Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/1e0180-db3a-46a5-b31b-b599723fc053/1/LONOJrtlYwuGk29JaTU-18hplcg.mft
File:                     LONOJrtlYwuGk29JaTU-18hplcg.mft (raw, json)
Hash identifier:          mXLg5gLFkbGILrrIPJRZn7w8itmxLxco6N4rzDyHgTk=
Subject key identifier:   4A:60:9A:F7:95:00:58:3D:A3:C1:F2:D7:FA:D6:FB:A9:79:6A:56:3C
Authority key identifier: 2C:E3:4E:26:BB:65:63:0B:86:93:6F:49:69:35:3E:D7:C8:69:95:C8
Certificate issuer:       /CN=2ce34e26bb65630b86936f4969353ed7c86995c8
Certificate serial:       019922FA4315B311E430E767F7B3F9E4CBBD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LONOJrtlYwuGk29JaTU-18hplcg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/1e0180-db3a-46a5-b31b-b599723fc053/1/LONOJrtlYwuGk29JaTU-18hplcg.mft
Manifest number:          15AC
Signing time:             Sun 07 Sep 2025 07:00:50 +0000
Manifest this update:     Sun 07 Sep 2025 07:00:50 +0000
Manifest next update:     Mon 08 Sep 2025 07:00:50 +0000
Files and hashes:         1: LONOJrtlYwuGk29JaTU-18hplcg.crl (hash: 8YQJsv7yOofhgwWnZsHVCMMyL1cYWT0Xa8rxx+FfEYw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/1e0180-db3a-46a5-b31b-b599723fc053/1/LONOJrtlYwuGk29JaTU-18hplcg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/1e0180-db3a-46a5-b31b-b599723fc053/1/LONOJrtlYwuGk29JaTU-18hplcg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LONOJrtlYwuGk29JaTU-18hplcg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:43:15:b3:11:e4:30:e7:67:f7:b3:f9:e4:cb:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ce34e26bb65630b86936f4969353ed7c86995c8
        Validity
            Not Before: Sep  7 07:00:50 2025 GMT
            Not After : Sep  8 07:00:50 2025 GMT
        Subject: CN=4a609af79500583da3c1f2d7fad6fba9796a563c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:05:fc:02:6e:3f:2c:93:19:13:04:b2:a9:db:
                    28:0c:d1:24:a7:d7:d3:7a:33:8c:c1:98:1f:9c:68:
                    94:ce:77:01:05:9e:2a:de:e6:f0:e3:c8:d2:68:95:
                    27:5e:22:b7:26:8c:9f:ee:3f:3d:46:3c:2a:00:ec:
                    d3:f2:a5:16:c3:cf:8b:7f:12:2f:42:c0:30:7e:ac:
                    04:4f:71:47:c7:99:24:0f:2c:e3:ab:ec:14:ed:eb:
                    17:23:f7:16:79:85:72:6d:7f:f6:2a:a8:32:af:5a:
                    22:fd:1f:3b:ea:c0:60:35:d5:55:16:50:20:b2:a9:
                    36:c2:ec:6e:67:cd:4d:6b:52:78:e7:53:10:b3:70:
                    7b:a3:57:ae:50:b7:41:86:51:29:81:c8:0a:32:6f:
                    de:f2:bb:a7:29:d1:dd:8c:dc:69:a0:c5:da:15:aa:
                    1a:b9:8b:77:1b:71:e1:7a:77:8c:90:b2:1b:8e:a9:
                    25:25:7b:16:a8:86:6a:49:fe:ee:ff:27:e1:5a:e7:
                    d6:b3:84:ea:9f:10:17:87:5d:38:a9:43:b7:a6:20:
                    ce:cb:3e:c6:c0:08:0c:db:1d:90:ed:2f:76:11:66:
                    e6:c1:81:39:ce:a7:9e:9b:dc:f5:33:0c:99:1d:af:
                    8e:d3:da:07:11:71:b8:dd:50:bf:53:9f:dc:2e:77:
                    64:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:60:9A:F7:95:00:58:3D:A3:C1:F2:D7:FA:D6:FB:A9:79:6A:56:3C
            X509v3 Authority Key Identifier:
                keyid:2C:E3:4E:26:BB:65:63:0B:86:93:6F:49:69:35:3E:D7:C8:69:95:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LONOJrtlYwuGk29JaTU-18hplcg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/1e0180-db3a-46a5-b31b-b599723fc053/1/LONOJrtlYwuGk29JaTU-18hplcg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/1e0180-db3a-46a5-b31b-b599723fc053/1/LONOJrtlYwuGk29JaTU-18hplcg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:73:b5:e3:18:d4:3f:3e:5d:2f:85:06:8b:70:ee:e7:58:67:
         e1:06:30:73:20:39:17:e0:fc:6b:b8:d3:bd:ec:9a:f8:05:4d:
         f8:d0:d1:e7:a4:e3:3c:a8:83:b3:da:32:c6:06:a5:b1:57:bd:
         64:9e:16:ff:e6:5b:a9:de:99:86:d9:fd:c8:ed:63:f4:bb:e2:
         3d:19:c2:43:c1:ae:4b:c2:cb:e8:6b:81:6c:c0:15:54:04:6f:
         98:9f:60:09:db:da:ea:fa:c9:fa:81:56:f5:b4:73:48:73:37:
         3e:3f:d6:9c:e4:86:73:6c:35:64:84:db:89:21:39:13:98:7e:
         4f:cc:b1:75:c0:fc:9b:37:db:5a:73:e3:d0:49:49:dc:52:c5:
         7a:9f:18:8b:6f:7a:a6:fa:12:51:d1:2e:33:3a:e6:67:dd:05:
         67:5a:07:b5:eb:41:85:33:60:73:82:96:df:41:16:fb:df:2b:
         75:f2:08:76:46:ed:cf:f5:35:02:c7:62:1b:7a:64:2d:7c:af:
         3e:17:00:5d:d4:6c:6c:18:2f:55:66:c9:56:f9:c5:a7:78:4b:
         68:51:3b:e8:75:0c:41:87:12:1d:f9:bf:c6:c3:bd:e2:0a:75:
         67:b4:b0:cc:e5:f3:a1:2f:29:bd:75:6a:00:26:0c:9a:05:38:
         96:fe:4a:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+kMVsxHkMOdn97P55Mu9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjZTM0ZTI2YmI2NTYzMGI4NjkzNmY0OTY5MzUzZWQ3Yzg2
OTk1YzgwHhcNMjUwOTA3MDcwMDUwWhcNMjUwOTA4MDcwMDUwWjAzMTEwLwYDVQQD
Eyg0YTYwOWFmNzk1MDA1ODNkYTNjMWYyZDdmYWQ2ZmJhOTc5NmE1NjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwX8Am4/LJMZEwSyqdsoDNEkp9fT
ejOMwZgfnGiUzncBBZ4q3ubw48jSaJUnXiK3Joyf7j89RjwqAOzT8qUWw8+LfxIv
QsAwfqwET3FHx5kkDyzjq+wU7esXI/cWeYVybX/2Kqgyr1oi/R876sBgNdVVFlAg
sqk2wuxuZ81Na1J451MQs3B7o1euULdBhlEpgcgKMm/e8runKdHdjNxpoMXaFaoa
uYt3G3HheneMkLIbjqklJXsWqIZqSf7u/yfhWufWs4TqnxAXh104qUO3piDOyz7G
wAgM2x2Q7S92EWbmwYE5zqeem9z1MwyZHa+O09oHEXG43VC/U5/cLndk3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEpgmveVAFg9o8Hy1/rW+6l5alY8MB8GA1UdIwQY
MBaAFCzjTia7ZWMLhpNvSWk1PtfIaZXIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTE9OT0pydGxZd3VHazI5SmFUVS0xOGhwbGNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8xZTAxODAtZGIzYS00NmE1LWIzMWIt
YjU5OTcyM2ZjMDUzLzEvTE9OT0pydGxZd3VHazI5SmFUVS0xOGhwbGNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8xZTAxODAtZGIzYS00NmE1LWIzMWItYjU5OTcyM2ZjMDUz
LzEvTE9OT0pydGxZd3VHazI5SmFUVS0xOGhwbGNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoHO14xjU
Pz5dL4UGi3Du51hn4QYwcyA5F+D8a7jTveya+AVN+NDR56TjPKiDs9oyxgalsVe9
ZJ4W/+Zbqd6Zhtn9yO1j9LviPRnCQ8GuS8LL6GuBbMAVVARvmJ9gCdva6vrJ+oFW
9bRzSHM3Pj/WnOSGc2w1ZITbiSE5E5h+T8yxdcD8mzfbWnPj0ElJ3FLFep8Yi296
pvoSUdEuMzrmZ90FZ1oHtetBhTNgc4KW30EW+98rdfIIdkbtz/U1AsdiG3pkLXyv
PhcAXdRsbBgvVWbJVvnFp3hLaFE76HUMQYcSHfm/xsO94gp1Z7SwzOXzoS8pvXVq
ACYMmgU4lv5K0Q==
-----END CERTIFICATE-----