Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/7bd8f3-4753-42cd-8ff3-6333186589a9/1/lg5oyDibCdw0VGSkAK8nZWjn-Wo.mft
File:                     lg5oyDibCdw0VGSkAK8nZWjn-Wo.mft (raw, json)
Hash identifier:          1F/4MzMz7G2QeGQiowdfz5wWEm/4YZYraHN6SLI+Sso=
Subject key identifier:   0B:AD:10:CE:36:F9:13:9D:0A:10:D9:7E:84:17:31:D5:2E:57:25:5D
Authority key identifier: 96:0E:68:C8:38:9B:09:DC:34:54:64:A4:00:AF:27:65:68:E7:F9:6A
Certificate issuer:       /CN=960e68c8389b09dc345464a400af276568e7f96a
Certificate serial:       0198A0F20DF83FB5898EE9110719BA85D3E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lg5oyDibCdw0VGSkAK8nZWjn-Wo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/7bd8f3-4753-42cd-8ff3-6333186589a9/1/lg5oyDibCdw0VGSkAK8nZWjn-Wo.mft
Manifest number:          0EB0
Signing time:             Wed 13 Aug 2025 01:01:14 +0000
Manifest this update:     Wed 13 Aug 2025 01:01:14 +0000
Manifest next update:     Thu 14 Aug 2025 01:01:14 +0000
Files and hashes:         1: lg5oyDibCdw0VGSkAK8nZWjn-Wo.crl (hash: 58ZIksNXihWv5virDuA7GMJl/DfIHvv2txO6+nGsmWc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/7bd8f3-4753-42cd-8ff3-6333186589a9/1/lg5oyDibCdw0VGSkAK8nZWjn-Wo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/7bd8f3-4753-42cd-8ff3-6333186589a9/1/lg5oyDibCdw0VGSkAK8nZWjn-Wo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lg5oyDibCdw0VGSkAK8nZWjn-Wo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 22:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:a0:f2:0d:f8:3f:b5:89:8e:e9:11:07:19:ba:85:d3:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=960e68c8389b09dc345464a400af276568e7f96a
        Validity
            Not Before: Aug 13 01:01:14 2025 GMT
            Not After : Aug 14 01:01:14 2025 GMT
        Subject: CN=0bad10ce36f9139d0a10d97e841731d52e57255d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:f0:53:3b:a4:b3:1b:55:2e:f3:82:73:fa:23:
                    ac:26:e0:62:6c:ba:f6:ca:cf:d7:3d:81:ff:57:8f:
                    e5:69:dd:06:0c:2f:b6:3a:c0:a8:01:94:62:85:ff:
                    ac:cf:ff:87:2b:a3:fc:1a:3f:f1:3d:11:0a:f7:f1:
                    e5:08:ce:e2:e4:52:38:07:78:2e:93:5c:89:2c:30:
                    be:e8:77:e2:59:27:06:2b:e7:3f:f0:53:7e:95:53:
                    57:62:b9:16:f3:d5:22:67:b2:28:6d:e3:4a:1e:e7:
                    20:7f:2b:39:07:60:fd:8b:7c:a6:df:88:f5:fc:77:
                    8f:d2:e7:b5:4f:af:1c:b9:6f:34:a5:e9:00:6b:60:
                    40:70:e3:0d:0c:cd:3b:ce:36:7c:d8:6d:00:7d:c8:
                    e4:f6:25:a3:3f:21:ad:2e:00:aa:97:e8:d2:ff:e8:
                    77:d0:fb:c8:da:43:24:c3:79:6b:63:77:1a:ec:0f:
                    82:aa:57:50:cc:1c:7d:09:0e:39:ef:cb:29:0d:2d:
                    7d:c5:1e:60:11:fd:a0:c4:e7:48:3e:a2:c2:4f:c9:
                    e9:ed:a5:ce:fa:c5:9f:8e:41:2c:b3:ea:cc:7e:eb:
                    27:4b:98:e4:12:fb:f0:7c:ac:b0:d8:63:0a:29:88:
                    f1:7f:36:44:4a:de:ef:6e:e9:15:06:07:b3:94:21:
                    00:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:AD:10:CE:36:F9:13:9D:0A:10:D9:7E:84:17:31:D5:2E:57:25:5D
            X509v3 Authority Key Identifier:
                keyid:96:0E:68:C8:38:9B:09:DC:34:54:64:A4:00:AF:27:65:68:E7:F9:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lg5oyDibCdw0VGSkAK8nZWjn-Wo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/7bd8f3-4753-42cd-8ff3-6333186589a9/1/lg5oyDibCdw0VGSkAK8nZWjn-Wo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/7bd8f3-4753-42cd-8ff3-6333186589a9/1/lg5oyDibCdw0VGSkAK8nZWjn-Wo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:11:1c:8e:33:27:95:49:c8:77:d6:cd:0b:12:30:ab:08:1c:
         f2:e5:3b:b6:a7:ae:92:0a:a8:cb:e1:69:36:0e:41:3f:81:dd:
         51:3f:89:89:98:2f:b4:c2:dc:a9:40:b8:41:60:ee:64:1e:eb:
         a1:d0:23:2b:e7:47:72:f0:4b:e3:84:6b:22:7e:20:d8:69:56:
         3d:a2:6d:ad:4b:46:c9:99:a5:c5:54:e3:a6:0e:66:9b:b0:b3:
         08:4e:4d:39:90:df:c6:e1:bf:a8:a4:bc:6c:f4:93:26:7e:93:
         32:c2:51:38:52:58:c2:c8:c8:d9:79:87:ca:2c:87:30:3e:dc:
         0c:38:be:ae:ac:d2:56:1f:25:be:60:8c:f0:fc:cf:14:5a:1b:
         f0:6e:df:11:b0:78:60:53:ff:d8:c4:79:76:e9:04:fe:42:40:
         5c:09:e1:a9:20:ce:46:7f:e3:86:2b:97:54:7a:b8:1e:9f:52:
         36:bc:9d:09:9e:aa:dd:2a:72:17:ba:c0:7b:55:fe:8d:0e:05:
         7a:9b:37:04:80:e4:84:09:fa:b9:a7:80:23:b3:79:42:ab:05:
         ec:bc:f3:cf:c5:50:01:50:d4:f7:4e:a0:10:b8:9d:0a:71:fb:
         45:60:46:b1:12:ff:1f:3c:0d:8d:b0:c7:42:33:8c:da:0d:42:
         e1:c2:1e:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZig8g34P7WJjukRBxm6hdPlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MGU2OGM4Mzg5YjA5ZGMzNDU0NjRhNDAwYWYyNzY1Njhl
N2Y5NmEwHhcNMjUwODEzMDEwMTE0WhcNMjUwODE0MDEwMTE0WjAzMTEwLwYDVQQD
EygwYmFkMTBjZTM2ZjkxMzlkMGExMGQ5N2U4NDE3MzFkNTJlNTcyNTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPBTO6SzG1Uu84Jz+iOsJuBibLr2
ys/XPYH/V4/lad0GDC+2OsCoAZRihf+sz/+HK6P8Gj/xPREK9/HlCM7i5FI4B3gu
k1yJLDC+6HfiWScGK+c/8FN+lVNXYrkW89UiZ7IobeNKHucgfys5B2D9i3ym34j1
/HeP0ue1T68cuW80pekAa2BAcOMNDM07zjZ82G0Afcjk9iWjPyGtLgCql+jS/+h3
0PvI2kMkw3lrY3ca7A+CqldQzBx9CQ4578spDS19xR5gEf2gxOdIPqLCT8np7aXO
+sWfjkEss+rMfusnS5jkEvvwfKyw2GMKKYjxfzZESt7vbukVBgezlCEAiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAutEM42+ROdChDZfoQXMdUuVyVdMB8GA1UdIwQY
MBaAFJYOaMg4mwncNFRkpACvJ2Vo5/lqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGc1b3lEaWJDZHcwVkdTa0FLOG5aV2puLVdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy83YmQ4ZjMtNDc1My00MmNkLThmZjMt
NjMzMzE4NjU4OWE5LzEvbGc1b3lEaWJDZHcwVkdTa0FLOG5aV2puLVdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy83YmQ4ZjMtNDc1My00MmNkLThmZjMtNjMzMzE4NjU4OWE5
LzEvbGc1b3lEaWJDZHcwVkdTa0FLOG5aV2puLVdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsREcjjMn
lUnId9bNCxIwqwgc8uU7tqeukgqoy+FpNg5BP4HdUT+JiZgvtMLcqUC4QWDuZB7r
odAjK+dHcvBL44RrIn4g2GlWPaJtrUtGyZmlxVTjpg5mm7CzCE5NOZDfxuG/qKS8
bPSTJn6TMsJROFJYwsjI2XmHyiyHMD7cDDi+rqzSVh8lvmCM8PzPFFob8G7fEbB4
YFP/2MR5dukE/kJAXAnhqSDORn/jhiuXVHq4Hp9SNrydCZ6q3SpyF7rAe1X+jQ4F
eps3BIDkhAn6uaeAI7N5QqsF7Lzzz8VQAVDU906gELidCnH7RWBGsRL/HzwNjbDH
QjOM2g1C4cIeRw==
-----END CERTIFICATE-----