Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/668bf3-77dc-43ea-8fdd-485eda34998f/1/LkWQWSMqS7ky9j-w37ZUk-ucgng.mft
File:                     LkWQWSMqS7ky9j-w37ZUk-ucgng.mft (raw, json)
Hash identifier:          ZkTZVDSC3cIGPl2iq6IfAl2OkGVX63zJMDC/eYAegFw=
Subject key identifier:   F5:1B:88:A1:66:0C:9A:D3:E7:B1:50:9E:0F:D9:D3:83:5E:32:70:97
Authority key identifier: 2E:45:90:59:23:2A:4B:B9:32:F6:3F:B0:DF:B6:54:93:EB:9C:82:78
Certificate issuer:       /CN=2e459059232a4bb932f63fb0dfb65493eb9c8278
Certificate serial:       019A228AAEE9C430A64895CE3FCA4C27EB19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LkWQWSMqS7ky9j-w37ZUk-ucgng.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/668bf3-77dc-43ea-8fdd-485eda34998f/1/LkWQWSMqS7ky9j-w37ZUk-ucgng.mft
Manifest number:          1685
Signing time:             Sun 26 Oct 2025 22:01:45 +0000
Manifest this update:     Sun 26 Oct 2025 22:01:45 +0000
Manifest next update:     Mon 27 Oct 2025 22:01:45 +0000
Files and hashes:         1: LkWQWSMqS7ky9j-w37ZUk-ucgng.crl (hash: TvejQ1H9ouotG2tkxUqx5TobydZS0RsfeU8vSg1aCT8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/88/668bf3-77dc-43ea-8fdd-485eda34998f/1/LkWQWSMqS7ky9j-w37ZUk-ucgng.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/88/668bf3-77dc-43ea-8fdd-485eda34998f/1/LkWQWSMqS7ky9j-w37ZUk-ucgng.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LkWQWSMqS7ky9j-w37ZUk-ucgng.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 27 Oct 2025 19:48:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:22:8a:ae:e9:c4:30:a6:48:95:ce:3f:ca:4c:27:eb:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e459059232a4bb932f63fb0dfb65493eb9c8278
        Validity
            Not Before: Oct 26 22:01:45 2025 GMT
            Not After : Oct 27 22:01:45 2025 GMT
        Subject: CN=f51b88a1660c9ad3e7b1509e0fd9d3835e327097
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:45:f1:f7:eb:eb:7f:42:c7:f8:ee:2a:23:e4:
                    5f:12:e5:17:a7:e9:75:73:ca:c1:bb:88:87:ba:67:
                    90:69:0a:6d:1d:17:42:8d:78:6f:73:04:7b:fb:94:
                    0f:ba:2c:5a:b3:65:17:58:9c:7f:e6:e9:8f:bc:46:
                    04:7d:10:af:28:ba:12:dc:d1:5f:f6:c8:c0:af:65:
                    be:2a:1c:d2:f5:94:aa:91:5a:a1:ce:7a:b4:a4:c0:
                    52:60:7f:a5:ee:72:c0:76:dc:14:35:a7:4a:90:76:
                    c6:23:24:c3:f5:09:4f:25:e2:b2:79:bf:df:f7:d7:
                    77:eb:c9:41:4c:98:4c:17:4d:cc:9f:e2:f4:23:fb:
                    25:38:7f:b2:bd:a4:16:18:43:17:0d:de:61:f2:7e:
                    93:10:cf:77:d6:56:a7:a6:01:94:49:f7:32:1f:b0:
                    6c:8d:b4:51:bf:d5:c0:97:e9:85:02:70:fd:cd:fc:
                    38:8d:c8:35:0b:fd:8a:3a:43:3d:d1:c1:82:34:ca:
                    2f:47:dc:98:2c:c5:4f:cf:08:76:ea:62:50:94:87:
                    09:67:26:67:76:89:cd:5c:1a:92:12:cb:1b:a7:18:
                    f0:e5:8b:90:3f:d8:3e:b3:98:74:53:2c:e2:93:62:
                    dd:31:34:a4:7e:5a:ed:d4:47:c6:f8:fd:17:e6:a8:
                    f2:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:1B:88:A1:66:0C:9A:D3:E7:B1:50:9E:0F:D9:D3:83:5E:32:70:97
            X509v3 Authority Key Identifier:
                keyid:2E:45:90:59:23:2A:4B:B9:32:F6:3F:B0:DF:B6:54:93:EB:9C:82:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LkWQWSMqS7ky9j-w37ZUk-ucgng.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/668bf3-77dc-43ea-8fdd-485eda34998f/1/LkWQWSMqS7ky9j-w37ZUk-ucgng.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/668bf3-77dc-43ea-8fdd-485eda34998f/1/LkWQWSMqS7ky9j-w37ZUk-ucgng.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b3:63:db:6b:e6:e9:30:a8:de:4f:2a:2a:e5:cb:bd:04:54:fb:
         ac:5c:6d:a6:01:9a:38:18:6b:33:25:ba:33:90:67:82:a4:eb:
         85:b3:e3:40:92:eb:77:cf:8c:55:04:55:c7:6c:71:82:ed:7f:
         15:22:77:a3:f0:d4:39:9f:70:43:26:91:f0:2f:b0:5f:23:30:
         e4:6b:54:01:51:42:b3:81:0f:13:a5:db:9d:63:fb:78:7e:70:
         0b:c7:09:63:11:5a:91:05:56:04:cb:fc:52:24:98:13:44:72:
         73:ed:ec:92:c6:9e:e1:6d:11:be:9d:1d:c6:0f:4a:da:82:72:
         c2:d9:7b:80:1d:e5:76:c2:7c:bb:bd:8a:f6:12:b0:97:a8:41:
         f0:ee:bb:e2:a2:06:49:5d:3d:e6:30:6a:94:83:ac:4d:18:c7:
         60:6f:13:24:e2:a3:5b:f7:10:13:f4:0f:67:f0:d2:25:0a:61:
         43:1c:86:18:af:b2:23:e5:c8:33:c1:42:ea:26:2f:4a:7e:24:
         1d:de:8b:a7:4c:e3:ef:25:9a:fb:11:3e:6c:8f:97:56:ef:7b:
         36:eb:4d:9d:91:19:39:66:f9:cc:85:70:5b:0e:31:4c:bd:29:
         b0:93:2a:6f:f8:8a:77:e6:85:50:14:cd:5e:7a:ce:ff:75:b4:
         b2:36:b7:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoiiq7pxDCmSJXOP8pMJ+sZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNDU5MDU5MjMyYTRiYjkzMmY2M2ZiMGRmYjY1NDkzZWI5
YzgyNzgwHhcNMjUxMDI2MjIwMTQ1WhcNMjUxMDI3MjIwMTQ1WjAzMTEwLwYDVQQD
EyhmNTFiODhhMTY2MGM5YWQzZTdiMTUwOWUwZmQ5ZDM4MzVlMzI3MDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA20Xx9+vrf0LH+O4qI+RfEuUXp+l1
c8rBu4iHumeQaQptHRdCjXhvcwR7+5QPuixas2UXWJx/5umPvEYEfRCvKLoS3NFf
9sjAr2W+KhzS9ZSqkVqhznq0pMBSYH+l7nLAdtwUNadKkHbGIyTD9QlPJeKyeb/f
99d368lBTJhMF03Mn+L0I/slOH+yvaQWGEMXDd5h8n6TEM931lanpgGUSfcyH7Bs
jbRRv9XAl+mFAnD9zfw4jcg1C/2KOkM90cGCNMovR9yYLMVPzwh26mJQlIcJZyZn
donNXBqSEssbpxjw5YuQP9g+s5h0Uyzik2LdMTSkflrt1EfG+P0X5qjyXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPUbiKFmDJrT57FQng/Z04NeMnCXMB8GA1UdIwQY
MBaAFC5FkFkjKku5MvY/sN+2VJPrnIJ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGtXUVdTTXFTN2t5OWotdzM3WlVrLXVjZ25nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC82NjhiZjMtNzdkYy00M2VhLThmZGQt
NDg1ZWRhMzQ5OThmLzEvTGtXUVdTTXFTN2t5OWotdzM3WlVrLXVjZ25nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC82NjhiZjMtNzdkYy00M2VhLThmZGQtNDg1ZWRhMzQ5OThm
LzEvTGtXUVdTTXFTN2t5OWotdzM3WlVrLXVjZ25nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs2Pba+bp
MKjeTyoq5cu9BFT7rFxtpgGaOBhrMyW6M5BngqTrhbPjQJLrd8+MVQRVx2xxgu1/
FSJ3o/DUOZ9wQyaR8C+wXyMw5GtUAVFCs4EPE6XbnWP7eH5wC8cJYxFakQVWBMv8
UiSYE0Ryc+3sksae4W0Rvp0dxg9K2oJywtl7gB3ldsJ8u72K9hKwl6hB8O674qIG
SV095jBqlIOsTRjHYG8TJOKjW/cQE/QPZ/DSJQphQxyGGK+yI+XIM8FC6iYvSn4k
Hd6Lp0zj7yWa+xE+bI+XVu97NutNnZEZOWb5zIVwWw4xTL0psJMqb/iKd+aFUBTN
XnrO/3W0sja3Jw==
-----END CERTIFICATE-----