Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/e1f171-a889-4395-9cfc-0805419d721a/1/lnRtO9Pi3eYWQCDesLXYkixkdm0.mft
File:                     lnRtO9Pi3eYWQCDesLXYkixkdm0.mft (raw, json)
Hash identifier:          mArDc6aenNFGFMbWPFPaHhnMe/L/zD27aNxJikukqSY=
Subject key identifier:   23:1E:C4:94:BE:C3:14:E4:D9:D0:F2:71:7B:9A:C8:57:40:ED:65:FD
Authority key identifier: 96:74:6D:3B:D3:E2:DD:E6:16:40:20:DE:B0:B5:D8:92:2C:64:76:6D
Certificate issuer:       /CN=96746d3bd3e2dde6164020deb0b5d8922c64766d
Certificate serial:       019872989DAC5C85EA5B06A007C7AD98E7B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lnRtO9Pi3eYWQCDesLXYkixkdm0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/e1f171-a889-4395-9cfc-0805419d721a/1/lnRtO9Pi3eYWQCDesLXYkixkdm0.mft
Manifest number:          02CC
Signing time:             Mon 04 Aug 2025 01:01:01 +0000
Manifest this update:     Mon 04 Aug 2025 01:01:01 +0000
Manifest next update:     Tue 05 Aug 2025 01:01:01 +0000
Files and hashes:         1: lnRtO9Pi3eYWQCDesLXYkixkdm0.crl (hash: J7bnr/7b8Jm1k+Dl7LWiN1pMdmRyIpP8iTlizzjTid4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/e1f171-a889-4395-9cfc-0805419d721a/1/lnRtO9Pi3eYWQCDesLXYkixkdm0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/e1f171-a889-4395-9cfc-0805419d721a/1/lnRtO9Pi3eYWQCDesLXYkixkdm0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lnRtO9Pi3eYWQCDesLXYkixkdm0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 01:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:72:98:9d:ac:5c:85:ea:5b:06:a0:07:c7:ad:98:e7:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=96746d3bd3e2dde6164020deb0b5d8922c64766d
        Validity
            Not Before: Aug  4 01:01:01 2025 GMT
            Not After : Aug  5 01:01:01 2025 GMT
        Subject: CN=231ec494bec314e4d9d0f2717b9ac85740ed65fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:51:87:c6:47:23:74:fb:77:a7:ed:e0:02:f9:
                    cd:a7:e5:b0:9f:09:eb:62:ab:7c:37:db:f6:4a:1b:
                    91:af:33:6f:61:1f:c2:88:2f:ad:b1:c8:8d:96:20:
                    34:6a:b6:ac:21:5a:5e:7a:17:c9:d6:b1:19:01:ad:
                    f6:eb:a8:98:e7:d2:2f:eb:71:fb:3d:ab:2f:45:26:
                    86:4b:33:84:ed:48:ad:e4:f5:20:7a:c3:cd:ba:2a:
                    7a:5b:ac:42:d6:9e:8e:d2:b5:3d:11:41:7c:b4:91:
                    da:02:50:56:79:3f:af:cf:30:12:22:75:af:f9:a1:
                    bd:ca:9d:c3:df:ab:5d:50:b9:d9:92:61:84:4f:22:
                    fd:80:f0:74:06:ff:df:db:7c:7c:4c:1a:2c:b3:40:
                    4f:6a:5a:b3:bd:a7:68:66:65:53:5f:df:9c:18:e6:
                    31:56:dc:31:4d:8b:db:37:5a:54:5f:ad:2f:8f:79:
                    0e:2e:a0:38:e7:93:5f:99:ea:69:36:7e:a3:7c:50:
                    b0:48:07:2a:10:5c:62:49:53:df:9c:af:b3:8f:7a:
                    c4:c8:9f:e1:9d:32:82:a9:72:c3:52:fc:a1:0e:1f:
                    2d:ad:39:a2:75:97:3f:ab:c6:25:03:a6:d1:10:cf:
                    0a:ad:f5:44:e9:2e:db:ba:a2:1e:75:6a:35:8f:e1:
                    67:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:1E:C4:94:BE:C3:14:E4:D9:D0:F2:71:7B:9A:C8:57:40:ED:65:FD
            X509v3 Authority Key Identifier:
                keyid:96:74:6D:3B:D3:E2:DD:E6:16:40:20:DE:B0:B5:D8:92:2C:64:76:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lnRtO9Pi3eYWQCDesLXYkixkdm0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/e1f171-a889-4395-9cfc-0805419d721a/1/lnRtO9Pi3eYWQCDesLXYkixkdm0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/e1f171-a889-4395-9cfc-0805419d721a/1/lnRtO9Pi3eYWQCDesLXYkixkdm0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:0c:34:ab:8f:94:db:9a:fa:cc:f5:d5:b2:81:fc:d3:ac:1b:
         dc:a3:09:3a:2b:9e:96:8a:bb:f8:5b:26:42:7d:ee:87:9e:b8:
         dd:e7:5c:0e:63:ba:00:87:a5:45:e2:f6:31:21:70:4f:fc:06:
         2c:04:1d:10:f2:d4:df:c0:0b:e7:4d:4a:82:7b:ea:7e:79:b3:
         c9:2b:89:0c:e3:79:8e:01:f7:fd:00:00:1c:08:e7:3d:3e:7f:
         83:3d:5d:b4:68:83:e6:89:68:e6:b5:71:ac:4b:de:3f:c1:e9:
         fd:7d:69:02:91:2f:a6:47:3f:f5:52:ea:ff:56:3c:b8:25:eb:
         ce:49:0b:51:f9:9a:a4:f4:7f:c6:ba:1b:c3:e8:c3:6d:ee:d4:
         3a:2b:fb:5a:6a:11:82:f9:3a:56:43:c8:81:3d:e2:63:b4:4e:
         b5:de:ef:3d:83:82:fd:48:46:8f:3e:d5:14:b3:6f:c2:dd:74:
         e2:60:be:3f:ca:a7:9c:0a:12:ec:19:8d:b2:22:7e:48:ed:5e:
         3a:24:a7:f7:b8:27:c8:0a:5f:ff:34:14:4f:df:0b:01:23:2b:
         21:15:6e:aa:dc:65:61:0b:c3:81:ed:25:93:2e:af:d7:f0:87:
         66:09:1b:9e:1b:62:f7:44:98:41:b1:0d:c2:07:41:83:8c:fa:
         67:dd:85:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhymJ2sXIXqWwagB8etmOezMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2NzQ2ZDNiZDNlMmRkZTYxNjQwMjBkZWIwYjVkODkyMmM2
NDc2NmQwHhcNMjUwODA0MDEwMTAxWhcNMjUwODA1MDEwMTAxWjAzMTEwLwYDVQQD
EygyMzFlYzQ5NGJlYzMxNGU0ZDlkMGYyNzE3YjlhYzg1NzQwZWQ2NWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFGHxkcjdPt3p+3gAvnNp+Wwnwnr
Yqt8N9v2ShuRrzNvYR/CiC+tsciNliA0arasIVpeehfJ1rEZAa3266iY59Iv63H7
PasvRSaGSzOE7Uit5PUgesPNuip6W6xC1p6O0rU9EUF8tJHaAlBWeT+vzzASInWv
+aG9yp3D36tdULnZkmGETyL9gPB0Bv/f23x8TBoss0BPalqzvadoZmVTX9+cGOYx
VtwxTYvbN1pUX60vj3kOLqA455NfmeppNn6jfFCwSAcqEFxiSVPfnK+zj3rEyJ/h
nTKCqXLDUvyhDh8trTmidZc/q8YlA6bREM8KrfVE6S7buqIedWo1j+FniQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCMexJS+wxTk2dDycXuayFdA7WX9MB8GA1UdIwQY
MBaAFJZ0bTvT4t3mFkAg3rC12JIsZHZtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbG5SdE85UGkzZVlXUUNEZXNMWFlraXhrZG0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9lMWYxNzEtYTg4OS00Mzk1LTljZmMt
MDgwNTQxOWQ3MjFhLzEvbG5SdE85UGkzZVlXUUNEZXNMWFlraXhrZG0wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9lMWYxNzEtYTg4OS00Mzk1LTljZmMtMDgwNTQxOWQ3MjFh
LzEvbG5SdE85UGkzZVlXUUNEZXNMWFlraXhrZG0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFgw0q4+U
25r6zPXVsoH806wb3KMJOiueloq7+FsmQn3uh5643edcDmO6AIelReL2MSFwT/wG
LAQdEPLU38AL501KgnvqfnmzySuJDON5jgH3/QAAHAjnPT5/gz1dtGiD5olo5rVx
rEveP8Hp/X1pApEvpkc/9VLq/1Y8uCXrzkkLUfmapPR/xrobw+jDbe7UOiv7WmoR
gvk6VkPIgT3iY7ROtd7vPYOC/UhGjz7VFLNvwt104mC+P8qnnAoS7BmNsiJ+SO1e
OiSn97gnyApf/zQUT98LASMrIRVuqtxlYQvDge0lky6v1/CHZgkbnhti90SYQbEN
wgdBg4z6Z92FIg==
-----END CERTIFICATE-----