Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/e73e95-c3c9-49ae-a2d9-a7b85460f366/1/lPi_nzBVJ1IVCGl-Lqo74cehhFQ.mft
File:                     lPi_nzBVJ1IVCGl-Lqo74cehhFQ.mft (raw, json)
Hash identifier:          FplzRMsptZ3kz8L8AnhRHEyGymbBiLWUtlUp1x1Me9w=
Subject key identifier:   F4:CF:72:BE:33:3B:16:C6:9E:38:ED:5B:01:35:AC:DF:08:17:7F:9A
Authority key identifier: 94:F8:BF:9F:30:55:27:52:15:08:69:7E:2E:AA:3B:E1:C7:A1:84:54
Certificate issuer:       /CN=94f8bf9f305527521508697e2eaa3be1c7a18454
Certificate serial:       019771BF708D518341832AA2E433A86E2CBB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lPi_nzBVJ1IVCGl-Lqo74cehhFQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/e73e95-c3c9-49ae-a2d9-a7b85460f366/1/lPi_nzBVJ1IVCGl-Lqo74cehhFQ.mft
Manifest number:          1A
Signing time:             Sun 15 Jun 2025 04:01:00 +0000
Manifest this update:     Sun 15 Jun 2025 04:01:00 +0000
Manifest next update:     Mon 16 Jun 2025 04:01:00 +0000
Files and hashes:         1: lPi_nzBVJ1IVCGl-Lqo74cehhFQ.crl (hash: IRHU2Q11vfFsR/G8KYnMRqAmHfgrrPWN9tReCDznsTQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/e73e95-c3c9-49ae-a2d9-a7b85460f366/1/lPi_nzBVJ1IVCGl-Lqo74cehhFQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/e73e95-c3c9-49ae-a2d9-a7b85460f366/1/lPi_nzBVJ1IVCGl-Lqo74cehhFQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lPi_nzBVJ1IVCGl-Lqo74cehhFQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 16 Jun 2025 04:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:71:bf:70:8d:51:83:41:83:2a:a2:e4:33:a8:6e:2c:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94f8bf9f305527521508697e2eaa3be1c7a18454
        Validity
            Not Before: Jun 15 04:01:00 2025 GMT
            Not After : Jun 16 04:01:00 2025 GMT
        Subject: CN=f4cf72be333b16c69e38ed5b0135acdf08177f9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:0f:2d:13:24:74:a6:a4:21:6a:49:a2:75:89:
                    46:6b:e4:93:60:e8:93:f2:ba:25:f8:c0:93:60:b4:
                    cd:8b:63:b7:2d:67:99:e3:b5:87:46:3c:01:aa:de:
                    54:48:28:8c:ea:47:47:a3:ff:6f:78:e8:b7:a3:23:
                    6f:7c:8a:b0:b9:75:34:6e:e4:35:fa:1c:26:97:0a:
                    65:da:c7:d4:a5:c1:f2:f4:e9:f6:4e:f7:0b:70:89:
                    e2:57:b7:8b:9c:b0:da:f4:23:d5:60:a6:e6:a2:4b:
                    0d:71:24:32:dc:a9:7b:ff:39:d5:5d:50:66:82:78:
                    7d:80:65:f1:de:94:38:9f:2e:69:aa:ce:f3:08:b9:
                    7b:77:bd:b8:d8:13:e0:94:86:66:57:11:83:96:7b:
                    41:2d:ce:93:52:0b:89:37:a3:02:6c:7f:61:a0:71:
                    42:7e:e4:ac:4f:a1:d0:00:67:8c:01:1e:e8:bc:c7:
                    44:3e:2c:2e:b8:b9:ac:c6:6c:4c:c4:9e:22:1b:30:
                    17:7c:f8:7c:b9:fa:2c:0f:89:10:29:56:c5:f7:16:
                    32:9f:5b:bc:f6:fa:72:7f:96:58:3f:d1:ee:9c:73:
                    d6:af:ab:24:ab:46:d2:2a:29:c9:38:f5:15:de:49:
                    87:a2:17:45:71:b6:07:cd:94:5c:ec:1b:ef:5d:50:
                    3b:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:CF:72:BE:33:3B:16:C6:9E:38:ED:5B:01:35:AC:DF:08:17:7F:9A
            X509v3 Authority Key Identifier:
                keyid:94:F8:BF:9F:30:55:27:52:15:08:69:7E:2E:AA:3B:E1:C7:A1:84:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lPi_nzBVJ1IVCGl-Lqo74cehhFQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e73e95-c3c9-49ae-a2d9-a7b85460f366/1/lPi_nzBVJ1IVCGl-Lqo74cehhFQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e73e95-c3c9-49ae-a2d9-a7b85460f366/1/lPi_nzBVJ1IVCGl-Lqo74cehhFQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:95:1e:d9:2d:8a:38:4a:e8:53:f0:71:1b:0f:63:54:df:b9:
         ba:92:53:b7:75:d7:bb:f7:9c:b2:b6:1a:cf:10:55:bc:3a:02:
         4e:15:c1:57:be:f5:04:f4:7e:06:92:dc:f6:b4:db:af:67:44:
         7a:41:03:7d:ef:5a:0d:08:f4:ab:43:cd:b6:04:25:c8:a3:10:
         ec:f4:ea:3f:72:3f:3c:bb:59:32:77:86:4a:08:34:fa:07:2a:
         ed:64:ac:88:ff:c6:4d:f2:27:a3:36:7b:5c:e6:64:4e:db:5a:
         17:0d:71:6e:77:65:aa:09:9b:1c:fa:82:21:49:53:1a:11:ac:
         23:67:75:b9:ad:3c:ea:5e:2d:ad:7d:a3:b1:f8:51:d0:8b:42:
         68:c5:de:5e:4e:59:49:ba:8c:85:c7:b8:7f:9d:38:10:e3:cb:
         56:2c:19:f2:bf:92:5b:55:b2:b5:43:c5:96:14:af:2e:d4:19:
         3d:a2:e3:68:b5:81:27:99:9f:e4:c2:b7:e4:38:b4:e6:24:80:
         8b:17:51:c9:53:6a:f4:db:d8:5e:b7:00:35:51:9e:1f:02:c5:
         02:6f:8d:72:95:d7:22:42:63:a4:bc:c7:03:46:e5:5d:48:24:
         f8:80:99:cd:b7:59:ad:b9:b9:d3:11:24:8c:75:9a:e7:65:02:
         d3:52:4d:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdxv3CNUYNBgyqi5DOobiy7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZjhiZjlmMzA1NTI3NTIxNTA4Njk3ZTJlYWEzYmUxYzdh
MTg0NTQwHhcNMjUwNjE1MDQwMTAwWhcNMjUwNjE2MDQwMTAwWjAzMTEwLwYDVQQD
EyhmNGNmNzJiZTMzM2IxNmM2OWUzOGVkNWIwMTM1YWNkZjA4MTc3ZjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQ8tEyR0pqQhakmidYlGa+STYOiT
8rol+MCTYLTNi2O3LWeZ47WHRjwBqt5USCiM6kdHo/9veOi3oyNvfIqwuXU0buQ1
+hwmlwpl2sfUpcHy9On2TvcLcIniV7eLnLDa9CPVYKbmoksNcSQy3Kl7/znVXVBm
gnh9gGXx3pQ4ny5pqs7zCLl7d7242BPglIZmVxGDlntBLc6TUguJN6MCbH9hoHFC
fuSsT6HQAGeMAR7ovMdEPiwuuLmsxmxMxJ4iGzAXfPh8ufosD4kQKVbF9xYyn1u8
9vpyf5ZYP9HunHPWr6skq0bSKinJOPUV3kmHohdFcbYHzZRc7BvvXVA7owIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPTPcr4zOxbGnjjtWwE1rN8IF3+aMB8GA1UdIwQY
MBaAFJT4v58wVSdSFQhpfi6qO+HHoYRUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFBpX256QlZKMUlWQ0dsLUxxbzc0Y2VoaEZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9lNzNlOTUtYzNjOS00OWFlLWEyZDkt
YTdiODU0NjBmMzY2LzEvbFBpX256QlZKMUlWQ0dsLUxxbzc0Y2VoaEZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9lNzNlOTUtYzNjOS00OWFlLWEyZDktYTdiODU0NjBmMzY2
LzEvbFBpX256QlZKMUlWQ0dsLUxxbzc0Y2VoaEZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB5Ue2S2K
OEroU/BxGw9jVN+5upJTt3XXu/ecsrYazxBVvDoCThXBV771BPR+BpLc9rTbr2dE
ekEDfe9aDQj0q0PNtgQlyKMQ7PTqP3I/PLtZMneGSgg0+gcq7WSsiP/GTfInozZ7
XOZkTttaFw1xbndlqgmbHPqCIUlTGhGsI2d1ua086l4trX2jsfhR0ItCaMXeXk5Z
SbqMhce4f504EOPLViwZ8r+SW1WytUPFlhSvLtQZPaLjaLWBJ5mf5MK35Di05iSA
ixdRyVNq9NvYXrcANVGeHwLFAm+NcpXXIkJjpLzHA0blXUgk+ICZzbdZrbm50xEk
jHWa52UC01JNIw==
-----END CERTIFICATE-----