Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft
File:                     LsJnz2xrO4jpahG_KemnOlWMXkA.mft (raw, json)
Hash identifier:          /m+Kp4sQ3dnxt1tfZjp+jw0hWNR0Gvm0rCs+s1mA52Q=
Subject key identifier:   F9:C3:3B:4C:3F:3F:3E:43:A8:73:4F:85:76:8F:87:4E:B9:04:4F:1C
Authority key identifier: 2E:C2:67:CF:6C:6B:3B:88:E9:6A:11:BF:29:E9:A7:3A:55:8C:5E:40
Certificate issuer:       /CN=2ec267cf6c6b3b88e96a11bf29e9a73a558c5e40
Certificate serial:       019921E7833E62C6333B11F360F7173837B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LsJnz2xrO4jpahG_KemnOlWMXkA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft
Manifest number:          1600
Signing time:             Sun 07 Sep 2025 02:00:44 +0000
Manifest this update:     Sun 07 Sep 2025 02:00:44 +0000
Manifest next update:     Mon 08 Sep 2025 02:00:44 +0000
Files and hashes:         1: LsJnz2xrO4jpahG_KemnOlWMXkA.crl (hash: mD7E7FLzuaNBIoguDJgmssCKnJCYMH01RuexOyPx3uM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LsJnz2xrO4jpahG_KemnOlWMXkA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 02:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:e7:83:3e:62:c6:33:3b:11:f3:60:f7:17:38:37:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ec267cf6c6b3b88e96a11bf29e9a73a558c5e40
        Validity
            Not Before: Sep  7 02:00:44 2025 GMT
            Not After : Sep  8 02:00:44 2025 GMT
        Subject: CN=f9c33b4c3f3f3e43a8734f85768f874eb9044f1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:58:b5:8a:24:f0:b2:1c:98:97:ec:19:9b:a7:
                    23:0b:c1:06:4a:72:6f:4d:9a:95:3f:da:b5:72:e7:
                    c7:25:02:ba:83:56:2b:8e:59:cf:1f:4f:1f:11:e4:
                    0a:ca:74:62:ce:2c:5e:c2:8c:b1:50:59:f3:cb:04:
                    d7:1a:b8:67:59:b7:52:a6:f4:9e:27:40:5d:07:d4:
                    27:da:8e:0a:62:ed:e8:c2:54:11:50:ce:00:19:19:
                    b9:8c:13:bb:ff:9c:93:96:df:0c:f6:a6:12:fe:91:
                    58:4d:61:de:83:25:6f:e6:f7:39:55:ae:22:b2:07:
                    f9:65:a6:69:18:0b:5b:35:26:e5:89:d2:d4:ca:b0:
                    36:bd:11:46:95:06:ba:08:d4:a4:36:7c:3f:00:45:
                    dc:77:c5:7e:a2:ed:56:c4:b8:24:69:8d:21:20:c1:
                    2d:98:42:d4:bc:1a:5f:73:c8:9a:78:76:31:32:dc:
                    71:2e:ee:b5:a4:2f:2d:d7:8e:d5:f3:6a:2a:9b:e6:
                    7b:e1:cf:24:d6:b1:8a:a1:bc:cc:83:e5:41:ba:49:
                    0f:dd:df:fd:6e:83:74:d9:04:8f:38:14:fa:8b:28:
                    48:f7:59:7e:87:ab:66:ee:cc:06:e9:51:c1:3f:b6:
                    b2:dc:2b:33:ee:5b:11:a8:32:2d:2c:73:79:ee:71:
                    3b:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:C3:3B:4C:3F:3F:3E:43:A8:73:4F:85:76:8F:87:4E:B9:04:4F:1C
            X509v3 Authority Key Identifier:
                keyid:2E:C2:67:CF:6C:6B:3B:88:E9:6A:11:BF:29:E9:A7:3A:55:8C:5E:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LsJnz2xrO4jpahG_KemnOlWMXkA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:d8:c5:c4:78:fc:eb:00:87:8d:e4:00:41:f7:e7:03:66:9f:
         3f:6b:5c:20:5e:04:32:d6:2a:90:f6:c4:35:30:f3:07:22:23:
         ed:b7:ae:e8:db:72:67:5d:f7:35:94:23:dd:af:32:fa:b1:45:
         df:40:e9:26:f6:1d:f3:02:83:d9:c7:7c:97:0c:a1:86:a7:24:
         d0:6d:67:6f:98:89:6e:69:1f:14:af:8f:a5:c2:da:eb:b6:40:
         87:bb:1f:22:e2:5b:5a:d3:ea:35:30:2a:a1:f8:fe:d7:87:6c:
         90:ba:1d:e1:63:3a:f0:71:cb:fc:3a:a6:1e:cb:66:89:ec:58:
         0a:95:ea:c4:f6:27:66:10:ce:56:1e:62:d7:6b:7e:d2:b4:7e:
         a4:04:a5:f1:4f:66:d7:28:96:74:fc:8b:3e:18:94:8b:00:38:
         98:d5:21:3f:af:c6:e0:df:cc:e7:db:c8:12:cf:b3:69:32:9f:
         bf:9c:2e:a3:34:e9:82:7f:ec:eb:f6:1b:3a:83:db:a3:e4:50:
         cd:fc:fc:7e:3e:59:6e:27:56:90:9f:1a:69:c2:6c:8b:bf:64:
         ad:a5:83:a2:24:c4:ca:ee:42:4f:cc:f4:9f:78:c9:ba:b3:e0:
         74:dc:88:a0:cb:f2:a7:40:39:33:eb:9b:64:51:1f:07:71:3e:
         f3:2f:5e:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkh54M+YsYzOxHzYPcXODe1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlYzI2N2NmNmM2YjNiODhlOTZhMTFiZjI5ZTlhNzNhNTU4
YzVlNDAwHhcNMjUwOTA3MDIwMDQ0WhcNMjUwOTA4MDIwMDQ0WjAzMTEwLwYDVQQD
EyhmOWMzM2I0YzNmM2YzZTQzYTg3MzRmODU3NjhmODc0ZWI5MDQ0ZjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1i1iiTwshyYl+wZm6cjC8EGSnJv
TZqVP9q1cufHJQK6g1YrjlnPH08fEeQKynRizixewoyxUFnzywTXGrhnWbdSpvSe
J0BdB9Qn2o4KYu3owlQRUM4AGRm5jBO7/5yTlt8M9qYS/pFYTWHegyVv5vc5Va4i
sgf5ZaZpGAtbNSblidLUyrA2vRFGlQa6CNSkNnw/AEXcd8V+ou1WxLgkaY0hIMEt
mELUvBpfc8iaeHYxMtxxLu61pC8t147V82oqm+Z74c8k1rGKobzMg+VBukkP3d/9
boN02QSPOBT6iyhI91l+h6tm7swG6VHBP7ay3Csz7lsRqDItLHN57nE73wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPnDO0w/Pz5DqHNPhXaPh065BE8cMB8GA1UdIwQY
MBaAFC7CZ89sazuI6WoRvynppzpVjF5AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHNKbnoyeHJPNGpwYWhHX0tlbW5PbFdNWGtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9jZWEwMWItZWU5NC00YTAyLThkNjIt
MGRjMDFmYzg4MTQxLzEvTHNKbnoyeHJPNGpwYWhHX0tlbW5PbFdNWGtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9jZWEwMWItZWU5NC00YTAyLThkNjItMGRjMDFmYzg4MTQx
LzEvTHNKbnoyeHJPNGpwYWhHX0tlbW5PbFdNWGtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa9jFxHj8
6wCHjeQAQffnA2afP2tcIF4EMtYqkPbENTDzByIj7beu6NtyZ133NZQj3a8y+rFF
30DpJvYd8wKD2cd8lwyhhqck0G1nb5iJbmkfFK+PpcLa67ZAh7sfIuJbWtPqNTAq
ofj+14dskLod4WM68HHL/DqmHstmiexYCpXqxPYnZhDOVh5i12t+0rR+pASl8U9m
1yiWdPyLPhiUiwA4mNUhP6/G4N/M59vIEs+zaTKfv5wuozTpgn/s6/YbOoPbo+RQ
zfz8fj5ZbidWkJ8aacJsi79kraWDoiTEyu5CT8z0n3jJurPgdNyIoMvyp0A5M+ub
ZFEfB3E+8y9evg==
-----END CERTIFICATE-----