Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/a7011a-6e15-4e9b-ba9e-32d79cc49f22/1/l0mtdlnaE07UgHT025NBzodRffQ.mft
File:                     l0mtdlnaE07UgHT025NBzodRffQ.mft (raw, json)
Hash identifier:          +vk1n9CY2SzEIcld53t+f2mMudkAeU1gMZ7SrC/p43I=
Subject key identifier:   02:AC:FE:CB:68:1A:B9:D7:B3:33:70:64:90:24:32:5D:C1:D5:77:E8
Authority key identifier: 97:49:AD:76:59:DA:13:4E:D4:80:74:F4:DB:93:41:CE:87:51:7D:F4
Certificate issuer:       /CN=9749ad7659da134ed48074f4db9341ce87517df4
Certificate serial:       01976F2BE2F44C6E67B3E583C92A55BB518B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l0mtdlnaE07UgHT025NBzodRffQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/a7011a-6e15-4e9b-ba9e-32d79cc49f22/1/l0mtdlnaE07UgHT025NBzodRffQ.mft
Manifest number:          1292
Signing time:             Sat 14 Jun 2025 16:00:36 +0000
Manifest this update:     Sat 14 Jun 2025 16:00:36 +0000
Manifest next update:     Sun 15 Jun 2025 16:00:36 +0000
Files and hashes:         1: l0mtdlnaE07UgHT025NBzodRffQ.crl (hash: 4PZKGtMNZjol73RdZEMogq691Oyz6L0HWiXDwz6jmvM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f2/a7011a-6e15-4e9b-ba9e-32d79cc49f22/1/l0mtdlnaE07UgHT025NBzodRffQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f2/a7011a-6e15-4e9b-ba9e-32d79cc49f22/1/l0mtdlnaE07UgHT025NBzodRffQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/l0mtdlnaE07UgHT025NBzodRffQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 16:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:2b:e2:f4:4c:6e:67:b3:e5:83:c9:2a:55:bb:51:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9749ad7659da134ed48074f4db9341ce87517df4
        Validity
            Not Before: Jun 14 16:00:36 2025 GMT
            Not After : Jun 15 16:00:36 2025 GMT
        Subject: CN=02acfecb681ab9d7b33370649024325dc1d577e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:71:14:c0:ae:f0:fe:5d:da:ea:3a:65:24:dd:
                    3c:5f:34:86:af:71:ea:33:39:8b:47:56:3d:cf:be:
                    c0:cd:96:2e:bf:91:95:ca:ee:6d:41:f7:88:84:ec:
                    b3:75:3b:45:09:91:93:0f:63:48:ba:63:fa:54:b2:
                    9b:a0:ea:70:6a:57:a4:7d:ea:73:26:fc:8c:0c:47:
                    8c:8d:74:e1:10:6e:37:5a:9e:04:f0:f7:b7:e2:5a:
                    8e:e0:2b:1e:88:cb:a6:c2:c6:b6:d6:62:42:e4:57:
                    06:9d:d9:9d:82:4e:7d:c4:b6:0e:18:c5:45:6f:f2:
                    a1:3a:38:24:1f:1b:2b:87:64:44:a7:83:5d:c9:d4:
                    01:f3:66:36:e1:00:1c:a7:f2:64:95:16:ea:c4:60:
                    ca:1c:ff:64:34:6e:f9:7e:72:df:b8:7c:a9:e2:7c:
                    35:e0:b3:25:39:4a:ba:37:01:ae:52:57:76:fb:e6:
                    b0:85:5d:ad:f2:54:0c:04:cf:90:28:32:99:26:f3:
                    b9:44:e7:39:25:9f:69:23:45:5f:1a:14:dd:53:dc:
                    1e:9a:1a:4a:a7:85:60:0f:95:c6:4b:53:2f:28:79:
                    2f:36:9a:fe:24:9c:d1:97:2f:4a:e7:54:58:2e:d0:
                    ef:87:f0:3d:2b:ab:06:23:42:13:d6:d4:ce:ed:f9:
                    ba:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:AC:FE:CB:68:1A:B9:D7:B3:33:70:64:90:24:32:5D:C1:D5:77:E8
            X509v3 Authority Key Identifier:
                keyid:97:49:AD:76:59:DA:13:4E:D4:80:74:F4:DB:93:41:CE:87:51:7D:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l0mtdlnaE07UgHT025NBzodRffQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/a7011a-6e15-4e9b-ba9e-32d79cc49f22/1/l0mtdlnaE07UgHT025NBzodRffQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/a7011a-6e15-4e9b-ba9e-32d79cc49f22/1/l0mtdlnaE07UgHT025NBzodRffQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:6e:f8:3b:15:be:f9:88:c9:96:e8:61:59:2a:9c:c7:b5:15:
         4f:8a:3c:f7:56:54:a2:eb:69:f4:c2:e1:eb:d9:7c:21:18:45:
         6b:73:53:10:d9:04:1f:78:22:f0:55:44:b3:4b:6c:87:b8:47:
         8e:dc:30:0d:5d:e3:9d:2d:12:b6:d5:11:8e:af:b1:a6:5a:d6:
         3d:3f:72:c5:8d:74:2c:76:0f:d4:8b:8f:73:95:dd:0d:d1:f7:
         39:a9:50:09:a8:d5:2b:98:ea:ca:05:d5:11:4d:f6:23:3e:64:
         d0:1a:58:f4:72:b4:c0:10:c7:a8:10:a7:6d:4a:a5:95:ae:1d:
         c0:2b:e7:a6:88:d9:e8:91:d8:a1:70:92:b9:d6:ee:32:82:17:
         bc:48:83:eb:d5:43:11:0e:15:a3:c6:79:76:65:b6:44:64:f1:
         fc:69:2d:d9:6c:0c:c0:83:d8:7b:c0:38:24:5f:c6:27:5b:e2:
         40:93:d5:c1:0f:27:db:6a:1a:23:0d:4c:50:0b:4f:ae:64:de:
         35:ce:bc:50:7b:6d:38:09:d9:7e:e7:bf:3b:08:92:68:f0:0c:
         6b:7c:e8:9b:7e:a9:22:74:84:9c:80:d0:4d:f7:bf:73:d2:89:
         63:2f:58:75:96:7a:40:9e:1d:03:44:8f:c9:61:4f:d3:5b:63:
         b1:57:33:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvK+L0TG5ns+WDySpVu1GLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NDlhZDc2NTlkYTEzNGVkNDgwNzRmNGRiOTM0MWNlODc1
MTdkZjQwHhcNMjUwNjE0MTYwMDM2WhcNMjUwNjE1MTYwMDM2WjAzMTEwLwYDVQQD
EygwMmFjZmVjYjY4MWFiOWQ3YjMzMzcwNjQ5MDI0MzI1ZGMxZDU3N2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HEUwK7w/l3a6jplJN08XzSGr3Hq
MzmLR1Y9z77AzZYuv5GVyu5tQfeIhOyzdTtFCZGTD2NIumP6VLKboOpwalekfepz
JvyMDEeMjXThEG43Wp4E8Pe34lqO4CseiMumwsa21mJC5FcGndmdgk59xLYOGMVF
b/KhOjgkHxsrh2REp4NdydQB82Y24QAcp/JklRbqxGDKHP9kNG75fnLfuHyp4nw1
4LMlOUq6NwGuUld2++awhV2t8lQMBM+QKDKZJvO5ROc5JZ9pI0VfGhTdU9wemhpK
p4VgD5XGS1MvKHkvNpr+JJzRly9K51RYLtDvh/A9K6sGI0IT1tTO7fm6tQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAKs/stoGrnXszNwZJAkMl3B1XfoMB8GA1UdIwQY
MBaAFJdJrXZZ2hNO1IB09NuTQc6HUX30MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDBtdGRsbmFFMDdVZ0hUMDI1TkJ6b2RSZmZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9hNzAxMWEtNmUxNS00ZTliLWJhOWUt
MzJkNzljYzQ5ZjIyLzEvbDBtdGRsbmFFMDdVZ0hUMDI1TkJ6b2RSZmZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9hNzAxMWEtNmUxNS00ZTliLWJhOWUtMzJkNzljYzQ5ZjIy
LzEvbDBtdGRsbmFFMDdVZ0hUMDI1TkJ6b2RSZmZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANW74OxW+
+YjJluhhWSqcx7UVT4o891ZUoutp9MLh69l8IRhFa3NTENkEH3gi8FVEs0tsh7hH
jtwwDV3jnS0SttURjq+xplrWPT9yxY10LHYP1IuPc5XdDdH3OalQCajVK5jqygXV
EU32Iz5k0BpY9HK0wBDHqBCnbUqlla4dwCvnpojZ6JHYoXCSudbuMoIXvEiD69VD
EQ4Vo8Z5dmW2RGTx/Gkt2WwMwIPYe8A4JF/GJ1viQJPVwQ8n22oaIw1MUAtPrmTe
Nc68UHttOAnZfue/OwiSaPAMa3zom36pInSEnIDQTfe/c9KJYy9YdZZ6QJ4dA0SP
yWFP01tjsVcz7A==
-----END CERTIFICATE-----