Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft
File:                     lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft (raw, json)
Hash identifier:          CFCU6OtiaN6Voz5JCcy8fJwWMiJoYeNbzMfCt8daVUs=
Subject key identifier:   F0:93:86:99:12:C5:72:9C:27:DD:25:CA:47:D5:63:53:D1:12:57:C3
Authority key identifier: 94:62:21:F7:9A:BE:A6:D3:C0:C3:48:06:42:59:0D:D0:AE:0C:AA:3B
Certificate issuer:       /CN=946221f79abea6d3c0c3480642590dd0ae0caa3b
Certificate serial:       0197488D0B4ED8F49856F1665B49DB0D7853
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lGIh95q-ptPAw0gGQlkN0K4Mqjs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft
Manifest number:          127C
Signing time:             Sat 07 Jun 2025 04:01:32 +0000
Manifest this update:     Sat 07 Jun 2025 04:01:32 +0000
Manifest next update:     Sun 08 Jun 2025 04:01:32 +0000
Files and hashes:         1: lGIh95q-ptPAw0gGQlkN0K4Mqjs.crl (hash: 4yZ+T1fbDRI6CC55DfsWWhUdSjM439NjCgUqK0jox4M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lGIh95q-ptPAw0gGQlkN0K4Mqjs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 04:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8d:0b:4e:d8:f4:98:56:f1:66:5b:49:db:0d:78:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=946221f79abea6d3c0c3480642590dd0ae0caa3b
        Validity
            Not Before: Jun  7 04:01:32 2025 GMT
            Not After : Jun  8 04:01:32 2025 GMT
        Subject: CN=f093869912c5729c27dd25ca47d56353d11257c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:7f:54:5a:8a:59:74:b2:2a:14:33:7f:79:14:
                    b8:50:6b:a0:f7:c7:86:a0:4d:54:b1:7e:42:49:1b:
                    71:63:1d:fe:70:cd:d5:70:cb:e0:95:7e:46:f5:75:
                    f0:bd:f9:48:67:a6:f5:50:5e:05:95:e1:7c:50:0b:
                    b5:07:77:ef:32:ff:0d:48:41:fe:6d:11:38:24:21:
                    3b:ef:77:a4:8c:f3:04:48:cd:30:1b:5e:d8:8d:79:
                    5b:b3:10:b2:dd:6c:3e:64:6d:1f:25:19:0d:cb:ae:
                    e9:dd:34:20:77:dd:aa:89:18:5a:50:11:27:76:00:
                    d8:61:8a:e6:4f:b8:44:cb:87:15:89:46:9e:04:94:
                    3c:73:96:c2:f5:c1:5c:ec:ae:be:b8:86:79:c1:ba:
                    7f:62:7a:bb:35:08:2b:b8:ce:58:ef:fc:9c:c9:88:
                    8f:2c:12:ce:78:e2:d7:65:88:4c:7a:d2:b3:65:17:
                    1a:86:83:1f:34:6a:58:83:ef:d8:c4:e7:81:02:fe:
                    d0:7e:64:d4:51:6e:e8:8c:50:7d:6d:62:4b:80:e3:
                    4a:ff:14:e4:d2:91:5d:b3:7b:b0:e1:11:b5:e7:e0:
                    dd:06:fc:07:3c:b9:50:78:69:ea:1a:93:ae:ee:4e:
                    8d:fa:98:5b:5d:da:78:55:70:c4:6e:25:fd:5b:d5:
                    5a:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:93:86:99:12:C5:72:9C:27:DD:25:CA:47:D5:63:53:D1:12:57:C3
            X509v3 Authority Key Identifier:
                keyid:94:62:21:F7:9A:BE:A6:D3:C0:C3:48:06:42:59:0D:D0:AE:0C:AA:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lGIh95q-ptPAw0gGQlkN0K4Mqjs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:e7:3d:2e:e8:39:fb:c2:5e:75:78:ee:3d:33:a7:5b:68:1a:
         80:0d:59:c9:57:08:db:8c:de:73:47:b7:1f:ca:71:df:2a:6e:
         fa:9f:53:48:2c:d4:02:7a:94:4d:fe:d6:82:5f:a7:9a:1e:3f:
         3a:83:ef:3a:0e:6f:89:5a:e1:8c:28:c6:0e:93:c9:70:5e:c4:
         a2:a2:62:a5:7d:8b:56:aa:88:c7:d9:76:e8:01:37:a0:a1:3a:
         97:4a:08:62:27:93:b4:2c:5e:b6:53:29:57:fa:4b:c2:a2:79:
         ae:7a:2e:b4:94:ab:db:cb:df:b3:c8:19:74:46:4e:dc:4d:5f:
         af:7a:d6:48:52:95:73:0f:65:df:4f:73:90:74:94:15:72:0b:
         b0:12:33:6f:24:04:71:37:c0:95:5a:45:69:79:e6:28:73:96:
         de:7b:29:ed:2e:af:28:ec:37:60:42:2a:c5:2b:7b:83:42:2a:
         e3:cb:f8:bb:c5:47:4a:e6:3b:c7:01:48:85:4e:1a:0e:80:88:
         9f:3d:b1:76:90:9a:e0:c2:f9:26:d5:10:b4:83:d0:b2:46:47:
         ba:c6:22:20:5a:4a:1b:1c:b2:4b:8b:18:74:08:08:55:21:c0:
         42:fc:63:5f:50:b0:61:c3:99:21:44:da:2b:db:2c:a7:a3:04:
         1f:ff:cb:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjQtO2PSYVvFmW0nbDXhTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NjIyMWY3OWFiZWE2ZDNjMGMzNDgwNjQyNTkwZGQwYWUw
Y2FhM2IwHhcNMjUwNjA3MDQwMTMyWhcNMjUwNjA4MDQwMTMyWjAzMTEwLwYDVQQD
EyhmMDkzODY5OTEyYzU3MjljMjdkZDI1Y2E0N2Q1NjM1M2QxMTI1N2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlH9UWopZdLIqFDN/eRS4UGug98eG
oE1UsX5CSRtxYx3+cM3VcMvglX5G9XXwvflIZ6b1UF4FleF8UAu1B3fvMv8NSEH+
bRE4JCE773ekjPMESM0wG17YjXlbsxCy3Ww+ZG0fJRkNy67p3TQgd92qiRhaUBEn
dgDYYYrmT7hEy4cViUaeBJQ8c5bC9cFc7K6+uIZ5wbp/Ynq7NQgruM5Y7/ycyYiP
LBLOeOLXZYhMetKzZRcahoMfNGpYg+/YxOeBAv7QfmTUUW7ojFB9bWJLgONK/xTk
0pFds3uw4RG15+DdBvwHPLlQeGnqGpOu7k6N+phbXdp4VXDEbiX9W9VaDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPCThpkSxXKcJ90lykfVY1PRElfDMB8GA1UdIwQY
MBaAFJRiIfeavqbTwMNIBkJZDdCuDKo7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEdJaDk1cS1wdFBBdzBnR1Fsa04wSzRNcWpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi84ZDlhYTUtZDUyYS00ODZmLWI2NGMt
N2M2MDVkMzIxNjVkLzEvbEdJaDk1cS1wdFBBdzBnR1Fsa04wSzRNcWpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi84ZDlhYTUtZDUyYS00ODZmLWI2NGMtN2M2MDVkMzIxNjVk
LzEvbEdJaDk1cS1wdFBBdzBnR1Fsa04wSzRNcWpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATuc9Lug5
+8JedXjuPTOnW2gagA1ZyVcI24zec0e3H8px3ypu+p9TSCzUAnqUTf7Wgl+nmh4/
OoPvOg5viVrhjCjGDpPJcF7EoqJipX2LVqqIx9l26AE3oKE6l0oIYieTtCxetlMp
V/pLwqJ5rnoutJSr28vfs8gZdEZO3E1fr3rWSFKVcw9l309zkHSUFXILsBIzbyQE
cTfAlVpFaXnmKHOW3nsp7S6vKOw3YEIqxSt7g0Iq48v4u8VHSuY7xwFIhU4aDoCI
nz2xdpCa4ML5JtUQtIPQskZHusYiIFpKGxyyS4sYdAgIVSHAQvxjX1CwYcOZIUTa
K9ssp6MEH//LZg==
-----END CERTIFICATE-----