Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft
File:                     1lcpIU0Paz-lGho4A32rjeSOBVg.mft (raw, json)
Hash identifier:          nhCOY/X2VaFIKFMkQupzh4bcGZCZckamJkDRxCvOOCY=
Subject key identifier:   52:23:AA:30:CD:2A:12:8D:D2:11:59:23:4D:DB:D7:1A:0E:D3:DE:91
Authority key identifier: D6:57:29:21:4D:0F:6B:3F:A5:1A:1A:38:03:7D:AB:8D:E4:8E:05:58
Certificate issuer:       /CN=d65729214d0f6b3fa51a1a38037dab8de48e0558
Certificate serial:       01976BF47E5188A53C9BBFC9E89B9CED9B2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1lcpIU0Paz-lGho4A32rjeSOBVg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft
Manifest number:          05EF
Signing time:             Sat 14 Jun 2025 01:01:14 +0000
Manifest this update:     Sat 14 Jun 2025 01:01:14 +0000
Manifest next update:     Sun 15 Jun 2025 01:01:14 +0000
Files and hashes:         1: 1lcpIU0Paz-lGho4A32rjeSOBVg.crl (hash: xJQ3ClVUmljzN6pEOotiLdz1N1u5uOWd4XjQruIfbYE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1lcpIU0Paz-lGho4A32rjeSOBVg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6b:f4:7e:51:88:a5:3c:9b:bf:c9:e8:9b:9c:ed:9b:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d65729214d0f6b3fa51a1a38037dab8de48e0558
        Validity
            Not Before: Jun 14 01:01:14 2025 GMT
            Not After : Jun 15 01:01:14 2025 GMT
        Subject: CN=5223aa30cd2a128dd21159234ddbd71a0ed3de91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:71:d1:e2:ab:99:37:0f:59:b3:38:ae:83:da:
                    49:1b:ba:a5:8d:e4:37:f6:f9:e7:6f:f2:31:b8:48:
                    84:8a:66:04:69:a1:4c:a9:34:c7:6b:2f:f7:ed:2f:
                    2e:f6:3e:27:4f:cb:1e:f3:ed:df:01:78:91:bd:d3:
                    7b:6e:c1:7f:96:5b:48:08:68:bc:30:fd:57:f5:47:
                    d0:86:db:a3:8c:6d:3b:15:f1:ec:9a:b7:86:b1:ef:
                    52:bf:f9:25:8f:d8:80:c2:b6:ab:47:3b:eb:25:f7:
                    b4:5a:b3:47:7e:86:ea:af:b2:dd:3f:04:64:fe:d6:
                    7f:bd:da:6b:85:bf:8c:99:f5:61:aa:0e:55:83:e3:
                    b6:c9:eb:79:9d:42:ad:42:7e:c4:ef:ab:80:88:a8:
                    0c:07:2a:a4:84:96:47:31:cd:76:0f:b8:34:4e:8e:
                    bb:a8:59:e3:0c:c0:8a:0e:0f:1d:1a:e9:09:31:e0:
                    4c:c0:4d:15:9b:b0:2c:69:4e:63:4b:5b:90:4a:1f:
                    ff:5e:db:dd:b8:ce:8d:08:80:70:c5:ac:fd:fa:49:
                    d0:74:17:ef:01:02:67:78:4f:23:4d:e4:ba:d8:54:
                    56:de:d0:02:46:78:56:cf:2b:6c:dd:ae:5a:77:4c:
                    55:d1:a7:56:a2:50:5f:af:0e:94:bf:ac:3d:f2:5a:
                    9f:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:23:AA:30:CD:2A:12:8D:D2:11:59:23:4D:DB:D7:1A:0E:D3:DE:91
            X509v3 Authority Key Identifier:
                keyid:D6:57:29:21:4D:0F:6B:3F:A5:1A:1A:38:03:7D:AB:8D:E4:8E:05:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1lcpIU0Paz-lGho4A32rjeSOBVg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:91:34:08:66:b8:4c:88:14:62:2c:80:20:aa:7f:76:a5:25:
         d1:fd:b2:e8:9e:fb:55:b4:20:37:10:98:00:bd:50:50:85:a4:
         a8:54:da:41:ca:e3:6c:0e:a4:4d:c7:e9:46:e8:fc:9a:50:dc:
         3a:9f:81:d1:a7:9a:45:33:a0:fd:1e:1a:7f:8d:27:c7:b0:cc:
         0d:a2:fd:ed:28:c9:0f:a8:1a:34:35:f8:2f:2e:58:b1:9d:6e:
         2e:3c:95:3b:44:84:fd:64:f7:cc:8b:7f:09:c0:94:fc:24:22:
         9c:99:47:aa:0d:41:33:79:a8:3f:eb:b3:2e:14:4d:15:ea:85:
         6c:d5:4d:0c:3f:23:14:97:3d:da:0f:b9:9c:5f:d5:27:a5:32:
         5d:f2:b1:34:66:0a:cc:83:44:24:18:74:63:2b:8f:6c:43:df:
         f0:fe:6b:e4:28:71:5a:0a:15:72:a8:e9:51:6e:e0:14:f9:51:
         a1:c4:b8:a9:40:5c:dd:dd:de:74:86:57:59:f9:9d:2a:05:3c:
         0d:bc:3f:7b:78:a4:d1:16:3a:8f:bc:75:f9:85:36:86:41:29:
         68:4a:a0:cf:48:c3:ab:03:c0:02:bf:44:b3:ae:7e:a0:94:d6:
         19:ed:ce:34:be:ba:5f:d0:06:fb:c7:4d:51:4d:7a:f7:3c:c0:
         b8:dd:03:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdr9H5RiKU8m7/J6Juc7ZsuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2NTcyOTIxNGQwZjZiM2ZhNTFhMWEzODAzN2RhYjhkZTQ4
ZTA1NTgwHhcNMjUwNjE0MDEwMTE0WhcNMjUwNjE1MDEwMTE0WjAzMTEwLwYDVQQD
Eyg1MjIzYWEzMGNkMmExMjhkZDIxMTU5MjM0ZGRiZDcxYTBlZDNkZTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHHR4quZNw9Zsziug9pJG7qljeQ3
9vnnb/IxuEiEimYEaaFMqTTHay/37S8u9j4nT8se8+3fAXiRvdN7bsF/lltICGi8
MP1X9UfQhtujjG07FfHsmreGse9Sv/klj9iAwrarRzvrJfe0WrNHfobqr7LdPwRk
/tZ/vdprhb+MmfVhqg5Vg+O2yet5nUKtQn7E76uAiKgMByqkhJZHMc12D7g0To67
qFnjDMCKDg8dGukJMeBMwE0Vm7AsaU5jS1uQSh//XtvduM6NCIBwxaz9+knQdBfv
AQJneE8jTeS62FRW3tACRnhWzyts3a5ad0xV0adWolBfrw6Uv6w98lqfEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFIjqjDNKhKN0hFZI03b1xoO096RMB8GA1UdIwQY
MBaAFNZXKSFND2s/pRoaOAN9q43kjgVYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWxjcElVMFBhei1sR2hvNEEzMnJqZVNPQlZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8wODViZDMtYzM0Zi00OGNmLTlhNzMt
ZWM0M2ZkNmMyMjdhLzEvMWxjcElVMFBhei1sR2hvNEEzMnJqZVNPQlZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8wODViZDMtYzM0Zi00OGNmLTlhNzMtZWM0M2ZkNmMyMjdh
LzEvMWxjcElVMFBhei1sR2hvNEEzMnJqZVNPQlZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASZE0CGa4
TIgUYiyAIKp/dqUl0f2y6J77VbQgNxCYAL1QUIWkqFTaQcrjbA6kTcfpRuj8mlDc
Op+B0aeaRTOg/R4af40nx7DMDaL97SjJD6gaNDX4Ly5YsZ1uLjyVO0SE/WT3zIt/
CcCU/CQinJlHqg1BM3moP+uzLhRNFeqFbNVNDD8jFJc92g+5nF/VJ6UyXfKxNGYK
zINEJBh0YyuPbEPf8P5r5ChxWgoVcqjpUW7gFPlRocS4qUBc3d3edIZXWfmdKgU8
Dbw/e3ik0RY6j7x1+YU2hkEpaEqgz0jDqwPAAr9Es65+oJTWGe3ONL66X9AG+8dN
UU169zzAuN0DRw==
-----END CERTIFICATE-----