Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft
File:                     L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft (raw, json)
Hash identifier:          LhqO4z73rrkE7SICwPdVik8r+yQ3R9wz3ZtML7cfpPo=
Subject key identifier:   6D:99:8E:76:FB:25:E3:54:FD:2E:5D:DB:1E:81:96:7A:B1:83:75:5F
Authority key identifier: 2F:70:53:26:64:34:3C:B3:D2:89:70:23:A1:27:F6:0B:A9:17:A5:DD
Certificate issuer:       /CN=2f70532664343cb3d2897023a127f60ba917a5dd
Certificate serial:       01976DAC36B5FE0CB0473EB0766EAAF46A43
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft
Manifest number:          0B81
Signing time:             Sat 14 Jun 2025 09:01:32 +0000
Manifest this update:     Sat 14 Jun 2025 09:01:32 +0000
Manifest next update:     Sun 15 Jun 2025 09:01:32 +0000
Files and hashes:         1: L3BTJmQ0PLPSiXAjoSf2C6kXpd0.crl (hash: 7MW4oPpx3/3aUjcncTjjY3RjR2nM2uVKsJFC8t74D/k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:ac:36:b5:fe:0c:b0:47:3e:b0:76:6e:aa:f4:6a:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f70532664343cb3d2897023a127f60ba917a5dd
        Validity
            Not Before: Jun 14 09:01:32 2025 GMT
            Not After : Jun 15 09:01:32 2025 GMT
        Subject: CN=6d998e76fb25e354fd2e5ddb1e81967ab183755f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:16:0b:85:d9:a0:b0:e9:ca:72:43:a1:fd:23:
                    01:4a:5b:92:ad:cb:7e:9d:f6:5f:d8:5d:cf:4f:15:
                    65:d7:51:8e:6d:bf:63:dc:09:d8:1b:95:bd:75:f0:
                    68:e6:8a:cc:9c:68:20:39:6d:25:53:6b:13:83:4c:
                    40:ea:a9:f1:ce:b2:ea:df:9c:eb:84:d5:58:b0:10:
                    27:9e:1c:2c:df:0a:88:6e:7c:56:48:76:ac:e2:5f:
                    20:2a:1f:79:7f:1d:a8:be:8e:52:c7:02:5a:15:90:
                    77:7a:0a:d7:e1:cd:11:eb:11:fb:f4:73:94:c6:74:
                    e0:42:87:42:4e:b1:c1:92:5a:83:1d:3e:a7:5f:f5:
                    6c:2a:0f:6e:d7:9a:9a:83:a1:92:08:06:3c:c2:54:
                    9d:8e:f8:ee:c9:1c:b2:5c:90:cf:b7:1d:a6:3f:56:
                    26:9f:20:e4:b2:62:87:be:dc:09:58:a4:75:0d:02:
                    87:2b:6e:d8:f3:2c:3b:cb:0b:6c:d0:e9:ff:30:94:
                    54:d1:7f:98:c1:00:a6:c1:f2:e4:b2:bd:cf:e7:20:
                    c2:24:db:c5:3b:8c:47:db:76:1a:4a:31:6c:d4:a6:
                    ff:b0:1a:ae:e1:8a:88:7a:79:2e:07:9f:cd:0f:fb:
                    b7:c0:2d:cf:3d:c0:65:28:01:3e:d5:b9:a2:ee:1e:
                    f6:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:99:8E:76:FB:25:E3:54:FD:2E:5D:DB:1E:81:96:7A:B1:83:75:5F
            X509v3 Authority Key Identifier:
                keyid:2F:70:53:26:64:34:3C:B3:D2:89:70:23:A1:27:F6:0B:A9:17:A5:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:3d:97:c2:92:86:c6:55:95:e3:fd:c0:74:52:35:8e:85:cf:
         14:a1:b7:c7:69:c2:d8:d0:a6:1b:62:ba:93:60:94:85:98:86:
         c0:2a:95:6a:88:19:ca:45:2a:a4:c1:81:e4:54:d1:7b:4a:f2:
         a1:d7:df:6e:03:ba:f4:b6:77:f3:58:f7:59:5f:b3:0e:c6:db:
         ad:d5:70:fd:a7:d8:4c:8d:ac:59:6b:7b:b5:9f:71:82:87:55:
         87:7d:75:2c:8f:f5:ec:9a:ab:4d:6f:49:1c:92:b8:11:ec:10:
         67:d9:fe:cc:f9:33:c2:a5:dd:a4:4f:8c:f3:1b:45:ab:f5:42:
         63:f0:7f:01:b7:87:3a:d5:82:8d:f2:99:1c:97:53:77:d1:ba:
         9a:c1:a3:42:f9:df:e8:b6:17:ac:4c:98:43:00:65:05:8e:ee:
         55:30:f3:4f:e8:30:a6:2d:1f:3e:72:27:e8:4b:42:ac:d2:e0:
         bc:46:2b:87:80:1f:0f:ae:53:42:2e:b3:e4:d5:24:d6:6a:0e:
         f5:7e:74:51:05:6b:bb:63:bf:2d:2d:81:94:4d:a0:6b:52:59:
         4f:c3:a4:ce:3e:6c:be:98:b9:74:05:6c:89:08:5f:b8:12:70:
         cc:05:50:99:bf:2c:8a:b9:55:cc:52:1a:f1:f8:ef:bd:50:00:
         68:40:65:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtrDa1/gywRz6wdm6q9GpDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNzA1MzI2NjQzNDNjYjNkMjg5NzAyM2ExMjdmNjBiYTkx
N2E1ZGQwHhcNMjUwNjE0MDkwMTMyWhcNMjUwNjE1MDkwMTMyWjAzMTEwLwYDVQQD
Eyg2ZDk5OGU3NmZiMjVlMzU0ZmQyZTVkZGIxZTgxOTY3YWIxODM3NTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRYLhdmgsOnKckOh/SMBSluSrct+
nfZf2F3PTxVl11GObb9j3AnYG5W9dfBo5orMnGggOW0lU2sTg0xA6qnxzrLq35zr
hNVYsBAnnhws3wqIbnxWSHas4l8gKh95fx2ovo5SxwJaFZB3egrX4c0R6xH79HOU
xnTgQodCTrHBklqDHT6nX/VsKg9u15qag6GSCAY8wlSdjvjuyRyyXJDPtx2mP1Ym
nyDksmKHvtwJWKR1DQKHK27Y8yw7ywts0On/MJRU0X+YwQCmwfLksr3P5yDCJNvF
O4xH23YaSjFs1Kb/sBqu4YqIenkuB5/ND/u3wC3PPcBlKAE+1bmi7h72yQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG2Zjnb7JeNU/S5d2x6Blnqxg3VfMB8GA1UdIwQY
MBaAFC9wUyZkNDyz0olwI6En9gupF6XdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDNCVEptUTBQTFBTaVhBam9TZjJDNmtYcGQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC82YzU5YzAtZWNkOC00NzI3LWIxZGUt
MzE1YTc5ZjU5ZTE4LzEvTDNCVEptUTBQTFBTaVhBam9TZjJDNmtYcGQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC82YzU5YzAtZWNkOC00NzI3LWIxZGUtMzE1YTc5ZjU5ZTE4
LzEvTDNCVEptUTBQTFBTaVhBam9TZjJDNmtYcGQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnz2XwpKG
xlWV4/3AdFI1joXPFKG3x2nC2NCmG2K6k2CUhZiGwCqVaogZykUqpMGB5FTRe0ry
odffbgO69LZ381j3WV+zDsbbrdVw/afYTI2sWWt7tZ9xgodVh311LI/17JqrTW9J
HJK4EewQZ9n+zPkzwqXdpE+M8xtFq/VCY/B/AbeHOtWCjfKZHJdTd9G6msGjQvnf
6LYXrEyYQwBlBY7uVTDzT+gwpi0fPnIn6EtCrNLgvEYrh4AfD65TQi6z5NUk1moO
9X50UQVru2O/LS2BlE2ga1JZT8Okzj5svpi5dAVsiQhfuBJwzAVQmb8sirlVzFIa
8fjvvVAAaEBlJw==
-----END CERTIFICATE-----