Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/668bf3-77dc-43ea-8fdd-485eda34998f/1/LkWQWSMqS7ky9j-w37ZUk-ucgng.mft
File:                     LkWQWSMqS7ky9j-w37ZUk-ucgng.mft (raw, json)
Hash identifier:          268pG1SS2ahiJVV39qVKrfqDkpm30CK5p/HOy4QbB8o=
Subject key identifier:   95:CD:92:65:94:10:B5:1C:CF:02:D9:72:68:BA:51:9B:01:4F:5D:6D
Authority key identifier: 2E:45:90:59:23:2A:4B:B9:32:F6:3F:B0:DF:B6:54:93:EB:9C:82:78
Certificate issuer:       /CN=2e459059232a4bb932f63fb0dfb65493eb9c8278
Certificate serial:       01984B5363C844C4FE9962A0845C3FD4F2D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LkWQWSMqS7ky9j-w37ZUk-ucgng.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/668bf3-77dc-43ea-8fdd-485eda34998f/1/LkWQWSMqS7ky9j-w37ZUk-ucgng.mft
Manifest number:          1591
Signing time:             Sun 27 Jul 2025 10:00:12 +0000
Manifest this update:     Sun 27 Jul 2025 10:00:12 +0000
Manifest next update:     Mon 28 Jul 2025 10:00:12 +0000
Files and hashes:         1: LkWQWSMqS7ky9j-w37ZUk-ucgng.crl (hash: gIed2psQ3SaLDd2LmF1JDiAWZwg1fsPwzoFGBjaPZuo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/88/668bf3-77dc-43ea-8fdd-485eda34998f/1/LkWQWSMqS7ky9j-w37ZUk-ucgng.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/88/668bf3-77dc-43ea-8fdd-485eda34998f/1/LkWQWSMqS7ky9j-w37ZUk-ucgng.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LkWQWSMqS7ky9j-w37ZUk-ucgng.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 05:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:4b:53:63:c8:44:c4:fe:99:62:a0:84:5c:3f:d4:f2:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e459059232a4bb932f63fb0dfb65493eb9c8278
        Validity
            Not Before: Jul 27 10:00:12 2025 GMT
            Not After : Jul 28 10:00:12 2025 GMT
        Subject: CN=95cd92659410b51ccf02d97268ba519b014f5d6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:b6:08:e7:3e:e8:46:35:30:fe:66:5e:d5:b0:
                    14:e0:79:53:bd:e8:c4:4f:26:96:0a:7a:77:08:18:
                    f4:9d:ab:62:28:c8:3b:17:b7:81:c6:ab:0b:38:2a:
                    8f:b6:e9:fa:c7:34:ac:e4:8e:7b:82:94:60:d3:b1:
                    ca:8d:88:7e:33:20:12:5a:c5:27:ce:51:06:46:1b:
                    1c:f4:73:32:06:03:ff:ac:c6:e8:e0:86:9f:b7:5a:
                    e6:65:5b:49:c1:7b:d9:01:5e:ff:b2:c5:ea:13:8d:
                    a6:97:f9:0d:8e:5e:de:d4:0a:c2:68:a9:fd:ea:6f:
                    26:36:1c:be:d9:32:1c:30:fc:d0:03:62:e0:6b:e7:
                    a5:f9:26:dd:d5:96:1c:d4:cb:ae:aa:30:78:58:43:
                    40:57:a6:89:13:fd:8d:19:22:8b:bd:0a:81:b7:e1:
                    75:d6:9d:4d:f5:a7:56:85:79:f7:92:da:a9:e2:02:
                    25:41:d9:e6:63:2f:40:dc:e5:15:4b:17:4a:b5:12:
                    f4:0a:06:23:bc:b5:8d:46:d5:36:f7:43:0e:c9:28:
                    8b:c9:cd:67:69:95:35:e8:54:9d:02:21:60:f5:f5:
                    ea:03:f1:4f:a9:58:02:e4:af:60:d4:66:34:75:1c:
                    da:11:8d:27:b0:c2:70:cf:f9:3c:8c:51:54:c7:4f:
                    c7:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:CD:92:65:94:10:B5:1C:CF:02:D9:72:68:BA:51:9B:01:4F:5D:6D
            X509v3 Authority Key Identifier:
                keyid:2E:45:90:59:23:2A:4B:B9:32:F6:3F:B0:DF:B6:54:93:EB:9C:82:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LkWQWSMqS7ky9j-w37ZUk-ucgng.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/668bf3-77dc-43ea-8fdd-485eda34998f/1/LkWQWSMqS7ky9j-w37ZUk-ucgng.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/668bf3-77dc-43ea-8fdd-485eda34998f/1/LkWQWSMqS7ky9j-w37ZUk-ucgng.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:d0:38:67:30:12:a9:f4:41:5e:b3:34:47:bc:06:d0:75:1c:
         54:5c:60:d8:98:fa:00:5e:37:07:2f:f4:6c:41:8b:62:8a:19:
         d5:6a:36:de:3d:95:39:00:76:0e:93:3a:74:62:69:cc:0e:5b:
         26:0e:4e:26:4d:6d:85:42:49:07:5b:35:2d:1d:a5:75:1e:70:
         15:2b:bf:4d:3c:6a:9c:f6:2a:11:5f:10:7d:a8:fc:b8:27:e9:
         96:ca:3a:93:25:2d:3b:e8:a3:bb:22:e6:07:3d:f4:21:d1:01:
         75:be:f8:65:16:4c:2c:2d:7a:96:5e:92:be:4a:51:2a:a5:e2:
         53:71:47:44:c5:5a:e2:dd:80:48:b1:31:a3:88:fb:80:3d:95:
         23:83:f1:96:fe:d8:c0:3c:f4:b0:82:b2:3e:dd:d1:ec:03:63:
         cc:99:04:38:c3:f3:40:b6:61:89:33:77:9a:cd:7b:b8:0e:09:
         c8:14:23:e1:f4:b6:9d:56:73:e0:40:fe:b6:25:fc:5f:99:1a:
         66:97:e7:21:a2:68:8a:5b:67:f5:5c:f1:e8:32:84:0c:35:e2:
         74:16:41:00:46:c1:3b:8c:e9:db:99:30:0a:bc:e7:ee:7a:45:
         55:e9:bd:6c:34:c0:4e:bf:a8:cf:85:cb:38:e3:70:86:69:b0:
         a5:5d:a4:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhLU2PIRMT+mWKghFw/1PLWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNDU5MDU5MjMyYTRiYjkzMmY2M2ZiMGRmYjY1NDkzZWI5
YzgyNzgwHhcNMjUwNzI3MTAwMDEyWhcNMjUwNzI4MTAwMDEyWjAzMTEwLwYDVQQD
Eyg5NWNkOTI2NTk0MTBiNTFjY2YwMmQ5NzI2OGJhNTE5YjAxNGY1ZDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8rYI5z7oRjUw/mZe1bAU4HlTvejE
TyaWCnp3CBj0natiKMg7F7eBxqsLOCqPtun6xzSs5I57gpRg07HKjYh+MyASWsUn
zlEGRhsc9HMyBgP/rMbo4Iaft1rmZVtJwXvZAV7/ssXqE42ml/kNjl7e1ArCaKn9
6m8mNhy+2TIcMPzQA2Lga+el+Sbd1ZYc1MuuqjB4WENAV6aJE/2NGSKLvQqBt+F1
1p1N9adWhXn3ktqp4gIlQdnmYy9A3OUVSxdKtRL0CgYjvLWNRtU290MOySiLyc1n
aZU16FSdAiFg9fXqA/FPqVgC5K9g1GY0dRzaEY0nsMJwz/k8jFFUx0/HQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJXNkmWUELUczwLZcmi6UZsBT11tMB8GA1UdIwQY
MBaAFC5FkFkjKku5MvY/sN+2VJPrnIJ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGtXUVdTTXFTN2t5OWotdzM3WlVrLXVjZ25nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC82NjhiZjMtNzdkYy00M2VhLThmZGQt
NDg1ZWRhMzQ5OThmLzEvTGtXUVdTTXFTN2t5OWotdzM3WlVrLXVjZ25nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC82NjhiZjMtNzdkYy00M2VhLThmZGQtNDg1ZWRhMzQ5OThm
LzEvTGtXUVdTTXFTN2t5OWotdzM3WlVrLXVjZ25nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAANA4ZzAS
qfRBXrM0R7wG0HUcVFxg2Jj6AF43By/0bEGLYooZ1Wo23j2VOQB2DpM6dGJpzA5b
Jg5OJk1thUJJB1s1LR2ldR5wFSu/TTxqnPYqEV8Qfaj8uCfplso6kyUtO+ijuyLm
Bz30IdEBdb74ZRZMLC16ll6SvkpRKqXiU3FHRMVa4t2ASLExo4j7gD2VI4Pxlv7Y
wDz0sIKyPt3R7ANjzJkEOMPzQLZhiTN3ms17uA4JyBQj4fS2nVZz4ED+tiX8X5ka
ZpfnIaJoiltn9Vzx6DKEDDXidBZBAEbBO4zp25kwCrzn7npFVem9bDTATr+oz4XL
OONwhmmwpV2k9g==
-----END CERTIFICATE-----