Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/0add7c-a28c-4ae8-8885-01ce06d315cd/1/LKzIXJmo4dt9HFImfC3b08OeGLI.mft
File:                     LKzIXJmo4dt9HFImfC3b08OeGLI.mft (raw, json)
Hash identifier:          6F2d3vt2+Thjspa0RuFeKXCCibukoqlp8qOqcAxlPHk=
Subject key identifier:   21:09:46:BE:C7:1C:DB:FD:BF:FD:24:FF:72:B4:D3:94:A9:5A:D8:9D
Authority key identifier: 2C:AC:C8:5C:99:A8:E1:DB:7D:1C:52:26:7C:2D:DB:D3:C3:9E:18:B2
Certificate issuer:       /CN=2cacc85c99a8e1db7d1c52267c2ddbd3c39e18b2
Certificate serial:       01974C694AEC91223175D4C26AE375A92206
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LKzIXJmo4dt9HFImfC3b08OeGLI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/0add7c-a28c-4ae8-8885-01ce06d315cd/1/LKzIXJmo4dt9HFImfC3b08OeGLI.mft
Manifest number:          0C95
Signing time:             Sat 07 Jun 2025 22:00:57 +0000
Manifest this update:     Sat 07 Jun 2025 22:00:57 +0000
Manifest next update:     Sun 08 Jun 2025 22:00:57 +0000
Files and hashes:         1: LKzIXJmo4dt9HFImfC3b08OeGLI.crl (hash: Pw4i/VStTKDdddYbECps3RMntmnapWqwNO78aS+Jv+M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c8/0add7c-a28c-4ae8-8885-01ce06d315cd/1/LKzIXJmo4dt9HFImfC3b08OeGLI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c8/0add7c-a28c-4ae8-8885-01ce06d315cd/1/LKzIXJmo4dt9HFImfC3b08OeGLI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LKzIXJmo4dt9HFImfC3b08OeGLI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 18:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:69:4a:ec:91:22:31:75:d4:c2:6a:e3:75:a9:22:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2cacc85c99a8e1db7d1c52267c2ddbd3c39e18b2
        Validity
            Not Before: Jun  7 22:00:57 2025 GMT
            Not After : Jun  8 22:00:57 2025 GMT
        Subject: CN=210946bec71cdbfdbffd24ff72b4d394a95ad89d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:16:6c:11:1f:1d:e7:69:a1:4a:16:03:e8:92:
                    1e:b8:e4:38:58:44:f0:05:b5:90:db:1f:87:0f:53:
                    c3:9c:c8:ac:e8:9c:33:b6:a9:29:8d:34:61:f0:af:
                    bb:bc:d8:d5:48:46:d6:2c:8a:5d:18:9a:70:f4:08:
                    3a:10:b1:d0:f0:cf:18:35:28:8d:65:88:ea:07:ee:
                    45:26:64:c2:a4:07:bf:24:dd:7d:69:ea:88:7d:04:
                    81:df:af:b1:7f:a7:1a:3f:db:0d:f7:85:aa:b7:a3:
                    dd:31:16:a8:45:a9:a0:7a:50:07:0f:da:59:97:1a:
                    53:72:63:c3:e9:4b:0f:ed:9b:18:f8:83:c6:12:a7:
                    ba:e6:7d:9b:46:f5:b5:d8:9e:e7:d6:31:e4:ab:d5:
                    b3:7e:08:b8:6e:12:92:f8:a4:e3:32:63:ea:be:dd:
                    b2:bd:a1:64:c6:a4:78:73:11:db:ee:88:45:d5:54:
                    b5:30:dd:6d:38:9d:84:07:8f:9b:91:27:e9:db:f3:
                    24:0c:d7:0c:92:4d:eb:96:3e:47:b7:92:35:d6:a2:
                    7a:bc:b2:17:28:42:b9:91:c1:60:2b:51:8f:35:51:
                    c7:fb:8a:06:ff:ca:14:12:62:fc:f3:d5:80:c2:ad:
                    0d:a3:10:e4:8f:34:4e:85:9e:84:38:c9:32:7f:81:
                    fa:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:09:46:BE:C7:1C:DB:FD:BF:FD:24:FF:72:B4:D3:94:A9:5A:D8:9D
            X509v3 Authority Key Identifier:
                keyid:2C:AC:C8:5C:99:A8:E1:DB:7D:1C:52:26:7C:2D:DB:D3:C3:9E:18:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LKzIXJmo4dt9HFImfC3b08OeGLI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/0add7c-a28c-4ae8-8885-01ce06d315cd/1/LKzIXJmo4dt9HFImfC3b08OeGLI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/0add7c-a28c-4ae8-8885-01ce06d315cd/1/LKzIXJmo4dt9HFImfC3b08OeGLI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:29:e8:5a:28:0c:d8:0b:11:0c:63:3f:af:fc:87:1b:24:b4:
         1c:aa:fd:e7:0c:c6:aa:1a:a9:f9:3b:8c:17:f1:dc:11:d3:2a:
         eb:eb:14:38:e2:cb:24:f0:d8:f6:ae:5a:d9:93:ba:47:5a:39:
         28:99:db:85:fe:00:08:a2:f2:31:a3:45:96:c8:4b:ac:c0:db:
         46:01:c2:64:1d:1f:e4:b7:cf:f3:25:51:b3:c1:cb:b7:ec:cd:
         75:1c:3c:7b:51:80:d9:35:b9:f8:e7:73:7f:5f:dd:dc:44:20:
         2d:08:58:5d:c5:85:93:79:12:ce:3f:79:df:d4:72:25:5e:8d:
         97:e0:11:95:90:fb:de:e6:4c:11:e4:06:af:44:7d:61:b7:22:
         c0:23:b9:a0:3b:fc:d7:67:7d:db:20:9f:ae:0d:59:3f:9f:8f:
         b6:62:69:5b:ce:e6:7c:e6:aa:4b:89:59:6e:21:91:dd:0f:e2:
         13:4f:78:47:14:55:6b:4a:5c:df:fe:c4:44:d6:f3:66:fb:03:
         f9:6c:5e:35:86:fc:e0:33:22:c9:24:cf:92:30:88:28:8a:4d:
         64:08:5d:1a:ca:10:76:cb:d2:9d:84:c6:e4:19:07:68:73:98:
         8b:91:30:cc:0f:83:d1:db:9e:5c:62:f9:87:88:77:cd:e5:11:
         90:47:aa:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMaUrskSIxddTCauN1qSIGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjYWNjODVjOTlhOGUxZGI3ZDFjNTIyNjdjMmRkYmQzYzM5
ZTE4YjIwHhcNMjUwNjA3MjIwMDU3WhcNMjUwNjA4MjIwMDU3WjAzMTEwLwYDVQQD
EygyMTA5NDZiZWM3MWNkYmZkYmZmZDI0ZmY3MmI0ZDM5NGE5NWFkODlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxZsER8d52mhShYD6JIeuOQ4WETw
BbWQ2x+HD1PDnMis6JwztqkpjTRh8K+7vNjVSEbWLIpdGJpw9Ag6ELHQ8M8YNSiN
ZYjqB+5FJmTCpAe/JN19aeqIfQSB36+xf6caP9sN94Wqt6PdMRaoRamgelAHD9pZ
lxpTcmPD6UsP7ZsY+IPGEqe65n2bRvW12J7n1jHkq9Wzfgi4bhKS+KTjMmPqvt2y
vaFkxqR4cxHb7ohF1VS1MN1tOJ2EB4+bkSfp2/MkDNcMkk3rlj5Ht5I11qJ6vLIX
KEK5kcFgK1GPNVHH+4oG/8oUEmL889WAwq0NoxDkjzROhZ6EOMkyf4H6awIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCEJRr7HHNv9v/0k/3K005SpWtidMB8GA1UdIwQY
MBaAFCysyFyZqOHbfRxSJnwt29PDnhiyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEt6SVhKbW80ZHQ5SEZJbWZDM2IwOE9lR0xJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8wYWRkN2MtYTI4Yy00YWU4LTg4ODUt
MDFjZTA2ZDMxNWNkLzEvTEt6SVhKbW80ZHQ5SEZJbWZDM2IwOE9lR0xJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8wYWRkN2MtYTI4Yy00YWU4LTg4ODUtMDFjZTA2ZDMxNWNk
LzEvTEt6SVhKbW80ZHQ5SEZJbWZDM2IwOE9lR0xJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADCnoWigM
2AsRDGM/r/yHGyS0HKr95wzGqhqp+TuMF/HcEdMq6+sUOOLLJPDY9q5a2ZO6R1o5
KJnbhf4ACKLyMaNFlshLrMDbRgHCZB0f5LfP8yVRs8HLt+zNdRw8e1GA2TW5+Odz
f1/d3EQgLQhYXcWFk3kSzj9539RyJV6Nl+ARlZD73uZMEeQGr0R9YbciwCO5oDv8
12d92yCfrg1ZP5+PtmJpW87mfOaqS4lZbiGR3Q/iE094RxRVa0pc3/7ERNbzZvsD
+WxeNYb84DMiySTPkjCIKIpNZAhdGsoQdsvSnYTG5BkHaHOYi5EwzA+D0dueXGL5
h4h3zeURkEeqPw==
-----END CERTIFICATE-----