Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft
File:                     lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft (raw, json)
Hash identifier:          OQPAWikwxnBF62CQfVbteWCDV3j9WgTXYqKEOTQPWFQ=
Subject key identifier:   81:10:29:29:1A:1E:A5:DE:A9:B8:7E:1A:35:F0:1D:EF:35:3F:2B:0E
Authority key identifier: 95:6E:31:6C:98:38:04:C2:50:1E:CC:5A:BE:A5:3A:2A:83:B5:73:24
Certificate issuer:       /CN=956e316c983804c2501ecc5abea53a2a83b57324
Certificate serial:       01974E5713C2E4840CA5992CA2C465167A47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lW4xbJg4BMJQHsxavqU6KoO1cyQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft
Manifest number:          154F
Signing time:             Sun 08 Jun 2025 07:00:18 +0000
Manifest this update:     Sun 08 Jun 2025 07:00:18 +0000
Manifest next update:     Mon 09 Jun 2025 07:00:18 +0000
Files and hashes:         1: lW4xbJg4BMJQHsxavqU6KoO1cyQ.crl (hash: gqudDPuA8Boqdvptrw1WQwwmhfQvGE1ArPP/0ArEZYI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lW4xbJg4BMJQHsxavqU6KoO1cyQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:57:13:c2:e4:84:0c:a5:99:2c:a2:c4:65:16:7a:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=956e316c983804c2501ecc5abea53a2a83b57324
        Validity
            Not Before: Jun  8 07:00:18 2025 GMT
            Not After : Jun  9 07:00:18 2025 GMT
        Subject: CN=811029291a1ea5dea9b87e1a35f01def353f2b0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:9e:8b:89:23:81:a1:35:8a:fb:f5:74:30:b2:
                    aa:11:2c:0c:86:bb:73:a7:a3:ba:27:4f:3b:69:df:
                    1e:05:0b:af:f1:b9:8d:72:1f:ea:d5:ab:87:e1:77:
                    40:a8:9d:9c:68:76:15:09:87:07:64:48:0b:4f:7f:
                    56:2e:fe:fa:07:dd:27:49:72:4a:27:8c:82:df:51:
                    14:26:ba:29:13:bb:33:e0:08:be:9c:22:c2:9f:eb:
                    a6:53:cc:fc:8c:00:17:ae:80:92:93:6b:62:0b:80:
                    5d:3c:d6:2f:82:8c:0b:12:ad:f2:d0:1a:c8:73:e8:
                    08:e1:ad:9a:12:b7:72:2b:6d:1a:73:6e:33:95:a4:
                    a0:2a:58:23:d4:cc:c3:e7:49:48:dc:09:8c:ed:7d:
                    83:a2:f4:67:4b:bc:d3:de:56:4b:d1:e7:88:ad:c2:
                    cf:ef:95:8d:9d:14:87:fb:b7:5e:a8:bc:fd:bb:09:
                    1c:47:73:48:bc:aa:1f:5d:0a:db:d0:e1:b8:f0:5f:
                    f3:d9:38:b7:01:14:2b:f2:45:1a:b3:b9:71:4c:f4:
                    1f:1e:32:0e:bd:a9:62:88:17:97:ad:64:52:dc:48:
                    45:b8:ea:ea:d4:83:d9:70:b0:6a:f8:d3:4a:eb:17:
                    d5:e3:ae:11:4d:d2:51:d7:47:e4:a7:ff:b7:e9:4a:
                    62:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:10:29:29:1A:1E:A5:DE:A9:B8:7E:1A:35:F0:1D:EF:35:3F:2B:0E
            X509v3 Authority Key Identifier:
                keyid:95:6E:31:6C:98:38:04:C2:50:1E:CC:5A:BE:A5:3A:2A:83:B5:73:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lW4xbJg4BMJQHsxavqU6KoO1cyQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:fe:84:d2:21:6b:6d:73:19:8f:b2:9e:b5:c7:c9:0f:a3:6d:
         33:31:bb:3e:18:7e:79:bd:a3:88:1a:1c:29:fc:f7:70:87:06:
         ef:f7:ab:04:ee:b1:99:14:f9:09:bd:4d:3a:26:5d:e8:2b:02:
         a4:4c:eb:0c:53:c0:94:35:64:fb:52:46:c3:cf:0b:39:fa:da:
         6a:94:cf:4e:b2:e5:2f:c6:4c:7a:fe:0e:34:43:10:30:3d:22:
         e5:52:89:5f:b0:dc:9e:53:da:9e:b5:eb:a5:e4:10:c5:58:5f:
         f8:cd:7d:3d:4f:58:a1:50:0d:9f:bb:55:d9:06:10:08:25:bc:
         12:07:ab:5c:22:29:c1:18:fa:f7:d7:fa:34:ce:4c:60:3d:55:
         bf:f9:5a:b0:50:dc:44:33:f1:c3:fa:7c:2e:23:7a:75:65:64:
         56:1c:93:d7:65:f2:4d:9f:b0:82:7b:64:35:ab:41:3a:27:79:
         53:c6:88:52:8c:6a:92:a4:ad:74:df:99:e3:a1:86:3c:ed:be:
         33:c5:c9:b2:c7:5a:f5:ef:ed:dd:43:38:fd:1b:a5:6c:47:7b:
         cc:f4:32:0d:3d:9f:8c:f9:3b:56:f9:b5:25:9a:50:a5:6e:8c:
         a6:7e:cf:17:e9:22:b4:3d:65:e5:e1:e0:d3:f0:86:00:73:b5:
         24:33:9c:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOVxPC5IQMpZksosRlFnpHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NmUzMTZjOTgzODA0YzI1MDFlY2M1YWJlYTUzYTJhODNi
NTczMjQwHhcNMjUwNjA4MDcwMDE4WhcNMjUwNjA5MDcwMDE4WjAzMTEwLwYDVQQD
Eyg4MTEwMjkyOTFhMWVhNWRlYTliODdlMWEzNWYwMWRlZjM1M2YyYjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJ6LiSOBoTWK+/V0MLKqESwMhrtz
p6O6J087ad8eBQuv8bmNch/q1auH4XdAqJ2caHYVCYcHZEgLT39WLv76B90nSXJK
J4yC31EUJropE7sz4Ai+nCLCn+umU8z8jAAXroCSk2tiC4BdPNYvgowLEq3y0BrI
c+gI4a2aErdyK20ac24zlaSgKlgj1MzD50lI3AmM7X2DovRnS7zT3lZL0eeIrcLP
75WNnRSH+7deqLz9uwkcR3NIvKofXQrb0OG48F/z2Ti3ARQr8kUas7lxTPQfHjIO
valiiBeXrWRS3EhFuOrq1IPZcLBq+NNK6xfV464RTdJR10fkp/+36UpiowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIEQKSkaHqXeqbh+GjXwHe81PysOMB8GA1UdIwQY
MBaAFJVuMWyYOATCUB7MWr6lOiqDtXMkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFc0eGJKZzRCTUpRSHN4YXZxVTZLb08xY3lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8wMjI0MGYtZTA4MC00YmU5LTkzYzQt
Mzk2ZmNkYTY0OTBjLzEvbFc0eGJKZzRCTUpRSHN4YXZxVTZLb08xY3lRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8wMjI0MGYtZTA4MC00YmU5LTkzYzQtMzk2ZmNkYTY0OTBj
LzEvbFc0eGJKZzRCTUpRSHN4YXZxVTZLb08xY3lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUf6E0iFr
bXMZj7KetcfJD6NtMzG7Phh+eb2jiBocKfz3cIcG7/erBO6xmRT5Cb1NOiZd6CsC
pEzrDFPAlDVk+1JGw88LOfraapTPTrLlL8ZMev4ONEMQMD0i5VKJX7DcnlPanrXr
peQQxVhf+M19PU9YoVANn7tV2QYQCCW8EgerXCIpwRj699f6NM5MYD1Vv/lasFDc
RDPxw/p8LiN6dWVkVhyT12XyTZ+wgntkNatBOid5U8aIUoxqkqStdN+Z46GGPO2+
M8XJssda9e/t3UM4/RulbEd7zPQyDT2fjPk7Vvm1JZpQpW6Mpn7PF+kitD1l5eHg
0/CGAHO1JDOc5Q==
-----END CERTIFICATE-----