Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft
File:                     L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft (raw, json)
Hash identifier:          HE0w700qAgIgqqEXW3n+x3AtwiZhKNmx9PO8ImkGwtE=
Subject key identifier:   51:DC:52:3E:22:36:75:0F:17:8A:5D:28:59:3A:D5:67:A6:0A:35:E8
Authority key identifier: 2F:70:53:26:64:34:3C:B3:D2:89:70:23:A1:27:F6:0B:A9:17:A5:DD
Certificate issuer:       /CN=2f70532664343cb3d2897023a127f60ba917a5dd
Certificate serial:       01989335EB1A83C37E0BC55C55690342C7F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft
Manifest number:          0C19
Signing time:             Sun 10 Aug 2025 09:00:40 +0000
Manifest this update:     Sun 10 Aug 2025 09:00:40 +0000
Manifest next update:     Mon 11 Aug 2025 09:00:40 +0000
Files and hashes:         1: L3BTJmQ0PLPSiXAjoSf2C6kXpd0.crl (hash: y9ATDWLlvxVK+peBRlH32+MDadiYSP65rL10lbXnK4Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 09:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:93:35:eb:1a:83:c3:7e:0b:c5:5c:55:69:03:42:c7:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f70532664343cb3d2897023a127f60ba917a5dd
        Validity
            Not Before: Aug 10 09:00:40 2025 GMT
            Not After : Aug 11 09:00:40 2025 GMT
        Subject: CN=51dc523e2236750f178a5d28593ad567a60a35e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:3e:e1:97:6f:dd:99:63:53:fb:56:94:4d:14:
                    0d:b6:b0:b9:3d:ec:30:c1:ff:99:75:89:28:b2:7c:
                    57:f6:a8:fa:fb:72:8d:8f:15:b7:5e:39:a5:b1:46:
                    1c:b9:65:7e:74:79:84:d3:04:5f:4f:d8:47:5a:88:
                    22:c0:43:35:6f:02:54:48:94:07:b3:cd:10:fd:fd:
                    7d:7e:65:cf:75:11:13:56:f3:5b:86:0c:20:ce:cc:
                    72:59:ef:b3:8d:fd:b8:08:d7:cd:a5:56:0d:6b:73:
                    a8:8b:a2:72:2a:22:c5:12:3c:e8:63:a7:d4:4d:f0:
                    71:a6:1f:b5:1f:7f:83:ac:09:5b:2d:9a:1b:41:dc:
                    4b:ae:c7:d1:11:63:a2:f4:9b:2b:d1:5e:0b:57:18:
                    8c:bc:f5:ed:84:c2:a3:70:35:43:e3:55:00:d7:06:
                    cf:76:3c:2f:9e:15:85:59:4e:d2:12:e3:62:ca:a7:
                    af:19:3a:a6:c5:39:4c:47:21:b1:13:a2:60:17:f8:
                    52:1f:a5:e1:02:9a:44:9f:d6:c0:82:0c:bc:cd:d9:
                    83:58:08:1c:11:c3:c5:0e:db:1d:02:af:c4:0d:80:
                    48:a0:51:c9:bf:77:49:0b:13:12:b3:40:62:c5:a5:
                    94:db:91:ca:fd:8b:23:5e:ac:a6:2f:26:ed:d7:66:
                    91:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:DC:52:3E:22:36:75:0F:17:8A:5D:28:59:3A:D5:67:A6:0A:35:E8
            X509v3 Authority Key Identifier:
                keyid:2F:70:53:26:64:34:3C:B3:D2:89:70:23:A1:27:F6:0B:A9:17:A5:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:eb:9e:8f:d1:29:9d:76:e5:48:c8:07:e4:8e:8d:57:03:5b:
         fb:e4:bb:93:04:c4:d4:05:91:7f:22:44:d4:d6:a5:e5:bb:f7:
         f9:c7:a1:6e:36:ef:87:2e:98:80:5a:1e:ae:47:bc:5b:d9:62:
         11:f8:e5:a6:54:bd:74:9d:91:10:1c:1b:db:59:22:d1:bb:b4:
         68:d9:81:89:3b:42:72:4d:f6:e5:4f:8c:59:59:76:a0:e0:68:
         1d:7c:e1:d2:ba:98:35:7e:11:1b:e3:bb:7f:c1:91:19:21:12:
         2e:7b:59:56:26:cf:8a:5b:f1:81:29:64:d6:90:f2:19:09:bf:
         0f:d7:2f:7b:e5:b9:c5:a7:76:5b:4d:10:16:d9:0f:ab:51:75:
         6c:58:a9:db:43:07:94:01:1a:96:81:96:96:38:08:36:e6:6e:
         c5:bf:c9:a5:0e:43:1e:5d:10:01:15:95:6c:86:c5:3a:07:68:
         df:90:f2:3d:ce:e5:bb:44:f5:2a:9d:e7:58:e2:e6:dc:e5:ee:
         14:1d:e3:97:be:89:62:1b:d0:30:78:89:81:69:fe:0c:df:1e:
         dc:52:af:8f:94:cd:19:be:92:c2:8e:89:de:c9:86:8c:37:52:
         7c:9f:e6:51:e6:be:93:e2:47:8c:0a:51:34:37:26:30:74:3c:
         e2:24:95:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiTNesag8N+C8VcVWkDQsf1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNzA1MzI2NjQzNDNjYjNkMjg5NzAyM2ExMjdmNjBiYTkx
N2E1ZGQwHhcNMjUwODEwMDkwMDQwWhcNMjUwODExMDkwMDQwWjAzMTEwLwYDVQQD
Eyg1MWRjNTIzZTIyMzY3NTBmMTc4YTVkMjg1OTNhZDU2N2E2MGEzNWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyz7hl2/dmWNT+1aUTRQNtrC5Peww
wf+ZdYkosnxX9qj6+3KNjxW3XjmlsUYcuWV+dHmE0wRfT9hHWogiwEM1bwJUSJQH
s80Q/f19fmXPdRETVvNbhgwgzsxyWe+zjf24CNfNpVYNa3Ooi6JyKiLFEjzoY6fU
TfBxph+1H3+DrAlbLZobQdxLrsfREWOi9Jsr0V4LVxiMvPXthMKjcDVD41UA1wbP
djwvnhWFWU7SEuNiyqevGTqmxTlMRyGxE6JgF/hSH6XhAppEn9bAggy8zdmDWAgc
EcPFDtsdAq/EDYBIoFHJv3dJCxMSs0BixaWU25HK/YsjXqymLybt12aR5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFHcUj4iNnUPF4pdKFk61WemCjXoMB8GA1UdIwQY
MBaAFC9wUyZkNDyz0olwI6En9gupF6XdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDNCVEptUTBQTFBTaVhBam9TZjJDNmtYcGQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC82YzU5YzAtZWNkOC00NzI3LWIxZGUt
MzE1YTc5ZjU5ZTE4LzEvTDNCVEptUTBQTFBTaVhBam9TZjJDNmtYcGQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC82YzU5YzAtZWNkOC00NzI3LWIxZGUtMzE1YTc5ZjU5ZTE4
LzEvTDNCVEptUTBQTFBTaVhBam9TZjJDNmtYcGQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjOuej9Ep
nXblSMgH5I6NVwNb++S7kwTE1AWRfyJE1Nal5bv3+cehbjbvhy6YgFoerke8W9li
EfjlplS9dJ2REBwb21ki0bu0aNmBiTtCck325U+MWVl2oOBoHXzh0rqYNX4RG+O7
f8GRGSESLntZVibPilvxgSlk1pDyGQm/D9cve+W5xad2W00QFtkPq1F1bFip20MH
lAEaloGWljgINuZuxb/JpQ5DHl0QARWVbIbFOgdo35DyPc7lu0T1Kp3nWOLm3OXu
FB3jl76JYhvQMHiJgWn+DN8e3FKvj5TNGb6Swo6J3smGjDdSfJ/mUea+k+JHjApR
NDcmMHQ84iSV2Q==
-----END CERTIFICATE-----