Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/c07b78-daed-4991-9db7-bec1a92a2f9f/1/Lamd3TmQcoABaWYXi_aOXEY8LrY.mft
File:                     Lamd3TmQcoABaWYXi_aOXEY8LrY.mft (raw, json)
Hash identifier:          wb9Cb6TKRQE4RxctB/OHvDgOu5At708QOB/q4yEC8Ds=
Subject key identifier:   40:75:E4:86:C9:6B:C0:AC:DC:E2:52:31:A9:96:D2:82:BC:20:A3:70
Authority key identifier: 2D:A9:9D:DD:39:90:72:80:01:69:66:17:8B:F6:8E:5C:46:3C:2E:B6
Certificate issuer:       /CN=2da99ddd39907280016966178bf68e5c463c2eb6
Certificate serial:       019A71B887B477141772F059C1EDDF8A70D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Lamd3TmQcoABaWYXi_aOXEY8LrY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/c07b78-daed-4991-9db7-bec1a92a2f9f/1/Lamd3TmQcoABaWYXi_aOXEY8LrY.mft
Manifest number:          01D3
Signing time:             Tue 11 Nov 2025 07:01:49 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:49 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:49 +0000
Files and hashes:         1: Lamd3TmQcoABaWYXi_aOXEY8LrY.crl (hash: 5aiW/1yDIKNvf/emXXFl6vgh1Z/LM981geE3lR+Kkxo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/c07b78-daed-4991-9db7-bec1a92a2f9f/1/Lamd3TmQcoABaWYXi_aOXEY8LrY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/c07b78-daed-4991-9db7-bec1a92a2f9f/1/Lamd3TmQcoABaWYXi_aOXEY8LrY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Lamd3TmQcoABaWYXi_aOXEY8LrY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:87:b4:77:14:17:72:f0:59:c1:ed:df:8a:70:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2da99ddd39907280016966178bf68e5c463c2eb6
        Validity
            Not Before: Nov 11 07:01:49 2025 GMT
            Not After : Nov 12 07:01:49 2025 GMT
        Subject: CN=4075e486c96bc0acdce25231a996d282bc20a370
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:da:77:aa:39:29:d7:00:36:67:14:bc:6a:2b:
                    52:5c:a1:6e:3b:58:78:3f:85:57:a4:5c:35:e7:df:
                    85:21:c8:fe:cd:d7:c7:ca:ba:e0:a6:38:a2:d1:0f:
                    91:b2:c5:a7:2d:4c:43:2c:7c:30:8b:66:0d:ae:b6:
                    78:d3:66:a8:6b:32:ae:5f:03:64:38:d9:ed:59:e2:
                    d5:37:36:89:ed:1e:d6:1f:c0:8a:06:e6:28:ff:e9:
                    60:da:aa:aa:16:4e:6c:5a:d8:05:d0:3b:c9:e6:7f:
                    88:10:0b:e1:b6:ea:5d:5f:d6:91:4c:52:0c:cd:49:
                    36:8a:5b:de:df:90:5a:10:be:59:a5:9b:7c:dd:c6:
                    3b:ab:a6:41:9f:dc:0b:76:8d:af:18:99:62:b5:f7:
                    e1:c1:1c:4b:0d:82:3f:46:d7:d0:ff:74:e6:7a:a9:
                    6c:35:9a:b3:bc:be:6b:91:f4:0d:7d:a8:0c:e3:c1:
                    2c:16:ce:45:97:0d:40:31:87:33:92:25:48:86:41:
                    44:f0:bd:d5:a6:ae:fd:ea:dd:fa:c8:c1:23:ca:a5:
                    5c:fd:75:c2:13:9a:fb:33:f2:da:f3:b4:c9:87:49:
                    3a:08:02:cc:37:97:9a:17:3b:1d:c4:3a:4c:d6:3c:
                    e8:5c:e7:a8:26:96:7d:8c:d7:0f:83:4e:34:b3:49:
                    d3:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:75:E4:86:C9:6B:C0:AC:DC:E2:52:31:A9:96:D2:82:BC:20:A3:70
            X509v3 Authority Key Identifier:
                keyid:2D:A9:9D:DD:39:90:72:80:01:69:66:17:8B:F6:8E:5C:46:3C:2E:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lamd3TmQcoABaWYXi_aOXEY8LrY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/c07b78-daed-4991-9db7-bec1a92a2f9f/1/Lamd3TmQcoABaWYXi_aOXEY8LrY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/c07b78-daed-4991-9db7-bec1a92a2f9f/1/Lamd3TmQcoABaWYXi_aOXEY8LrY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:51:2c:ca:2d:1e:17:7a:a7:c4:9e:5d:85:af:65:2e:20:ba:
         23:cd:fd:34:7b:4c:eb:65:63:38:fe:be:d5:69:9d:2c:9a:86:
         fa:6a:32:91:b7:f6:89:33:95:bc:da:05:90:e4:5b:45:df:0d:
         59:67:6b:b0:60:6a:87:85:b7:f5:04:ba:07:9d:1e:95:90:20:
         cc:e0:17:17:d6:2c:77:69:b8:40:7d:43:d3:7d:f9:ba:c5:6c:
         8f:a9:0b:eb:80:92:14:cc:97:d4:27:37:60:d3:78:56:75:d6:
         8f:9b:08:ec:89:9c:b9:fe:9c:d1:89:89:a7:86:52:96:4b:e5:
         f6:ca:07:b3:d3:25:08:67:9d:43:da:73:58:70:df:09:e8:70:
         37:bc:a6:8f:de:eb:69:f8:9e:66:00:a0:08:19:7c:30:dc:68:
         c9:57:df:89:1d:17:0e:17:d6:4c:11:b1:a4:8c:09:de:28:76:
         d7:7a:7d:ef:bc:4c:57:ec:6a:97:72:d9:62:12:d3:b2:1b:fd:
         75:84:8a:bb:3d:b0:19:b4:e2:a4:2f:50:5c:c0:68:97:4b:d4:
         15:33:be:f9:e2:79:73:32:3c:38:c9:06:2a:94:a1:6a:18:f2:
         fd:9b:d6:5d:7d:f7:8d:7b:fa:c7:71:32:19:7e:51:02:33:98:
         29:dc:f4:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuIe0dxQXcvBZwe3finDTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkYTk5ZGRkMzk5MDcyODAwMTY5NjYxNzhiZjY4ZTVjNDYz
YzJlYjYwHhcNMjUxMTExMDcwMTQ5WhcNMjUxMTEyMDcwMTQ5WjAzMTEwLwYDVQQD
Eyg0MDc1ZTQ4NmM5NmJjMGFjZGNlMjUyMzFhOTk2ZDI4MmJjMjBhMzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidp3qjkp1wA2ZxS8aitSXKFuO1h4
P4VXpFw159+FIcj+zdfHyrrgpjii0Q+RssWnLUxDLHwwi2YNrrZ402aoazKuXwNk
ONntWeLVNzaJ7R7WH8CKBuYo/+lg2qqqFk5sWtgF0DvJ5n+IEAvhtupdX9aRTFIM
zUk2ilve35BaEL5ZpZt83cY7q6ZBn9wLdo2vGJlitffhwRxLDYI/RtfQ/3Tmeqls
NZqzvL5rkfQNfagM48EsFs5Flw1AMYczkiVIhkFE8L3Vpq796t36yMEjyqVc/XXC
E5r7M/La87TJh0k6CALMN5eaFzsdxDpM1jzoXOeoJpZ9jNcPg040s0nTewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEB15IbJa8Cs3OJSMamW0oK8IKNwMB8GA1UdIwQY
MBaAFC2pnd05kHKAAWlmF4v2jlxGPC62MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGFtZDNUbVFjb0FCYVdZWGlfYU9YRVk4THJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9jMDdiNzgtZGFlZC00OTkxLTlkYjct
YmVjMWE5MmEyZjlmLzEvTGFtZDNUbVFjb0FCYVdZWGlfYU9YRVk4THJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9jMDdiNzgtZGFlZC00OTkxLTlkYjctYmVjMWE5MmEyZjlm
LzEvTGFtZDNUbVFjb0FCYVdZWGlfYU9YRVk4THJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZlEsyi0e
F3qnxJ5dha9lLiC6I839NHtM62VjOP6+1WmdLJqG+moykbf2iTOVvNoFkORbRd8N
WWdrsGBqh4W39QS6B50elZAgzOAXF9Ysd2m4QH1D0335usVsj6kL64CSFMyX1Cc3
YNN4VnXWj5sI7Imcuf6c0YmJp4ZSlkvl9soHs9MlCGedQ9pzWHDfCehwN7ymj97r
afieZgCgCBl8MNxoyVffiR0XDhfWTBGxpIwJ3ih213p977xMV+xql3LZYhLTshv9
dYSKuz2wGbTipC9QXMBol0vUFTO++eJ5czI8OMkGKpShahjy/ZvWXX33jXv6x3Ey
GX5RAjOYKdz0nA==
-----END CERTIFICATE-----