Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/76a471-08e0-49e6-9537-53b55fae023d/1/LSdW5QjQEzSbJE4wfX8jliafJwg.mft
File:                     LSdW5QjQEzSbJE4wfX8jliafJwg.mft (raw, json)
Hash identifier:          +cHLdQjYRTaCK5bTcDgb3WHCeRDvWRSD89AT1pySACo=
Subject key identifier:   B7:94:05:FB:68:F4:4F:C9:73:B4:85:E9:51:24:BF:50:66:BD:B2:22
Authority key identifier: 2D:27:56:E5:08:D0:13:34:9B:24:4E:30:7D:7F:23:96:26:9F:27:08
Certificate issuer:       /CN=2d2756e508d013349b244e307d7f2396269f2708
Certificate serial:       01984A77CD25A256AF03932EAAF503363CC7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LSdW5QjQEzSbJE4wfX8jliafJwg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/76a471-08e0-49e6-9537-53b55fae023d/1/LSdW5QjQEzSbJE4wfX8jliafJwg.mft
Manifest number:          1292
Signing time:             Sun 27 Jul 2025 06:00:21 +0000
Manifest this update:     Sun 27 Jul 2025 06:00:21 +0000
Manifest next update:     Mon 28 Jul 2025 06:00:21 +0000
Files and hashes:         1: LSdW5QjQEzSbJE4wfX8jliafJwg.crl (hash: fjcaQtVulJ5XLszshiOaTKeRMZWJ/6XnV5/Z6hWHnO4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/76a471-08e0-49e6-9537-53b55fae023d/1/LSdW5QjQEzSbJE4wfX8jliafJwg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/76a471-08e0-49e6-9537-53b55fae023d/1/LSdW5QjQEzSbJE4wfX8jliafJwg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LSdW5QjQEzSbJE4wfX8jliafJwg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 05:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:4a:77:cd:25:a2:56:af:03:93:2e:aa:f5:03:36:3c:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d2756e508d013349b244e307d7f2396269f2708
        Validity
            Not Before: Jul 27 06:00:21 2025 GMT
            Not After : Jul 28 06:00:21 2025 GMT
        Subject: CN=b79405fb68f44fc973b485e95124bf5066bdb222
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:c6:c9:b5:e9:e2:bc:41:15:40:cd:6f:d6:77:
                    0a:9e:d0:f6:7d:4f:79:99:2b:5f:d1:d2:e3:bf:b2:
                    e4:10:cc:3f:78:cd:88:db:29:9b:46:db:ba:e7:c5:
                    90:1c:53:87:57:81:55:f6:fb:c7:a0:83:87:71:c0:
                    23:46:14:ad:04:18:22:f8:3b:01:7a:c0:de:67:8a:
                    c7:51:1a:1d:da:35:52:24:24:c2:53:a5:22:be:ca:
                    6a:64:f3:a4:6f:9c:d2:38:5b:6f:15:4d:b9:11:80:
                    ce:07:85:26:2c:04:59:a0:eb:05:ac:1c:24:b6:10:
                    88:4b:71:b6:23:64:42:af:87:a8:5c:4d:67:dc:e8:
                    c1:d5:0d:f8:63:c2:d0:94:a7:d9:fd:0c:63:3c:b1:
                    0b:21:71:1d:2a:6b:17:ff:91:83:4f:bb:a7:b4:bd:
                    e6:28:f5:2d:32:a1:38:c9:87:dc:10:cd:5f:ec:3a:
                    66:3f:13:01:ee:c2:dc:72:c9:fb:59:c5:1c:95:c9:
                    92:a6:ab:72:78:4f:6b:d9:87:77:3b:87:ca:90:56:
                    a8:d1:b2:c0:10:b4:de:b1:20:4f:9f:0d:60:63:83:
                    ad:86:22:5c:72:70:c0:e0:e6:3b:62:51:5c:ea:c0:
                    6c:cf:96:a0:71:73:d6:a5:26:cb:fc:4d:a6:97:f1:
                    1a:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:94:05:FB:68:F4:4F:C9:73:B4:85:E9:51:24:BF:50:66:BD:B2:22
            X509v3 Authority Key Identifier:
                keyid:2D:27:56:E5:08:D0:13:34:9B:24:4E:30:7D:7F:23:96:26:9F:27:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LSdW5QjQEzSbJE4wfX8jliafJwg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/76a471-08e0-49e6-9537-53b55fae023d/1/LSdW5QjQEzSbJE4wfX8jliafJwg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/76a471-08e0-49e6-9537-53b55fae023d/1/LSdW5QjQEzSbJE4wfX8jliafJwg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:0f:d2:53:b2:be:34:70:66:e4:5d:1b:20:e6:76:c5:a3:18:
         55:99:92:85:c0:8e:4d:bd:18:3b:29:60:5b:ff:b2:ae:17:38:
         13:cb:93:b2:5b:02:21:6a:24:83:51:0c:4a:47:b4:14:61:41:
         37:7c:fc:d9:b0:47:e3:7f:0b:4c:80:92:2a:7e:e4:66:5d:6e:
         95:d0:ef:59:59:97:c6:7a:46:79:59:b0:fe:d9:56:ba:49:1e:
         d2:d9:20:06:df:be:59:be:eb:98:fa:8c:2e:39:3c:10:44:36:
         67:b9:cc:69:3e:ea:33:a1:ca:98:97:44:39:4f:07:ca:24:e0:
         14:0b:6d:47:e0:ea:f7:57:54:f8:63:de:d9:36:52:24:1f:6b:
         ed:5e:93:ef:65:8a:3c:99:93:ce:db:85:d6:04:d0:ae:26:21:
         89:55:27:36:ad:df:2f:81:03:b2:f9:68:f2:fd:b7:f7:fd:35:
         8b:99:d2:fd:a2:e4:ef:ef:07:a0:a7:d2:a5:d6:13:d9:6a:19:
         51:b6:0d:f1:bf:8d:0d:f1:32:fa:11:34:1f:cc:57:a8:93:ac:
         4f:43:f5:af:77:fb:45:61:da:47:6e:19:25:b8:b1:fb:6d:87:
         6f:d8:f8:0a:a8:3f:a8:3c:4a:ca:79:07:98:52:1b:c2:5c:c4:
         bb:28:ba:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhKd80lolavA5MuqvUDNjzHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMjc1NmU1MDhkMDEzMzQ5YjI0NGUzMDdkN2YyMzk2MjY5
ZjI3MDgwHhcNMjUwNzI3MDYwMDIxWhcNMjUwNzI4MDYwMDIxWjAzMTEwLwYDVQQD
EyhiNzk0MDVmYjY4ZjQ0ZmM5NzNiNDg1ZTk1MTI0YmY1MDY2YmRiMjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8bJtenivEEVQM1v1ncKntD2fU95
mStf0dLjv7LkEMw/eM2I2ymbRtu658WQHFOHV4FV9vvHoIOHccAjRhStBBgi+DsB
esDeZ4rHURod2jVSJCTCU6UivspqZPOkb5zSOFtvFU25EYDOB4UmLARZoOsFrBwk
thCIS3G2I2RCr4eoXE1n3OjB1Q34Y8LQlKfZ/QxjPLELIXEdKmsX/5GDT7untL3m
KPUtMqE4yYfcEM1f7DpmPxMB7sLccsn7WcUclcmSpqtyeE9r2Yd3O4fKkFao0bLA
ELTesSBPnw1gY4OthiJccnDA4OY7YlFc6sBsz5agcXPWpSbL/E2ml/EaLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLeUBfto9E/Jc7SF6VEkv1BmvbIiMB8GA1UdIwQY
MBaAFC0nVuUI0BM0myROMH1/I5YmnycIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFNkVzVRalFFelNiSkU0d2ZYOGpsaWFmSndnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC83NmE0NzEtMDhlMC00OWU2LTk1Mzct
NTNiNTVmYWUwMjNkLzEvTFNkVzVRalFFelNiSkU0d2ZYOGpsaWFmSndnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC83NmE0NzEtMDhlMC00OWU2LTk1MzctNTNiNTVmYWUwMjNk
LzEvTFNkVzVRalFFelNiSkU0d2ZYOGpsaWFmSndnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbw/SU7K+
NHBm5F0bIOZ2xaMYVZmShcCOTb0YOylgW/+yrhc4E8uTslsCIWokg1EMSke0FGFB
N3z82bBH438LTICSKn7kZl1uldDvWVmXxnpGeVmw/tlWukke0tkgBt++Wb7rmPqM
Ljk8EEQ2Z7nMaT7qM6HKmJdEOU8HyiTgFAttR+Dq91dU+GPe2TZSJB9r7V6T72WK
PJmTztuF1gTQriYhiVUnNq3fL4EDsvlo8v239/01i5nS/aLk7+8HoKfSpdYT2WoZ
UbYN8b+NDfEy+hE0H8xXqJOsT0P1r3f7RWHaR24ZJbix+22Hb9j4Cqg/qDxKynkH
mFIbwlzEuyi6dw==
-----END CERTIFICATE-----