Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/b492ff-3154-4304-b927-d99832657a45/1/l213R7vhqAE1QKcW0lzHh_h9tmo.mft
File:                     l213R7vhqAE1QKcW0lzHh_h9tmo.mft (raw, json)
Hash identifier:          Te+86Y5Jw0NVifnMQlUBh9M1ZrEEo5VEaPM8Tx/KsI8=
Subject key identifier:   4E:07:F7:D4:F5:70:CA:C0:80:D5:3E:64:2B:10:1F:3D:75:48:A4:0C
Authority key identifier: 97:6D:77:47:BB:E1:A8:01:35:40:A7:16:D2:5C:C7:87:F8:7D:B6:6A
Certificate issuer:       /CN=976d7747bbe1a8013540a716d25cc787f87db66a
Certificate serial:       01975046AFDB0121C3476F1BFB120021C7B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l213R7vhqAE1QKcW0lzHh_h9tmo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/b492ff-3154-4304-b927-d99832657a45/1/l213R7vhqAE1QKcW0lzHh_h9tmo.mft
Manifest number:          0C2A
Signing time:             Sun 08 Jun 2025 16:01:39 +0000
Manifest this update:     Sun 08 Jun 2025 16:01:39 +0000
Manifest next update:     Mon 09 Jun 2025 16:01:39 +0000
Files and hashes:         1: l213R7vhqAE1QKcW0lzHh_h9tmo.crl (hash: +YmZKw4Jr+bADMNHDPxycg9t8c1T5h0KPsjLNfMW3cY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/b492ff-3154-4304-b927-d99832657a45/1/l213R7vhqAE1QKcW0lzHh_h9tmo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/b492ff-3154-4304-b927-d99832657a45/1/l213R7vhqAE1QKcW0lzHh_h9tmo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/l213R7vhqAE1QKcW0lzHh_h9tmo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 16:01:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:50:46:af:db:01:21:c3:47:6f:1b:fb:12:00:21:c7:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=976d7747bbe1a8013540a716d25cc787f87db66a
        Validity
            Not Before: Jun  8 16:01:39 2025 GMT
            Not After : Jun  9 16:01:39 2025 GMT
        Subject: CN=4e07f7d4f570cac080d53e642b101f3d7548a40c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:5b:3f:49:b9:d7:1e:d2:e0:7d:81:9e:4d:88:
                    0e:4e:26:fc:d5:47:70:1a:80:cd:13:57:e0:ec:c8:
                    77:5e:00:8b:b2:95:5c:45:1f:c0:29:44:58:36:2c:
                    8a:8f:28:9c:1f:1f:68:9b:46:f3:03:3b:f5:8a:fc:
                    d5:ed:d4:6f:cd:4f:e1:b3:12:d8:6b:18:e6:46:c7:
                    bd:33:c5:78:d9:7c:54:c4:20:4b:e8:26:5c:43:d0:
                    e2:6b:3d:3e:67:3d:5d:6a:c8:00:50:0d:26:39:b0:
                    eb:bf:16:27:d2:ac:3c:b0:ec:51:df:01:80:7b:1c:
                    c7:ad:00:94:03:f3:c1:37:68:8f:10:41:02:97:20:
                    8d:27:ec:56:8b:8e:da:f8:ed:26:01:e0:92:42:6f:
                    3a:5c:1d:8a:63:ab:fd:c3:13:74:78:cc:72:55:a4:
                    0f:be:fb:b9:12:59:da:c6:c5:03:7e:14:e1:3e:e3:
                    62:48:d0:5c:ef:d5:ad:ae:42:23:50:b5:5d:d2:32:
                    16:05:53:7f:32:6c:1b:b0:f6:11:85:be:8a:83:00:
                    9a:3d:cf:fd:18:2d:61:21:78:fc:34:50:66:69:17:
                    9c:29:cf:6d:b0:1f:ed:b9:1c:f0:59:72:fe:92:be:
                    b5:09:e1:06:02:c3:4e:04:be:e2:a2:69:53:a2:fa:
                    f9:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:07:F7:D4:F5:70:CA:C0:80:D5:3E:64:2B:10:1F:3D:75:48:A4:0C
            X509v3 Authority Key Identifier:
                keyid:97:6D:77:47:BB:E1:A8:01:35:40:A7:16:D2:5C:C7:87:F8:7D:B6:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l213R7vhqAE1QKcW0lzHh_h9tmo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/b492ff-3154-4304-b927-d99832657a45/1/l213R7vhqAE1QKcW0lzHh_h9tmo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/b492ff-3154-4304-b927-d99832657a45/1/l213R7vhqAE1QKcW0lzHh_h9tmo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:f0:b3:14:aa:91:ba:1c:47:2e:f4:25:43:25:a1:73:14:3f:
         2b:d2:74:fa:63:a2:e0:56:fc:73:c9:ae:f1:92:02:f0:d6:11:
         26:e6:82:95:58:88:1e:db:a6:8e:07:ec:00:39:db:75:ea:3d:
         66:50:d5:81:90:06:50:b5:a4:c4:c6:54:8b:72:9e:21:00:4e:
         d0:f3:92:48:a8:b9:39:f3:7a:3b:27:97:bb:07:f0:6e:62:52:
         65:e1:66:bc:4c:cd:dd:3f:50:72:76:27:42:4d:92:13:04:ec:
         9c:27:cd:a7:a5:ba:dc:61:79:02:52:59:e0:a2:1d:c2:23:18:
         ba:b5:96:7b:91:1d:c4:59:21:1e:a9:14:bb:62:b2:07:ac:d8:
         ab:14:31:d1:3f:7f:f3:af:d7:37:38:22:2d:5e:2d:06:68:f6:
         06:f5:1b:ef:f8:2a:37:b5:8d:e9:d8:9a:71:e9:c6:cd:d0:da:
         e8:99:71:45:1c:f3:cd:eb:c6:eb:8f:f0:49:5b:50:e2:63:65:
         8b:6e:4a:c2:5a:b1:61:3e:b6:13:9b:40:c2:0c:0b:30:bf:e7:
         9c:a2:dd:36:ce:0b:f2:b5:d9:b0:e9:d2:f4:ac:5f:51:9c:03:
         c7:57:8a:9e:05:c5:e0:27:85:76:c7:8e:1f:83:c8:d1:6b:c4:
         7a:02:82:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdQRq/bASHDR28b+xIAIce1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NmQ3NzQ3YmJlMWE4MDEzNTQwYTcxNmQyNWNjNzg3Zjg3
ZGI2NmEwHhcNMjUwNjA4MTYwMTM5WhcNMjUwNjA5MTYwMTM5WjAzMTEwLwYDVQQD
Eyg0ZTA3ZjdkNGY1NzBjYWMwODBkNTNlNjQyYjEwMWYzZDc1NDhhNDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuls/SbnXHtLgfYGeTYgOTib81Udw
GoDNE1fg7Mh3XgCLspVcRR/AKURYNiyKjyicHx9om0bzAzv1ivzV7dRvzU/hsxLY
axjmRse9M8V42XxUxCBL6CZcQ9Diaz0+Zz1dasgAUA0mObDrvxYn0qw8sOxR3wGA
exzHrQCUA/PBN2iPEEEClyCNJ+xWi47a+O0mAeCSQm86XB2KY6v9wxN0eMxyVaQP
vvu5ElnaxsUDfhThPuNiSNBc79WtrkIjULVd0jIWBVN/MmwbsPYRhb6KgwCaPc/9
GC1hIXj8NFBmaRecKc9tsB/tuRzwWXL+kr61CeEGAsNOBL7iomlTovr5WwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE4H99T1cMrAgNU+ZCsQHz11SKQMMB8GA1UdIwQY
MBaAFJdtd0e74agBNUCnFtJcx4f4fbZqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDIxM1I3dmhxQUUxUUtjVzBsekhoX2g5dG1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9iNDkyZmYtMzE1NC00MzA0LWI5Mjct
ZDk5ODMyNjU3YTQ1LzEvbDIxM1I3dmhxQUUxUUtjVzBsekhoX2g5dG1vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9iNDkyZmYtMzE1NC00MzA0LWI5MjctZDk5ODMyNjU3YTQ1
LzEvbDIxM1I3dmhxQUUxUUtjVzBsekhoX2g5dG1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAofCzFKqR
uhxHLvQlQyWhcxQ/K9J0+mOi4Fb8c8mu8ZIC8NYRJuaClViIHtumjgfsADnbdeo9
ZlDVgZAGULWkxMZUi3KeIQBO0POSSKi5OfN6OyeXuwfwbmJSZeFmvEzN3T9QcnYn
Qk2SEwTsnCfNp6W63GF5AlJZ4KIdwiMYurWWe5EdxFkhHqkUu2KyB6zYqxQx0T9/
86/XNzgiLV4tBmj2BvUb7/gqN7WN6diacenGzdDa6JlxRRzzzevG64/wSVtQ4mNl
i25KwlqxYT62E5tAwgwLML/nnKLdNs4L8rXZsOnS9KxfUZwDx1eKngXF4CeFdseO
H4PI0WvEegKClQ==
-----END CERTIFICATE-----