Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft
File:                     1lcpIU0Paz-lGho4A32rjeSOBVg.mft (raw, json)
Hash identifier:          GyGV59rH/a78hdXxaKs5H8d3ARDPECZYSGXX2nRVRY8=
Subject key identifier:   32:E6:EF:98:74:A9:12:51:51:09:85:2D:0E:22:51:DF:DB:1B:B7:82
Authority key identifier: D6:57:29:21:4D:0F:6B:3F:A5:1A:1A:38:03:7D:AB:8D:E4:8E:05:58
Certificate issuer:       /CN=d65729214d0f6b3fa51a1a38037dab8de48e0558
Certificate serial:       01987C409150C9E602AEAFCA34DACFB4EB62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1lcpIU0Paz-lGho4A32rjeSOBVg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft
Manifest number:          067C
Signing time:             Tue 05 Aug 2025 22:01:02 +0000
Manifest this update:     Tue 05 Aug 2025 22:01:02 +0000
Manifest next update:     Wed 06 Aug 2025 22:01:02 +0000
Files and hashes:         1: 1lcpIU0Paz-lGho4A32rjeSOBVg.crl (hash: RVdIAE4gm9TmUonUdhj2JYE19bEgoF/l23Y1lpx4vUM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1lcpIU0Paz-lGho4A32rjeSOBVg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 22:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7c:40:91:50:c9:e6:02:ae:af:ca:34:da:cf:b4:eb:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d65729214d0f6b3fa51a1a38037dab8de48e0558
        Validity
            Not Before: Aug  5 22:01:02 2025 GMT
            Not After : Aug  6 22:01:02 2025 GMT
        Subject: CN=32e6ef9874a912515109852d0e2251dfdb1bb782
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:9f:34:70:0b:f6:89:b0:bd:09:3e:28:50:b1:
                    60:99:33:f1:99:d1:88:11:e4:95:61:23:3c:6b:34:
                    27:6f:6a:1d:ed:9b:56:c3:a1:67:fe:49:c8:e5:d2:
                    ec:a9:ae:11:33:ab:f9:4b:65:a3:76:e5:81:75:72:
                    93:9d:59:5d:c4:e1:42:2b:8a:77:88:ed:9f:62:a8:
                    99:7d:21:cf:7a:39:5e:f1:e9:1c:83:4f:b8:d3:5d:
                    17:e7:6f:da:68:d0:98:3d:0c:0e:c6:18:06:05:27:
                    a2:be:8b:a2:63:99:d7:38:fa:21:6f:8c:fe:9c:ae:
                    38:1e:a8:12:fa:53:02:ef:12:02:df:7c:d3:26:df:
                    09:d5:d7:c8:a6:e2:65:e0:bd:03:31:02:e8:01:2b:
                    f8:e8:aa:46:a5:df:e6:f2:33:c1:c2:1c:72:ce:dd:
                    85:6e:08:53:17:26:4c:df:99:b4:89:d4:76:98:01:
                    8e:7e:82:30:d6:60:2f:cb:0f:99:fb:0b:c0:1d:d8:
                    58:f4:81:8f:f3:e9:a6:2e:3a:68:91:bc:f9:82:ac:
                    d8:cb:73:9d:2c:9e:53:d9:26:3f:ab:9d:cd:7c:ea:
                    87:38:5a:3a:2a:36:b9:50:21:e9:26:a5:ce:85:4d:
                    54:63:6b:8b:96:20:22:7f:8e:d4:74:45:56:82:64:
                    66:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:E6:EF:98:74:A9:12:51:51:09:85:2D:0E:22:51:DF:DB:1B:B7:82
            X509v3 Authority Key Identifier:
                keyid:D6:57:29:21:4D:0F:6B:3F:A5:1A:1A:38:03:7D:AB:8D:E4:8E:05:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1lcpIU0Paz-lGho4A32rjeSOBVg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:bd:86:b1:f6:7d:96:14:6b:4a:60:e8:f2:3c:79:dd:4a:fc:
         72:71:36:0a:63:a0:fa:1c:e2:94:49:02:9e:dc:5a:6c:25:86:
         5a:d7:3e:5e:8a:75:90:cc:70:46:fd:79:45:5c:f9:14:f1:33:
         fb:f8:c3:75:2d:8b:22:76:e8:71:7a:aa:aa:6a:4e:10:39:2f:
         cf:96:b9:16:ee:94:c6:be:78:ae:61:c4:0a:f4:80:d3:ec:d1:
         46:7a:7e:91:fa:72:7e:cd:3c:ac:83:97:51:1e:7c:58:8a:b1:
         c0:d5:11:52:da:0f:55:89:6e:a7:5a:40:a4:66:dc:37:de:58:
         b4:62:43:96:5a:a6:ae:f2:da:fd:74:b8:86:c6:07:25:1d:50:
         bc:80:e4:07:b8:11:0f:1b:58:e1:4f:70:89:0a:e1:3f:fa:2e:
         62:77:84:7e:fb:d2:75:4a:4b:d2:4f:7b:75:24:6c:4d:8d:16:
         80:b4:a7:25:85:c3:fd:a6:d9:e1:57:52:79:49:57:a2:d9:a5:
         0f:8b:ed:2d:df:95:9c:ff:3b:c8:e6:94:28:f1:4e:6c:03:56:
         37:c0:6d:8f:a4:d7:d7:2c:47:6e:87:c0:97:f9:75:99:8e:ef:
         8e:66:36:1a:07:07:30:d5:05:39:17:2d:f3:73:ad:bc:17:e2:
         2e:04:a8:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh8QJFQyeYCrq/KNNrPtOtiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2NTcyOTIxNGQwZjZiM2ZhNTFhMWEzODAzN2RhYjhkZTQ4
ZTA1NTgwHhcNMjUwODA1MjIwMTAyWhcNMjUwODA2MjIwMTAyWjAzMTEwLwYDVQQD
EygzMmU2ZWY5ODc0YTkxMjUxNTEwOTg1MmQwZTIyNTFkZmRiMWJiNzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzp80cAv2ibC9CT4oULFgmTPxmdGI
EeSVYSM8azQnb2od7ZtWw6Fn/knI5dLsqa4RM6v5S2WjduWBdXKTnVldxOFCK4p3
iO2fYqiZfSHPejle8ekcg0+4010X52/aaNCYPQwOxhgGBSeivouiY5nXOPohb4z+
nK44HqgS+lMC7xIC33zTJt8J1dfIpuJl4L0DMQLoASv46KpGpd/m8jPBwhxyzt2F
bghTFyZM35m0idR2mAGOfoIw1mAvyw+Z+wvAHdhY9IGP8+mmLjpokbz5gqzYy3Od
LJ5T2SY/q53NfOqHOFo6Kja5UCHpJqXOhU1UY2uLliAif47UdEVWgmRmYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDLm75h0qRJRUQmFLQ4iUd/bG7eCMB8GA1UdIwQY
MBaAFNZXKSFND2s/pRoaOAN9q43kjgVYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWxjcElVMFBhei1sR2hvNEEzMnJqZVNPQlZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8wODViZDMtYzM0Zi00OGNmLTlhNzMt
ZWM0M2ZkNmMyMjdhLzEvMWxjcElVMFBhei1sR2hvNEEzMnJqZVNPQlZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8wODViZDMtYzM0Zi00OGNmLTlhNzMtZWM0M2ZkNmMyMjdh
LzEvMWxjcElVMFBhei1sR2hvNEEzMnJqZVNPQlZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG72GsfZ9
lhRrSmDo8jx53Ur8cnE2CmOg+hzilEkCntxabCWGWtc+Xop1kMxwRv15RVz5FPEz
+/jDdS2LInbocXqqqmpOEDkvz5a5Fu6Uxr54rmHECvSA0+zRRnp+kfpyfs08rIOX
UR58WIqxwNURUtoPVYlup1pApGbcN95YtGJDllqmrvLa/XS4hsYHJR1QvIDkB7gR
DxtY4U9wiQrhP/ouYneEfvvSdUpL0k97dSRsTY0WgLSnJYXD/abZ4VdSeUlXotml
D4vtLd+VnP87yOaUKPFObANWN8Btj6TX1yxHbofAl/l1mY7vjmY2GgcHMNUFORct
83OtvBfiLgSo/w==
-----END CERTIFICATE-----