Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
File:                     Lokc9xG_fhxC4ILWoviaBL7rldE.mft (raw, json)
Hash identifier:          Hrmv1XhkF+P9b0KCG2vwLXZhjpjTcm6myPVw266GxH0=
Subject key identifier:   28:06:98:50:DF:16:1F:A1:8C:C1:C7:10:71:2A:21:9A:9F:8E:E9:15
Authority key identifier: 2E:89:1C:F7:11:BF:7E:1C:42:E0:82:D6:A2:F8:9A:04:BE:EB:95:D1
Certificate issuer:       /CN=2e891cf711bf7e1c42e082d6a2f89a04beeb95d1
Certificate serial:       01978EB6D9D6B63AF75C2822468E76B9B10F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
Manifest number:          01A4
Signing time:             Fri 20 Jun 2025 19:00:37 +0000
Manifest this update:     Fri 20 Jun 2025 19:00:37 +0000
Manifest next update:     Sat 21 Jun 2025 19:00:37 +0000
Files and hashes:         1: Lokc9xG_fhxC4ILWoviaBL7rldE.crl (hash: RMygVT8rtSNAOS1Az40h7s++McyGxoBN0tRrZjpKBhY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 21 Jun 2025 13:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:8e:b6:d9:d6:b6:3a:f7:5c:28:22:46:8e:76:b9:b1:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e891cf711bf7e1c42e082d6a2f89a04beeb95d1
        Validity
            Not Before: Jun 20 19:00:37 2025 GMT
            Not After : Jun 21 19:00:37 2025 GMT
        Subject: CN=28069850df161fa18cc1c710712a219a9f8ee915
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:7f:e3:e1:10:68:37:18:53:17:6d:17:fd:f0:
                    3e:31:00:c4:02:40:7d:2c:b3:e9:f1:c7:3a:fd:b6:
                    97:66:b8:dd:7d:01:4a:a5:7c:46:84:8b:30:b7:fe:
                    95:32:f9:14:c9:e1:dc:06:f3:5d:38:52:93:4d:fe:
                    05:7e:df:30:1e:60:a8:b8:5a:bc:08:bb:16:48:64:
                    66:1f:14:96:63:88:85:f2:99:b8:74:03:8a:65:cf:
                    db:fc:2f:9a:f1:40:ed:9e:28:d4:8e:80:cf:ff:e5:
                    ac:a7:34:66:86:ed:53:63:fc:9a:e6:24:2d:aa:40:
                    6b:70:60:12:a0:01:de:17:ba:c8:73:e4:52:11:fe:
                    85:19:23:74:44:67:df:31:e1:f9:91:6b:ad:1a:b6:
                    56:44:e0:b8:63:df:b1:05:99:e6:d4:60:34:61:42:
                    e2:1b:a4:89:35:54:fe:3f:29:d4:f8:4b:42:3b:01:
                    a9:ad:21:1a:8a:33:a7:39:1f:fd:21:53:9e:c2:66:
                    c8:a0:0b:84:4f:33:16:c6:25:21:0b:2b:27:b2:29:
                    a4:ec:a3:71:7b:cb:44:64:6d:b2:f5:54:0d:fe:4d:
                    eb:18:e9:48:d0:cd:97:a6:0b:9b:e9:07:8a:e6:96:
                    6f:42:2a:de:f1:cb:c7:c0:8c:5e:ac:ce:97:1b:0e:
                    c2:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:06:98:50:DF:16:1F:A1:8C:C1:C7:10:71:2A:21:9A:9F:8E:E9:15
            X509v3 Authority Key Identifier:
                keyid:2E:89:1C:F7:11:BF:7E:1C:42:E0:82:D6:A2:F8:9A:04:BE:EB:95:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:3a:b4:a5:0e:c4:29:e5:64:12:b0:61:ed:63:e6:9b:4a:63:
         54:d2:1f:a6:cf:25:df:00:ba:6a:01:6b:13:ee:8e:aa:f7:b0:
         b9:5e:a2:c1:24:5b:23:d5:4b:5d:1e:e5:e1:9a:62:c5:7f:82:
         1e:cd:4a:23:a8:96:be:e1:7d:16:89:ce:5f:23:04:8d:16:7e:
         8f:58:26:b1:4d:82:8b:c3:05:1b:58:64:93:37:e4:06:4b:da:
         9b:a0:f6:c0:f6:63:96:f8:3b:89:13:16:63:5d:2c:8a:a4:79:
         c3:7a:77:10:fe:04:50:55:bb:4b:31:0f:21:74:9e:ac:d3:35:
         68:8f:c2:40:4e:44:21:c2:e1:e2:81:92:2e:ad:85:fd:8d:48:
         b8:fa:09:85:f7:a9:44:fc:03:40:26:b0:d7:40:96:be:63:52:
         eb:8d:64:90:a9:ca:68:2e:b1:fb:bf:9f:41:ad:dc:a2:d5:f3:
         b5:69:54:f1:6d:35:db:47:03:bd:22:8f:6a:fb:59:be:99:5d:
         9a:66:f9:4d:ad:80:a9:3c:80:2e:5d:4f:37:60:96:40:57:b6:
         13:c8:c8:2c:8e:15:51:af:2b:cd:b6:a8:3a:e5:b1:c6:23:a5:
         5b:b2:db:d0:98:a9:83:61:85:74:f9:b2:e3:2d:72:97:70:dc:
         9d:a9:0e:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZeOttnWtjr3XCgiRo52ubEPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODkxY2Y3MTFiZjdlMWM0MmUwODJkNmEyZjg5YTA0YmVl
Yjk1ZDEwHhcNMjUwNjIwMTkwMDM3WhcNMjUwNjIxMTkwMDM3WjAzMTEwLwYDVQQD
EygyODA2OTg1MGRmMTYxZmExOGNjMWM3MTA3MTJhMjE5YTlmOGVlOTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxX/j4RBoNxhTF20X/fA+MQDEAkB9
LLPp8cc6/baXZrjdfQFKpXxGhIswt/6VMvkUyeHcBvNdOFKTTf4Fft8wHmCouFq8
CLsWSGRmHxSWY4iF8pm4dAOKZc/b/C+a8UDtnijUjoDP/+WspzRmhu1TY/ya5iQt
qkBrcGASoAHeF7rIc+RSEf6FGSN0RGffMeH5kWutGrZWROC4Y9+xBZnm1GA0YULi
G6SJNVT+PynU+EtCOwGprSEaijOnOR/9IVOewmbIoAuETzMWxiUhCysnsimk7KNx
e8tEZG2y9VQN/k3rGOlI0M2Xpgub6QeK5pZvQire8cvHwIxerM6XGw7CDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCgGmFDfFh+hjMHHEHEqIZqfjukVMB8GA1UdIwQY
MBaAFC6JHPcRv34cQuCC1qL4mgS+65XRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS81MGI1NTAtZjg1ZS00ODliLTg0NzMt
ZTAzNjUzODFiYjg1LzEvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS81MGI1NTAtZjg1ZS00ODliLTg0NzMtZTAzNjUzODFiYjg1
LzEvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhjq0pQ7E
KeVkErBh7WPmm0pjVNIfps8l3wC6agFrE+6OqvewuV6iwSRbI9VLXR7l4ZpixX+C
Hs1KI6iWvuF9FonOXyMEjRZ+j1gmsU2Ci8MFG1hkkzfkBkvam6D2wPZjlvg7iRMW
Y10siqR5w3p3EP4EUFW7SzEPIXSerNM1aI/CQE5EIcLh4oGSLq2F/Y1IuPoJhfep
RPwDQCaw10CWvmNS641kkKnKaC6x+7+fQa3cotXztWlU8W0120cDvSKPavtZvpld
mmb5Ta2AqTyALl1PN2CWQFe2E8jILI4VUa8rzbaoOuWxxiOlW7Lb0Jipg2GFdPmy
4y1yl3DcnakOMw==
-----END CERTIFICATE-----