Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/17e999-e53d-48ca-980a-95ae64bd56ec/1/LKw-jWOxw6_HxsC_2p1ayBe27m0.mft
File:                     LKw-jWOxw6_HxsC_2p1ayBe27m0.mft (raw, json)
Hash identifier:          8aDos8umNGb5xrnMYIbDBNghdUIEe7gkocUkorTD51A=
Subject key identifier:   DD:E2:24:04:35:25:4E:C6:1E:C3:BE:FB:95:98:2F:EB:42:12:D3:5D
Authority key identifier: 2C:AC:3E:8D:63:B1:C3:AF:C7:C6:C0:BF:DA:9D:5A:C8:17:B6:EE:6D
Certificate issuer:       /CN=2cac3e8d63b1c3afc7c6c0bfda9d5ac817b6ee6d
Certificate serial:       01976C98D5A54850D46F058E0B61D645B8E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LKw-jWOxw6_HxsC_2p1ayBe27m0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/17e999-e53d-48ca-980a-95ae64bd56ec/1/LKw-jWOxw6_HxsC_2p1ayBe27m0.mft
Manifest number:          0F6B
Signing time:             Sat 14 Jun 2025 04:00:44 +0000
Manifest this update:     Sat 14 Jun 2025 04:00:44 +0000
Manifest next update:     Sun 15 Jun 2025 04:00:44 +0000
Files and hashes:         1: LKw-jWOxw6_HxsC_2p1ayBe27m0.crl (hash: UC6dNrqSZ3sKrQO10xlSJk7gOUyr0g6D/ATft2B+C68=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/17e999-e53d-48ca-980a-95ae64bd56ec/1/LKw-jWOxw6_HxsC_2p1ayBe27m0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/17e999-e53d-48ca-980a-95ae64bd56ec/1/LKw-jWOxw6_HxsC_2p1ayBe27m0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LKw-jWOxw6_HxsC_2p1ayBe27m0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:98:d5:a5:48:50:d4:6f:05:8e:0b:61:d6:45:b8:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2cac3e8d63b1c3afc7c6c0bfda9d5ac817b6ee6d
        Validity
            Not Before: Jun 14 04:00:44 2025 GMT
            Not After : Jun 15 04:00:44 2025 GMT
        Subject: CN=dde2240435254ec61ec3befb95982feb4212d35d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:91:73:f2:c7:11:55:47:f2:ea:68:dd:b2:ed:
                    0c:b0:89:64:32:8c:b8:a9:87:6c:4a:fd:e7:0b:c3:
                    77:96:93:96:4c:5f:a3:cd:80:1c:8f:cb:83:6a:e9:
                    32:14:23:cb:67:05:09:18:c4:55:6a:f7:fe:f9:37:
                    9d:9e:f0:56:be:b0:32:e5:b5:e0:c0:16:06:11:13:
                    8b:5d:33:46:22:64:4d:03:1b:85:8b:69:3e:87:7e:
                    41:58:07:29:0f:27:6a:7d:e2:3d:c9:72:15:d4:8f:
                    b9:31:30:ae:4c:a6:85:8e:4d:d7:0f:4b:bd:23:ac:
                    65:77:39:b3:03:18:f6:24:9f:3e:7a:02:23:64:de:
                    c7:33:29:90:93:28:a1:70:f7:bd:69:47:de:cf:78:
                    33:05:0a:03:6e:63:7b:54:d4:f5:2f:06:e1:c7:b9:
                    b4:88:97:72:cb:70:09:0c:2a:86:e7:bf:bc:ac:ac:
                    cb:dc:ee:05:c6:17:9b:dd:0a:74:05:5a:8a:2c:08:
                    1d:4a:8a:d4:aa:ef:fa:0e:1d:4a:a0:a0:94:84:1d:
                    c8:43:94:9b:c9:6e:ad:f2:6f:0f:3d:9e:38:63:c2:
                    42:fd:28:5f:e2:cb:8c:b0:ff:c0:b6:46:e6:3c:12:
                    33:72:ff:04:80:fd:e0:98:a1:91:24:07:5a:b3:07:
                    83:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:E2:24:04:35:25:4E:C6:1E:C3:BE:FB:95:98:2F:EB:42:12:D3:5D
            X509v3 Authority Key Identifier:
                keyid:2C:AC:3E:8D:63:B1:C3:AF:C7:C6:C0:BF:DA:9D:5A:C8:17:B6:EE:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LKw-jWOxw6_HxsC_2p1ayBe27m0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/17e999-e53d-48ca-980a-95ae64bd56ec/1/LKw-jWOxw6_HxsC_2p1ayBe27m0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/17e999-e53d-48ca-980a-95ae64bd56ec/1/LKw-jWOxw6_HxsC_2p1ayBe27m0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:4f:96:e5:7a:57:6e:f3:9e:0b:9e:a0:71:78:47:6f:70:01:
         29:45:4d:4a:a7:95:5d:86:51:69:24:04:c0:c8:95:2a:b3:14:
         38:98:2a:f1:3b:5a:cb:23:9b:4c:a5:66:39:b1:59:11:e8:ff:
         88:82:df:ca:99:88:9a:81:c5:b0:0c:ed:7e:74:c0:f7:a8:b3:
         7c:5f:e9:5f:e1:c6:43:ae:14:95:ce:d7:55:9f:92:bb:de:df:
         cf:66:be:b9:d2:51:7f:d7:f5:9f:51:b1:9d:43:1c:9f:60:6a:
         9a:5c:ac:39:62:ae:22:18:ad:a7:c3:a1:ca:69:d2:1c:a9:94:
         2a:78:61:01:18:2a:29:1c:15:87:23:1b:42:e0:51:c3:3e:5e:
         ec:3c:15:ff:30:96:4f:01:67:d2:b3:54:5e:8e:3e:96:18:6c:
         1a:b4:34:64:b4:44:85:57:7c:c9:19:88:a7:73:de:fe:f2:08:
         f4:89:01:f3:cd:02:01:12:5d:ee:f0:57:2b:d1:19:3a:ba:f4:
         03:e9:50:47:06:10:f9:d4:3d:42:17:8b:cb:a7:a7:b3:df:31:
         15:8f:b2:99:fe:93:73:b6:b4:59:65:3e:9e:d4:e9:49:32:97:
         a6:09:e0:a0:da:ea:23:d4:5c:bc:28:93:24:ce:40:e5:c8:d6:
         f6:d2:29:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsmNWlSFDUbwWOC2HWRbjoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjYWMzZThkNjNiMWMzYWZjN2M2YzBiZmRhOWQ1YWM4MTdi
NmVlNmQwHhcNMjUwNjE0MDQwMDQ0WhcNMjUwNjE1MDQwMDQ0WjAzMTEwLwYDVQQD
EyhkZGUyMjQwNDM1MjU0ZWM2MWVjM2JlZmI5NTk4MmZlYjQyMTJkMzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5Fz8scRVUfy6mjdsu0MsIlkMoy4
qYdsSv3nC8N3lpOWTF+jzYAcj8uDaukyFCPLZwUJGMRVavf++TednvBWvrAy5bXg
wBYGEROLXTNGImRNAxuFi2k+h35BWAcpDydqfeI9yXIV1I+5MTCuTKaFjk3XD0u9
I6xldzmzAxj2JJ8+egIjZN7HMymQkyihcPe9aUfez3gzBQoDbmN7VNT1Lwbhx7m0
iJdyy3AJDCqG57+8rKzL3O4Fxheb3Qp0BVqKLAgdSorUqu/6Dh1KoKCUhB3IQ5Sb
yW6t8m8PPZ44Y8JC/Shf4suMsP/AtkbmPBIzcv8EgP3gmKGRJAdasweD6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN3iJAQ1JU7GHsO++5WYL+tCEtNdMB8GA1UdIwQY
MBaAFCysPo1jscOvx8bAv9qdWsgXtu5tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEt3LWpXT3h3Nl9IeHNDXzJwMWF5QmUyN20wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8xN2U5OTktZTUzZC00OGNhLTk4MGEt
OTVhZTY0YmQ1NmVjLzEvTEt3LWpXT3h3Nl9IeHNDXzJwMWF5QmUyN20wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8xN2U5OTktZTUzZC00OGNhLTk4MGEtOTVhZTY0YmQ1NmVj
LzEvTEt3LWpXT3h3Nl9IeHNDXzJwMWF5QmUyN20wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFE+W5XpX
bvOeC56gcXhHb3ABKUVNSqeVXYZRaSQEwMiVKrMUOJgq8TtayyObTKVmObFZEej/
iILfypmImoHFsAztfnTA96izfF/pX+HGQ64Ulc7XVZ+Su97fz2a+udJRf9f1n1Gx
nUMcn2BqmlysOWKuIhitp8OhymnSHKmUKnhhARgqKRwVhyMbQuBRwz5e7DwV/zCW
TwFn0rNUXo4+lhhsGrQ0ZLREhVd8yRmIp3Pe/vII9IkB880CARJd7vBXK9EZOrr0
A+lQRwYQ+dQ9QheLy6ens98xFY+ymf6Tc7a0WWU+ntTpSTKXpgngoNrqI9RcvCiT
JM5A5cjW9tIp3Q==
-----END CERTIFICATE-----