Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/3feed9-ce5f-4a22-99b9-a4a9cc471599/1/lcGSBnFsXHnTW_FZJNszI6TsGMg.mft
File:                     lcGSBnFsXHnTW_FZJNszI6TsGMg.mft (raw, json)
Hash identifier:          bRCDDFivzs+P/K/NBO4yp0uaUng6hke41LrIvBH4SpU=
Subject key identifier:   C1:1D:2F:6F:71:A7:56:E9:90:45:88:DF:63:01:F9:07:6F:2D:B0:91
Authority key identifier: 95:C1:92:06:71:6C:5C:79:D3:5B:F1:59:24:DB:33:23:A4:EC:18:C8
Certificate issuer:       /CN=95c19206716c5c79d35bf15924db3323a4ec18c8
Certificate serial:       019A706DE849AA79990E699B56E63E693EC7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lcGSBnFsXHnTW_FZJNszI6TsGMg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/3feed9-ce5f-4a22-99b9-a4a9cc471599/1/lcGSBnFsXHnTW_FZJNszI6TsGMg.mft
Manifest number:          12EE
Signing time:             Tue 11 Nov 2025 01:00:42 +0000
Manifest this update:     Tue 11 Nov 2025 01:00:42 +0000
Manifest next update:     Wed 12 Nov 2025 01:00:42 +0000
Files and hashes:         1: lcGSBnFsXHnTW_FZJNszI6TsGMg.crl (hash: hCsyqk6YOKVp81YhFOZLGhGfR3/Fd5Bs4+v1fwQ5qM4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/3feed9-ce5f-4a22-99b9-a4a9cc471599/1/lcGSBnFsXHnTW_FZJNszI6TsGMg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/3feed9-ce5f-4a22-99b9-a4a9cc471599/1/lcGSBnFsXHnTW_FZJNszI6TsGMg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lcGSBnFsXHnTW_FZJNszI6TsGMg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 01:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:6d:e8:49:aa:79:99:0e:69:9b:56:e6:3e:69:3e:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95c19206716c5c79d35bf15924db3323a4ec18c8
        Validity
            Not Before: Nov 11 01:00:42 2025 GMT
            Not After : Nov 12 01:00:42 2025 GMT
        Subject: CN=c11d2f6f71a756e9904588df6301f9076f2db091
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:38:27:df:da:cb:0e:c1:a9:e4:ad:d2:7f:82:
                    48:77:34:43:6b:a0:f0:03:1c:b5:68:44:86:2d:b1:
                    91:d4:52:c2:0b:11:df:e5:7d:90:58:17:78:63:9e:
                    61:b2:ed:1a:fd:f1:69:c5:a1:50:48:37:fa:2b:9e:
                    36:f5:5a:d9:d4:84:47:17:92:ed:a5:85:e4:93:70:
                    05:3a:b8:21:2c:7a:1f:b2:a4:2b:17:91:22:2c:a4:
                    59:e6:34:f5:50:e1:84:ac:41:6e:df:df:14:86:fa:
                    3a:f1:74:82:23:a2:3c:79:43:4a:0c:d5:01:57:b2:
                    1e:a7:f6:7d:48:75:27:9a:93:02:5d:02:50:83:27:
                    3e:75:85:bc:fb:13:08:fa:d9:6f:ab:d8:b8:34:20:
                    7f:1c:c4:ab:84:51:9d:46:4b:fb:8f:c6:c8:2f:07:
                    6a:db:72:3d:9a:00:ab:1c:59:42:bb:f4:44:2f:56:
                    e1:e1:93:16:30:38:87:57:0e:b8:86:c0:42:9a:cf:
                    19:c1:76:c2:46:71:74:15:40:93:c4:bd:f8:b8:3c:
                    ab:a7:15:6e:a4:ff:af:01:50:88:ff:41:96:2c:53:
                    47:3a:47:b0:82:fe:01:fb:f8:6c:82:71:fd:02:9b:
                    89:46:23:dd:e1:0a:e1:7a:3f:6a:09:b1:24:dc:72:
                    13:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:1D:2F:6F:71:A7:56:E9:90:45:88:DF:63:01:F9:07:6F:2D:B0:91
            X509v3 Authority Key Identifier:
                keyid:95:C1:92:06:71:6C:5C:79:D3:5B:F1:59:24:DB:33:23:A4:EC:18:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lcGSBnFsXHnTW_FZJNszI6TsGMg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/3feed9-ce5f-4a22-99b9-a4a9cc471599/1/lcGSBnFsXHnTW_FZJNszI6TsGMg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/3feed9-ce5f-4a22-99b9-a4a9cc471599/1/lcGSBnFsXHnTW_FZJNszI6TsGMg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:94:4a:9e:bb:b7:04:be:a4:39:86:bc:eb:ca:20:cd:55:42:
         13:d2:14:5c:d0:b2:2a:0e:3e:c5:65:fa:db:90:ff:1a:96:94:
         0c:67:c2:7e:ba:0a:ea:fa:00:fb:74:04:ac:82:13:16:00:6f:
         62:e5:2a:06:28:d1:e3:61:99:ed:c9:97:8e:24:95:8d:e6:33:
         93:c0:85:5e:6c:3d:aa:99:18:fc:73:9a:02:99:08:03:c2:a6:
         a0:8a:e5:ce:62:05:18:31:13:83:82:c5:90:dd:de:6f:74:e0:
         ef:c7:62:bb:9c:dd:91:99:5c:75:82:96:45:d5:cc:be:ff:bf:
         89:41:74:e0:a7:ce:3d:78:67:39:ec:ec:ac:3d:92:33:5d:2f:
         dc:f5:3a:3d:db:b6:a8:d0:80:05:63:a9:ff:5f:d9:7c:6f:da:
         06:a9:2b:dc:97:5e:61:95:64:a1:e5:80:60:3a:fc:5b:a3:41:
         67:d1:d0:d2:d3:49:c2:e0:22:ce:0e:c5:dc:99:64:f9:84:f5:
         94:20:ba:22:38:07:7c:d5:d8:2d:8f:44:95:77:a9:78:15:c1:
         27:75:c8:3d:df:72:f1:65:a0:5e:f8:dc:4c:66:0a:34:a4:bb:
         fb:8a:b8:ba:46:00:8c:8c:63:30:5f:be:83:e3:f6:0e:98:e8:
         3b:1a:d1:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwbehJqnmZDmmbVuY+aT7HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YzE5MjA2NzE2YzVjNzlkMzViZjE1OTI0ZGIzMzIzYTRl
YzE4YzgwHhcNMjUxMTExMDEwMDQyWhcNMjUxMTEyMDEwMDQyWjAzMTEwLwYDVQQD
EyhjMTFkMmY2ZjcxYTc1NmU5OTA0NTg4ZGY2MzAxZjkwNzZmMmRiMDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzgn39rLDsGp5K3Sf4JIdzRDa6Dw
Axy1aESGLbGR1FLCCxHf5X2QWBd4Y55hsu0a/fFpxaFQSDf6K5429VrZ1IRHF5Lt
pYXkk3AFOrghLHofsqQrF5EiLKRZ5jT1UOGErEFu398Uhvo68XSCI6I8eUNKDNUB
V7Iep/Z9SHUnmpMCXQJQgyc+dYW8+xMI+tlvq9i4NCB/HMSrhFGdRkv7j8bILwdq
23I9mgCrHFlCu/REL1bh4ZMWMDiHVw64hsBCms8ZwXbCRnF0FUCTxL34uDyrpxVu
pP+vAVCI/0GWLFNHOkewgv4B+/hsgnH9ApuJRiPd4Qrhej9qCbEk3HIThwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMEdL29xp1bpkEWI32MB+QdvLbCRMB8GA1UdIwQY
MBaAFJXBkgZxbFx501vxWSTbMyOk7BjIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGNHU0JuRnNYSG5UV19GWkpOc3pJNlRzR01nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8zZmVlZDktY2U1Zi00YTIyLTk5Yjkt
YTRhOWNjNDcxNTk5LzEvbGNHU0JuRnNYSG5UV19GWkpOc3pJNlRzR01nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8zZmVlZDktY2U1Zi00YTIyLTk5YjktYTRhOWNjNDcxNTk5
LzEvbGNHU0JuRnNYSG5UV19GWkpOc3pJNlRzR01nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZJRKnru3
BL6kOYa868ogzVVCE9IUXNCyKg4+xWX625D/GpaUDGfCfroK6voA+3QErIITFgBv
YuUqBijR42GZ7cmXjiSVjeYzk8CFXmw9qpkY/HOaApkIA8KmoIrlzmIFGDETg4LF
kN3eb3Tg78diu5zdkZlcdYKWRdXMvv+/iUF04KfOPXhnOezsrD2SM10v3PU6Pdu2
qNCABWOp/1/ZfG/aBqkr3JdeYZVkoeWAYDr8W6NBZ9HQ0tNJwuAizg7F3Jlk+YT1
lCC6IjgHfNXYLY9ElXepeBXBJ3XIPd9y8WWgXvjcTGYKNKS7+4q4ukYAjIxjMF++
g+P2DpjoOxrR5w==
-----END CERTIFICATE-----