Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/13c33a-a46f-4889-b809-57303aa45cbb/1/lIHpRs_I4ZwWZ683XRCh5AQvDrk.mft
File:                     lIHpRs_I4ZwWZ683XRCh5AQvDrk.mft (raw, json)
Hash identifier:          FMEi0Hf2R5L8cx2Vl1pPA0oG+ZGL6OyuWO+Cn7AJpuM=
Subject key identifier:   8A:7C:E3:E1:F6:3D:28:78:C2:E8:42:01:DA:87:F6:6C:A9:CE:E2:05
Authority key identifier: 94:81:E9:46:CF:C8:E1:9C:16:67:AF:37:5D:10:A1:E4:04:2F:0E:B9
Certificate issuer:       /CN=9481e946cfc8e19c1667af375d10a1e4042f0eb9
Certificate serial:       019750EAEC028EEDE099D14160BFE3120DB0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lIHpRs_I4ZwWZ683XRCh5AQvDrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/13c33a-a46f-4889-b809-57303aa45cbb/1/lIHpRs_I4ZwWZ683XRCh5AQvDrk.mft
Manifest number:          0497
Signing time:             Sun 08 Jun 2025 19:01:02 +0000
Manifest this update:     Sun 08 Jun 2025 19:01:02 +0000
Manifest next update:     Mon 09 Jun 2025 19:01:02 +0000
Files and hashes:         1: lIHpRs_I4ZwWZ683XRCh5AQvDrk.crl (hash: tIKiNpwkqKIwe8ehd8T+nU8GkbQoVg0n9/My6xickD4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/13c33a-a46f-4889-b809-57303aa45cbb/1/lIHpRs_I4ZwWZ683XRCh5AQvDrk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/13c33a-a46f-4889-b809-57303aa45cbb/1/lIHpRs_I4ZwWZ683XRCh5AQvDrk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lIHpRs_I4ZwWZ683XRCh5AQvDrk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:50:ea:ec:02:8e:ed:e0:99:d1:41:60:bf:e3:12:0d:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9481e946cfc8e19c1667af375d10a1e4042f0eb9
        Validity
            Not Before: Jun  8 19:01:02 2025 GMT
            Not After : Jun  9 19:01:02 2025 GMT
        Subject: CN=8a7ce3e1f63d2878c2e84201da87f66ca9cee205
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:23:8e:23:db:27:a3:db:fb:c6:e2:4e:98:3d:
                    c0:20:df:e0:a1:c7:4e:e8:cf:28:05:8e:7a:9a:aa:
                    5e:cb:2b:e5:8c:6d:1e:0f:5e:5d:79:77:e6:5c:b7:
                    8b:40:4b:2f:78:44:62:f1:26:55:fb:b3:06:06:80:
                    94:da:d4:45:8e:aa:ef:46:6a:e4:35:8d:7d:48:83:
                    bf:ae:ce:25:ad:91:97:11:f3:89:21:61:36:27:78:
                    13:19:0b:5d:46:da:6c:61:53:b9:74:4b:fd:e0:6f:
                    d7:b5:b2:cb:ba:93:3d:d5:60:04:bb:54:4f:60:6a:
                    64:54:12:86:72:4a:f9:4f:a9:26:a8:e5:e4:c6:46:
                    f2:b9:be:91:81:b2:d7:a6:8c:31:16:16:85:ec:21:
                    e3:e9:f6:07:25:f2:97:5f:7e:b4:db:f0:7f:65:e4:
                    8d:c4:1c:f2:ff:bd:4a:22:42:c0:c9:ac:c2:67:42:
                    a0:5b:27:99:e9:6c:2d:5e:5c:2f:48:dd:fc:d8:f4:
                    54:83:ad:68:87:a8:b3:80:52:32:7f:ac:41:7d:25:
                    0f:40:e3:e7:dd:d4:d9:77:0d:33:fa:cf:71:02:98:
                    56:ef:2c:9c:78:0d:69:26:c5:e3:fc:dc:48:22:35:
                    7e:26:27:0b:81:d4:d4:d6:20:f3:8a:36:f3:55:20:
                    81:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:7C:E3:E1:F6:3D:28:78:C2:E8:42:01:DA:87:F6:6C:A9:CE:E2:05
            X509v3 Authority Key Identifier:
                keyid:94:81:E9:46:CF:C8:E1:9C:16:67:AF:37:5D:10:A1:E4:04:2F:0E:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lIHpRs_I4ZwWZ683XRCh5AQvDrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/13c33a-a46f-4889-b809-57303aa45cbb/1/lIHpRs_I4ZwWZ683XRCh5AQvDrk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/13c33a-a46f-4889-b809-57303aa45cbb/1/lIHpRs_I4ZwWZ683XRCh5AQvDrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:1f:f1:1f:e7:75:29:6c:ba:5e:5b:88:c6:3d:2b:50:74:ab:
         04:3f:ef:4d:9f:a1:3d:81:10:b0:8f:2e:67:60:e1:24:05:08:
         cf:f7:4b:89:55:65:04:36:4d:c8:03:18:4d:b2:4b:d5:e4:7d:
         d0:ae:94:60:61:fc:0e:60:78:93:f5:fc:1b:26:ce:13:7d:22:
         9f:50:f9:73:d1:e3:bd:fc:ec:c5:1f:0c:68:00:32:78:76:fc:
         53:f9:c7:fa:99:dd:1b:1d:72:fa:38:c7:8a:e2:a9:72:81:65:
         f3:fc:1d:7a:80:51:ba:a2:e2:0a:77:4b:d6:3e:63:f2:10:9a:
         be:99:a0:42:72:59:5a:63:c5:22:71:b6:74:93:50:81:e9:17:
         66:73:8b:33:f1:50:f0:11:dc:21:b7:ab:58:98:dc:66:b1:bb:
         7c:73:e4:03:c5:18:86:ce:eb:37:64:fb:ec:d2:68:5e:94:32:
         52:af:c6:a5:52:2d:41:02:8d:98:0f:10:86:3e:fd:bb:f9:e1:
         09:03:53:d4:db:43:8c:e7:e9:14:39:f9:87:29:0f:22:5b:ae:
         a5:1a:41:30:4a:36:2a:c6:0f:47:63:20:fa:16:3b:a9:20:12:
         ca:d9:20:1e:b9:a6:64:7e:8a:d9:22:50:e8:4d:85:4e:15:f7:
         8c:98:fd:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdQ6uwCju3gmdFBYL/jEg2wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ODFlOTQ2Y2ZjOGUxOWMxNjY3YWYzNzVkMTBhMWU0MDQy
ZjBlYjkwHhcNMjUwNjA4MTkwMTAyWhcNMjUwNjA5MTkwMTAyWjAzMTEwLwYDVQQD
Eyg4YTdjZTNlMWY2M2QyODc4YzJlODQyMDFkYTg3ZjY2Y2E5Y2VlMjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCOOI9sno9v7xuJOmD3AIN/gocdO
6M8oBY56mqpeyyvljG0eD15deXfmXLeLQEsveERi8SZV+7MGBoCU2tRFjqrvRmrk
NY19SIO/rs4lrZGXEfOJIWE2J3gTGQtdRtpsYVO5dEv94G/XtbLLupM91WAEu1RP
YGpkVBKGckr5T6kmqOXkxkbyub6RgbLXpowxFhaF7CHj6fYHJfKXX3602/B/ZeSN
xBzy/71KIkLAyazCZ0KgWyeZ6WwtXlwvSN382PRUg61oh6izgFIyf6xBfSUPQOPn
3dTZdw0z+s9xAphW7yyceA1pJsXj/NxIIjV+JicLgdTU1iDzijbzVSCBhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIp84+H2PSh4wuhCAdqH9mypzuIFMB8GA1UdIwQY
MBaAFJSB6UbPyOGcFmevN10QoeQELw65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbElIcFJzX0k0WndXWjY4M1hSQ2g1QVF2RHJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8xM2MzM2EtYTQ2Zi00ODg5LWI4MDkt
NTczMDNhYTQ1Y2JiLzEvbElIcFJzX0k0WndXWjY4M1hSQ2g1QVF2RHJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8xM2MzM2EtYTQ2Zi00ODg5LWI4MDktNTczMDNhYTQ1Y2Ji
LzEvbElIcFJzX0k0WndXWjY4M1hSQ2g1QVF2RHJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANx/xH+d1
KWy6XluIxj0rUHSrBD/vTZ+hPYEQsI8uZ2DhJAUIz/dLiVVlBDZNyAMYTbJL1eR9
0K6UYGH8DmB4k/X8GybOE30in1D5c9HjvfzsxR8MaAAyeHb8U/nH+pndGx1y+jjH
iuKpcoFl8/wdeoBRuqLiCndL1j5j8hCavpmgQnJZWmPFInG2dJNQgekXZnOLM/FQ
8BHcIberWJjcZrG7fHPkA8UYhs7rN2T77NJoXpQyUq/GpVItQQKNmA8Qhj79u/nh
CQNT1NtDjOfpFDn5hykPIluupRpBMEo2KsYPR2Mg+hY7qSASytkgHrmmZH6K2SJQ
6E2FThX3jJj9bA==
-----END CERTIFICATE-----