Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft
File:                     lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft (raw, json)
Hash identifier:          bTRR3nbACuVUWqcJoNBosVZPNmwLabv7OMF2CJeIbqU=
Subject key identifier:   60:ED:6A:E7:57:16:BB:CD:C0:E5:57:35:8A:CD:97:DA:7D:92:A1:7F
Authority key identifier: 95:4C:F7:21:C0:8C:8E:9B:C5:24:2D:56:19:66:77:21:73:50:45:5C
Certificate issuer:       /CN=954cf721c08c8e9bc5242d56196677217350455c
Certificate serial:       01976D3E13D61819104FC518945B2D6EE62A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft
Manifest number:          05AE
Signing time:             Sat 14 Jun 2025 07:01:14 +0000
Manifest this update:     Sat 14 Jun 2025 07:01:14 +0000
Manifest next update:     Sun 15 Jun 2025 07:01:14 +0000
Files and hashes:         1: lUz3IcCMjpvFJC1WGWZ3IXNQRVw.crl (hash: vTzOb6T3RUx5hZA3t26KE2aYuVDGX+RLc56JbEWo7MQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3e:13:d6:18:19:10:4f:c5:18:94:5b:2d:6e:e6:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=954cf721c08c8e9bc5242d56196677217350455c
        Validity
            Not Before: Jun 14 07:01:14 2025 GMT
            Not After : Jun 15 07:01:14 2025 GMT
        Subject: CN=60ed6ae75716bbcdc0e557358acd97da7d92a17f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:51:1e:1b:6a:e1:d2:9b:de:60:e2:57:c9:98:
                    1e:ed:a4:83:39:54:58:70:0e:9e:2c:25:4d:d4:3a:
                    a6:14:ad:12:64:46:c8:39:0f:25:e4:53:63:96:74:
                    a5:18:c1:34:57:a5:2a:42:e2:cf:92:4b:21:10:23:
                    66:9d:a5:57:7a:00:76:ee:44:38:a5:62:29:68:0c:
                    c1:bc:29:b1:e8:a1:ab:28:3b:4e:3d:ef:96:dc:9f:
                    9f:d9:4d:ec:45:a0:85:5a:41:22:3b:48:f1:86:c1:
                    95:8f:27:c1:98:6f:10:f3:59:9b:86:1e:bc:f2:f9:
                    fc:78:b9:da:cf:17:e4:e7:f5:23:47:ee:0d:5d:4e:
                    08:52:c8:06:a1:f8:40:0d:a4:b0:0d:d5:58:0f:a1:
                    84:3d:5c:14:f5:75:6c:de:a1:d3:97:07:a9:9a:15:
                    63:66:c4:10:13:d7:22:f4:3d:43:f1:0c:38:81:1b:
                    8f:a2:69:4e:b6:b4:0f:90:f7:4e:06:49:75:ad:ab:
                    fe:75:98:ae:4d:2f:28:96:02:11:24:63:78:04:81:
                    9e:e9:3b:b7:36:8f:33:94:ed:54:a4:1d:0f:6b:d4:
                    36:de:06:a6:f7:9d:68:19:6d:2a:c7:ca:74:23:6f:
                    04:15:9c:0e:5f:35:f9:94:fd:6d:40:0d:f5:99:3d:
                    48:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:ED:6A:E7:57:16:BB:CD:C0:E5:57:35:8A:CD:97:DA:7D:92:A1:7F
            X509v3 Authority Key Identifier:
                keyid:95:4C:F7:21:C0:8C:8E:9B:C5:24:2D:56:19:66:77:21:73:50:45:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:2f:69:63:fd:d8:8e:da:14:03:49:d3:e2:69:53:0e:25:a2:
         dd:59:f8:2b:58:7a:42:f5:11:11:22:62:97:02:21:b8:08:e1:
         69:98:60:a2:b2:74:15:4c:60:92:1a:c1:19:bd:5b:b8:39:9a:
         ce:9c:43:d1:4a:fb:85:d6:80:fd:63:8e:d9:b2:e7:ea:84:51:
         8f:38:0f:4b:e4:cd:df:27:03:93:5a:7a:a3:f8:cb:8f:b2:8f:
         c8:08:1a:85:a8:35:b6:dd:7a:ba:db:17:5b:f6:38:d3:41:f8:
         0f:d5:87:60:f6:4d:be:0f:33:ac:9c:7a:c2:35:d0:3a:29:13:
         75:80:16:de:56:8b:a2:06:17:f6:08:15:bc:a6:ea:48:c5:53:
         f6:ad:de:7e:5b:fa:bd:ef:e1:92:20:76:71:2d:ac:66:c6:fc:
         d5:93:7e:84:d7:46:de:37:d8:d1:f3:05:87:7e:a3:91:d8:2e:
         8d:35:27:ff:ab:df:ec:93:82:b2:13:40:86:d7:c9:5d:13:96:
         98:db:7d:55:19:75:0d:a9:e2:dd:d1:a2:e6:83:1e:92:23:4a:
         24:2c:ef:cd:3e:78:53:0b:c1:e5:0b:87:48:9e:79:f6:98:87:
         51:a1:03:42:a9:5c:af:29:b0:d3:99:a4:a1:00:2c:23:d4:59:
         c1:04:84:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPhPWGBkQT8UYlFstbuYqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NGNmNzIxYzA4YzhlOWJjNTI0MmQ1NjE5NjY3NzIxNzM1
MDQ1NWMwHhcNMjUwNjE0MDcwMTE0WhcNMjUwNjE1MDcwMTE0WjAzMTEwLwYDVQQD
Eyg2MGVkNmFlNzU3MTZiYmNkYzBlNTU3MzU4YWNkOTdkYTdkOTJhMTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1lEeG2rh0pveYOJXyZge7aSDOVRY
cA6eLCVN1DqmFK0SZEbIOQ8l5FNjlnSlGME0V6UqQuLPkkshECNmnaVXegB27kQ4
pWIpaAzBvCmx6KGrKDtOPe+W3J+f2U3sRaCFWkEiO0jxhsGVjyfBmG8Q81mbhh68
8vn8eLnazxfk5/UjR+4NXU4IUsgGofhADaSwDdVYD6GEPVwU9XVs3qHTlwepmhVj
ZsQQE9ci9D1D8Qw4gRuPomlOtrQPkPdOBkl1rav+dZiuTS8olgIRJGN4BIGe6Tu3
No8zlO1UpB0Pa9Q23gam951oGW0qx8p0I28EFZwOXzX5lP1tQA31mT1IoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGDtaudXFrvNwOVXNYrNl9p9kqF/MB8GA1UdIwQY
MBaAFJVM9yHAjI6bxSQtVhlmdyFzUEVcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFV6M0ljQ01qcHZGSkMxV0dXWjNJWE5RUlZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8yODIzZGQtMjVhMS00NGEwLWJmYzEt
Y2JiZDA4YWQzZWMyLzEvbFV6M0ljQ01qcHZGSkMxV0dXWjNJWE5RUlZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8yODIzZGQtMjVhMS00NGEwLWJmYzEtY2JiZDA4YWQzZWMy
LzEvbFV6M0ljQ01qcHZGSkMxV0dXWjNJWE5RUlZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMS9pY/3Y
jtoUA0nT4mlTDiWi3Vn4K1h6QvURESJilwIhuAjhaZhgorJ0FUxgkhrBGb1buDma
zpxD0Ur7hdaA/WOO2bLn6oRRjzgPS+TN3ycDk1p6o/jLj7KPyAgahag1tt16utsX
W/Y400H4D9WHYPZNvg8zrJx6wjXQOikTdYAW3laLogYX9ggVvKbqSMVT9q3eflv6
ve/hkiB2cS2sZsb81ZN+hNdG3jfY0fMFh36jkdgujTUn/6vf7JOCshNAhtfJXROW
mNt9VRl1Dani3dGi5oMekiNKJCzvzT54UwvB5QuHSJ559piHUaEDQqlcrymw05mk
oQAsI9RZwQSEkQ==
-----END CERTIFICATE-----