qteka8PZF4MhBtcNQVl
FDNB5A58fzJrliNtUraxYXgO+yRWUnp2yh3kODbrP0N7zAVaLq9nfm1GU+Y6eR/T
EwI7PvJ3XP141jUaV0UrlXgJYRdlnd+j7QneMDcwMaEVDxtNYr47wm+PhO0TvQ2D
Is8jlwIXowk4xA==
-----END CERTIFICATE-----