Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft
File:                     lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft (raw, json)
Hash identifier:          YWakyonaNaXc3JRAWthEzrefxG9YdV69/g9bHggGViI=
Subject key identifier:   F2:D0:9B:6A:C3:94:F1:98:1B:EA:C6:89:7E:8B:7D:F5:BC:D4:3C:DA
Authority key identifier: 95:4C:F7:21:C0:8C:8E:9B:C5:24:2D:56:19:66:77:21:73:50:45:5C
Certificate issuer:       /CN=954cf721c08c8e9bc5242d56196677217350455c
Certificate serial:       019873E2EBAE9E1D67322E028EE6113BB9EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft
Manifest number:          0636
Signing time:             Mon 04 Aug 2025 07:01:47 +0000
Manifest this update:     Mon 04 Aug 2025 07:01:47 +0000
Manifest next update:     Tue 05 Aug 2025 07:01:47 +0000
Files and hashes:         1: lUz3IcCMjpvFJC1WGWZ3IXNQRVw.crl (hash: Cu2d+iubtnBpsaM3eWtFWIrQwgr+k+VEMC0tia7MbeE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 07:01:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e2:eb:ae:9e:1d:67:32:2e:02:8e:e6:11:3b:b9:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=954cf721c08c8e9bc5242d56196677217350455c
        Validity
            Not Before: Aug  4 07:01:47 2025 GMT
            Not After : Aug  5 07:01:47 2025 GMT
        Subject: CN=f2d09b6ac394f1981beac6897e8b7df5bcd43cda
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:4f:65:53:ed:d7:17:f2:a2:b7:e7:11:ac:b5:
                    31:b3:37:19:ba:11:9b:8c:9d:fd:d0:8c:7d:68:9d:
                    6d:83:58:41:c6:ef:66:49:72:c3:e3:0f:db:55:00:
                    25:f3:f4:d0:12:52:1a:09:fa:d7:6b:06:4f:30:08:
                    19:02:a8:ba:df:7a:29:19:a0:01:c3:04:9d:e1:74:
                    ce:95:91:14:b7:96:9d:1c:c1:64:b8:3e:52:60:c6:
                    a4:01:d0:06:cf:4a:86:8a:5f:d2:03:3e:fd:a5:b6:
                    b5:d2:e9:8b:66:48:46:28:b9:ce:c2:67:fe:3f:0b:
                    16:bf:7f:30:5d:15:1c:db:4b:c0:76:fe:e7:63:57:
                    97:4d:bf:06:60:67:ba:4b:0a:ca:c6:7b:7d:e2:98:
                    2c:36:21:ee:d3:5b:7c:43:24:87:be:39:b3:4b:ab:
                    bd:a6:6c:14:41:a5:b0:58:63:be:f4:ff:d3:40:35:
                    c5:27:c0:9d:3a:09:03:2b:38:07:1c:bc:2d:c5:89:
                    7f:d6:1d:5a:e6:52:93:05:6a:0b:0c:ab:74:a5:a5:
                    a8:61:1b:4c:30:00:28:ec:9b:ea:1d:91:44:f7:d3:
                    7a:73:30:76:6e:f8:72:eb:a3:55:9f:73:30:39:75:
                    a3:cb:30:38:1c:83:f5:43:56:65:b5:47:a2:ec:b6:
                    36:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:D0:9B:6A:C3:94:F1:98:1B:EA:C6:89:7E:8B:7D:F5:BC:D4:3C:DA
            X509v3 Authority Key Identifier:
                keyid:95:4C:F7:21:C0:8C:8E:9B:C5:24:2D:56:19:66:77:21:73:50:45:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:f1:b8:3c:11:94:f7:e8:2c:c6:26:12:55:70:28:92:a0:61:
         c6:fc:08:dd:f3:c4:16:61:75:a6:04:59:c4:ff:d5:53:83:66:
         42:f8:cc:4e:a3:f1:59:19:4f:d7:bd:b4:f5:73:f0:e5:6b:e5:
         dc:12:95:96:7e:2d:9f:d6:c1:86:e8:80:4a:c5:39:ff:1b:1e:
         6a:cc:46:6f:20:77:66:9c:47:a1:60:bb:0e:7d:5d:0a:ed:4f:
         bf:1a:d8:6a:d5:11:49:af:1e:ff:ae:80:48:b2:b3:5c:ea:62:
         ed:07:29:c3:81:ea:2c:be:ef:d8:c8:dd:2b:66:ff:b2:34:26:
         77:20:4a:95:d4:24:27:d1:a7:5f:3a:53:b7:f3:02:83:bd:3b:
         cf:71:34:c3:93:b7:48:f8:4c:94:04:eb:59:eb:26:f4:eb:de:
         0a:5d:b6:03:09:72:16:5f:99:ac:18:35:1d:51:f8:94:46:7d:
         45:b1:f9:98:cd:be:60:7b:0a:70:05:59:e7:eb:ee:3d:07:bd:
         8b:93:8d:d9:27:e9:97:f4:33:30:ee:38:c5:cc:90:20:e4:ce:
         88:26:4c:42:cf:45:4a:52:15:c4:fa:9d:02:55:47:f6:e5:90:
         64:4b:69:19:4a:7e:07:ce:53:5f:03:1d:49:62:4c:e0:d0:9d:
         39:d8:99:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4uuunh1nMi4CjuYRO7nqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NGNmNzIxYzA4YzhlOWJjNTI0MmQ1NjE5NjY3NzIxNzM1
MDQ1NWMwHhcNMjUwODA0MDcwMTQ3WhcNMjUwODA1MDcwMTQ3WjAzMTEwLwYDVQQD
EyhmMmQwOWI2YWMzOTRmMTk4MWJlYWM2ODk3ZThiN2RmNWJjZDQzY2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8k9lU+3XF/Kit+cRrLUxszcZuhGb
jJ390Ix9aJ1tg1hBxu9mSXLD4w/bVQAl8/TQElIaCfrXawZPMAgZAqi633opGaAB
wwSd4XTOlZEUt5adHMFkuD5SYMakAdAGz0qGil/SAz79pba10umLZkhGKLnOwmf+
PwsWv38wXRUc20vAdv7nY1eXTb8GYGe6SwrKxnt94pgsNiHu01t8QySHvjmzS6u9
pmwUQaWwWGO+9P/TQDXFJ8CdOgkDKzgHHLwtxYl/1h1a5lKTBWoLDKt0paWoYRtM
MAAo7JvqHZFE99N6czB2bvhy66NVn3MwOXWjyzA4HIP1Q1ZltUei7LY25wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPLQm2rDlPGYG+rGiX6LffW81DzaMB8GA1UdIwQY
MBaAFJVM9yHAjI6bxSQtVhlmdyFzUEVcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFV6M0ljQ01qcHZGSkMxV0dXWjNJWE5RUlZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8yODIzZGQtMjVhMS00NGEwLWJmYzEt
Y2JiZDA4YWQzZWMyLzEvbFV6M0ljQ01qcHZGSkMxV0dXWjNJWE5RUlZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8yODIzZGQtMjVhMS00NGEwLWJmYzEtY2JiZDA4YWQzZWMy
LzEvbFV6M0ljQ01qcHZGSkMxV0dXWjNJWE5RUlZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO/G4PBGU
9+gsxiYSVXAokqBhxvwI3fPEFmF1pgRZxP/VU4NmQvjMTqPxWRlP17209XPw5Wvl
3BKVln4tn9bBhuiASsU5/xseasxGbyB3ZpxHoWC7Dn1dCu1PvxrYatURSa8e/66A
SLKzXOpi7Qcpw4HqLL7v2MjdK2b/sjQmdyBKldQkJ9GnXzpTt/MCg707z3E0w5O3
SPhMlATrWesm9OveCl22AwlyFl+ZrBg1HVH4lEZ9RbH5mM2+YHsKcAVZ5+vuPQe9
i5ON2Sfpl/QzMO44xcyQIOTOiCZMQs9FSlIVxPqdAlVH9uWQZEtpGUp+B85TXwMd
SWJM4NCdOdiZyw==
-----END CERTIFICATE-----