Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/3108a3-5b5d-48d2-853b-f12b6ac5a2b2/1/lvMFpB83TbAVgTN3CNHHnr6nlxw.mft
File:                     lvMFpB83TbAVgTN3CNHHnr6nlxw.mft (raw, json)
Hash identifier:          97mRLI5Ymy46R2EwvJkYtY/Etw6eZML8vAN9ZjLDS5o=
Subject key identifier:   E1:18:A7:17:22:82:9A:BA:19:2B:65:D9:2F:41:6B:1D:50:E5:E6:93
Authority key identifier: 96:F3:05:A4:1F:37:4D:B0:15:81:33:77:08:D1:C7:9E:BE:A7:97:1C
Certificate issuer:       /CN=96f305a41f374db01581337708d1c79ebea7971c
Certificate serial:       019923D60816D475B4BF60AC3EF6A5CFA64E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lvMFpB83TbAVgTN3CNHHnr6nlxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/3108a3-5b5d-48d2-853b-f12b6ac5a2b2/1/lvMFpB83TbAVgTN3CNHHnr6nlxw.mft
Manifest number:          04F4
Signing time:             Sun 07 Sep 2025 11:00:53 +0000
Manifest this update:     Sun 07 Sep 2025 11:00:53 +0000
Manifest next update:     Mon 08 Sep 2025 11:00:53 +0000
Files and hashes:         1: lvMFpB83TbAVgTN3CNHHnr6nlxw.crl (hash: a6MfG/8KF7OuHot//vs7TAA9Do8CZpzmo5QyW5uaabc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/78/3108a3-5b5d-48d2-853b-f12b6ac5a2b2/1/lvMFpB83TbAVgTN3CNHHnr6nlxw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/78/3108a3-5b5d-48d2-853b-f12b6ac5a2b2/1/lvMFpB83TbAVgTN3CNHHnr6nlxw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lvMFpB83TbAVgTN3CNHHnr6nlxw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:d6:08:16:d4:75:b4:bf:60:ac:3e:f6:a5:cf:a6:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=96f305a41f374db01581337708d1c79ebea7971c
        Validity
            Not Before: Sep  7 11:00:53 2025 GMT
            Not After : Sep  8 11:00:53 2025 GMT
        Subject: CN=e118a71722829aba192b65d92f416b1d50e5e693
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:ea:b6:e2:65:91:d8:57:a4:0b:11:38:e5:3a:
                    0f:46:3c:4f:fd:3e:bf:75:07:85:9b:17:73:cc:74:
                    cf:a1:a9:85:d7:a7:e9:21:94:d2:36:fb:f2:5d:ac:
                    af:e5:f4:ae:31:fb:bb:7d:ce:63:ce:c1:2c:bb:14:
                    77:ab:04:1f:ae:f4:99:51:40:0c:8e:c1:9e:0e:5b:
                    09:25:13:10:2d:9c:df:2c:af:03:ae:df:8f:a1:c5:
                    13:e9:12:91:87:0d:e3:22:a0:fb:51:6c:50:ac:02:
                    6e:60:ee:8e:02:a2:22:da:52:01:46:57:db:8c:23:
                    c3:ec:c2:12:3d:3e:0f:ff:86:5a:7f:b1:17:77:45:
                    a1:95:ea:c9:61:00:4d:80:5a:9a:30:16:25:5e:51:
                    48:b8:2c:18:d4:30:a6:ee:36:21:eb:21:cb:d3:44:
                    51:2d:dd:16:de:4c:30:da:71:7b:09:2c:af:72:f3:
                    24:f9:95:24:05:b5:7d:42:67:cb:90:45:f8:0a:17:
                    df:24:52:75:ae:97:73:4c:15:98:f3:77:41:dc:cd:
                    c7:da:6d:70:b8:ec:2e:32:4a:4f:34:eb:4d:61:e4:
                    9f:0d:97:14:b1:5f:ad:8f:89:45:c7:88:9b:a7:67:
                    cc:65:29:e3:7e:3d:e3:72:99:a4:22:ce:07:5d:c4:
                    09:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:18:A7:17:22:82:9A:BA:19:2B:65:D9:2F:41:6B:1D:50:E5:E6:93
            X509v3 Authority Key Identifier:
                keyid:96:F3:05:A4:1F:37:4D:B0:15:81:33:77:08:D1:C7:9E:BE:A7:97:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lvMFpB83TbAVgTN3CNHHnr6nlxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/3108a3-5b5d-48d2-853b-f12b6ac5a2b2/1/lvMFpB83TbAVgTN3CNHHnr6nlxw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/3108a3-5b5d-48d2-853b-f12b6ac5a2b2/1/lvMFpB83TbAVgTN3CNHHnr6nlxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:c6:8d:1b:c4:42:de:47:dc:1b:47:b6:2e:fd:1e:4e:1a:08:
         78:03:8c:3e:4d:5b:ac:c7:11:24:f2:d7:7d:df:86:9b:54:ce:
         85:78:5a:2b:02:21:89:57:6a:89:4e:b7:fd:05:2c:85:dd:67:
         3e:5a:60:ab:71:bc:c9:3a:72:43:89:b7:f9:9a:6b:2b:2d:9e:
         ab:29:74:40:6a:e3:ca:e0:e0:9d:8f:13:5f:b7:0d:d0:f3:0e:
         e9:9e:df:f5:00:57:5c:87:fc:ef:1e:ed:11:5f:bf:3f:c5:3b:
         31:ae:57:6e:95:b5:17:c1:60:c1:19:59:79:d8:90:df:d7:b3:
         c4:71:72:ef:da:97:97:63:93:cb:53:e6:8f:09:0f:27:1e:d5:
         4e:bb:dc:42:db:9a:7f:11:02:64:67:0d:6c:33:c0:a1:61:99:
         4e:2c:fd:3c:a3:47:87:a7:66:3e:1e:17:29:7e:19:a3:2c:ef:
         20:3b:80:e8:0a:c7:fb:7b:83:6b:71:f7:78:4b:56:e8:23:65:
         3b:93:fc:3a:0a:75:2e:a9:e6:f5:fa:21:dc:cc:c1:6e:b2:11:
         e4:7c:d8:94:32:36:b9:a4:25:61:de:ab:91:55:df:47:1d:d8:
         5c:12:09:55:ea:8b:2b:1d:ec:b1:42:1b:af:1b:63:06:6a:1c:
         8c:d3:bb:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkj1ggW1HW0v2CsPvalz6ZOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2ZjMwNWE0MWYzNzRkYjAxNTgxMzM3NzA4ZDFjNzllYmVh
Nzk3MWMwHhcNMjUwOTA3MTEwMDUzWhcNMjUwOTA4MTEwMDUzWjAzMTEwLwYDVQQD
EyhlMTE4YTcxNzIyODI5YWJhMTkyYjY1ZDkyZjQxNmIxZDUwZTVlNjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOq24mWR2FekCxE45ToPRjxP/T6/
dQeFmxdzzHTPoamF16fpIZTSNvvyXayv5fSuMfu7fc5jzsEsuxR3qwQfrvSZUUAM
jsGeDlsJJRMQLZzfLK8Drt+PocUT6RKRhw3jIqD7UWxQrAJuYO6OAqIi2lIBRlfb
jCPD7MISPT4P/4Zaf7EXd0WhlerJYQBNgFqaMBYlXlFIuCwY1DCm7jYh6yHL00RR
Ld0W3kww2nF7CSyvcvMk+ZUkBbV9QmfLkEX4ChffJFJ1rpdzTBWY83dB3M3H2m1w
uOwuMkpPNOtNYeSfDZcUsV+tj4lFx4ibp2fMZSnjfj3jcpmkIs4HXcQJXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOEYpxcigpq6GStl2S9Bax1Q5eaTMB8GA1UdIwQY
MBaAFJbzBaQfN02wFYEzdwjRx56+p5ccMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHZNRnBCODNUYkFWZ1ROM0NOSEhucjZubHh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8zMTA4YTMtNWI1ZC00OGQyLTg1M2It
ZjEyYjZhYzVhMmIyLzEvbHZNRnBCODNUYkFWZ1ROM0NOSEhucjZubHh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8zMTA4YTMtNWI1ZC00OGQyLTg1M2ItZjEyYjZhYzVhMmIy
LzEvbHZNRnBCODNUYkFWZ1ROM0NOSEhucjZubHh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAcaNG8RC
3kfcG0e2Lv0eThoIeAOMPk1brMcRJPLXfd+Gm1TOhXhaKwIhiVdqiU63/QUshd1n
Plpgq3G8yTpyQ4m3+ZprKy2eqyl0QGrjyuDgnY8TX7cN0PMO6Z7f9QBXXIf87x7t
EV+/P8U7Ma5XbpW1F8FgwRlZediQ39ezxHFy79qXl2OTy1PmjwkPJx7VTrvcQtua
fxECZGcNbDPAoWGZTiz9PKNHh6dmPh4XKX4ZoyzvIDuA6ArH+3uDa3H3eEtW6CNl
O5P8Ogp1Lqnm9foh3MzBbrIR5HzYlDI2uaQlYd6rkVXfRx3YXBIJVeqLKx3ssUIb
rxtjBmocjNO7Zw==
-----END CERTIFICATE-----