Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft
File:                     lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft (raw, json)
Hash identifier:          J2BSVJLppLDkTsHtIpg2+wtyN5/6HIqk5u9+n56RC6s=
Subject key identifier:   03:98:EE:86:CA:F7:5C:71:75:B5:C3:AC:4C:BA:E7:97:DC:B6:70:F4
Authority key identifier: 94:75:ED:DC:A9:5B:73:66:53:A4:C9:F9:D9:15:40:D2:D3:EF:B5:3D
Certificate issuer:       /CN=9475eddca95b736653a4c9f9d91540d2d3efb53d
Certificate serial:       019774C05D31359F26B9C1B369242B7B1954
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft
Manifest number:          01D0
Signing time:             Sun 15 Jun 2025 18:00:53 +0000
Manifest this update:     Sun 15 Jun 2025 18:00:53 +0000
Manifest next update:     Mon 16 Jun 2025 18:00:53 +0000
Files and hashes:         1: lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl (hash: W7NArms0DHWUOuSxZkJKVAwePhTiWq4mSQNg/CeX4fU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 16 Jun 2025 13:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:74:c0:5d:31:35:9f:26:b9:c1:b3:69:24:2b:7b:19:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9475eddca95b736653a4c9f9d91540d2d3efb53d
        Validity
            Not Before: Jun 15 18:00:53 2025 GMT
            Not After : Jun 16 18:00:53 2025 GMT
        Subject: CN=0398ee86caf75c7175b5c3ac4cbae797dcb670f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:dd:4d:75:b5:f2:06:62:d3:fa:5a:04:d0:34:
                    9a:97:42:71:e1:2a:1a:1e:e4:08:01:f0:e8:93:95:
                    dc:6b:cb:b7:11:cd:08:9c:bb:98:54:99:f5:2c:25:
                    38:45:77:cd:ac:4b:ba:be:d0:03:3f:f4:f1:df:99:
                    77:2a:3e:8b:cd:b2:e7:cc:68:8e:de:3b:98:f6:5f:
                    99:a4:cf:a3:f8:1d:bb:3e:d8:a7:03:dc:f3:04:54:
                    ca:6d:f5:b4:b0:eb:1d:67:aa:68:75:1a:bf:b3:90:
                    1b:c6:ff:e3:58:30:14:8b:df:5c:00:f4:ab:83:3c:
                    a9:27:98:54:d0:59:f6:d3:63:ea:77:8f:b3:50:ee:
                    e2:1b:c5:1d:6e:e6:81:fc:37:35:3d:b2:6b:4a:82:
                    a8:c3:89:b8:39:d3:77:de:72:ca:40:a4:79:d9:2e:
                    d5:c9:fc:84:f0:d0:e9:00:0d:9f:3c:f7:29:f7:66:
                    01:bc:94:67:a5:e9:d4:bc:ac:3c:22:49:74:7c:0b:
                    fc:2c:91:9f:9b:b1:cd:b5:f1:9b:e1:06:cc:1e:1c:
                    81:5f:e2:0b:8d:d8:97:b9:77:4e:82:a5:41:50:f4:
                    20:1e:6a:9e:88:6b:47:6b:29:30:b0:07:c9:3a:5a:
                    d1:c7:aa:7b:28:17:ed:0e:53:f7:e4:73:ad:e7:f7:
                    75:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:98:EE:86:CA:F7:5C:71:75:B5:C3:AC:4C:BA:E7:97:DC:B6:70:F4
            X509v3 Authority Key Identifier:
                keyid:94:75:ED:DC:A9:5B:73:66:53:A4:C9:F9:D9:15:40:D2:D3:EF:B5:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:ba:b8:17:59:39:3d:3c:e8:a1:3d:e0:44:a3:9f:a3:4d:59:
         0e:db:2e:15:93:dd:96:f0:cb:a5:78:a7:86:1a:a8:28:15:b5:
         64:56:fc:d6:f9:62:c9:fb:1a:67:e5:9f:07:c9:1a:93:d4:2c:
         6d:2d:55:3c:79:4a:02:50:01:70:54:98:58:2e:97:3d:d4:56:
         ba:5c:27:02:a5:97:67:0d:89:6d:dc:72:6d:b8:5a:82:cb:9f:
         bf:87:23:f1:4f:f3:d4:8a:33:01:15:00:28:d3:bd:b5:a1:58:
         75:8a:f8:c8:c0:6e:cd:8d:76:8e:67:65:c8:54:ad:01:e8:61:
         1c:ec:f7:26:c4:eb:c2:82:22:01:35:0d:72:d3:ed:1e:65:16:
         fe:67:3f:e3:38:ca:fa:2b:5d:02:6c:74:de:c4:04:aa:0a:44:
         27:9e:c2:58:6f:a5:0a:b7:63:21:d0:57:89:d2:66:f3:67:ca:
         0d:77:26:72:79:94:38:ab:5a:4c:f7:33:9e:b6:24:8f:36:8c:
         b1:a9:8d:e4:6e:ae:d6:bf:c2:49:7c:41:c5:b7:82:8e:4c:ce:
         c8:4e:83:a8:6f:81:d1:19:03:a7:69:9c:9b:34:a9:41:00:dc:
         00:49:de:05:7f:5e:8f:d0:6f:86:6d:4b:7e:c4:fc:f7:37:0a:
         00:f4:ec:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd0wF0xNZ8mucGzaSQrexlUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NzVlZGRjYTk1YjczNjY1M2E0YzlmOWQ5MTU0MGQyZDNl
ZmI1M2QwHhcNMjUwNjE1MTgwMDUzWhcNMjUwNjE2MTgwMDUzWjAzMTEwLwYDVQQD
EygwMzk4ZWU4NmNhZjc1YzcxNzViNWMzYWM0Y2JhZTc5N2RjYjY3MGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAst1NdbXyBmLT+loE0DSal0Jx4Soa
HuQIAfDok5Xca8u3Ec0InLuYVJn1LCU4RXfNrEu6vtADP/Tx35l3Kj6LzbLnzGiO
3juY9l+ZpM+j+B27PtinA9zzBFTKbfW0sOsdZ6podRq/s5Abxv/jWDAUi99cAPSr
gzypJ5hU0Fn202Pqd4+zUO7iG8UdbuaB/Dc1PbJrSoKow4m4OdN33nLKQKR52S7V
yfyE8NDpAA2fPPcp92YBvJRnpenUvKw8Ikl0fAv8LJGfm7HNtfGb4QbMHhyBX+IL
jdiXuXdOgqVBUPQgHmqeiGtHaykwsAfJOlrRx6p7KBftDlP35HOt5/d19wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAOY7obK91xxdbXDrEy655fctnD0MB8GA1UdIwQY
MBaAFJR17dypW3NmU6TJ+dkVQNLT77U9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yM2NhMjEtYmNlYi00MzNlLWI3ZDkt
N2IwMDM5ODRiODYzLzEvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yM2NhMjEtYmNlYi00MzNlLWI3ZDktN2IwMDM5ODRiODYz
LzEvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACLq4F1k5
PTzooT3gRKOfo01ZDtsuFZPdlvDLpXinhhqoKBW1ZFb81vliyfsaZ+WfB8kak9Qs
bS1VPHlKAlABcFSYWC6XPdRWulwnAqWXZw2Jbdxybbhagsufv4cj8U/z1IozARUA
KNO9taFYdYr4yMBuzY12jmdlyFStAehhHOz3JsTrwoIiATUNctPtHmUW/mc/4zjK
+itdAmx03sQEqgpEJ57CWG+lCrdjIdBXidJm82fKDXcmcnmUOKtaTPcznrYkjzaM
samN5G6u1r/CSXxBxbeCjkzOyE6DqG+B0RkDp2mcmzSpQQDcAEneBX9ej9Bvhm1L
fsT89zcKAPTsPg==
-----END CERTIFICATE-----