Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft
File:                     LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft (raw, json)
Hash identifier:          0151mRadKj6OaCnviXwAOyEgTSSmCapHkuuAqzYdttQ=
Subject key identifier:   48:86:EF:D6:B8:6B:AA:74:4A:6C:25:C8:FC:F6:D0:A4:49:3B:93:68
Authority key identifier: 2E:31:63:12:AD:2B:21:AA:9A:04:81:1F:62:AD:03:6B:F6:88:85:D9
Certificate issuer:       /CN=2e316312ad2b21aa9a04811f62ad036bf68885d9
Certificate serial:       01974A7AC21AC474F1E396DDA94181C83C1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LjFjEq0rIaqaBIEfYq0Da_aIhdk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft
Manifest number:          09F6
Signing time:             Sat 07 Jun 2025 13:00:48 +0000
Manifest this update:     Sat 07 Jun 2025 13:00:48 +0000
Manifest next update:     Sun 08 Jun 2025 13:00:48 +0000
Files and hashes:         1: LjFjEq0rIaqaBIEfYq0Da_aIhdk.crl (hash: FeDOmXnvOzUq6uXO9dkrtsJkNS4jrEYl2DGQIpGh4eY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LjFjEq0rIaqaBIEfYq0Da_aIhdk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7a:c2:1a:c4:74:f1:e3:96:dd:a9:41:81:c8:3c:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e316312ad2b21aa9a04811f62ad036bf68885d9
        Validity
            Not Before: Jun  7 13:00:48 2025 GMT
            Not After : Jun  8 13:00:48 2025 GMT
        Subject: CN=4886efd6b86baa744a6c25c8fcf6d0a4493b9368
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:dc:46:68:e8:1a:6a:be:d4:79:ff:20:06:e4:
                    4d:c3:20:df:4c:30:94:ce:42:36:63:56:1d:48:6e:
                    42:96:c6:bb:a2:cf:c8:15:22:b1:ec:26:7e:02:63:
                    57:1c:13:c8:04:23:6e:58:ad:87:92:fa:c1:15:92:
                    15:67:77:d5:4c:fb:a7:a7:ec:28:cc:4f:ac:98:f3:
                    1b:f1:33:82:a6:49:11:e0:59:c4:08:65:ab:54:50:
                    4b:62:7c:df:21:d2:3e:3b:80:04:ae:74:02:8c:09:
                    be:6b:6a:24:98:bc:8d:13:c8:fa:58:c5:1f:19:03:
                    f1:d9:25:c4:d5:e3:bd:30:0a:cd:0e:2f:6c:eb:18:
                    05:9e:9c:c0:e4:45:d4:b8:7c:a3:d8:85:03:4f:08:
                    af:c0:00:6f:5e:6a:fb:17:33:aa:1c:57:70:a0:c3:
                    21:7e:7d:75:94:56:8c:fa:75:aa:4f:e1:fc:10:4e:
                    fb:d0:39:d0:4f:b3:27:8b:32:ce:89:7b:0c:8d:80:
                    30:b5:a1:e5:11:f4:5d:37:e4:ea:8e:2b:ad:97:f6:
                    9e:82:65:d7:3f:8e:c9:b1:29:83:6d:a9:db:16:d2:
                    91:82:a0:56:2e:91:54:5e:9b:89:8b:ee:80:80:8c:
                    b0:50:78:5b:4c:ff:79:ff:04:67:57:82:9e:4b:e7:
                    5d:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:86:EF:D6:B8:6B:AA:74:4A:6C:25:C8:FC:F6:D0:A4:49:3B:93:68
            X509v3 Authority Key Identifier:
                keyid:2E:31:63:12:AD:2B:21:AA:9A:04:81:1F:62:AD:03:6B:F6:88:85:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LjFjEq0rIaqaBIEfYq0Da_aIhdk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:55:c6:0b:36:ab:e2:87:dc:6b:b9:77:15:66:91:01:16:e8:
         a5:61:19:ba:70:e5:b7:13:7f:ee:23:f3:9e:52:b7:68:a7:f2:
         b6:ae:7c:dc:80:22:fc:cc:da:c7:a2:f9:b3:7a:f6:ce:9b:c8:
         87:e1:30:03:a3:7b:ce:aa:16:70:78:93:48:18:2f:2b:47:a9:
         4a:25:e6:bb:4a:ce:7b:b1:5c:b5:b4:37:f2:0b:d1:23:c9:ea:
         ca:59:13:5a:bb:20:a4:bd:56:bd:ba:28:84:35:5d:70:b2:97:
         b3:bd:08:ca:4b:20:aa:ec:3a:33:68:59:77:a2:96:ea:cc:09:
         cb:d4:b7:42:7a:e6:ca:f2:03:1a:e8:a8:af:4c:58:08:d2:51:
         89:cc:b4:bc:f1:d3:f2:5f:a3:45:84:ea:75:35:8f:46:aa:44:
         dc:33:7d:da:73:7a:2e:8b:b0:c3:c1:74:f2:37:81:45:13:f9:
         c2:53:e4:1a:62:57:de:2b:60:54:b9:8b:c5:d1:b9:1b:a5:bc:
         ea:e3:8d:e6:f6:4b:e4:c2:c5:aa:3d:76:68:be:fc:10:6d:ba:
         4c:7e:4d:94:d0:f8:f5:0a:c3:38:f3:0e:fe:1e:82:d2:33:62:
         7d:2e:64:a2:7f:86:e0:f7:e1:90:cf:cb:51:7f:89:de:a2:44:
         9d:ba:4a:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKesIaxHTx45bdqUGByDweMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMzE2MzEyYWQyYjIxYWE5YTA0ODExZjYyYWQwMzZiZjY4
ODg1ZDkwHhcNMjUwNjA3MTMwMDQ4WhcNMjUwNjA4MTMwMDQ4WjAzMTEwLwYDVQQD
Eyg0ODg2ZWZkNmI4NmJhYTc0NGE2YzI1YzhmY2Y2ZDBhNDQ5M2I5MzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9xGaOgaar7Uef8gBuRNwyDfTDCU
zkI2Y1YdSG5Clsa7os/IFSKx7CZ+AmNXHBPIBCNuWK2HkvrBFZIVZ3fVTPunp+wo
zE+smPMb8TOCpkkR4FnECGWrVFBLYnzfIdI+O4AErnQCjAm+a2okmLyNE8j6WMUf
GQPx2SXE1eO9MArNDi9s6xgFnpzA5EXUuHyj2IUDTwivwABvXmr7FzOqHFdwoMMh
fn11lFaM+nWqT+H8EE770DnQT7MnizLOiXsMjYAwtaHlEfRdN+Tqjiutl/aegmXX
P47JsSmDbanbFtKRgqBWLpFUXpuJi+6AgIywUHhbTP95/wRnV4KeS+ddmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEiG79a4a6p0SmwlyPz20KRJO5NoMB8GA1UdIwQY
MBaAFC4xYxKtKyGqmgSBH2KtA2v2iIXZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGpGakVxMHJJYXFhQklFZllxMERhX2FJaGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC83YjlkMmMtN2Q0OS00YTE5LWE1NWQt
M2I0NzY2NmQxMzY1LzEvTGpGakVxMHJJYXFhQklFZllxMERhX2FJaGRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC83YjlkMmMtN2Q0OS00YTE5LWE1NWQtM2I0NzY2NmQxMzY1
LzEvTGpGakVxMHJJYXFhQklFZllxMERhX2FJaGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHVXGCzar
4ofca7l3FWaRARbopWEZunDltxN/7iPznlK3aKfytq583IAi/Mzax6L5s3r2zpvI
h+EwA6N7zqoWcHiTSBgvK0epSiXmu0rOe7FctbQ38gvRI8nqylkTWrsgpL1Wvboo
hDVdcLKXs70Iyksgquw6M2hZd6KW6swJy9S3QnrmyvIDGuior0xYCNJRicy0vPHT
8l+jRYTqdTWPRqpE3DN92nN6Louww8F08jeBRRP5wlPkGmJX3itgVLmLxdG5G6W8
6uON5vZL5MLFqj12aL78EG26TH5NlND49QrDOPMO/h6C0jNifS5kon+G4PfhkM/L
UX+J3qJEnbpKFw==
-----END CERTIFICATE-----