Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/0add7c-a28c-4ae8-8885-01ce06d315cd/1/LKzIXJmo4dt9HFImfC3b08OeGLI.mft
File:                     LKzIXJmo4dt9HFImfC3b08OeGLI.mft (raw, json)
Hash identifier:          wfSQ3q3amxGUS+eAiI98QwY2aXmBBCdKvqdRkKzzCKY=
Subject key identifier:   46:87:F4:DD:AF:29:96:86:C9:8E:74:CF:D0:07:27:DD:AC:DA:73:7F
Authority key identifier: 2C:AC:C8:5C:99:A8:E1:DB:7D:1C:52:26:7C:2D:DB:D3:C3:9E:18:B2
Certificate issuer:       /CN=2cacc85c99a8e1db7d1c52267c2ddbd3c39e18b2
Certificate serial:       019A71B78FF1F7DD91E6FEDB4B7A8559A1D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LKzIXJmo4dt9HFImfC3b08OeGLI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/0add7c-a28c-4ae8-8885-01ce06d315cd/1/LKzIXJmo4dt9HFImfC3b08OeGLI.mft
Manifest number:          0E36
Signing time:             Tue 11 Nov 2025 07:00:46 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:46 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:46 +0000
Files and hashes:         1: LKzIXJmo4dt9HFImfC3b08OeGLI.crl (hash: DQ7Iazv4ZzFk4rhhQP0ZCtXPeHgIKGZn/iEx4+4G7L4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c8/0add7c-a28c-4ae8-8885-01ce06d315cd/1/LKzIXJmo4dt9HFImfC3b08OeGLI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c8/0add7c-a28c-4ae8-8885-01ce06d315cd/1/LKzIXJmo4dt9HFImfC3b08OeGLI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LKzIXJmo4dt9HFImfC3b08OeGLI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:8f:f1:f7:dd:91:e6:fe:db:4b:7a:85:59:a1:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2cacc85c99a8e1db7d1c52267c2ddbd3c39e18b2
        Validity
            Not Before: Nov 11 07:00:46 2025 GMT
            Not After : Nov 12 07:00:46 2025 GMT
        Subject: CN=4687f4ddaf299686c98e74cfd00727ddacda737f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:77:df:56:e5:7d:49:ee:d6:bd:95:1d:ed:e0:
                    c4:37:f7:71:4a:6f:5b:b9:8e:28:df:d7:ac:b2:9e:
                    17:6d:b5:bd:ca:12:96:7a:e4:60:5a:e5:64:18:9c:
                    4a:11:9e:d9:ec:78:02:42:99:57:10:48:1d:e4:d3:
                    a5:d7:a1:4e:87:fa:a9:c0:f8:e8:04:3a:db:3f:c1:
                    b9:ef:f2:50:0a:b9:1f:40:f0:c0:a0:50:a0:f9:37:
                    98:78:09:a2:8a:fc:f4:a6:21:80:ba:d7:e8:cf:70:
                    de:59:4d:2b:1f:8e:02:b1:9d:18:00:ea:ad:dd:46:
                    8a:02:40:df:31:e4:86:ab:3e:fa:c9:9e:5a:15:2b:
                    a2:dd:9c:ae:4b:a9:59:2d:7c:3c:d3:ba:26:8e:14:
                    cc:cb:f8:bb:e0:69:04:7c:ab:ec:69:65:ff:af:05:
                    58:d6:be:ac:6f:25:50:d5:ea:cd:2a:57:7a:e5:61:
                    7c:09:67:d9:f1:35:2a:ca:b3:be:ad:fd:90:72:a3:
                    b2:3a:aa:e0:55:f5:53:66:f5:b1:ab:da:7a:d1:02:
                    79:52:44:3a:94:17:45:57:6d:4d:2f:40:d5:f6:64:
                    c7:7c:85:37:2e:c0:68:e3:d0:3f:22:d0:99:70:12:
                    5e:23:9b:5b:b6:68:2a:f7:cf:20:be:64:0d:b6:03:
                    eb:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:87:F4:DD:AF:29:96:86:C9:8E:74:CF:D0:07:27:DD:AC:DA:73:7F
            X509v3 Authority Key Identifier:
                keyid:2C:AC:C8:5C:99:A8:E1:DB:7D:1C:52:26:7C:2D:DB:D3:C3:9E:18:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LKzIXJmo4dt9HFImfC3b08OeGLI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/0add7c-a28c-4ae8-8885-01ce06d315cd/1/LKzIXJmo4dt9HFImfC3b08OeGLI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/0add7c-a28c-4ae8-8885-01ce06d315cd/1/LKzIXJmo4dt9HFImfC3b08OeGLI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:4f:71:4e:03:c5:b8:ca:73:33:e8:0e:f4:0e:05:da:bf:03:
         de:63:51:9a:7d:28:3c:b9:d3:d0:28:89:0f:ab:83:3c:b5:7a:
         4e:27:89:27:36:a5:66:53:a8:7a:d0:c5:ce:20:21:a7:86:bb:
         22:cb:46:ab:15:de:a2:af:74:ba:c2:91:08:b0:41:47:8b:30:
         fc:6c:82:37:73:f3:d7:6e:46:6e:33:70:2e:58:30:44:7d:b5:
         21:f0:bd:eb:41:96:af:b7:b2:0b:4b:3b:9a:41:c7:c8:cc:fa:
         f1:3b:2d:a7:aa:fb:74:95:21:84:08:ed:bf:c2:fd:9e:6d:f1:
         9f:a8:84:f3:1a:4b:4d:25:ed:40:01:71:23:d8:48:46:a1:81:
         f8:83:5d:6e:dc:21:bd:43:32:f1:dd:ea:7e:f5:39:44:bd:bd:
         ee:7c:18:f2:74:d5:79:54:a7:c1:46:3c:d2:27:a2:97:5e:03:
         67:03:95:5f:a7:d3:98:46:98:f1:c3:f0:63:13:9a:e6:7d:b5:
         ea:a8:d1:ae:7c:00:54:24:9a:c3:bf:7f:56:01:79:2d:8b:bf:
         73:03:be:97:ad:ed:69:82:f1:29:d4:1e:40:1b:28:99:42:7d:
         92:54:9b:1f:fc:e9:d8:60:dd:53:59:8a:83:ea:ab:a2:f3:b6:
         46:06:3e:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt4/x992R5v7bS3qFWaHWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjYWNjODVjOTlhOGUxZGI3ZDFjNTIyNjdjMmRkYmQzYzM5
ZTE4YjIwHhcNMjUxMTExMDcwMDQ2WhcNMjUxMTEyMDcwMDQ2WjAzMTEwLwYDVQQD
Eyg0Njg3ZjRkZGFmMjk5Njg2Yzk4ZTc0Y2ZkMDA3MjdkZGFjZGE3MzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXffVuV9Se7WvZUd7eDEN/dxSm9b
uY4o39essp4XbbW9yhKWeuRgWuVkGJxKEZ7Z7HgCQplXEEgd5NOl16FOh/qpwPjo
BDrbP8G57/JQCrkfQPDAoFCg+TeYeAmiivz0piGAutfoz3DeWU0rH44CsZ0YAOqt
3UaKAkDfMeSGqz76yZ5aFSui3ZyuS6lZLXw807omjhTMy/i74GkEfKvsaWX/rwVY
1r6sbyVQ1erNKld65WF8CWfZ8TUqyrO+rf2QcqOyOqrgVfVTZvWxq9p60QJ5UkQ6
lBdFV21NL0DV9mTHfIU3LsBo49A/ItCZcBJeI5tbtmgq988gvmQNtgPrdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEaH9N2vKZaGyY50z9AHJ92s2nN/MB8GA1UdIwQY
MBaAFCysyFyZqOHbfRxSJnwt29PDnhiyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEt6SVhKbW80ZHQ5SEZJbWZDM2IwOE9lR0xJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8wYWRkN2MtYTI4Yy00YWU4LTg4ODUt
MDFjZTA2ZDMxNWNkLzEvTEt6SVhKbW80ZHQ5SEZJbWZDM2IwOE9lR0xJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8wYWRkN2MtYTI4Yy00YWU4LTg4ODUtMDFjZTA2ZDMxNWNk
LzEvTEt6SVhKbW80ZHQ5SEZJbWZDM2IwOE9lR0xJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMU9xTgPF
uMpzM+gO9A4F2r8D3mNRmn0oPLnT0CiJD6uDPLV6TieJJzalZlOoetDFziAhp4a7
IstGqxXeoq90usKRCLBBR4sw/GyCN3Pz125GbjNwLlgwRH21IfC960GWr7eyC0s7
mkHHyMz68Tstp6r7dJUhhAjtv8L9nm3xn6iE8xpLTSXtQAFxI9hIRqGB+INdbtwh
vUMy8d3qfvU5RL297nwY8nTVeVSnwUY80ieil14DZwOVX6fTmEaY8cPwYxOa5n21
6qjRrnwAVCSaw79/VgF5LYu/cwO+l63taYLxKdQeQBsomUJ9klSbH/zp2GDdU1mK
g+qrovO2RgY+kQ==
-----END CERTIFICATE-----