Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft
File:                     1lcpIU0Paz-lGho4A32rjeSOBVg.mft (raw, json)
Hash identifier:          6AmQL2N3JdrIrUFuWJuFMQmLc9QerMNY9J+crtuy3CI=
Subject key identifier:   5B:7D:20:C2:28:3F:C4:A0:1C:E4:0B:86:85:AD:A9:D6:77:57:9E:0E
Authority key identifier: D6:57:29:21:4D:0F:6B:3F:A5:1A:1A:38:03:7D:AB:8D:E4:8E:05:58
Certificate issuer:       /CN=d65729214d0f6b3fa51a1a38037dab8de48e0558
Certificate serial:       01974B1F8EDE8CC12AF080DEFAC6533C582E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1lcpIU0Paz-lGho4A32rjeSOBVg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft
Manifest number:          05DE
Signing time:             Sat 07 Jun 2025 16:00:48 +0000
Manifest this update:     Sat 07 Jun 2025 16:00:48 +0000
Manifest next update:     Sun 08 Jun 2025 16:00:48 +0000
Files and hashes:         1: 1lcpIU0Paz-lGho4A32rjeSOBVg.crl (hash: 82+gM4Ct3AZxFeNyne9LM0QO7pJEIU2C+stNIBlgl5E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1lcpIU0Paz-lGho4A32rjeSOBVg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 16:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4b:1f:8e:de:8c:c1:2a:f0:80:de:fa:c6:53:3c:58:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d65729214d0f6b3fa51a1a38037dab8de48e0558
        Validity
            Not Before: Jun  7 16:00:48 2025 GMT
            Not After : Jun  8 16:00:48 2025 GMT
        Subject: CN=5b7d20c2283fc4a01ce40b8685ada9d677579e0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:4b:6b:26:2d:a2:2d:04:ae:fc:b3:71:8b:a1:
                    50:95:87:14:7e:d8:d2:28:18:21:b2:d4:55:47:3b:
                    44:1d:24:cf:20:ba:34:4e:d6:9f:d4:22:f5:d3:39:
                    8b:87:b0:f9:44:33:98:35:63:b3:a0:f2:48:29:eb:
                    8d:42:86:86:87:9d:71:93:53:eb:8b:f3:8a:6e:7a:
                    6e:e3:19:ea:ff:f3:82:50:5f:5f:02:26:e8:bf:0b:
                    44:62:c2:1d:99:fd:1c:da:8b:d3:e6:86:5e:f9:aa:
                    e9:9e:25:cb:a5:23:e0:f4:4b:e8:f3:df:8b:b1:01:
                    ae:b9:d3:a9:d9:d5:c5:15:53:33:45:71:18:65:97:
                    4e:18:59:fd:40:9a:e7:db:26:eb:5b:8b:2e:7e:c9:
                    af:09:9b:7d:42:46:98:73:12:7f:5f:71:23:99:83:
                    08:e7:e8:5a:93:ca:9f:6b:ac:bc:36:f1:59:c4:30:
                    35:77:3d:bc:70:ec:49:16:10:8d:b7:96:16:5a:e4:
                    e4:62:8d:39:a0:46:b7:53:46:be:a9:39:19:32:41:
                    cc:f0:a7:72:77:b8:8d:41:a4:7d:0a:7f:be:ae:ac:
                    ee:4d:fa:08:1c:03:ac:fb:9d:3b:27:5d:bb:a3:d0:
                    50:e5:ea:d9:66:69:d0:19:c0:a9:73:81:dc:51:2a:
                    d4:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:7D:20:C2:28:3F:C4:A0:1C:E4:0B:86:85:AD:A9:D6:77:57:9E:0E
            X509v3 Authority Key Identifier:
                keyid:D6:57:29:21:4D:0F:6B:3F:A5:1A:1A:38:03:7D:AB:8D:E4:8E:05:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1lcpIU0Paz-lGho4A32rjeSOBVg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:e6:43:81:d6:fd:2a:10:55:09:64:b9:f5:88:96:87:79:5c:
         82:6a:31:a2:5a:3f:1b:c0:57:71:19:40:a0:71:09:84:a5:a5:
         0c:f8:16:d2:ff:e8:8e:7d:9a:4a:af:af:90:42:e6:ab:69:fa:
         76:c2:a4:40:60:95:74:60:a7:66:35:6e:9e:4c:f1:7d:14:c1:
         d8:5a:f7:1a:15:63:f1:cd:ce:3d:19:05:00:ba:e1:55:c3:69:
         18:cd:c1:3c:88:00:53:49:8b:45:8b:93:f6:ea:c2:b9:56:b8:
         99:6a:75:e7:f2:11:aa:a0:4e:0c:ca:32:7b:81:8f:dc:ae:30:
         82:7a:36:d1:00:80:12:13:54:72:48:03:7b:29:a5:fe:7b:45:
         a9:0c:87:f3:92:40:e7:58:eb:ab:cc:31:e5:84:85:84:87:d5:
         5e:98:97:d3:a8:19:29:82:db:25:e3:2c:2f:72:52:59:61:88:
         4e:d1:7f:b1:dd:c6:8f:ac:56:98:86:4e:3c:32:2b:f1:99:aa:
         02:34:f6:27:b6:a0:8a:2a:ec:63:9d:8f:97:c1:f1:dd:f3:8c:
         bb:8e:68:7d:0b:89:11:b6:85:ee:a1:8f:50:76:a6:4f:d2:02:
         35:81:fb:5c:7a:6b:2d:c3:4f:4e:48:17:6a:0a:f5:f5:c5:16:
         62:02:a4:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLH47ejMEq8IDe+sZTPFguMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2NTcyOTIxNGQwZjZiM2ZhNTFhMWEzODAzN2RhYjhkZTQ4
ZTA1NTgwHhcNMjUwNjA3MTYwMDQ4WhcNMjUwNjA4MTYwMDQ4WjAzMTEwLwYDVQQD
Eyg1YjdkMjBjMjI4M2ZjNGEwMWNlNDBiODY4NWFkYTlkNjc3NTc5ZTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEtrJi2iLQSu/LNxi6FQlYcUftjS
KBghstRVRztEHSTPILo0Ttaf1CL10zmLh7D5RDOYNWOzoPJIKeuNQoaGh51xk1Pr
i/OKbnpu4xnq//OCUF9fAibovwtEYsIdmf0c2ovT5oZe+arpniXLpSPg9Evo89+L
sQGuudOp2dXFFVMzRXEYZZdOGFn9QJrn2ybrW4sufsmvCZt9QkaYcxJ/X3EjmYMI
5+hak8qfa6y8NvFZxDA1dz28cOxJFhCNt5YWWuTkYo05oEa3U0a+qTkZMkHM8Kdy
d7iNQaR9Cn++rqzuTfoIHAOs+507J127o9BQ5erZZmnQGcCpc4HcUSrUzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFt9IMIoP8SgHOQLhoWtqdZ3V54OMB8GA1UdIwQY
MBaAFNZXKSFND2s/pRoaOAN9q43kjgVYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWxjcElVMFBhei1sR2hvNEEzMnJqZVNPQlZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8wODViZDMtYzM0Zi00OGNmLTlhNzMt
ZWM0M2ZkNmMyMjdhLzEvMWxjcElVMFBhei1sR2hvNEEzMnJqZVNPQlZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8wODViZDMtYzM0Zi00OGNmLTlhNzMtZWM0M2ZkNmMyMjdh
LzEvMWxjcElVMFBhei1sR2hvNEEzMnJqZVNPQlZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP+ZDgdb9
KhBVCWS59YiWh3lcgmoxolo/G8BXcRlAoHEJhKWlDPgW0v/ojn2aSq+vkELmq2n6
dsKkQGCVdGCnZjVunkzxfRTB2Fr3GhVj8c3OPRkFALrhVcNpGM3BPIgAU0mLRYuT
9urCuVa4mWp15/IRqqBODMoye4GP3K4wgno20QCAEhNUckgDeyml/ntFqQyH85JA
51jrq8wx5YSFhIfVXpiX06gZKYLbJeMsL3JSWWGITtF/sd3Gj6xWmIZOPDIr8Zmq
AjT2J7agiirsY52Pl8Hx3fOMu45ofQuJEbaF7qGPUHamT9ICNYH7XHprLcNPTkgX
agr19cUWYgKkGQ==
-----END CERTIFICATE-----