Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft
File:                     lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft (raw, json)
Hash identifier:          XjwaTw+MQVxo8RjUhwnDkejK5WYevww44LBdLGdSj5U=
Subject key identifier:   92:78:B1:63:46:B6:8A:86:55:3B:A0:20:19:B8:AC:B0:37:9F:15:8A
Authority key identifier: 94:75:ED:DC:A9:5B:73:66:53:A4:C9:F9:D9:15:40:D2:D3:EF:B5:3D
Certificate issuer:       /CN=9475eddca95b736653a4c9f9d91540d2d3efb53d
Certificate serial:       01974C322F99FD83B56465E71B86A5857AEF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft
Manifest number:          01BB
Signing time:             Sat 07 Jun 2025 21:00:46 +0000
Manifest this update:     Sat 07 Jun 2025 21:00:46 +0000
Manifest next update:     Sun 08 Jun 2025 21:00:46 +0000
Files and hashes:         1: lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl (hash: 3NARLRhKs15aaS7KTZaDWuX3J6Ci+FYnqDI9vV93TN0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 21:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:32:2f:99:fd:83:b5:64:65:e7:1b:86:a5:85:7a:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9475eddca95b736653a4c9f9d91540d2d3efb53d
        Validity
            Not Before: Jun  7 21:00:46 2025 GMT
            Not After : Jun  8 21:00:46 2025 GMT
        Subject: CN=9278b16346b68a86553ba02019b8acb0379f158a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:2f:c0:e8:18:b6:f1:45:a8:a6:c6:80:c4:5f:
                    80:67:54:cc:91:82:3d:29:92:74:8f:5c:b4:03:46:
                    a4:5f:13:f7:ae:12:a8:19:ff:d6:e6:e7:22:58:b8:
                    37:40:22:64:5a:43:57:42:0b:88:8e:3e:09:1d:fb:
                    13:36:8b:42:03:ea:1a:e0:a9:83:8a:fd:ee:c9:17:
                    04:11:4f:13:0a:dd:45:2e:ed:25:cb:13:1d:cc:12:
                    9c:8e:6b:28:22:00:e0:ca:f6:34:ef:9f:03:ed:00:
                    ee:f9:08:4c:07:88:3b:64:ee:97:e2:ed:0e:eb:a8:
                    31:7a:62:a8:a7:fd:f0:e3:92:06:ca:1b:92:ba:e3:
                    7f:bb:27:09:fc:3d:b7:81:66:17:52:c4:23:79:24:
                    04:86:97:6e:f4:d1:2f:55:dd:4b:1d:d0:1a:cf:b8:
                    c5:0d:2d:ed:c7:02:d2:f1:7a:e0:de:6b:31:f6:33:
                    e7:cc:1b:8b:23:0e:73:83:23:c3:49:7d:f9:5c:54:
                    9d:f5:1a:91:c9:a9:23:08:36:6e:7c:c2:ca:36:0f:
                    a3:e0:79:be:5f:25:4a:28:93:34:1e:3f:02:12:fe:
                    0b:84:1d:ad:b4:51:03:6a:a1:a8:fe:fc:8a:ca:21:
                    12:f2:cc:91:05:1a:29:36:eb:9d:b5:73:3a:41:c4:
                    3a:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:78:B1:63:46:B6:8A:86:55:3B:A0:20:19:B8:AC:B0:37:9F:15:8A
            X509v3 Authority Key Identifier:
                keyid:94:75:ED:DC:A9:5B:73:66:53:A4:C9:F9:D9:15:40:D2:D3:EF:B5:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:cc:e5:61:bd:0c:66:81:6b:cb:7d:d3:43:b6:33:21:1b:78:
         06:1f:85:d0:a5:f3:ec:38:eb:04:f7:39:0a:59:2c:53:1d:17:
         1d:5a:61:11:b1:91:01:99:46:21:cc:97:30:b9:81:31:b6:be:
         fd:90:51:6e:e6:b7:67:b6:27:f2:ce:69:55:a9:92:35:7b:3b:
         60:39:a7:9f:87:41:fd:51:b2:2c:d5:6f:8a:9a:e2:1a:bb:80:
         d2:d2:cb:af:16:7b:77:9d:47:2c:82:0d:87:02:80:f1:11:51:
         35:a9:eb:e3:ad:c1:46:77:6a:b2:f2:4a:75:70:e9:d0:2a:65:
         df:9f:a5:6b:9f:f0:93:36:b0:90:41:24:6e:c1:e3:8f:12:8d:
         69:02:f4:1e:1e:5d:16:ec:98:4d:26:a4:29:9d:cc:70:86:b3:
         47:79:53:04:c0:4c:79:97:88:53:8d:ab:a6:05:a8:a9:31:32:
         a2:2d:d1:82:71:2e:0d:0b:16:a4:81:a9:86:b2:77:8e:2a:e3:
         67:39:4d:61:64:cf:bf:80:6c:e8:bc:26:93:12:a3:07:24:59:
         8b:cf:87:5c:ad:0e:d8:b6:41:e9:43:43:2a:93:ac:a6:30:f5:
         d1:be:65:c8:83:b9:99:c8:c9:25:82:69:c1:a9:95:56:02:b0:
         ab:fd:87:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMMi+Z/YO1ZGXnG4alhXrvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NzVlZGRjYTk1YjczNjY1M2E0YzlmOWQ5MTU0MGQyZDNl
ZmI1M2QwHhcNMjUwNjA3MjEwMDQ2WhcNMjUwNjA4MjEwMDQ2WjAzMTEwLwYDVQQD
Eyg5Mjc4YjE2MzQ2YjY4YTg2NTUzYmEwMjAxOWI4YWNiMDM3OWYxNThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsC/A6Bi28UWopsaAxF+AZ1TMkYI9
KZJ0j1y0A0akXxP3rhKoGf/W5uciWLg3QCJkWkNXQguIjj4JHfsTNotCA+oa4KmD
iv3uyRcEEU8TCt1FLu0lyxMdzBKcjmsoIgDgyvY0758D7QDu+QhMB4g7ZO6X4u0O
66gxemKop/3w45IGyhuSuuN/uycJ/D23gWYXUsQjeSQEhpdu9NEvVd1LHdAaz7jF
DS3txwLS8Xrg3msx9jPnzBuLIw5zgyPDSX35XFSd9RqRyakjCDZufMLKNg+j4Hm+
XyVKKJM0Hj8CEv4LhB2ttFEDaqGo/vyKyiES8syRBRopNuudtXM6QcQ60wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJJ4sWNGtoqGVTugIBm4rLA3nxWKMB8GA1UdIwQY
MBaAFJR17dypW3NmU6TJ+dkVQNLT77U9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yM2NhMjEtYmNlYi00MzNlLWI3ZDkt
N2IwMDM5ODRiODYzLzEvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yM2NhMjEtYmNlYi00MzNlLWI3ZDktN2IwMDM5ODRiODYz
LzEvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeMzlYb0M
ZoFry33TQ7YzIRt4Bh+F0KXz7DjrBPc5ClksUx0XHVphEbGRAZlGIcyXMLmBMba+
/ZBRbua3Z7Yn8s5pVamSNXs7YDmnn4dB/VGyLNVvipriGruA0tLLrxZ7d51HLIIN
hwKA8RFRNanr463BRndqsvJKdXDp0Cpl35+la5/wkzawkEEkbsHjjxKNaQL0Hh5d
FuyYTSakKZ3McIazR3lTBMBMeZeIU42rpgWoqTEyoi3RgnEuDQsWpIGphrJ3jirj
ZzlNYWTPv4Bs6LwmkxKjByRZi8+HXK0O2LZB6UNDKpOspjD10b5lyIO5mcjJJYJp
wamVVgKwq/2HFg==
-----END CERTIFICATE-----