Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/b492ff-3154-4304-b927-d99832657a45/1/l213R7vhqAE1QKcW0lzHh_h9tmo.mft
File:                     l213R7vhqAE1QKcW0lzHh_h9tmo.mft (raw, json)
Hash identifier:          Q6jezmeYPjWZHv6e/EZBrtjlkNKSLXhPMbATS5Lnv4w=
Subject key identifier:   55:7C:63:00:B7:4B:73:E7:D7:DD:99:6A:AF:0E:35:4E:3F:55:6A:39
Authority key identifier: 97:6D:77:47:BB:E1:A8:01:35:40:A7:16:D2:5C:C7:87:F8:7D:B6:6A
Certificate issuer:       /CN=976d7747bbe1a8013540a716d25cc787f87db66a
Certificate serial:       019A2C330BE329F6960363B13A42AF5CDA79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l213R7vhqAE1QKcW0lzHh_h9tmo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/b492ff-3154-4304-b927-d99832657a45/1/l213R7vhqAE1QKcW0lzHh_h9tmo.mft
Manifest number:          0DA5
Signing time:             Tue 28 Oct 2025 19:02:14 +0000
Manifest this update:     Tue 28 Oct 2025 19:02:14 +0000
Manifest next update:     Wed 29 Oct 2025 19:02:14 +0000
Files and hashes:         1: l213R7vhqAE1QKcW0lzHh_h9tmo.crl (hash: borS73IHe/Y2mTBYhoCSpJ+M5y8usKJ4lbghlEhlgLM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/b492ff-3154-4304-b927-d99832657a45/1/l213R7vhqAE1QKcW0lzHh_h9tmo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/b492ff-3154-4304-b927-d99832657a45/1/l213R7vhqAE1QKcW0lzHh_h9tmo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/l213R7vhqAE1QKcW0lzHh_h9tmo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 29 Oct 2025 14:12:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:2c:33:0b:e3:29:f6:96:03:63:b1:3a:42:af:5c:da:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=976d7747bbe1a8013540a716d25cc787f87db66a
        Validity
            Not Before: Oct 28 19:02:14 2025 GMT
            Not After : Oct 29 19:02:14 2025 GMT
        Subject: CN=557c6300b74b73e7d7dd996aaf0e354e3f556a39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:03:80:88:bf:d2:9d:dc:0d:54:3a:53:51:a0:
                    66:be:71:e9:c4:a0:4d:82:3b:23:19:05:d5:35:6b:
                    ab:6d:be:ab:f2:12:cc:ca:64:64:c5:ac:6a:2f:fa:
                    5b:48:57:23:40:94:18:8f:88:df:f0:e6:04:1a:6c:
                    64:34:34:90:50:61:f8:cb:81:03:f3:4d:e8:0e:92:
                    5c:8a:c3:9b:67:8b:bc:ea:a9:77:a9:76:aa:cf:59:
                    ba:08:73:b5:92:a0:aa:fb:64:23:62:a2:8d:4e:44:
                    15:9e:d1:92:05:6e:ea:c1:97:ff:fe:f3:5d:5c:1c:
                    8b:32:7d:e5:3e:2e:4e:f6:1d:93:5f:a1:76:b1:af:
                    06:d1:70:39:f5:e9:1b:71:30:7f:6c:6d:5b:f8:47:
                    d8:5e:a6:f7:b8:94:ef:48:86:1c:39:c2:5b:58:6e:
                    aa:77:25:1d:0e:a4:76:1c:a1:fd:03:df:62:56:83:
                    85:88:f6:cc:c6:a1:38:5c:d2:83:aa:cc:04:ad:cb:
                    f9:8c:56:f0:dd:e0:aa:96:95:22:4e:41:6c:5d:cd:
                    c9:f8:e3:86:ad:cd:b4:a9:22:89:ec:5d:0b:eb:8e:
                    1f:5b:a9:7b:14:75:d6:18:a6:6a:7d:43:85:96:a8:
                    38:b5:9a:d8:74:ec:42:fb:b5:83:50:3b:aa:3a:76:
                    9d:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:7C:63:00:B7:4B:73:E7:D7:DD:99:6A:AF:0E:35:4E:3F:55:6A:39
            X509v3 Authority Key Identifier:
                keyid:97:6D:77:47:BB:E1:A8:01:35:40:A7:16:D2:5C:C7:87:F8:7D:B6:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l213R7vhqAE1QKcW0lzHh_h9tmo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/b492ff-3154-4304-b927-d99832657a45/1/l213R7vhqAE1QKcW0lzHh_h9tmo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/b492ff-3154-4304-b927-d99832657a45/1/l213R7vhqAE1QKcW0lzHh_h9tmo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c4:f2:c5:5e:11:17:16:1c:e5:96:73:fc:d4:ae:c9:b8:d0:53:
         9f:39:ed:16:de:50:98:76:f7:30:0c:b7:6b:06:c5:fa:b5:e8:
         68:9e:c2:9b:11:df:55:d0:28:9f:98:5a:32:09:03:b3:ca:37:
         13:6c:2c:50:69:18:51:93:db:98:d6:86:ec:ba:11:69:81:a6:
         d6:77:5a:be:f9:51:41:7a:6c:41:dd:9b:31:d9:d1:56:c9:df:
         b1:77:7b:c6:f6:0b:f1:34:d7:f6:dd:af:7e:86:2b:43:85:04:
         02:31:43:a5:fe:88:f0:ae:ac:f8:80:2d:75:fe:07:62:3b:bd:
         fc:b4:78:ca:e2:cd:ae:a3:6b:fe:72:6c:b1:f6:bc:46:cb:2d:
         d6:69:20:f2:66:5f:f5:f4:51:1c:a5:b2:e4:d6:67:2b:d8:c9:
         f1:b2:ca:32:18:bf:72:59:36:6f:37:a7:03:32:e1:e0:e8:58:
         93:ad:84:1b:46:52:40:4a:ba:b2:c7:58:d2:62:a5:85:5b:1a:
         58:66:c1:8c:cb:89:bd:59:ff:7b:e6:0b:28:8d:12:fa:d7:dc:
         b3:dc:95:fa:4b:a5:56:d9:51:06:9b:4c:16:0e:02:ff:85:59:
         b6:c7:61:05:bd:03:a5:98:f8:d2:38:0f:33:54:dd:9d:1a:68:
         78:b7:2a:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZosMwvjKfaWA2OxOkKvXNp5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NmQ3NzQ3YmJlMWE4MDEzNTQwYTcxNmQyNWNjNzg3Zjg3
ZGI2NmEwHhcNMjUxMDI4MTkwMjE0WhcNMjUxMDI5MTkwMjE0WjAzMTEwLwYDVQQD
Eyg1NTdjNjMwMGI3NGI3M2U3ZDdkZDk5NmFhZjBlMzU0ZTNmNTU2YTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQOAiL/SndwNVDpTUaBmvnHpxKBN
gjsjGQXVNWurbb6r8hLMymRkxaxqL/pbSFcjQJQYj4jf8OYEGmxkNDSQUGH4y4ED
803oDpJcisObZ4u86ql3qXaqz1m6CHO1kqCq+2QjYqKNTkQVntGSBW7qwZf//vNd
XByLMn3lPi5O9h2TX6F2sa8G0XA59ekbcTB/bG1b+EfYXqb3uJTvSIYcOcJbWG6q
dyUdDqR2HKH9A99iVoOFiPbMxqE4XNKDqswErcv5jFbw3eCqlpUiTkFsXc3J+OOG
rc20qSKJ7F0L644fW6l7FHXWGKZqfUOFlqg4tZrYdOxC+7WDUDuqOnadhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFV8YwC3S3Pn192Zaq8ONU4/VWo5MB8GA1UdIwQY
MBaAFJdtd0e74agBNUCnFtJcx4f4fbZqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDIxM1I3dmhxQUUxUUtjVzBsekhoX2g5dG1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9iNDkyZmYtMzE1NC00MzA0LWI5Mjct
ZDk5ODMyNjU3YTQ1LzEvbDIxM1I3dmhxQUUxUUtjVzBsekhoX2g5dG1vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9iNDkyZmYtMzE1NC00MzA0LWI5MjctZDk5ODMyNjU3YTQ1
LzEvbDIxM1I3dmhxQUUxUUtjVzBsekhoX2g5dG1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxPLFXhEX
FhzllnP81K7JuNBTnzntFt5QmHb3MAy3awbF+rXoaJ7CmxHfVdAon5haMgkDs8o3
E2wsUGkYUZPbmNaG7LoRaYGm1ndavvlRQXpsQd2bMdnRVsnfsXd7xvYL8TTX9t2v
foYrQ4UEAjFDpf6I8K6s+IAtdf4HYju9/LR4yuLNrqNr/nJssfa8Rsst1mkg8mZf
9fRRHKWy5NZnK9jJ8bLKMhi/clk2bzenAzLh4OhYk62EG0ZSQEq6ssdY0mKlhVsa
WGbBjMuJvVn/e+YLKI0S+tfcs9yV+kulVtlRBptMFg4C/4VZtsdhBb0DpZj40jgP
M1TdnRpoeLcqnw==
-----END CERTIFICATE-----