Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/a7011a-6e15-4e9b-ba9e-32d79cc49f22/1/l0mtdlnaE07UgHT025NBzodRffQ.mft
File:                     l0mtdlnaE07UgHT025NBzodRffQ.mft (raw, json)
Hash identifier:          q6bnACxAlo0ZFj+bbvDh0deUfYkfacNRAbAy6xPg1jo=
Subject key identifier:   29:98:51:66:9C:5A:8C:D3:40:7E:AF:7F:8B:DE:49:BF:06:C9:42:41
Authority key identifier: 97:49:AD:76:59:DA:13:4E:D4:80:74:F4:DB:93:41:CE:87:51:7D:F4
Certificate issuer:       /CN=9749ad7659da134ed48074f4db9341ce87517df4
Certificate serial:       01988EECAE342E9A3F82634327736986243B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l0mtdlnaE07UgHT025NBzodRffQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/a7011a-6e15-4e9b-ba9e-32d79cc49f22/1/l0mtdlnaE07UgHT025NBzodRffQ.mft
Manifest number:          1327
Signing time:             Sat 09 Aug 2025 13:02:12 +0000
Manifest this update:     Sat 09 Aug 2025 13:02:12 +0000
Manifest next update:     Sun 10 Aug 2025 13:02:12 +0000
Files and hashes:         1: l0mtdlnaE07UgHT025NBzodRffQ.crl (hash: i5ilhVwb8Fl1nRWs2IhtIM1/BcOGVQXbL6MI3qieplg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f2/a7011a-6e15-4e9b-ba9e-32d79cc49f22/1/l0mtdlnaE07UgHT025NBzodRffQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f2/a7011a-6e15-4e9b-ba9e-32d79cc49f22/1/l0mtdlnaE07UgHT025NBzodRffQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/l0mtdlnaE07UgHT025NBzodRffQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 13:02:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8e:ec:ae:34:2e:9a:3f:82:63:43:27:73:69:86:24:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9749ad7659da134ed48074f4db9341ce87517df4
        Validity
            Not Before: Aug  9 13:02:12 2025 GMT
            Not After : Aug 10 13:02:12 2025 GMT
        Subject: CN=299851669c5a8cd3407eaf7f8bde49bf06c94241
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:ae:2b:31:44:36:87:00:80:32:4a:02:cb:2c:
                    1b:0d:a3:ac:d5:bb:b7:b4:5e:77:f7:fc:15:6e:8d:
                    50:e3:18:7a:e2:31:5a:7c:e3:70:59:b1:e6:05:3b:
                    47:c9:4c:a6:b5:31:3f:4b:07:38:77:3a:0c:c1:c7:
                    59:10:b5:ac:3b:4f:0c:9e:58:21:80:a8:4a:2d:25:
                    e1:11:17:bf:35:1f:4c:82:f7:e2:8a:7f:0a:dd:be:
                    19:15:55:2a:c8:b1:49:22:53:de:c7:68:d8:7a:32:
                    2d:2d:98:99:fc:37:6b:16:f3:75:ef:e0:59:ba:ff:
                    2f:20:f6:33:aa:b5:c8:78:c7:4e:f1:e3:da:82:7c:
                    95:c8:76:86:dc:fe:02:60:42:7f:6f:4f:19:13:bb:
                    c8:b8:75:c4:a5:f2:e5:2a:2b:01:ac:0f:58:db:ae:
                    58:ba:fb:90:06:b4:5d:59:6a:1e:a0:e9:8a:9a:63:
                    96:f5:c6:f0:bc:9b:19:86:66:cf:65:a8:4b:82:dd:
                    d7:63:4e:5b:fe:40:63:d5:02:72:f4:2c:32:47:a3:
                    62:a0:83:c2:4f:fb:54:d9:2e:75:e7:9e:ee:8d:4e:
                    eb:7b:e0:ca:7c:63:ec:42:e2:7f:9e:11:d2:64:a3:
                    25:0f:05:96:57:fc:98:ca:32:79:6b:3e:77:3c:78:
                    f2:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:98:51:66:9C:5A:8C:D3:40:7E:AF:7F:8B:DE:49:BF:06:C9:42:41
            X509v3 Authority Key Identifier:
                keyid:97:49:AD:76:59:DA:13:4E:D4:80:74:F4:DB:93:41:CE:87:51:7D:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l0mtdlnaE07UgHT025NBzodRffQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/a7011a-6e15-4e9b-ba9e-32d79cc49f22/1/l0mtdlnaE07UgHT025NBzodRffQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/a7011a-6e15-4e9b-ba9e-32d79cc49f22/1/l0mtdlnaE07UgHT025NBzodRffQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:b2:a0:7c:d8:31:ac:38:f5:f1:71:b6:92:1e:ea:9d:8e:b0:
         7a:0a:e5:21:40:23:f4:62:f5:28:78:f1:bd:50:94:3f:a1:db:
         0a:67:c4:a3:fc:75:be:db:78:5d:4d:5e:3f:a1:11:c9:cb:54:
         43:06:33:06:26:78:44:e7:28:85:6b:a7:c3:bb:38:cc:a0:83:
         65:e2:cc:e9:9b:c9:f1:20:58:e9:d0:65:f3:5e:82:65:73:cc:
         7a:e4:52:b9:c8:a3:ae:07:bb:78:af:ea:59:4b:63:7f:a3:7e:
         8b:95:95:0c:4b:e5:a6:ca:3c:3c:0f:38:17:82:10:12:32:1b:
         fd:95:1b:0b:88:21:50:e1:64:d3:72:14:3c:28:9b:32:39:c8:
         11:a3:7f:4d:49:4e:96:6f:48:19:bd:2e:93:81:a2:f0:74:2a:
         dd:c1:04:5f:9f:37:1c:c1:1c:d1:e3:36:b5:61:d6:16:a0:52:
         46:c1:22:6a:6c:f7:d5:36:89:9e:9f:22:b9:26:ac:6e:76:c0:
         d5:b1:1e:d1:07:4f:26:4a:b2:33:0b:dc:df:0a:b5:26:67:92:
         61:9b:5a:00:b8:de:f0:07:06:b7:10:21:cf:92:b9:57:95:c6:
         38:d5:f6:19:5b:a6:65:55:14:82:a8:7f:06:18:92:20:de:cb:
         ce:19:f2:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiO7K40Lpo/gmNDJ3NphiQ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NDlhZDc2NTlkYTEzNGVkNDgwNzRmNGRiOTM0MWNlODc1
MTdkZjQwHhcNMjUwODA5MTMwMjEyWhcNMjUwODEwMTMwMjEyWjAzMTEwLwYDVQQD
EygyOTk4NTE2NjljNWE4Y2QzNDA3ZWFmN2Y4YmRlNDliZjA2Yzk0MjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn64rMUQ2hwCAMkoCyywbDaOs1bu3
tF539/wVbo1Q4xh64jFafONwWbHmBTtHyUymtTE/Swc4dzoMwcdZELWsO08Mnlgh
gKhKLSXhERe/NR9Mgvfiin8K3b4ZFVUqyLFJIlPex2jYejItLZiZ/DdrFvN17+BZ
uv8vIPYzqrXIeMdO8ePagnyVyHaG3P4CYEJ/b08ZE7vIuHXEpfLlKisBrA9Y265Y
uvuQBrRdWWoeoOmKmmOW9cbwvJsZhmbPZahLgt3XY05b/kBj1QJy9CwyR6NioIPC
T/tU2S51557ujU7re+DKfGPsQuJ/nhHSZKMlDwWWV/yYyjJ5az53PHjyJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCmYUWacWozTQH6vf4veSb8GyUJBMB8GA1UdIwQY
MBaAFJdJrXZZ2hNO1IB09NuTQc6HUX30MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDBtdGRsbmFFMDdVZ0hUMDI1TkJ6b2RSZmZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9hNzAxMWEtNmUxNS00ZTliLWJhOWUt
MzJkNzljYzQ5ZjIyLzEvbDBtdGRsbmFFMDdVZ0hUMDI1TkJ6b2RSZmZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9hNzAxMWEtNmUxNS00ZTliLWJhOWUtMzJkNzljYzQ5ZjIy
LzEvbDBtdGRsbmFFMDdVZ0hUMDI1TkJ6b2RSZmZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApLKgfNgx
rDj18XG2kh7qnY6wegrlIUAj9GL1KHjxvVCUP6HbCmfEo/x1vtt4XU1eP6ERyctU
QwYzBiZ4ROcohWunw7s4zKCDZeLM6ZvJ8SBY6dBl816CZXPMeuRSucijrge7eK/q
WUtjf6N+i5WVDEvlpso8PA84F4IQEjIb/ZUbC4ghUOFk03IUPCibMjnIEaN/TUlO
lm9IGb0uk4Gi8HQq3cEEX583HMEc0eM2tWHWFqBSRsEiamz31TaJnp8iuSasbnbA
1bEe0QdPJkqyMwvc3wq1JmeSYZtaALje8AcGtxAhz5K5V5XGONX2GVumZVUUgqh/
BhiSIN7LzhnyIA==
-----END CERTIFICATE-----