Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
File:                     Lokc9xG_fhxC4ILWoviaBL7rldE.mft (raw, json)
Hash identifier:          NHWoQafM36mx7un8QaUcBERDPKQeRFV8BT7AQNzaJaA=
Subject key identifier:   79:AD:40:16:9C:0F:71:81:F4:32:29:DD:DA:57:F5:55:18:C5:20:41
Authority key identifier: 2E:89:1C:F7:11:BF:7E:1C:42:E0:82:D6:A2:F8:9A:04:BE:EB:95:D1
Certificate issuer:       /CN=2e891cf711bf7e1c42e082d6a2f89a04beeb95d1
Certificate serial:       0198A0F1EBED2BEB5D0FDB4D074165BDF78C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
Manifest number:          0232
Signing time:             Wed 13 Aug 2025 01:01:05 +0000
Manifest this update:     Wed 13 Aug 2025 01:01:05 +0000
Manifest next update:     Thu 14 Aug 2025 01:01:05 +0000
Files and hashes:         1: Lokc9xG_fhxC4ILWoviaBL7rldE.crl (hash: zchC10PUibP8+ktw0ZxIeUT6hgXrDD9UbITT2WBjyHI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 22:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:a0:f1:eb:ed:2b:eb:5d:0f:db:4d:07:41:65:bd:f7:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e891cf711bf7e1c42e082d6a2f89a04beeb95d1
        Validity
            Not Before: Aug 13 01:01:05 2025 GMT
            Not After : Aug 14 01:01:05 2025 GMT
        Subject: CN=79ad40169c0f7181f43229ddda57f55518c52041
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:fe:b1:41:19:78:28:09:66:1b:90:aa:e6:18:
                    eb:b9:d7:3f:87:6d:ea:9c:8d:90:ec:1c:59:26:25:
                    6b:71:c4:2b:d1:34:ce:1e:b4:de:61:e0:05:c6:a2:
                    45:d1:36:c9:52:90:5a:b5:7e:fb:69:a7:5e:46:f1:
                    b1:00:a9:0a:17:59:08:c4:02:03:56:08:ae:f9:e8:
                    37:c0:b6:d7:77:8b:a2:54:4b:76:87:60:fe:88:76:
                    1b:1c:c6:78:05:7d:f3:99:d8:1a:14:47:41:8b:5d:
                    8f:32:a5:8b:1c:45:f0:15:9d:55:10:40:9f:bd:7b:
                    f8:3a:10:77:fa:13:22:8c:6c:5e:5a:21:8f:db:71:
                    c1:63:a9:19:91:80:39:5b:56:f4:eb:d1:ac:a4:c5:
                    85:61:20:55:ac:01:b9:a5:b1:f4:ed:43:81:4d:d7:
                    54:0e:07:d0:23:15:74:a2:d5:60:ab:2e:f7:48:4d:
                    90:df:d0:08:67:d8:22:2a:19:a5:04:c7:40:b5:c4:
                    95:71:27:05:fd:11:5d:f9:a5:b9:47:34:f0:b5:7d:
                    6f:b7:4b:d6:6a:3b:17:04:32:b8:d3:71:6c:ab:63:
                    23:ae:82:cc:fc:af:52:82:2e:35:f1:33:4c:a7:72:
                    85:34:94:31:a0:d3:39:af:35:79:99:43:b9:05:49:
                    4c:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:AD:40:16:9C:0F:71:81:F4:32:29:DD:DA:57:F5:55:18:C5:20:41
            X509v3 Authority Key Identifier:
                keyid:2E:89:1C:F7:11:BF:7E:1C:42:E0:82:D6:A2:F8:9A:04:BE:EB:95:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:c4:38:4d:5a:85:50:a4:a6:f0:0b:7c:c5:ec:bd:27:af:30:
         03:4e:cd:c9:e7:12:40:5c:46:8d:98:4a:fa:12:55:f3:e7:df:
         56:fc:b6:15:c5:19:91:a5:fd:82:92:5c:51:a5:40:92:e1:81:
         ec:53:f9:a7:89:cd:49:ea:3d:f6:ae:fe:0e:cb:c9:6b:4d:95:
         1f:0f:8e:bc:12:cc:5b:3f:86:f0:ea:7d:00:5b:2b:2e:fd:fb:
         73:c9:aa:2d:b8:1e:4f:8a:d1:f9:93:34:d3:b9:17:38:f2:ff:
         06:09:66:5d:0c:1c:de:10:90:35:2b:0a:61:61:a3:b4:e7:4a:
         fd:5f:5e:73:01:97:92:b5:3c:0f:cc:c9:2f:3e:c6:3c:5d:38:
         73:49:7d:e5:d1:85:f4:72:72:a9:53:9d:30:e0:38:36:75:e3:
         fb:ba:52:84:22:58:c7:f9:41:81:3a:e9:d4:fe:5b:40:65:75:
         40:5c:d9:65:0c:ed:f8:7d:1f:fc:2a:99:a1:30:0f:ef:da:34:
         65:d7:b7:54:a3:15:bb:e3:01:d9:1a:7b:6d:14:07:ef:b9:f1:
         24:4f:34:05:e4:44:e2:a8:22:b0:48:4e:73:55:c2:b1:cd:d8:
         48:0a:da:17:ce:f4:92:6f:d7:4e:cc:05:fd:a4:1b:4c:44:41:
         15:cb:23:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZig8evtK+tdD9tNB0FlvfeMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODkxY2Y3MTFiZjdlMWM0MmUwODJkNmEyZjg5YTA0YmVl
Yjk1ZDEwHhcNMjUwODEzMDEwMTA1WhcNMjUwODE0MDEwMTA1WjAzMTEwLwYDVQQD
Eyg3OWFkNDAxNjljMGY3MTgxZjQzMjI5ZGRkYTU3ZjU1NTE4YzUyMDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/6xQRl4KAlmG5Cq5hjrudc/h23q
nI2Q7BxZJiVrccQr0TTOHrTeYeAFxqJF0TbJUpBatX77aadeRvGxAKkKF1kIxAID
Vgiu+eg3wLbXd4uiVEt2h2D+iHYbHMZ4BX3zmdgaFEdBi12PMqWLHEXwFZ1VEECf
vXv4OhB3+hMijGxeWiGP23HBY6kZkYA5W1b069GspMWFYSBVrAG5pbH07UOBTddU
DgfQIxV0otVgqy73SE2Q39AIZ9giKhmlBMdAtcSVcScF/RFd+aW5RzTwtX1vt0vW
ajsXBDK403Fsq2MjroLM/K9Sgi418TNMp3KFNJQxoNM5rzV5mUO5BUlM3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHmtQBacD3GB9DIp3dpX9VUYxSBBMB8GA1UdIwQY
MBaAFC6JHPcRv34cQuCC1qL4mgS+65XRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS81MGI1NTAtZjg1ZS00ODliLTg0NzMt
ZTAzNjUzODFiYjg1LzEvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS81MGI1NTAtZjg1ZS00ODliLTg0NzMtZTAzNjUzODFiYjg1
LzEvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjsQ4TVqF
UKSm8At8xey9J68wA07NyecSQFxGjZhK+hJV8+ffVvy2FcUZkaX9gpJcUaVAkuGB
7FP5p4nNSeo99q7+DsvJa02VHw+OvBLMWz+G8Op9AFsrLv37c8mqLbgeT4rR+ZM0
07kXOPL/BglmXQwc3hCQNSsKYWGjtOdK/V9ecwGXkrU8D8zJLz7GPF04c0l95dGF
9HJyqVOdMOA4NnXj+7pShCJYx/lBgTrp1P5bQGV1QFzZZQzt+H0f/CqZoTAP79o0
Zde3VKMVu+MB2Rp7bRQH77nxJE80BeRE4qgisEhOc1XCsc3YSAraF870km/XTswF
/aQbTERBFcsjVw==
-----END CERTIFICATE-----