Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft
File:                     lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft (raw, json)
Hash identifier:          fViMQmZuABdrxMFhg0OLqeIC/VyWn8pyIQr8IbR9jRA=
Subject key identifier:   75:37:4A:C6:75:E6:A8:BA:44:BA:B6:F4:2F:9A:44:95:86:A8:2F:54
Authority key identifier: 94:62:21:F7:9A:BE:A6:D3:C0:C3:48:06:42:59:0D:D0:AE:0C:AA:3B
Certificate issuer:       /CN=946221f79abea6d3c0c3480642590dd0ae0caa3b
Certificate serial:       0197696175554672B990E900D7349A1DD647
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lGIh95q-ptPAw0gGQlkN0K4Mqjs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft
Manifest number:          128D
Signing time:             Fri 13 Jun 2025 13:01:23 +0000
Manifest this update:     Fri 13 Jun 2025 13:01:23 +0000
Manifest next update:     Sat 14 Jun 2025 13:01:23 +0000
Files and hashes:         1: lGIh95q-ptPAw0gGQlkN0K4Mqjs.crl (hash: rN9MgAvVwYM+6/EGMACH6QMDWXWwPni834ACx3wVxTM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lGIh95q-ptPAw0gGQlkN0K4Mqjs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:61:75:55:46:72:b9:90:e9:00:d7:34:9a:1d:d6:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=946221f79abea6d3c0c3480642590dd0ae0caa3b
        Validity
            Not Before: Jun 13 13:01:23 2025 GMT
            Not After : Jun 14 13:01:23 2025 GMT
        Subject: CN=75374ac675e6a8ba44bab6f42f9a449586a82f54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:6f:dc:a3:d7:81:44:bc:e9:a4:c3:a2:f5:9a:
                    fd:19:a8:90:b3:1c:41:3b:40:a1:b8:3c:62:b5:62:
                    45:f3:c0:ef:ec:ac:ef:6b:7a:c3:8e:57:7d:ae:32:
                    0a:e8:21:c9:a0:c3:24:2c:21:3e:f9:ad:e7:a3:bf:
                    57:52:56:47:c8:aa:3a:75:1e:f5:3d:41:ab:be:66:
                    b6:ef:e2:41:77:8b:7a:21:f5:46:47:6b:f1:36:26:
                    7b:c5:4a:f4:78:d3:18:4e:2f:3b:27:cb:f8:e2:4d:
                    75:ed:ad:82:24:c2:d5:b6:2e:6b:ca:9a:24:a5:1d:
                    5d:de:d3:ad:bb:86:38:9b:d9:8d:d9:e0:06:68:d6:
                    4c:bd:58:7c:3e:cb:3b:39:5f:f7:5b:31:64:5a:f1:
                    4f:5a:8b:3a:8f:7e:60:aa:f4:f7:11:4e:e7:c8:42:
                    b6:73:be:9e:11:70:67:b8:28:bb:c1:09:79:a2:1b:
                    c2:a1:db:1b:21:3e:bb:28:f3:13:c1:16:ec:cb:f7:
                    02:fd:b0:85:ca:98:e5:96:95:d9:88:1f:9b:2b:52:
                    b3:72:1b:8b:c6:94:3f:6d:cf:79:aa:c1:b3:bc:5e:
                    91:fe:c8:ef:5b:19:09:8d:42:2a:b5:3d:e9:47:01:
                    f2:2f:eb:5f:4c:5e:c6:2c:c5:68:83:d8:85:e5:1d:
                    32:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:37:4A:C6:75:E6:A8:BA:44:BA:B6:F4:2F:9A:44:95:86:A8:2F:54
            X509v3 Authority Key Identifier:
                keyid:94:62:21:F7:9A:BE:A6:D3:C0:C3:48:06:42:59:0D:D0:AE:0C:AA:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lGIh95q-ptPAw0gGQlkN0K4Mqjs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:bd:21:32:52:24:8b:29:2d:18:bd:77:44:f5:fc:ce:08:cf:
         a4:e8:79:97:7c:14:62:af:1e:53:ff:bc:99:b4:f7:8c:ab:2a:
         39:ac:39:ee:ea:cc:45:10:07:8b:81:bd:b9:4d:05:46:49:c1:
         94:81:f6:ca:15:97:78:a4:0c:21:97:c2:e1:af:05:53:57:8d:
         4f:16:f1:27:36:13:89:ee:3d:7b:73:a8:13:4a:14:d7:41:21:
         01:d9:9e:92:5d:a9:45:65:5a:0b:0f:37:b1:87:40:67:ce:8f:
         44:7d:45:04:a9:8a:ad:f3:0f:78:48:88:a6:5c:01:f0:a6:da:
         b5:97:61:4b:f7:9a:d4:16:8d:0d:12:f3:88:93:d1:b7:45:e2:
         5f:a3:9a:dc:87:56:19:6e:17:4d:c5:26:3d:4c:a5:e6:67:a5:
         cc:98:f4:ac:1a:77:51:28:6e:79:67:5c:3d:4f:bf:6f:49:24:
         5b:ea:40:42:ba:de:af:4f:0d:8f:0e:96:ea:f1:93:83:7b:e8:
         cc:ce:ad:e1:6e:75:35:68:c7:4f:6d:9a:7e:29:0b:96:f1:8e:
         f2:fd:99:40:3e:31:af:c4:42:ae:3d:3a:21:f7:15:a4:92:8a:
         b8:f0:6b:a5:c9:d9:7e:88:b6:e0:46:39:b3:07:fd:8d:55:a3:
         d4:d9:6e:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpYXVVRnK5kOkA1zSaHdZHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NjIyMWY3OWFiZWE2ZDNjMGMzNDgwNjQyNTkwZGQwYWUw
Y2FhM2IwHhcNMjUwNjEzMTMwMTIzWhcNMjUwNjE0MTMwMTIzWjAzMTEwLwYDVQQD
Eyg3NTM3NGFjNjc1ZTZhOGJhNDRiYWI2ZjQyZjlhNDQ5NTg2YTgyZjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1W/co9eBRLzppMOi9Zr9GaiQsxxB
O0ChuDxitWJF88Dv7Kzva3rDjld9rjIK6CHJoMMkLCE++a3no79XUlZHyKo6dR71
PUGrvma27+JBd4t6IfVGR2vxNiZ7xUr0eNMYTi87J8v44k117a2CJMLVti5rypok
pR1d3tOtu4Y4m9mN2eAGaNZMvVh8Pss7OV/3WzFkWvFPWos6j35gqvT3EU7nyEK2
c76eEXBnuCi7wQl5ohvCodsbIT67KPMTwRbsy/cC/bCFypjllpXZiB+bK1KzchuL
xpQ/bc95qsGzvF6R/sjvWxkJjUIqtT3pRwHyL+tfTF7GLMVog9iF5R0yuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHU3SsZ15qi6RLq29C+aRJWGqC9UMB8GA1UdIwQY
MBaAFJRiIfeavqbTwMNIBkJZDdCuDKo7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEdJaDk1cS1wdFBBdzBnR1Fsa04wSzRNcWpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi84ZDlhYTUtZDUyYS00ODZmLWI2NGMt
N2M2MDVkMzIxNjVkLzEvbEdJaDk1cS1wdFBBdzBnR1Fsa04wSzRNcWpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi84ZDlhYTUtZDUyYS00ODZmLWI2NGMtN2M2MDVkMzIxNjVk
LzEvbEdJaDk1cS1wdFBBdzBnR1Fsa04wSzRNcWpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlL0hMlIk
iyktGL13RPX8zgjPpOh5l3wUYq8eU/+8mbT3jKsqOaw57urMRRAHi4G9uU0FRknB
lIH2yhWXeKQMIZfC4a8FU1eNTxbxJzYTie49e3OoE0oU10EhAdmekl2pRWVaCw83
sYdAZ86PRH1FBKmKrfMPeEiIplwB8KbatZdhS/ea1BaNDRLziJPRt0XiX6Oa3IdW
GW4XTcUmPUyl5melzJj0rBp3UShueWdcPU+/b0kkW+pAQrrer08Njw6W6vGTg3vo
zM6t4W51NWjHT22afikLlvGO8v2ZQD4xr8RCrj06IfcVpJKKuPBrpcnZfoi24EY5
swf9jVWj1NluNw==
-----END CERTIFICATE-----