Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft
File:                     lPO2Epw0Od376Q21BkyAZt6GSnI.mft (raw, json)
Hash identifier:          JppUk1UdluFRG/ivMM33P3E2QylUioNHzeB0AvxTMQ8=
Subject key identifier:   E0:C6:85:96:9F:18:D6:E0:97:9C:BC:8F:47:E4:46:F0:35:16:F4:33
Authority key identifier: 94:F3:B6:12:9C:34:39:DD:FB:E9:0D:B5:06:4C:80:66:DE:86:4A:72
Certificate issuer:       /CN=94f3b6129c3439ddfbe90db5064c8066de864a72
Certificate serial:       019883FA7E7DADE150666E5D780C029043A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft
Manifest number:          0533
Signing time:             Thu 07 Aug 2025 10:01:28 +0000
Manifest this update:     Thu 07 Aug 2025 10:01:28 +0000
Manifest next update:     Fri 08 Aug 2025 10:01:28 +0000
Files and hashes:         1: lPO2Epw0Od376Q21BkyAZt6GSnI.crl (hash: BF2hzBuZPVxzR43ZhOj1mOgy3gNOTA1c5HCFtm2ELNE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 08 Aug 2025 10:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:83:fa:7e:7d:ad:e1:50:66:6e:5d:78:0c:02:90:43:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94f3b6129c3439ddfbe90db5064c8066de864a72
        Validity
            Not Before: Aug  7 10:01:28 2025 GMT
            Not After : Aug  8 10:01:28 2025 GMT
        Subject: CN=e0c685969f18d6e0979cbc8f47e446f03516f433
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:2a:bf:6f:c2:85:1f:56:9e:b3:5d:74:85:ab:
                    ff:7b:0c:89:a8:12:c9:4c:16:25:e1:62:51:39:79:
                    cd:d4:3e:7d:9a:5b:f5:ce:d4:84:4d:76:34:ea:1f:
                    c7:4b:30:9f:35:5b:de:ff:b5:e7:a0:1f:29:85:5e:
                    47:7d:51:b6:53:f4:0d:e5:4f:85:6a:0f:84:b1:16:
                    ef:7e:9b:f4:44:d7:dc:b0:54:f4:93:6a:fc:a9:61:
                    bd:d7:94:94:66:56:ef:b9:dc:96:09:08:cc:e3:f9:
                    36:c4:6f:1d:09:b7:ea:03:28:55:54:bd:a2:e2:fb:
                    41:71:2f:69:4a:d8:c1:1f:e2:f4:4b:cb:a6:0c:4d:
                    19:12:35:1e:05:23:ad:54:11:8d:6d:d4:1f:0d:d5:
                    54:52:be:22:be:91:a1:43:69:90:40:21:99:f2:cc:
                    4f:b0:d4:cb:51:b7:1f:d2:1e:38:65:94:9a:f0:49:
                    af:08:97:53:18:f3:98:94:b0:bd:3a:4a:71:cc:db:
                    ff:74:af:bb:98:c7:3a:64:15:66:2c:fa:1b:aa:a1:
                    58:90:6a:78:1f:0b:98:46:59:e1:68:ff:8f:ef:ab:
                    f8:b0:84:ca:c0:d7:4d:2e:90:0a:b5:30:2e:fd:18:
                    40:1d:03:10:3b:fc:fa:d5:44:f1:77:0f:96:53:cb:
                    97:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:C6:85:96:9F:18:D6:E0:97:9C:BC:8F:47:E4:46:F0:35:16:F4:33
            X509v3 Authority Key Identifier:
                keyid:94:F3:B6:12:9C:34:39:DD:FB:E9:0D:B5:06:4C:80:66:DE:86:4A:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:4e:1b:d3:03:3f:01:f5:40:b0:bf:63:12:7c:28:76:10:a7:
         40:bc:91:07:c9:93:8e:01:a1:ac:ee:c9:16:05:0f:e5:f4:ec:
         10:f2:f9:ad:a1:e3:60:7b:9a:1e:11:8a:1b:aa:61:35:88:a2:
         65:26:c5:46:51:b0:34:82:7d:65:21:4d:8d:8a:dd:29:41:e3:
         e4:f6:8b:1a:79:4a:14:07:1e:5a:ce:22:31:da:12:ce:4e:e9:
         c3:a9:cb:bc:5c:6d:93:90:a8:b0:9d:32:c7:98:31:7c:2b:96:
         29:71:02:f2:bb:dd:f0:8b:9c:76:84:16:9a:ae:c6:d7:88:99:
         24:f8:ee:9d:88:87:fa:27:a1:79:07:ed:60:2b:68:93:e3:2a:
         bf:da:4a:eb:04:64:92:77:c8:16:04:5d:08:db:78:8c:eb:af:
         1a:4f:39:51:9c:fb:30:7a:c6:62:06:1c:67:c3:f1:15:b8:ff:
         5b:65:00:3c:8b:0a:ce:82:b1:d7:22:00:1e:99:aa:93:c1:79:
         f9:c1:99:fd:6a:0b:4b:88:d8:d9:39:dd:c1:68:0b:fb:d9:8b:
         06:3e:ff:68:c7:c4:33:07:b8:e2:80:fa:f2:5c:85:cb:2f:f9:
         f0:8f:2c:00:ad:bf:86:8f:09:1e:a0:3a:45:00:8a:bb:49:ee:
         16:b7:6f:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiD+n59reFQZm5deAwCkEOiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZjNiNjEyOWMzNDM5ZGRmYmU5MGRiNTA2NGM4MDY2ZGU4
NjRhNzIwHhcNMjUwODA3MTAwMTI4WhcNMjUwODA4MTAwMTI4WjAzMTEwLwYDVQQD
EyhlMGM2ODU5NjlmMThkNmUwOTc5Y2JjOGY0N2U0NDZmMDM1MTZmNDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Cq/b8KFH1aes110hav/ewyJqBLJ
TBYl4WJROXnN1D59mlv1ztSETXY06h/HSzCfNVve/7XnoB8phV5HfVG2U/QN5U+F
ag+EsRbvfpv0RNfcsFT0k2r8qWG915SUZlbvudyWCQjM4/k2xG8dCbfqAyhVVL2i
4vtBcS9pStjBH+L0S8umDE0ZEjUeBSOtVBGNbdQfDdVUUr4ivpGhQ2mQQCGZ8sxP
sNTLUbcf0h44ZZSa8EmvCJdTGPOYlLC9OkpxzNv/dK+7mMc6ZBVmLPobqqFYkGp4
HwuYRlnhaP+P76v4sITKwNdNLpAKtTAu/RhAHQMQO/z61UTxdw+WU8uX8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFODGhZafGNbgl5y8j0fkRvA1FvQzMB8GA1UdIwQY
MBaAFJTzthKcNDnd++kNtQZMgGbehkpyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9kNDM1NzItYWQ5MS00NGFkLWFmYTEt
YjMzODJlNGFhN2MzLzEvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9kNDM1NzItYWQ5MS00NGFkLWFmYTEtYjMzODJlNGFhN2Mz
LzEvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAck4b0wM/
AfVAsL9jEnwodhCnQLyRB8mTjgGhrO7JFgUP5fTsEPL5raHjYHuaHhGKG6phNYii
ZSbFRlGwNIJ9ZSFNjYrdKUHj5PaLGnlKFAceWs4iMdoSzk7pw6nLvFxtk5CosJ0y
x5gxfCuWKXEC8rvd8IucdoQWmq7G14iZJPjunYiH+ieheQftYCtok+Mqv9pK6wRk
knfIFgRdCNt4jOuvGk85UZz7MHrGYgYcZ8PxFbj/W2UAPIsKzoKx1yIAHpmqk8F5
+cGZ/WoLS4jY2TndwWgL+9mLBj7/aMfEMwe44oD68lyFyy/58I8sAK2/ho8JHqA6
RQCKu0nuFrdvAw==
-----END CERTIFICATE-----