Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft
File:                     LsJnz2xrO4jpahG_KemnOlWMXkA.mft (raw, json)
Hash identifier:          ob6HzDeXt5lvSUJKR7oApso7aHuHKoB4e9lJpcv1QZo=
Subject key identifier:   9D:C9:D4:AB:BE:3F:23:90:82:48:BB:C5:CB:08:34:60:30:D0:8E:F1
Authority key identifier: 2E:C2:67:CF:6C:6B:3B:88:E9:6A:11:BF:29:E9:A7:3A:55:8C:5E:40
Certificate issuer:       /CN=2ec267cf6c6b3b88e96a11bf29e9a73a558c5e40
Certificate serial:       0197507CE9DE79BDF802ABE2068CF41448BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LsJnz2xrO4jpahG_KemnOlWMXkA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft
Manifest number:          150F
Signing time:             Sun 08 Jun 2025 17:00:52 +0000
Manifest this update:     Sun 08 Jun 2025 17:00:52 +0000
Manifest next update:     Mon 09 Jun 2025 17:00:52 +0000
Files and hashes:         1: LsJnz2xrO4jpahG_KemnOlWMXkA.crl (hash: 6WXC7GHZoQNHOGLJBM3TMa6tSF3/ZksT1IGZS30rBuM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LsJnz2xrO4jpahG_KemnOlWMXkA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 17:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:50:7c:e9:de:79:bd:f8:02:ab:e2:06:8c:f4:14:48:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ec267cf6c6b3b88e96a11bf29e9a73a558c5e40
        Validity
            Not Before: Jun  8 17:00:52 2025 GMT
            Not After : Jun  9 17:00:52 2025 GMT
        Subject: CN=9dc9d4abbe3f23908248bbc5cb08346030d08ef1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:d8:ae:28:d7:5b:fe:3d:57:ac:92:96:9b:7c:
                    cb:68:a4:9e:40:c7:e4:57:0b:fb:ab:4d:b8:af:1f:
                    b0:97:37:63:c5:fa:45:ff:a7:a7:3d:9d:44:4d:c2:
                    89:83:3d:ca:b5:79:c3:17:ed:89:77:89:11:7c:a5:
                    ac:52:ed:02:ec:b4:1d:2b:dd:0b:c2:15:ba:62:3d:
                    ef:22:25:e7:fc:cb:1e:01:1b:ce:8c:a2:66:d1:9c:
                    53:b0:ad:36:6a:2d:45:09:33:07:36:b4:2a:38:91:
                    15:9c:2d:23:24:cf:19:bb:d2:71:59:7a:6f:f5:3f:
                    ac:67:54:0c:b9:d2:63:9c:3a:ed:d9:d8:f2:97:c2:
                    99:fd:0d:94:e9:f4:e4:df:81:de:c6:40:1d:db:9e:
                    ee:6a:c5:65:fd:b4:13:d8:40:fe:0e:05:0b:74:91:
                    84:21:03:75:d3:e9:4e:a3:d9:8f:81:2c:d8:f1:0a:
                    55:7a:90:ba:69:fe:15:cb:ab:d4:2e:e3:a5:27:21:
                    d6:ef:4c:34:72:d9:b0:6a:b4:e0:18:bb:42:ab:c5:
                    2f:4f:cb:62:9e:a0:2a:ce:09:39:e0:cf:95:65:17:
                    e6:6e:9f:ff:d5:d0:f5:f9:0a:1f:15:61:ae:e0:a8:
                    d6:6b:08:9b:ba:a0:c1:57:66:ae:4f:7e:f1:02:11:
                    3a:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:C9:D4:AB:BE:3F:23:90:82:48:BB:C5:CB:08:34:60:30:D0:8E:F1
            X509v3 Authority Key Identifier:
                keyid:2E:C2:67:CF:6C:6B:3B:88:E9:6A:11:BF:29:E9:A7:3A:55:8C:5E:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LsJnz2xrO4jpahG_KemnOlWMXkA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:cd:76:4d:6d:26:b1:2a:0e:db:a3:b1:66:24:83:47:37:fd:
         45:41:a0:a8:ca:09:cf:38:84:e6:44:cc:5d:ae:b9:4a:49:0b:
         bb:73:65:6a:c8:01:3b:f4:5d:2f:6c:16:0c:9b:9a:40:d6:e4:
         6a:36:56:56:68:b2:ca:89:a1:d3:c0:d6:e1:aa:70:1f:cf:76:
         67:7a:cb:ac:f1:ca:cb:ef:0d:04:50:69:d8:04:00:f2:27:ff:
         eb:fd:89:c5:fe:86:1b:43:08:a5:9d:01:d2:e8:c6:18:72:9e:
         a6:a7:f2:b3:3e:77:1a:d0:4b:44:88:7e:84:fa:63:ed:74:2e:
         6d:5b:5c:18:ca:22:75:10:b2:99:93:46:38:d8:79:87:f1:52:
         39:cd:31:e7:11:f0:cf:55:b3:29:23:20:a8:ac:b1:27:6d:2d:
         59:94:13:01:91:0c:66:f8:cf:54:86:0f:52:6a:37:65:d6:d9:
         87:ce:ec:50:f6:38:4f:5c:d0:2c:9e:a8:64:cb:25:e3:d9:e4:
         1c:3c:56:9b:76:e3:7d:98:9f:01:4c:1b:07:0a:96:04:a1:ce:
         bf:cc:94:dc:e9:6d:0c:44:44:12:39:68:9d:61:d5:fa:17:0a:
         e2:82:72:b6:22:b2:f6:53:d4:67:4b:0d:6b:8e:ec:74:fb:51:
         df:c0:c4:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdQfOneeb34AqviBoz0FEi/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlYzI2N2NmNmM2YjNiODhlOTZhMTFiZjI5ZTlhNzNhNTU4
YzVlNDAwHhcNMjUwNjA4MTcwMDUyWhcNMjUwNjA5MTcwMDUyWjAzMTEwLwYDVQQD
Eyg5ZGM5ZDRhYmJlM2YyMzkwODI0OGJiYzVjYjA4MzQ2MDMwZDA4ZWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2diuKNdb/j1XrJKWm3zLaKSeQMfk
Vwv7q024rx+wlzdjxfpF/6enPZ1ETcKJgz3KtXnDF+2Jd4kRfKWsUu0C7LQdK90L
whW6Yj3vIiXn/MseARvOjKJm0ZxTsK02ai1FCTMHNrQqOJEVnC0jJM8Zu9JxWXpv
9T+sZ1QMudJjnDrt2djyl8KZ/Q2U6fTk34HexkAd257uasVl/bQT2ED+DgULdJGE
IQN10+lOo9mPgSzY8QpVepC6af4Vy6vULuOlJyHW70w0ctmwarTgGLtCq8UvT8ti
nqAqzgk54M+VZRfmbp//1dD1+QofFWGu4KjWawibuqDBV2auT37xAhE67QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ3J1Ku+PyOQgki7xcsINGAw0I7xMB8GA1UdIwQY
MBaAFC7CZ89sazuI6WoRvynppzpVjF5AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHNKbnoyeHJPNGpwYWhHX0tlbW5PbFdNWGtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9jZWEwMWItZWU5NC00YTAyLThkNjIt
MGRjMDFmYzg4MTQxLzEvTHNKbnoyeHJPNGpwYWhHX0tlbW5PbFdNWGtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9jZWEwMWItZWU5NC00YTAyLThkNjItMGRjMDFmYzg4MTQx
LzEvTHNKbnoyeHJPNGpwYWhHX0tlbW5PbFdNWGtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAss12TW0m
sSoO26OxZiSDRzf9RUGgqMoJzziE5kTMXa65SkkLu3NlasgBO/RdL2wWDJuaQNbk
ajZWVmiyyomh08DW4apwH892Z3rLrPHKy+8NBFBp2AQA8if/6/2Jxf6GG0MIpZ0B
0ujGGHKepqfysz53GtBLRIh+hPpj7XQubVtcGMoidRCymZNGONh5h/FSOc0x5xHw
z1WzKSMgqKyxJ20tWZQTAZEMZvjPVIYPUmo3ZdbZh87sUPY4T1zQLJ6oZMsl49nk
HDxWm3bjfZifAUwbBwqWBKHOv8yU3OltDEREEjlonWHV+hcK4oJytiKy9lPUZ0sN
a47sdPtR38DE8Q==
-----END CERTIFICATE-----