Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/76a471-08e0-49e6-9537-53b55fae023d/1/LSdW5QjQEzSbJE4wfX8jliafJwg.mft
File:                     LSdW5QjQEzSbJE4wfX8jliafJwg.mft (raw, json)
Hash identifier:          0CDhx5KjubFpNgnQH71AMQE7PPlRHKl1tK7flDfgwGk=
Subject key identifier:   11:79:48:57:A2:D9:7D:3E:09:8C:09:A1:AF:CB:7A:6E:29:09:C3:C2
Authority key identifier: 2D:27:56:E5:08:D0:13:34:9B:24:4E:30:7D:7F:23:96:26:9F:27:08
Certificate issuer:       /CN=2d2756e508d013349b244e307d7f2396269f2708
Certificate serial:       019A70DBDDA6C336FD4ECDF83C5D7A912C7D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LSdW5QjQEzSbJE4wfX8jliafJwg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/76a471-08e0-49e6-9537-53b55fae023d/1/LSdW5QjQEzSbJE4wfX8jliafJwg.mft
Manifest number:          13AF
Signing time:             Tue 11 Nov 2025 03:00:48 +0000
Manifest this update:     Tue 11 Nov 2025 03:00:48 +0000
Manifest next update:     Wed 12 Nov 2025 03:00:48 +0000
Files and hashes:         1: LSdW5QjQEzSbJE4wfX8jliafJwg.crl (hash: 7kvjtJLxzmyeobbT8cY1o9ZjsrtJcIHQLts/hM9PNEM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/76a471-08e0-49e6-9537-53b55fae023d/1/LSdW5QjQEzSbJE4wfX8jliafJwg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/76a471-08e0-49e6-9537-53b55fae023d/1/LSdW5QjQEzSbJE4wfX8jliafJwg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LSdW5QjQEzSbJE4wfX8jliafJwg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 03:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:db:dd:a6:c3:36:fd:4e:cd:f8:3c:5d:7a:91:2c:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d2756e508d013349b244e307d7f2396269f2708
        Validity
            Not Before: Nov 11 03:00:48 2025 GMT
            Not After : Nov 12 03:00:48 2025 GMT
        Subject: CN=11794857a2d97d3e098c09a1afcb7a6e2909c3c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:be:45:b1:4c:f0:1e:30:dc:f3:36:3f:c6:04:
                    71:85:31:97:10:a1:de:92:59:b6:46:5a:d0:1f:6d:
                    ad:7d:10:f7:46:b9:b5:1f:3c:76:43:66:0f:62:c7:
                    bd:f6:6d:0b:ae:ce:b9:75:da:08:9c:9d:9b:cf:6c:
                    f2:b7:cd:65:f2:87:f8:ee:ed:0a:ef:45:e4:01:32:
                    9a:01:e9:13:d4:e5:9f:36:5f:0e:30:55:42:cb:4a:
                    34:ce:8e:4f:26:64:3b:30:ff:25:13:13:ff:78:d2:
                    3f:cf:37:41:3e:34:8c:bb:f7:20:59:8a:ec:12:a6:
                    3c:0e:ba:4b:9d:7e:d2:5f:71:d6:0a:31:93:cc:b7:
                    b1:10:8e:8d:51:08:1d:73:dd:8d:c2:fe:61:11:2b:
                    89:42:fc:91:5e:87:30:26:e5:9a:c5:0e:fc:44:2d:
                    c5:65:0b:f3:c2:fe:e2:85:b0:3f:87:41:81:31:9d:
                    86:f3:23:ec:e8:4e:2a:e6:9f:5b:5a:55:55:c9:75:
                    f2:57:27:18:21:5e:8c:51:84:e2:10:af:c9:80:f7:
                    03:c0:4b:4b:0e:85:1d:ad:9b:77:66:16:09:71:fd:
                    c3:08:a9:6c:ee:a1:92:5d:2b:2d:2d:99:33:a4:88:
                    51:ae:af:45:89:fa:1d:9e:eb:bf:0e:05:08:a1:01:
                    88:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:79:48:57:A2:D9:7D:3E:09:8C:09:A1:AF:CB:7A:6E:29:09:C3:C2
            X509v3 Authority Key Identifier:
                keyid:2D:27:56:E5:08:D0:13:34:9B:24:4E:30:7D:7F:23:96:26:9F:27:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LSdW5QjQEzSbJE4wfX8jliafJwg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/76a471-08e0-49e6-9537-53b55fae023d/1/LSdW5QjQEzSbJE4wfX8jliafJwg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/76a471-08e0-49e6-9537-53b55fae023d/1/LSdW5QjQEzSbJE4wfX8jliafJwg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:ea:c8:74:4b:6c:ba:ef:0a:72:05:13:34:57:94:59:be:b0:
         39:c1:d0:08:4c:a7:c9:3e:0c:b7:4b:fc:6e:00:ac:bb:62:f8:
         28:d0:ed:52:4c:d3:2e:50:d2:59:8d:41:b4:f6:99:fa:d7:66:
         f0:89:38:12:99:83:2c:37:22:8c:84:33:19:70:d0:4c:50:06:
         8c:65:58:7f:63:b6:ad:93:09:ad:bf:c0:ac:65:e3:76:67:7c:
         1b:3a:a6:ff:54:f7:c3:8b:22:21:8e:7a:1a:24:65:6b:f1:86:
         c5:e4:a6:65:88:99:cf:a0:8f:e4:02:47:0d:41:53:af:c2:ff:
         a7:e2:9a:5f:1b:6e:30:3a:4c:7d:a8:7c:0b:72:68:3b:b0:fc:
         58:36:df:b0:97:f9:14:bf:93:d2:0e:18:15:54:72:c7:d0:75:
         39:14:29:90:2d:ce:e7:59:b4:a8:4e:c5:0f:8b:21:c7:21:45:
         6b:7a:c9:2f:51:8b:f3:3b:c2:53:4d:bb:3e:ba:8f:a9:02:ca:
         18:46:d3:06:39:7a:18:e3:9e:39:e4:ee:f1:12:eb:34:3f:28:
         2a:85:db:c8:38:e3:68:b4:b2:3e:0e:28:73:8d:01:73:6e:6f:
         a8:35:29:b1:0d:3a:63:7c:01:a1:88:1d:1e:46:7f:34:24:09:
         7f:69:3e:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw292mwzb9Ts34PF16kSx9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMjc1NmU1MDhkMDEzMzQ5YjI0NGUzMDdkN2YyMzk2MjY5
ZjI3MDgwHhcNMjUxMTExMDMwMDQ4WhcNMjUxMTEyMDMwMDQ4WjAzMTEwLwYDVQQD
EygxMTc5NDg1N2EyZDk3ZDNlMDk4YzA5YTFhZmNiN2E2ZTI5MDljM2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApL5FsUzwHjDc8zY/xgRxhTGXEKHe
klm2RlrQH22tfRD3Rrm1Hzx2Q2YPYse99m0Lrs65ddoInJ2bz2zyt81l8of47u0K
70XkATKaAekT1OWfNl8OMFVCy0o0zo5PJmQ7MP8lExP/eNI/zzdBPjSMu/cgWYrs
EqY8DrpLnX7SX3HWCjGTzLexEI6NUQgdc92Nwv5hESuJQvyRXocwJuWaxQ78RC3F
ZQvzwv7ihbA/h0GBMZ2G8yPs6E4q5p9bWlVVyXXyVycYIV6MUYTiEK/JgPcDwEtL
DoUdrZt3ZhYJcf3DCKls7qGSXSstLZkzpIhRrq9Fifodnuu/DgUIoQGINwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBF5SFei2X0+CYwJoa/Lem4pCcPCMB8GA1UdIwQY
MBaAFC0nVuUI0BM0myROMH1/I5YmnycIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFNkVzVRalFFelNiSkU0d2ZYOGpsaWFmSndnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC83NmE0NzEtMDhlMC00OWU2LTk1Mzct
NTNiNTVmYWUwMjNkLzEvTFNkVzVRalFFelNiSkU0d2ZYOGpsaWFmSndnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC83NmE0NzEtMDhlMC00OWU2LTk1MzctNTNiNTVmYWUwMjNk
LzEvTFNkVzVRalFFelNiSkU0d2ZYOGpsaWFmSndnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADurIdEts
uu8KcgUTNFeUWb6wOcHQCEynyT4Mt0v8bgCsu2L4KNDtUkzTLlDSWY1BtPaZ+tdm
8Ik4EpmDLDcijIQzGXDQTFAGjGVYf2O2rZMJrb/ArGXjdmd8Gzqm/1T3w4siIY56
GiRla/GGxeSmZYiZz6CP5AJHDUFTr8L/p+KaXxtuMDpMfah8C3JoO7D8WDbfsJf5
FL+T0g4YFVRyx9B1ORQpkC3O51m0qE7FD4shxyFFa3rJL1GL8zvCU027PrqPqQLK
GEbTBjl6GOOeOeTu8RLrND8oKoXbyDjjaLSyPg4oc40Bc25vqDUpsQ06Y3wBoYgd
HkZ/NCQJf2k+eQ==
-----END CERTIFICATE-----