Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/6b0dc9-c1b9-4fae-acd9-6bff1c0e68ae/1/lkyqlAOgjTc7kLcQpW0-roE5T_A.mft
File:                     lkyqlAOgjTc7kLcQpW0-roE5T_A.mft (raw, json)
Hash identifier:          BvUrVWaBLDxErAAWQPpipY82jBuMa0s4VUs0YOVvRa8=
Subject key identifier:   A4:06:E4:7F:35:B3:68:B2:9B:35:24:4D:56:57:15:9E:35:4B:DF:94
Authority key identifier: 96:4C:AA:94:03:A0:8D:37:3B:90:B7:10:A5:6D:3E:AE:81:39:4F:F0
Certificate issuer:       /CN=964caa9403a08d373b90b710a56d3eae81394ff0
Certificate serial:       01977D1EA6E8452396973447CB5A3F7071EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lkyqlAOgjTc7kLcQpW0-roE5T_A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/6b0dc9-c1b9-4fae-acd9-6bff1c0e68ae/1/lkyqlAOgjTc7kLcQpW0-roE5T_A.mft
Manifest number:          1524
Signing time:             Tue 17 Jun 2025 09:00:50 +0000
Manifest this update:     Tue 17 Jun 2025 09:00:50 +0000
Manifest next update:     Wed 18 Jun 2025 09:00:50 +0000
Files and hashes:         1: lkyqlAOgjTc7kLcQpW0-roE5T_A.crl (hash: Rm8ySwAVxwHBWB0KykLEw2qdZd5bNqmdbsXM5KqT4Cw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/6b0dc9-c1b9-4fae-acd9-6bff1c0e68ae/1/lkyqlAOgjTc7kLcQpW0-roE5T_A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/6b0dc9-c1b9-4fae-acd9-6bff1c0e68ae/1/lkyqlAOgjTc7kLcQpW0-roE5T_A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lkyqlAOgjTc7kLcQpW0-roE5T_A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 18 Jun 2025 09:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:7d:1e:a6:e8:45:23:96:97:34:47:cb:5a:3f:70:71:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=964caa9403a08d373b90b710a56d3eae81394ff0
        Validity
            Not Before: Jun 17 09:00:50 2025 GMT
            Not After : Jun 18 09:00:50 2025 GMT
        Subject: CN=a406e47f35b368b29b35244d5657159e354bdf94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:0d:66:e9:0f:75:aa:d2:0b:46:d6:40:ce:77:
                    98:df:ef:48:a8:87:d2:62:db:b8:57:b7:77:bd:ef:
                    67:1c:57:19:bb:67:b9:19:b1:0c:da:58:86:0f:06:
                    8b:75:bb:ad:e6:05:96:9e:17:08:e7:fe:70:90:c2:
                    00:23:87:54:1c:b9:20:62:a5:02:d4:32:1f:e2:7a:
                    55:9e:db:ce:4c:a6:de:bf:c3:aa:67:93:d8:88:79:
                    42:31:8a:b9:03:a3:8a:6b:f5:78:35:eb:90:bd:78:
                    8a:d5:52:2d:01:bc:30:ff:62:4a:4f:5f:ec:d6:b9:
                    2e:91:8a:36:02:f1:78:82:91:03:87:bf:f4:bc:f1:
                    5f:0b:22:90:eb:66:5c:da:64:30:e8:cd:37:04:b5:
                    e5:63:9c:00:ef:40:6c:da:6a:3d:3d:cf:a9:b8:b3:
                    34:b1:1f:a0:14:89:cd:f6:c4:2c:f5:bc:e4:88:85:
                    3c:9c:dd:cb:25:d1:a2:68:ee:e5:9d:c5:37:c2:df:
                    3f:84:45:42:4f:d0:cb:d0:c0:e3:23:c1:ad:a8:97:
                    ab:19:69:d4:84:ba:b9:94:84:be:d7:11:8c:b2:7c:
                    93:fd:ee:fa:da:45:0f:e3:85:d0:90:f2:dc:4b:3b:
                    2d:40:56:b5:31:65:2d:26:99:2e:81:5d:57:44:fe:
                    ce:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:06:E4:7F:35:B3:68:B2:9B:35:24:4D:56:57:15:9E:35:4B:DF:94
            X509v3 Authority Key Identifier:
                keyid:96:4C:AA:94:03:A0:8D:37:3B:90:B7:10:A5:6D:3E:AE:81:39:4F:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lkyqlAOgjTc7kLcQpW0-roE5T_A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/6b0dc9-c1b9-4fae-acd9-6bff1c0e68ae/1/lkyqlAOgjTc7kLcQpW0-roE5T_A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/6b0dc9-c1b9-4fae-acd9-6bff1c0e68ae/1/lkyqlAOgjTc7kLcQpW0-roE5T_A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:8e:66:c3:52:66:e8:03:07:45:d6:49:02:9c:03:97:5e:b1:
         79:93:c4:70:73:7d:6b:05:f1:42:0d:78:ef:c9:d7:e9:56:19:
         51:20:28:8e:62:b7:35:8b:61:c3:68:45:24:7b:5a:42:14:d8:
         5d:05:98:d9:e4:db:72:59:ad:a0:3f:d4:13:ed:08:4b:d1:15:
         4d:ee:7b:36:79:54:67:4e:9b:ac:7b:9f:43:fd:28:80:c8:bd:
         ac:6b:bd:6a:a4:0e:dd:b2:10:39:cc:ea:e2:87:a5:67:09:a4:
         b2:ea:54:a0:38:a1:23:4b:69:f1:ae:6b:d2:ff:fb:aa:18:00:
         25:59:7d:98:3c:67:6a:1a:dd:53:5c:c9:ce:9b:16:b8:75:bf:
         54:f8:6c:7f:4b:ee:7a:d7:1b:f2:c2:7c:6a:d8:f2:37:eb:19:
         5e:41:3d:13:56:9f:dd:dd:29:29:e0:34:73:82:e6:c9:02:de:
         5f:66:ad:73:34:63:c9:c3:e7:20:59:1d:6d:b6:4a:c5:91:7b:
         ec:9b:6e:96:53:ac:c7:e8:68:79:5b:41:38:17:db:45:b4:c0:
         6e:75:d2:89:f4:16:62:5a:a5:eb:93:0b:43:45:b6:35:1c:fd:
         be:d9:bd:d4:b1:11:cc:67:a4:81:bb:1f:d0:e7:87:23:5a:bc:
         d4:0d:26:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd9HqboRSOWlzRHy1o/cHHuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2NGNhYTk0MDNhMDhkMzczYjkwYjcxMGE1NmQzZWFlODEz
OTRmZjAwHhcNMjUwNjE3MDkwMDUwWhcNMjUwNjE4MDkwMDUwWjAzMTEwLwYDVQQD
EyhhNDA2ZTQ3ZjM1YjM2OGIyOWIzNTI0NGQ1NjU3MTU5ZTM1NGJkZjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuw1m6Q91qtILRtZAzneY3+9IqIfS
Ytu4V7d3ve9nHFcZu2e5GbEM2liGDwaLdbut5gWWnhcI5/5wkMIAI4dUHLkgYqUC
1DIf4npVntvOTKbev8OqZ5PYiHlCMYq5A6OKa/V4NeuQvXiK1VItAbww/2JKT1/s
1rkukYo2AvF4gpEDh7/0vPFfCyKQ62Zc2mQw6M03BLXlY5wA70Bs2mo9Pc+puLM0
sR+gFInN9sQs9bzkiIU8nN3LJdGiaO7lncU3wt8/hEVCT9DL0MDjI8GtqJerGWnU
hLq5lIS+1xGMsnyT/e762kUP44XQkPLcSzstQFa1MWUtJpkugV1XRP7OCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKQG5H81s2iymzUkTVZXFZ41S9+UMB8GA1UdIwQY
MBaAFJZMqpQDoI03O5C3EKVtPq6BOU/wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGt5cWxBT2dqVGM3a0xjUXBXMC1yb0U1VF9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS82YjBkYzktYzFiOS00ZmFlLWFjZDkt
NmJmZjFjMGU2OGFlLzEvbGt5cWxBT2dqVGM3a0xjUXBXMC1yb0U1VF9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS82YjBkYzktYzFiOS00ZmFlLWFjZDktNmJmZjFjMGU2OGFl
LzEvbGt5cWxBT2dqVGM3a0xjUXBXMC1yb0U1VF9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATI5mw1Jm
6AMHRdZJApwDl16xeZPEcHN9awXxQg1478nX6VYZUSAojmK3NYthw2hFJHtaQhTY
XQWY2eTbclmtoD/UE+0IS9EVTe57NnlUZ06brHufQ/0ogMi9rGu9aqQO3bIQOczq
4oelZwmksupUoDihI0tp8a5r0v/7qhgAJVl9mDxnahrdU1zJzpsWuHW/VPhsf0vu
etcb8sJ8atjyN+sZXkE9E1af3d0pKeA0c4LmyQLeX2atczRjycPnIFkdbbZKxZF7
7JtullOsx+hoeVtBOBfbRbTAbnXSifQWYlql65MLQ0W2NRz9vtm91LERzGekgbsf
0OeHI1q81A0mug==
-----END CERTIFICATE-----