Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
File:                     Lokc9xG_fhxC4ILWoviaBL7rldE.mft (raw, json)
Hash identifier:          fPAa6/a2UAMYRx/sbsNAWeKaHqiKvFYAPtWnv8qZvcg=
Subject key identifier:   E5:90:C6:2B:AB:76:58:62:CA:BC:49:AE:EA:DE:5B:DE:E9:F9:17:48
Authority key identifier: 2E:89:1C:F7:11:BF:7E:1C:42:E0:82:D6:A2:F8:9A:04:BE:EB:95:D1
Certificate issuer:       /CN=2e891cf711bf7e1c42e082d6a2f89a04beeb95d1
Certificate serial:       019A7225A45AA7A09D00412994121A1CBF9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
Manifest number:          0323
Signing time:             Tue 11 Nov 2025 09:01:00 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:00 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:00 +0000
Files and hashes:         1: Lokc9xG_fhxC4ILWoviaBL7rldE.crl (hash: f8QjuEhlqLLMDDm5RxbzksXMHDRoujbSJGC+wssg2YM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:a4:5a:a7:a0:9d:00:41:29:94:12:1a:1c:bf:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e891cf711bf7e1c42e082d6a2f89a04beeb95d1
        Validity
            Not Before: Nov 11 09:01:00 2025 GMT
            Not After : Nov 12 09:01:00 2025 GMT
        Subject: CN=e590c62bab765862cabc49aeeade5bdee9f91748
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:1e:a3:dd:5c:0a:84:ed:e6:58:05:81:fc:45:
                    d6:87:c4:7a:62:d0:8b:58:2c:be:96:95:4c:41:81:
                    43:94:bf:cd:38:da:e1:c8:3d:61:b8:ba:ee:9d:e9:
                    8c:fa:63:1c:d1:f0:64:72:2b:73:00:4e:75:e7:b4:
                    80:14:46:6b:47:67:cd:5e:f9:16:d5:0b:42:64:c6:
                    15:8f:b8:3b:0a:c9:be:88:45:2e:35:f5:f7:3e:eb:
                    47:ac:c3:84:26:91:08:98:64:06:02:20:b6:3b:15:
                    80:86:2e:8d:2a:3d:9b:71:00:ac:4a:ab:32:66:62:
                    a6:f4:64:f4:29:c5:d3:0e:be:47:9c:02:46:c8:ac:
                    b0:68:1c:51:74:9d:f4:c5:9a:e6:6b:a0:14:11:02:
                    b7:11:7a:36:0d:35:19:71:4b:ac:dc:12:11:f8:c2:
                    0c:e8:97:9c:09:8d:25:f6:ac:4c:2c:65:45:1d:d6:
                    50:08:5f:3b:97:64:23:32:10:6a:1c:38:30:2c:05:
                    88:d6:09:f4:31:c7:b8:4b:33:1d:07:a3:b0:c3:0b:
                    87:c3:46:46:17:67:db:39:31:17:cc:f2:46:7f:1a:
                    82:90:87:37:06:28:fc:98:f2:7c:36:13:6a:14:a9:
                    43:47:b5:5a:7b:cb:26:19:57:9a:ee:cd:59:40:b8:
                    9e:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:90:C6:2B:AB:76:58:62:CA:BC:49:AE:EA:DE:5B:DE:E9:F9:17:48
            X509v3 Authority Key Identifier:
                keyid:2E:89:1C:F7:11:BF:7E:1C:42:E0:82:D6:A2:F8:9A:04:BE:EB:95:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:ef:48:27:68:7b:a3:99:9c:1f:15:42:63:c9:c1:24:26:80:
         43:13:ed:17:92:d0:67:37:c7:47:94:5c:fe:f9:43:3e:ff:9a:
         e4:aa:e8:85:7b:ff:e6:a1:38:56:ba:09:49:29:d9:66:9d:16:
         f8:fe:86:76:ed:02:d7:f4:fa:01:e2:ef:d4:6e:c0:d9:06:fe:
         b4:3e:52:e3:7e:c8:98:ce:d3:fd:03:a3:fa:cd:99:7f:22:43:
         eb:e5:65:cd:98:dd:31:5b:00:cc:b7:44:ef:15:41:a9:ba:1e:
         56:c9:4b:ae:46:09:f3:00:d7:a9:b7:32:7f:8b:b4:2f:64:a1:
         be:86:d9:90:f2:c5:1b:17:37:52:b7:3d:3d:d3:49:b0:9f:4d:
         13:e0:e6:c2:f3:a6:7b:ce:00:94:e8:6b:2d:55:a1:ce:fc:8f:
         b9:51:3b:53:a3:15:2d:ea:ca:67:e5:fe:2e:7b:87:a8:84:29:
         13:b9:69:98:39:d6:c5:d5:74:6e:7e:52:47:52:c1:12:fb:87:
         b0:6f:3c:25:55:1e:6b:8b:b0:6b:75:b8:23:fc:7b:4f:18:c9:
         c2:0d:31:1f:4f:ec:26:22:5e:6a:77:66:93:d8:a1:24:02:e7:
         50:26:b1:94:8c:57:d8:f7:b7:e4:e5:3f:e0:b3:de:99:d1:f3:
         80:67:c9:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJaRap6CdAEEplBIaHL+bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODkxY2Y3MTFiZjdlMWM0MmUwODJkNmEyZjg5YTA0YmVl
Yjk1ZDEwHhcNMjUxMTExMDkwMTAwWhcNMjUxMTEyMDkwMTAwWjAzMTEwLwYDVQQD
EyhlNTkwYzYyYmFiNzY1ODYyY2FiYzQ5YWVlYWRlNWJkZWU5ZjkxNzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzh6j3VwKhO3mWAWB/EXWh8R6YtCL
WCy+lpVMQYFDlL/NONrhyD1huLrunemM+mMc0fBkcitzAE5157SAFEZrR2fNXvkW
1QtCZMYVj7g7Csm+iEUuNfX3PutHrMOEJpEImGQGAiC2OxWAhi6NKj2bcQCsSqsy
ZmKm9GT0KcXTDr5HnAJGyKywaBxRdJ30xZrma6AUEQK3EXo2DTUZcUus3BIR+MIM
6JecCY0l9qxMLGVFHdZQCF87l2QjMhBqHDgwLAWI1gn0Mce4SzMdB6OwwwuHw0ZG
F2fbOTEXzPJGfxqCkIc3Bij8mPJ8NhNqFKlDR7Vae8smGVea7s1ZQLieFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOWQxiurdlhiyrxJrureW97p+RdIMB8GA1UdIwQY
MBaAFC6JHPcRv34cQuCC1qL4mgS+65XRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS81MGI1NTAtZjg1ZS00ODliLTg0NzMt
ZTAzNjUzODFiYjg1LzEvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS81MGI1NTAtZjg1ZS00ODliLTg0NzMtZTAzNjUzODFiYjg1
LzEvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMu9IJ2h7
o5mcHxVCY8nBJCaAQxPtF5LQZzfHR5Rc/vlDPv+a5KrohXv/5qE4VroJSSnZZp0W
+P6Gdu0C1/T6AeLv1G7A2Qb+tD5S437ImM7T/QOj+s2ZfyJD6+VlzZjdMVsAzLdE
7xVBqboeVslLrkYJ8wDXqbcyf4u0L2ShvobZkPLFGxc3Urc9PdNJsJ9NE+DmwvOm
e84AlOhrLVWhzvyPuVE7U6MVLerKZ+X+LnuHqIQpE7lpmDnWxdV0bn5SR1LBEvuH
sG88JVUea4uwa3W4I/x7TxjJwg0xH0/sJiJeandmk9ihJALnUCaxlIxX2Pe35OU/
4LPemdHzgGfJQA==
-----END CERTIFICATE-----