Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.mft
File:                     ltTArxW-ONL8XjD-NFdHXTS3g5o.mft (raw, json)
Hash identifier:          eB+zeZtBzDf7rCHcRzfeuoYrv+CCmNGRdNtxBZ+duig=
Subject key identifier:   A4:F1:2B:4D:64:76:2F:F4:14:6F:D6:AC:9A:F3:BE:AC:3D:AD:B9:4D
Authority key identifier: 96:D4:C0:AF:15:BE:38:D2:FC:5E:30:FE:34:57:47:5D:34:B7:83:9A
Certificate issuer:       /CN=96d4c0af15be38d2fc5e30fe3457475d34b7839a
Certificate serial:       019923A082186CB63D51C27BE2C2B7CA83CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ltTArxW-ONL8XjD-NFdHXTS3g5o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.mft
Manifest number:          12E2
Signing time:             Sun 07 Sep 2025 10:02:25 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:25 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:25 +0000
Files and hashes:         1: ltTArxW-ONL8XjD-NFdHXTS3g5o.crl (hash: QVG43lyp4trUn9Ktcdf0+hZvgLGdFYvSjYq2E0lho9Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ltTArxW-ONL8XjD-NFdHXTS3g5o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:82:18:6c:b6:3d:51:c2:7b:e2:c2:b7:ca:83:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=96d4c0af15be38d2fc5e30fe3457475d34b7839a
        Validity
            Not Before: Sep  7 10:02:25 2025 GMT
            Not After : Sep  8 10:02:25 2025 GMT
        Subject: CN=a4f12b4d64762ff4146fd6ac9af3beac3dadb94d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:1e:9a:be:7d:90:cf:ec:8d:a9:16:aa:d2:c0:
                    80:59:b0:c6:41:fa:86:1d:40:a0:6a:23:69:83:71:
                    36:8e:8f:a3:cb:f4:fc:79:bb:4a:29:9a:aa:0e:01:
                    d2:c6:ab:02:c2:ea:f1:2b:3f:80:98:c8:de:f0:8f:
                    9b:a6:99:e5:d2:39:78:b0:ef:c1:c9:af:ee:79:af:
                    ca:97:cd:ff:bd:fa:1c:fa:45:d6:cc:5f:42:7b:71:
                    71:a9:dd:8e:68:19:c6:39:19:7c:7e:84:e0:af:5f:
                    5e:9e:98:93:92:63:1f:11:30:6c:09:ad:b1:93:dc:
                    6d:b2:4d:88:45:54:59:ea:1d:76:33:a0:d8:ad:3a:
                    33:e0:82:65:d4:5a:87:2b:9d:7d:62:a5:a9:c7:71:
                    fd:2e:24:2c:0a:3e:67:8e:0d:1f:ff:bc:2a:80:48:
                    62:e5:c6:da:5f:fa:0a:07:be:12:ae:13:c9:e3:16:
                    c3:47:f5:42:a6:45:71:74:ad:c3:d8:c0:39:02:89:
                    c1:cb:28:21:76:48:46:7b:1a:af:b0:e9:47:66:21:
                    b4:17:56:ae:61:58:e3:0d:20:cb:53:03:c4:02:ac:
                    7f:53:da:90:5e:8f:04:c6:c6:01:8a:7f:0b:99:a0:
                    ac:6c:17:e5:cc:c3:d9:e8:c2:21:0d:93:56:c3:01:
                    24:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:F1:2B:4D:64:76:2F:F4:14:6F:D6:AC:9A:F3:BE:AC:3D:AD:B9:4D
            X509v3 Authority Key Identifier:
                keyid:96:D4:C0:AF:15:BE:38:D2:FC:5E:30:FE:34:57:47:5D:34:B7:83:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ltTArxW-ONL8XjD-NFdHXTS3g5o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:bf:26:05:ab:96:07:0b:a7:dd:ed:a0:23:07:f4:84:54:b6:
         24:73:38:bc:8a:de:39:76:c3:93:a2:8f:45:2b:43:b4:22:12:
         9d:06:af:40:d9:b9:f5:84:da:ec:fc:14:ad:b9:2d:9a:62:fa:
         01:eb:3e:55:90:fc:c4:d0:1b:5e:50:4d:25:a6:0f:c6:ab:b9:
         9e:13:1d:33:a6:a7:cc:48:4c:57:fe:2f:94:6c:6e:ee:16:15:
         a9:90:ea:a1:4d:63:48:74:2e:47:86:8c:91:de:3b:aa:57:be:
         b8:04:1b:30:d5:c9:c1:0b:88:44:8f:86:90:88:88:78:6a:6b:
         ca:34:77:e3:ba:4b:c4:50:60:2e:bc:c0:88:ee:f9:c9:40:d9:
         32:2b:93:7c:27:e1:b4:cb:0d:42:83:ed:37:ae:20:49:7d:f0:
         e3:c2:28:92:55:ed:bf:c5:18:1d:01:39:23:ce:eb:42:fb:4c:
         b6:24:f7:d7:7a:62:11:dd:a2:a7:e6:45:43:ec:f4:08:17:b4:
         fd:a3:da:55:51:fe:bf:e2:9f:34:fa:bd:6c:fc:47:8d:a3:fa:
         af:d7:33:de:cd:3a:36:a2:ca:75:7d:c6:77:23:e8:15:18:b0:
         57:e5:3a:f0:51:2b:56:2a:ef:30:bf:b9:d8:39:f0:b9:c9:86:
         11:7f:6b:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoIIYbLY9UcJ74sK3yoPPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2ZDRjMGFmMTViZTM4ZDJmYzVlMzBmZTM0NTc0NzVkMzRi
NzgzOWEwHhcNMjUwOTA3MTAwMjI1WhcNMjUwOTA4MTAwMjI1WjAzMTEwLwYDVQQD
EyhhNGYxMmI0ZDY0NzYyZmY0MTQ2ZmQ2YWM5YWYzYmVhYzNkYWRiOTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvB6avn2Qz+yNqRaq0sCAWbDGQfqG
HUCgaiNpg3E2jo+jy/T8ebtKKZqqDgHSxqsCwurxKz+AmMje8I+bppnl0jl4sO/B
ya/uea/Kl83/vfoc+kXWzF9Ce3Fxqd2OaBnGORl8foTgr19enpiTkmMfETBsCa2x
k9xtsk2IRVRZ6h12M6DYrToz4IJl1FqHK519YqWpx3H9LiQsCj5njg0f/7wqgEhi
5cbaX/oKB74SrhPJ4xbDR/VCpkVxdK3D2MA5AonByyghdkhGexqvsOlHZiG0F1au
YVjjDSDLUwPEAqx/U9qQXo8ExsYBin8LmaCsbBflzMPZ6MIhDZNWwwEkDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKTxK01kdi/0FG/WrJrzvqw9rblNMB8GA1UdIwQY
MBaAFJbUwK8VvjjS/F4w/jRXR100t4OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHRUQXJ4Vy1PTkw4WGpELU5GZEhYVFMzZzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iMWIxMjgtNGYxMC00ODZlLWExZWUt
OTUyZjZmYzAyNjcyLzEvbHRUQXJ4Vy1PTkw4WGpELU5GZEhYVFMzZzVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iMWIxMjgtNGYxMC00ODZlLWExZWUtOTUyZjZmYzAyNjcy
LzEvbHRUQXJ4Vy1PTkw4WGpELU5GZEhYVFMzZzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApb8mBauW
Bwun3e2gIwf0hFS2JHM4vIreOXbDk6KPRStDtCISnQavQNm59YTa7PwUrbktmmL6
Aes+VZD8xNAbXlBNJaYPxqu5nhMdM6anzEhMV/4vlGxu7hYVqZDqoU1jSHQuR4aM
kd47qle+uAQbMNXJwQuIRI+GkIiIeGpryjR347pLxFBgLrzAiO75yUDZMiuTfCfh
tMsNQoPtN64gSX3w48IoklXtv8UYHQE5I87rQvtMtiT313piEd2ip+ZFQ+z0CBe0
/aPaVVH+v+KfNPq9bPxHjaP6r9cz3s06NqLKdX3GdyPoFRiwV+U68FErVirvML+5
2DnwucmGEX9rNg==
-----END CERTIFICATE-----