Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/7929f4-ec35-4d9c-92a8-0eb45ef62d8d/1/LxW3OnwtEx7BTr2QcXGLVMP7ppI.mft
File:                     LxW3OnwtEx7BTr2QcXGLVMP7ppI.mft (raw, json)
Hash identifier:          1W3tP2m+ilyQ4lUC3NGt/FSXO/uPC5EZpVQ/nAJID6s=
Subject key identifier:   F6:C9:73:03:5A:EA:D7:0B:51:82:56:71:B9:E3:5F:C6:0D:7B:FF:71
Authority key identifier: 2F:15:B7:3A:7C:2D:13:1E:C1:4E:BD:90:71:71:8B:54:C3:FB:A6:92
Certificate issuer:       /CN=2f15b73a7c2d131ec14ebd9071718b54c3fba692
Certificate serial:       0199239EE9E7B34B8800B4677644D0F59780
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LxW3OnwtEx7BTr2QcXGLVMP7ppI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/7929f4-ec35-4d9c-92a8-0eb45ef62d8d/1/LxW3OnwtEx7BTr2QcXGLVMP7ppI.mft
Manifest number:          0386
Signing time:             Sun 07 Sep 2025 10:00:41 +0000
Manifest this update:     Sun 07 Sep 2025 10:00:41 +0000
Manifest next update:     Mon 08 Sep 2025 10:00:41 +0000
Files and hashes:         1: LxW3OnwtEx7BTr2QcXGLVMP7ppI.crl (hash: xeZlV4swNT0ka/XfmHlrQBChuFMLIIpvOmQvHWLtJy4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/7929f4-ec35-4d9c-92a8-0eb45ef62d8d/1/LxW3OnwtEx7BTr2QcXGLVMP7ppI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/7929f4-ec35-4d9c-92a8-0eb45ef62d8d/1/LxW3OnwtEx7BTr2QcXGLVMP7ppI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LxW3OnwtEx7BTr2QcXGLVMP7ppI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9e:e9:e7:b3:4b:88:00:b4:67:76:44:d0:f5:97:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f15b73a7c2d131ec14ebd9071718b54c3fba692
        Validity
            Not Before: Sep  7 10:00:41 2025 GMT
            Not After : Sep  8 10:00:41 2025 GMT
        Subject: CN=f6c973035aead70b51825671b9e35fc60d7bff71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:27:b4:39:30:5d:1c:d9:11:84:49:a5:52:a6:
                    75:b7:44:d0:bc:2f:a8:1a:73:3c:00:22:1f:f2:bb:
                    68:1f:48:08:0e:ee:71:00:e4:8f:67:8b:b3:fa:a5:
                    ae:c1:a1:af:ec:23:43:c7:c5:c5:a9:20:c2:f6:78:
                    b5:3d:03:00:bb:46:df:52:e2:4d:d0:a4:74:0a:6b:
                    cf:b2:58:35:d2:65:95:0d:05:96:e9:2c:31:b3:d0:
                    71:87:28:e5:55:5c:06:31:49:e6:bd:d4:e1:e3:0a:
                    1e:1d:ee:05:94:d1:aa:a5:e2:f3:d3:77:8e:89:25:
                    1f:7c:1e:b7:fd:9a:6a:df:3f:31:4d:21:3d:be:bb:
                    2b:27:89:98:e1:f6:21:57:63:71:a4:79:39:22:c9:
                    29:58:62:4e:85:44:7c:8c:13:ea:f1:91:0e:2a:2a:
                    d1:d4:a2:57:b6:c7:69:af:1f:c5:4b:ab:e8:9e:6f:
                    c4:f2:50:da:6d:e8:6d:13:d1:b9:b6:44:70:55:5a:
                    ac:67:71:60:78:65:f4:1e:6c:6c:8f:20:1f:cb:74:
                    d0:6e:b9:2f:7f:37:38:77:69:00:8e:e9:ec:c2:c6:
                    1f:39:fa:c7:c5:16:de:ee:b0:87:f2:e0:20:13:10:
                    f3:8b:ae:0d:50:72:04:ac:0e:ab:f8:2f:a0:9a:dc:
                    4c:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:C9:73:03:5A:EA:D7:0B:51:82:56:71:B9:E3:5F:C6:0D:7B:FF:71
            X509v3 Authority Key Identifier:
                keyid:2F:15:B7:3A:7C:2D:13:1E:C1:4E:BD:90:71:71:8B:54:C3:FB:A6:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LxW3OnwtEx7BTr2QcXGLVMP7ppI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/7929f4-ec35-4d9c-92a8-0eb45ef62d8d/1/LxW3OnwtEx7BTr2QcXGLVMP7ppI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/7929f4-ec35-4d9c-92a8-0eb45ef62d8d/1/LxW3OnwtEx7BTr2QcXGLVMP7ppI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:9d:a9:a3:3a:68:4d:9e:28:cc:3d:35:16:c8:7d:f6:a1:44:
         d4:d6:50:8c:30:c1:74:e9:c5:66:30:66:35:1e:7a:9a:d8:ac:
         a5:fd:7c:a4:c6:8e:7c:87:a0:85:05:b8:e5:72:41:43:61:69:
         41:a0:26:ca:07:8d:2c:b6:64:ec:9a:a1:6a:3d:3b:6c:33:3e:
         e6:3d:ab:96:da:70:4c:7b:73:96:25:fd:ab:a7:38:b0:3b:69:
         98:38:55:44:08:f7:c8:ed:eb:42:b8:6a:b0:35:2d:95:17:ac:
         69:68:b5:5d:7c:72:de:c5:bb:3e:d6:4d:6c:7b:1e:00:72:15:
         7e:f4:6f:cb:e0:8d:4a:7a:22:5e:47:2f:85:4a:28:21:ab:5e:
         75:7b:70:a3:fc:2c:97:04:c6:b7:c5:82:86:b7:1c:7f:8c:4f:
         30:15:c6:94:bd:f3:7a:16:c6:05:1a:47:64:1e:70:ec:06:95:
         5e:e5:de:dd:46:5b:18:ec:d4:2d:d0:14:ff:65:dd:0b:45:91:
         57:e0:0f:b7:16:80:7a:31:81:84:e6:ff:77:47:28:89:ee:9b:
         bb:00:69:5b:d5:7c:db:ea:c7:f4:34:7d:a6:08:73:92:34:3a:
         54:e2:70:1a:f6:17:b1:39:0b:e6:91:1b:5e:1f:f9:e9:79:f4:
         99:e9:45:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjnunns0uIALRndkTQ9ZeAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMTViNzNhN2MyZDEzMWVjMTRlYmQ5MDcxNzE4YjU0YzNm
YmE2OTIwHhcNMjUwOTA3MTAwMDQxWhcNMjUwOTA4MTAwMDQxWjAzMTEwLwYDVQQD
EyhmNmM5NzMwMzVhZWFkNzBiNTE4MjU2NzFiOWUzNWZjNjBkN2JmZjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ye0OTBdHNkRhEmlUqZ1t0TQvC+o
GnM8ACIf8rtoH0gIDu5xAOSPZ4uz+qWuwaGv7CNDx8XFqSDC9ni1PQMAu0bfUuJN
0KR0CmvPslg10mWVDQWW6Swxs9BxhyjlVVwGMUnmvdTh4woeHe4FlNGqpeLz03eO
iSUffB63/Zpq3z8xTSE9vrsrJ4mY4fYhV2NxpHk5IskpWGJOhUR8jBPq8ZEOKirR
1KJXtsdprx/FS6vonm/E8lDabehtE9G5tkRwVVqsZ3FgeGX0HmxsjyAfy3TQbrkv
fzc4d2kAjunswsYfOfrHxRbe7rCH8uAgExDzi64NUHIErA6r+C+gmtxMDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPbJcwNa6tcLUYJWcbnjX8YNe/9xMB8GA1UdIwQY
MBaAFC8Vtzp8LRMewU69kHFxi1TD+6aSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHhXM09ud3RFeDdCVHIyUWNYR0xWTVA3cHBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83OTI5ZjQtZWMzNS00ZDljLTkyYTgt
MGViNDVlZjYyZDhkLzEvTHhXM09ud3RFeDdCVHIyUWNYR0xWTVA3cHBJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83OTI5ZjQtZWMzNS00ZDljLTkyYTgtMGViNDVlZjYyZDhk
LzEvTHhXM09ud3RFeDdCVHIyUWNYR0xWTVA3cHBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX52pozpo
TZ4ozD01Fsh99qFE1NZQjDDBdOnFZjBmNR56mtispf18pMaOfIeghQW45XJBQ2Fp
QaAmygeNLLZk7Jqhaj07bDM+5j2rltpwTHtzliX9q6c4sDtpmDhVRAj3yO3rQrhq
sDUtlResaWi1XXxy3sW7PtZNbHseAHIVfvRvy+CNSnoiXkcvhUooIatedXtwo/ws
lwTGt8WChrccf4xPMBXGlL3zehbGBRpHZB5w7AaVXuXe3UZbGOzULdAU/2XdC0WR
V+APtxaAejGBhOb/d0coie6buwBpW9V82+rH9DR9pghzkjQ6VOJwGvYXsTkL5pEb
Xh/56Xn0melFWA==
-----END CERTIFICATE-----