Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft
File:                     l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft (raw, json)
Hash identifier:          5OyG3wFTN7jMe0kF/ZZP/d9eI1UG8UA2gQGbxXtOOK4=
Subject key identifier:   AA:8D:F0:E9:62:16:38:B1:23:EF:E4:99:FF:A7:34:55:D4:5B:83:19
Authority key identifier: 97:57:7F:84:18:8E:28:3F:DB:5D:7A:6F:CC:CC:48:56:C1:99:49:B8
Certificate issuer:       /CN=97577f84188e283fdb5d7a6fcccc4856c19949b8
Certificate serial:       019748FA8AEE08BEDD14B8A5606C42B7B315
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l1d_hBiOKD_bXXpvzMxIVsGZSbg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft
Manifest number:          1577
Signing time:             Sat 07 Jun 2025 06:01:08 +0000
Manifest this update:     Sat 07 Jun 2025 06:01:08 +0000
Manifest next update:     Sun 08 Jun 2025 06:01:08 +0000
Files and hashes:         1: l1d_hBiOKD_bXXpvzMxIVsGZSbg.crl (hash: CV7NOtdldXpOE3mM81vAq0RoWNcGdF2jt6DJGwJUcgg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/l1d_hBiOKD_bXXpvzMxIVsGZSbg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 06:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:fa:8a:ee:08:be:dd:14:b8:a5:60:6c:42:b7:b3:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97577f84188e283fdb5d7a6fcccc4856c19949b8
        Validity
            Not Before: Jun  7 06:01:08 2025 GMT
            Not After : Jun  8 06:01:08 2025 GMT
        Subject: CN=aa8df0e9621638b123efe499ffa73455d45b8319
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:4f:94:f9:d1:2f:2b:e6:f8:8a:21:c3:83:6c:
                    12:3e:d0:53:32:2d:9f:51:04:1a:30:07:ff:e1:a6:
                    02:36:fa:db:d0:b1:47:d8:a3:55:90:78:43:21:b0:
                    cc:25:b5:88:3c:94:5e:8f:fa:d8:c2:fa:93:32:aa:
                    14:04:ee:93:0d:0e:dd:74:1c:79:b3:c4:3a:07:bd:
                    3c:86:ec:b9:c1:d6:83:00:32:ed:79:3d:ab:b3:cb:
                    8c:89:f4:75:e4:56:3a:19:22:79:61:de:ca:1b:83:
                    74:65:77:4b:9c:fc:9c:fe:87:6c:d8:8e:77:7f:0f:
                    40:c8:9c:ad:58:f0:e4:64:83:08:6d:59:d5:20:40:
                    83:e6:b4:ba:86:a3:22:18:46:51:bb:9e:53:54:cd:
                    fd:01:38:c5:e0:40:ea:6e:3c:bb:cf:b7:46:92:5b:
                    e4:ac:58:27:e5:16:09:f2:9b:8e:83:63:44:7a:32:
                    f9:63:36:02:9d:60:6e:d9:7f:10:2f:41:82:7e:03:
                    d6:49:8e:b1:4c:27:01:d3:b1:e2:0b:27:e0:4e:08:
                    ac:45:92:2a:9a:01:9e:10:ed:9a:b4:4a:c6:7a:06:
                    12:5d:bf:08:e5:cd:04:96:d7:d7:99:5d:00:2e:a7:
                    3a:d6:cf:a6:92:55:96:23:78:9d:91:b6:84:42:9c:
                    75:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:8D:F0:E9:62:16:38:B1:23:EF:E4:99:FF:A7:34:55:D4:5B:83:19
            X509v3 Authority Key Identifier:
                keyid:97:57:7F:84:18:8E:28:3F:DB:5D:7A:6F:CC:CC:48:56:C1:99:49:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l1d_hBiOKD_bXXpvzMxIVsGZSbg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:8d:d4:62:35:cc:17:95:d5:4e:28:b5:17:ab:9e:90:a6:fd:
         27:71:a1:83:b1:78:9f:1a:eb:c6:90:db:cc:0f:fc:7c:c8:6a:
         d9:e9:e5:ef:45:ed:45:81:53:80:f3:fd:0b:ca:36:9f:ed:d9:
         9b:8a:95:5f:e0:b3:5d:ab:ca:47:d7:5a:fb:f8:35:d5:4a:ec:
         70:e5:ed:4c:7b:f6:8a:c2:e9:8f:f6:01:86:fd:26:c9:23:85:
         3a:d3:1d:2e:9d:44:52:bf:25:f0:a8:95:7c:2a:9e:7c:c9:e9:
         3f:67:ea:c0:86:18:c3:0a:ba:8d:81:f8:04:06:50:94:92:8e:
         31:59:74:49:0a:e7:b3:d6:1f:05:fa:df:ef:da:23:9a:37:cf:
         23:2f:c3:43:b0:2b:76:7f:cf:ab:91:32:11:3b:3f:c8:70:b9:
         38:1c:c7:ff:e2:e0:7b:29:52:5f:6d:b4:a9:43:95:be:d3:db:
         d0:a7:05:30:12:20:83:e4:75:7c:62:78:88:34:6d:0e:47:98:
         15:13:7d:c4:e6:ec:53:27:46:5f:b8:b1:f1:40:3b:b8:4e:67:
         68:9f:45:51:60:1e:e1:04:e6:b6:3a:6b:a1:fb:23:61:cd:6a:
         8e:16:ee:20:f9:fe:a5:c1:7e:0d:65:2e:78:4e:1e:4c:c0:58:
         30:7c:ae:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdI+oruCL7dFLilYGxCt7MVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NTc3Zjg0MTg4ZTI4M2ZkYjVkN2E2ZmNjY2M0ODU2YzE5
OTQ5YjgwHhcNMjUwNjA3MDYwMTA4WhcNMjUwNjA4MDYwMTA4WjAzMTEwLwYDVQQD
EyhhYThkZjBlOTYyMTYzOGIxMjNlZmU0OTlmZmE3MzQ1NWQ0NWI4MzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3k+U+dEvK+b4iiHDg2wSPtBTMi2f
UQQaMAf/4aYCNvrb0LFH2KNVkHhDIbDMJbWIPJRej/rYwvqTMqoUBO6TDQ7ddBx5
s8Q6B708huy5wdaDADLteT2rs8uMifR15FY6GSJ5Yd7KG4N0ZXdLnPyc/ods2I53
fw9AyJytWPDkZIMIbVnVIECD5rS6hqMiGEZRu55TVM39ATjF4EDqbjy7z7dGklvk
rFgn5RYJ8puOg2NEejL5YzYCnWBu2X8QL0GCfgPWSY6xTCcB07HiCyfgTgisRZIq
mgGeEO2atErGegYSXb8I5c0EltfXmV0ALqc61s+mklWWI3idkbaEQpx18wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKqN8OliFjixI+/kmf+nNFXUW4MZMB8GA1UdIwQY
MBaAFJdXf4QYjig/2116b8zMSFbBmUm4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDFkX2hCaU9LRF9iWFhwdnpNeElWc0daU2JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9iMzg0YmEtNDBlYy00MmE0LTgzMzAt
YTFhNjRiNDlmYTUwLzEvbDFkX2hCaU9LRF9iWFhwdnpNeElWc0daU2JnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9iMzg0YmEtNDBlYy00MmE0LTgzMzAtYTFhNjRiNDlmYTUw
LzEvbDFkX2hCaU9LRF9iWFhwdnpNeElWc0daU2JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHY3UYjXM
F5XVTii1F6uekKb9J3Ghg7F4nxrrxpDbzA/8fMhq2enl70XtRYFTgPP9C8o2n+3Z
m4qVX+CzXavKR9da+/g11UrscOXtTHv2isLpj/YBhv0mySOFOtMdLp1EUr8l8KiV
fCqefMnpP2fqwIYYwwq6jYH4BAZQlJKOMVl0SQrns9YfBfrf79ojmjfPIy/DQ7Ar
dn/Pq5EyETs/yHC5OBzH/+LgeylSX220qUOVvtPb0KcFMBIgg+R1fGJ4iDRtDkeY
FRN9xObsUydGX7ix8UA7uE5naJ9FUWAe4QTmtjprofsjYc1qjhbuIPn+pcF+DWUu
eE4eTMBYMHyulw==
-----END CERTIFICATE-----