Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft
File:                     l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft (raw, json)
Hash identifier:          JMOCMW1ZjYNgDkdkmjNef/zdtc5ifPfxOSlu01O2P28=
Subject key identifier:   FD:9E:86:4B:C6:0F:0F:C4:C5:22:B9:05:C4:8D:4E:05:1A:6E:D8:E1
Authority key identifier: 97:57:7F:84:18:8E:28:3F:DB:5D:7A:6F:CC:CC:48:56:C1:99:49:B8
Certificate issuer:       /CN=97577f84188e283fdb5d7a6fcccc4856c19949b8
Certificate serial:       019881D5A6BD1802F67A3BE33326FCA22836
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l1d_hBiOKD_bXXpvzMxIVsGZSbg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft
Manifest number:          1619
Signing time:             Thu 07 Aug 2025 00:01:59 +0000
Manifest this update:     Thu 07 Aug 2025 00:01:59 +0000
Manifest next update:     Fri 08 Aug 2025 00:01:59 +0000
Files and hashes:         1: l1d_hBiOKD_bXXpvzMxIVsGZSbg.crl (hash: shgPKFHsJnCl5mnQB4Rg3pwqiLvjDK1N3BWWD532G8c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/l1d_hBiOKD_bXXpvzMxIVsGZSbg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 08 Aug 2025 00:01:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:81:d5:a6:bd:18:02:f6:7a:3b:e3:33:26:fc:a2:28:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97577f84188e283fdb5d7a6fcccc4856c19949b8
        Validity
            Not Before: Aug  7 00:01:59 2025 GMT
            Not After : Aug  8 00:01:59 2025 GMT
        Subject: CN=fd9e864bc60f0fc4c522b905c48d4e051a6ed8e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:fd:75:8b:29:c5:1d:7e:f8:7e:7e:ab:9d:56:
                    26:d1:f6:84:5e:90:5c:e5:0c:d7:9d:02:e1:9f:c4:
                    75:f2:90:25:a8:a8:ed:c4:70:b2:39:71:f0:51:b8:
                    55:d2:68:be:02:03:ca:5f:32:af:ff:ce:71:00:5b:
                    37:29:c1:fd:ce:ed:bf:72:21:d9:9d:57:27:a5:cd:
                    af:9f:fb:9f:47:78:6f:6c:86:ab:73:31:8b:dd:c5:
                    be:0a:22:af:32:d4:d2:59:2d:e1:d3:db:99:0f:c5:
                    62:76:4e:16:72:5a:56:46:a9:2d:91:bc:69:12:3c:
                    78:d7:c6:18:8b:95:28:78:6a:aa:bb:a7:a2:df:eb:
                    4a:96:c1:cf:d0:71:f9:aa:16:cd:e9:6a:f6:48:c9:
                    bd:26:ab:89:de:fd:1d:00:bb:87:0a:3c:f7:0f:0d:
                    ca:a1:41:57:5f:35:bb:52:f4:56:f7:12:bd:7e:bc:
                    6b:bc:8c:4f:19:51:40:f2:3d:84:ba:96:a5:19:bd:
                    7e:4a:36:65:4d:f2:67:4f:46:cb:25:36:ba:4f:59:
                    03:d6:69:50:79:38:bc:2e:99:37:f3:bc:9c:a8:96:
                    9a:a2:0a:22:61:a1:6e:ca:9c:97:00:f6:da:f8:3b:
                    ee:e7:ce:6b:30:7e:3e:5b:c0:af:7f:81:ca:9f:7f:
                    3b:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:9E:86:4B:C6:0F:0F:C4:C5:22:B9:05:C4:8D:4E:05:1A:6E:D8:E1
            X509v3 Authority Key Identifier:
                keyid:97:57:7F:84:18:8E:28:3F:DB:5D:7A:6F:CC:CC:48:56:C1:99:49:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l1d_hBiOKD_bXXpvzMxIVsGZSbg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:75:35:57:d6:8d:8f:e2:de:fe:df:99:6d:b9:b3:73:4b:a6:
         f3:e2:62:e0:39:dd:51:e8:b4:70:5d:f8:46:0c:07:d0:b3:65:
         71:b2:dc:f2:4e:59:cf:d7:55:15:27:53:e5:11:1e:88:5d:c6:
         65:f3:c1:bb:5f:a7:c1:aa:26:b5:e2:16:8f:b8:17:72:44:bd:
         6d:d0:b6:09:ed:85:ee:a9:90:12:f7:26:12:9a:50:25:ed:dd:
         94:1f:d2:fe:35:25:21:42:41:c5:c3:74:15:65:e5:9c:06:17:
         65:63:35:90:2d:d7:ba:e7:f8:8e:2e:2a:5c:3a:11:f3:5d:77:
         ce:d3:0a:99:fb:d2:7b:93:87:0d:38:bc:1d:4b:fb:c3:a9:24:
         aa:a1:10:3e:e2:88:4f:db:0b:8f:da:98:a0:a8:b5:30:ce:ba:
         39:6d:70:ea:16:c5:9e:9f:6c:2c:9c:c6:9a:62:91:32:1a:85:
         fa:df:83:33:bb:13:31:8b:c5:1d:2d:12:51:e2:c2:ba:2d:82:
         05:68:7e:02:27:97:14:28:3f:13:46:b1:c7:7e:1b:30:58:b0:
         8d:51:5d:7d:5b:87:b4:b1:ea:ef:35:e9:10:c4:0c:7c:98:42:
         5e:af:64:f5:f4:d6:3f:96:e0:99:af:7a:2e:c9:34:aa:15:ce:
         c3:68:36:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiB1aa9GAL2ejvjMyb8oig2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NTc3Zjg0MTg4ZTI4M2ZkYjVkN2E2ZmNjY2M0ODU2YzE5
OTQ5YjgwHhcNMjUwODA3MDAwMTU5WhcNMjUwODA4MDAwMTU5WjAzMTEwLwYDVQQD
EyhmZDllODY0YmM2MGYwZmM0YzUyMmI5MDVjNDhkNGUwNTFhNmVkOGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsP11iynFHX74fn6rnVYm0faEXpBc
5QzXnQLhn8R18pAlqKjtxHCyOXHwUbhV0mi+AgPKXzKv/85xAFs3KcH9zu2/ciHZ
nVcnpc2vn/ufR3hvbIarczGL3cW+CiKvMtTSWS3h09uZD8Vidk4WclpWRqktkbxp
Ejx418YYi5UoeGqqu6ei3+tKlsHP0HH5qhbN6Wr2SMm9JquJ3v0dALuHCjz3Dw3K
oUFXXzW7UvRW9xK9frxrvIxPGVFA8j2EupalGb1+SjZlTfJnT0bLJTa6T1kD1mlQ
eTi8Lpk387ycqJaaogoiYaFuypyXAPba+Dvu585rMH4+W8Cvf4HKn387zwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP2ehkvGDw/ExSK5BcSNTgUabtjhMB8GA1UdIwQY
MBaAFJdXf4QYjig/2116b8zMSFbBmUm4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDFkX2hCaU9LRF9iWFhwdnpNeElWc0daU2JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9iMzg0YmEtNDBlYy00MmE0LTgzMzAt
YTFhNjRiNDlmYTUwLzEvbDFkX2hCaU9LRF9iWFhwdnpNeElWc0daU2JnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9iMzg0YmEtNDBlYy00MmE0LTgzMzAtYTFhNjRiNDlmYTUw
LzEvbDFkX2hCaU9LRF9iWFhwdnpNeElWc0daU2JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUnU1V9aN
j+Le/t+Zbbmzc0um8+Ji4DndUei0cF34RgwH0LNlcbLc8k5Zz9dVFSdT5REeiF3G
ZfPBu1+nwaomteIWj7gXckS9bdC2Ce2F7qmQEvcmEppQJe3dlB/S/jUlIUJBxcN0
FWXlnAYXZWM1kC3Xuuf4ji4qXDoR8113ztMKmfvSe5OHDTi8HUv7w6kkqqEQPuKI
T9sLj9qYoKi1MM66OW1w6hbFnp9sLJzGmmKRMhqF+t+DM7sTMYvFHS0SUeLCui2C
BWh+AieXFCg/E0axx34bMFiwjVFdfVuHtLHq7zXpEMQMfJhCXq9k9fTWP5bgma96
Lsk0qhXOw2g2VA==
-----END CERTIFICATE-----