Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/6fd3ef-d558-4e70-a214-52aefb6568ae/1/cLqzJoCFMIofjVcIS52qHr-V4Nw.mft
File:                     cLqzJoCFMIofjVcIS52qHr-V4Nw.mft (raw, json)
Hash identifier:          TojP+c5pycexcpkCbjspBdiWyeR6GVgOCZAMktZbyZE=
Subject key identifier:   6C:A4:8D:96:E2:85:5C:20:D2:E8:FB:B9:E7:11:67:57:90:4A:02:39
Authority key identifier: 70:BA:B3:26:80:85:30:8A:1F:8D:57:08:4B:9D:AA:1E:BF:95:E0:DC
Certificate issuer:       /CN=70bab3268085308a1f8d57084b9daa1ebf95e0dc
Certificate serial:       01976960EB90852162A49E0501E1781E851E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cLqzJoCFMIofjVcIS52qHr-V4Nw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/6fd3ef-d558-4e70-a214-52aefb6568ae/1/cLqzJoCFMIofjVcIS52qHr-V4Nw.mft
Manifest number:          1587
Signing time:             Fri 13 Jun 2025 13:00:48 +0000
Manifest this update:     Fri 13 Jun 2025 13:00:48 +0000
Manifest next update:     Sat 14 Jun 2025 13:00:48 +0000
Files and hashes:         1: cLqzJoCFMIofjVcIS52qHr-V4Nw.crl (hash: MkIeutVEN9Q0TdUQCdeXDfukekZYGJ/iGAA40LaPo3g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/6fd3ef-d558-4e70-a214-52aefb6568ae/1/cLqzJoCFMIofjVcIS52qHr-V4Nw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/6fd3ef-d558-4e70-a214-52aefb6568ae/1/cLqzJoCFMIofjVcIS52qHr-V4Nw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cLqzJoCFMIofjVcIS52qHr-V4Nw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:60:eb:90:85:21:62:a4:9e:05:01:e1:78:1e:85:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70bab3268085308a1f8d57084b9daa1ebf95e0dc
        Validity
            Not Before: Jun 13 13:00:48 2025 GMT
            Not After : Jun 14 13:00:48 2025 GMT
        Subject: CN=6ca48d96e2855c20d2e8fbb9e7116757904a0239
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:d1:50:31:38:26:ce:25:ea:e0:ed:6f:f7:ac:
                    46:2d:09:f5:b1:29:60:6b:9e:82:62:77:f1:e9:1c:
                    21:4a:87:6d:e6:f7:aa:35:58:48:19:a5:f0:a0:58:
                    ce:00:34:93:17:22:ca:c3:dc:ad:9a:17:2d:79:70:
                    55:f4:05:f0:80:ea:04:93:e6:d6:4f:a6:3c:0e:a7:
                    85:d8:d6:02:5b:21:f4:9b:0e:6b:84:86:0b:b1:b8:
                    c0:e6:35:6c:8c:37:d7:6f:d2:c7:dd:73:1e:b2:a0:
                    09:36:76:2e:c6:c5:4d:85:a1:55:17:ac:63:98:f3:
                    63:57:17:0f:62:1b:36:8a:9c:03:d4:35:09:4c:fa:
                    5e:82:83:04:b6:97:fe:e1:2a:90:b9:2f:b0:51:0a:
                    02:20:45:62:bf:2b:9f:2a:0e:fc:8f:eb:fd:26:9c:
                    26:09:1d:02:68:d5:41:4a:e8:fa:b0:00:79:fc:cd:
                    b3:65:16:52:5e:c8:59:e8:05:00:72:ce:36:60:19:
                    a8:cb:c3:40:88:48:f8:37:a1:27:36:1e:62:7f:ad:
                    3d:c8:86:10:40:05:b9:8f:7c:58:82:4d:ae:6e:b0:
                    1b:c4:7f:49:27:26:f9:d6:3f:17:6c:1f:4c:79:31:
                    7e:c1:a9:65:cc:11:8f:a5:ad:97:03:0f:f0:48:bc:
                    99:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:A4:8D:96:E2:85:5C:20:D2:E8:FB:B9:E7:11:67:57:90:4A:02:39
            X509v3 Authority Key Identifier:
                keyid:70:BA:B3:26:80:85:30:8A:1F:8D:57:08:4B:9D:AA:1E:BF:95:E0:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cLqzJoCFMIofjVcIS52qHr-V4Nw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/6fd3ef-d558-4e70-a214-52aefb6568ae/1/cLqzJoCFMIofjVcIS52qHr-V4Nw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/6fd3ef-d558-4e70-a214-52aefb6568ae/1/cLqzJoCFMIofjVcIS52qHr-V4Nw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:21:0b:61:1b:74:82:2e:ae:42:13:fc:5c:6a:21:19:d8:5e:
         c4:88:1c:fe:66:af:35:46:49:2f:e0:bd:f9:ca:3f:d5:8b:70:
         09:9a:60:83:30:79:02:7c:e2:77:93:24:66:e2:c7:b6:a4:30:
         20:17:92:5f:04:fe:50:c3:2e:24:87:ad:4f:29:c3:03:96:a4:
         ec:95:64:d3:8c:a9:bd:cf:65:0d:b4:f8:ef:3d:da:0c:b6:6c:
         c9:a0:fe:91:1f:de:57:2d:8f:df:45:f8:10:ce:a3:aa:09:5c:
         ec:d6:2a:63:d1:fa:ee:e5:46:82:31:dc:20:b0:c8:55:c4:25:
         be:82:31:96:d9:27:21:7e:cd:d3:2c:fb:e3:17:6e:1a:e5:59:
         2b:1d:79:ad:1a:5f:0e:8c:53:68:36:6b:43:33:ef:1b:2c:9b:
         cf:72:eb:11:02:cf:fa:cd:24:92:e0:67:23:0e:62:36:eb:4d:
         69:d8:f2:18:10:33:d9:01:39:f7:30:ab:3f:74:09:72:49:71:
         6d:97:16:99:47:c8:17:7a:18:b7:52:f1:15:86:e1:49:33:df:
         b7:7c:67:75:e0:bc:c9:fa:62:c0:b4:2b:48:b5:7b:1d:d1:b7:
         39:f4:c9:fa:45:08:da:f1:bb:ed:60:05:58:22:2c:60:6d:42:
         88:bd:d5:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpYOuQhSFipJ4FAeF4HoUeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYmFiMzI2ODA4NTMwOGExZjhkNTcwODRiOWRhYTFlYmY5
NWUwZGMwHhcNMjUwNjEzMTMwMDQ4WhcNMjUwNjE0MTMwMDQ4WjAzMTEwLwYDVQQD
Eyg2Y2E0OGQ5NmUyODU1YzIwZDJlOGZiYjllNzExNjc1NzkwNGEwMjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtFQMTgmziXq4O1v96xGLQn1sSlg
a56CYnfx6RwhSodt5veqNVhIGaXwoFjOADSTFyLKw9ytmhcteXBV9AXwgOoEk+bW
T6Y8DqeF2NYCWyH0mw5rhIYLsbjA5jVsjDfXb9LH3XMesqAJNnYuxsVNhaFVF6xj
mPNjVxcPYhs2ipwD1DUJTPpegoMEtpf+4SqQuS+wUQoCIEVivyufKg78j+v9Jpwm
CR0CaNVBSuj6sAB5/M2zZRZSXshZ6AUAcs42YBmoy8NAiEj4N6EnNh5if609yIYQ
QAW5j3xYgk2ubrAbxH9JJyb51j8XbB9MeTF+wallzBGPpa2XAw/wSLyZXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGykjZbihVwg0uj7uecRZ1eQSgI5MB8GA1UdIwQY
MBaAFHC6syaAhTCKH41XCEudqh6/leDcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0xxekpvQ0ZNSW9malZjSVM1MnFIci1WNE53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS82ZmQzZWYtZDU1OC00ZTcwLWEyMTQt
NTJhZWZiNjU2OGFlLzEvY0xxekpvQ0ZNSW9malZjSVM1MnFIci1WNE53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS82ZmQzZWYtZDU1OC00ZTcwLWEyMTQtNTJhZWZiNjU2OGFl
LzEvY0xxekpvQ0ZNSW9malZjSVM1MnFIci1WNE53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeyELYRt0
gi6uQhP8XGohGdhexIgc/mavNUZJL+C9+co/1YtwCZpggzB5Anzid5MkZuLHtqQw
IBeSXwT+UMMuJIetTynDA5ak7JVk04ypvc9lDbT47z3aDLZsyaD+kR/eVy2P30X4
EM6jqglc7NYqY9H67uVGgjHcILDIVcQlvoIxltknIX7N0yz74xduGuVZKx15rRpf
DoxTaDZrQzPvGyybz3LrEQLP+s0kkuBnIw5iNutNadjyGBAz2QE59zCrP3QJcklx
bZcWmUfIF3oYt1LxFYbhSTPft3xndeC8yfpiwLQrSLV7HdG3OfTJ+kUI2vG77WAF
WCIsYG1CiL3VrA==
-----END CERTIFICATE-----