Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
File:                     Lokc9xG_fhxC4ILWoviaBL7rldE.mft (raw, json)
Hash identifier:          hzp2Q/bGBaWa5XDYzb4K9hhrca3zqKC5Lxje7wTGRTA=
Subject key identifier:   B5:C8:C9:03:CD:0A:54:1E:8C:94:F7:DE:14:39:0E:9A:F3:0A:B4:7E
Authority key identifier: 2E:89:1C:F7:11:BF:7E:1C:42:E0:82:D6:A2:F8:9A:04:BE:EB:95:D1
Certificate issuer:       /CN=2e891cf711bf7e1c42e082d6a2f89a04beeb95d1
Certificate serial:       01992255F74CAE284BEBC4360AD50413E1F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
Manifest number:          0275
Signing time:             Sun 07 Sep 2025 04:01:23 +0000
Manifest this update:     Sun 07 Sep 2025 04:01:23 +0000
Manifest next update:     Mon 08 Sep 2025 04:01:23 +0000
Files and hashes:         1: Lokc9xG_fhxC4ILWoviaBL7rldE.crl (hash: uRKtlYIRSj3AUR2CdPOqMTFoUkN3nwIQf5ZuRI72qBQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:f7:4c:ae:28:4b:eb:c4:36:0a:d5:04:13:e1:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e891cf711bf7e1c42e082d6a2f89a04beeb95d1
        Validity
            Not Before: Sep  7 04:01:23 2025 GMT
            Not After : Sep  8 04:01:23 2025 GMT
        Subject: CN=b5c8c903cd0a541e8c94f7de14390e9af30ab47e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:2b:f8:56:17:0a:9c:9e:1a:fe:ba:4c:bd:22:
                    20:d1:b2:85:08:3a:3a:63:a8:a5:75:3a:4e:8a:4e:
                    ec:0b:96:52:c0:0b:23:15:1e:21:13:e6:49:15:26:
                    70:81:b2:c6:1a:90:fb:d8:06:b7:c2:21:f3:ba:24:
                    7e:c6:f9:fb:43:26:3d:51:18:78:e4:a7:44:30:b4:
                    a2:60:df:0c:5e:3c:7d:20:11:07:ee:14:99:f8:05:
                    9a:f3:36:e0:24:53:d4:c6:d3:16:84:4f:40:d3:d0:
                    59:5e:42:ab:60:51:fe:1c:40:22:13:d9:1b:1f:d8:
                    ae:7c:4e:61:27:28:fa:0c:6f:15:cc:f4:62:ab:ab:
                    a9:d1:00:e5:b6:10:e5:77:af:da:58:7e:4f:76:e5:
                    ed:62:12:34:b3:c0:99:3f:e2:5f:7f:8f:a1:14:c9:
                    02:a8:69:59:c7:a0:8f:c2:fb:af:96:6e:f9:53:97:
                    26:31:5d:5d:f4:34:f2:3e:58:9a:29:bc:c7:7c:0b:
                    d2:e4:5b:ca:e0:bb:51:b9:d9:e7:bc:57:fb:ed:36:
                    46:77:d0:1d:e4:5c:2b:7b:3a:b3:7d:5a:9d:cd:b3:
                    ca:af:e5:14:06:f6:03:28:32:ef:9e:9b:4c:fb:4d:
                    8b:b7:e9:54:e7:37:95:ac:32:61:7c:7d:a5:ff:bb:
                    8c:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:C8:C9:03:CD:0A:54:1E:8C:94:F7:DE:14:39:0E:9A:F3:0A:B4:7E
            X509v3 Authority Key Identifier:
                keyid:2E:89:1C:F7:11:BF:7E:1C:42:E0:82:D6:A2:F8:9A:04:BE:EB:95:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:a9:f7:96:47:d8:a9:81:52:6c:a6:ae:a9:88:66:6d:1f:1c:
         2b:57:61:5e:5d:90:e6:8d:35:57:b5:4d:2b:a7:36:32:4f:d5:
         6a:12:87:07:3f:61:50:ba:5e:0b:cb:ec:cf:4d:12:13:fb:b5:
         5f:60:a7:69:7e:8a:74:03:a3:bd:55:35:7d:6b:18:f6:8d:2b:
         f2:8b:d3:71:29:83:0a:92:bc:87:d4:6d:c4:e4:ad:bf:33:1c:
         67:04:c9:0d:24:6b:b2:61:e1:91:00:8e:db:58:37:66:41:4a:
         4b:8d:68:60:a6:f8:fe:8a:e7:e1:09:f3:4e:0d:37:77:53:61:
         5d:7d:06:65:ac:f5:90:71:25:36:aa:6f:0c:c3:4e:60:d9:08:
         c0:eb:3b:24:0c:9c:30:5e:b1:de:47:ec:c3:ca:c5:53:de:60:
         81:5e:65:69:f2:ad:e3:c0:0b:17:96:a7:d0:82:02:2a:65:11:
         56:fe:d1:aa:3b:ed:09:c4:fc:0f:24:ac:20:f5:d6:fb:d1:29:
         65:d5:af:6a:ac:7c:74:35:0e:2f:c0:ee:07:9e:fb:43:b8:41:
         f9:2a:18:61:eb:b5:5a:50:30:14:df:28:ea:e7:c7:eb:05:40:
         77:1e:1c:ff:53:8e:a2:3b:59:82:4e:6b:7c:a3:fa:ff:41:15:
         8c:ff:43:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVfdMrihL68Q2CtUEE+HxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODkxY2Y3MTFiZjdlMWM0MmUwODJkNmEyZjg5YTA0YmVl
Yjk1ZDEwHhcNMjUwOTA3MDQwMTIzWhcNMjUwOTA4MDQwMTIzWjAzMTEwLwYDVQQD
EyhiNWM4YzkwM2NkMGE1NDFlOGM5NGY3ZGUxNDM5MGU5YWYzMGFiNDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyv4VhcKnJ4a/rpMvSIg0bKFCDo6
Y6ildTpOik7sC5ZSwAsjFR4hE+ZJFSZwgbLGGpD72Aa3wiHzuiR+xvn7QyY9URh4
5KdEMLSiYN8MXjx9IBEH7hSZ+AWa8zbgJFPUxtMWhE9A09BZXkKrYFH+HEAiE9kb
H9iufE5hJyj6DG8VzPRiq6up0QDlthDld6/aWH5PduXtYhI0s8CZP+Jff4+hFMkC
qGlZx6CPwvuvlm75U5cmMV1d9DTyPliaKbzHfAvS5FvK4LtRudnnvFf77TZGd9Ad
5FwrezqzfVqdzbPKr+UUBvYDKDLvnptM+02Lt+lU5zeVrDJhfH2l/7uM6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLXIyQPNClQejJT33hQ5DprzCrR+MB8GA1UdIwQY
MBaAFC6JHPcRv34cQuCC1qL4mgS+65XRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS81MGI1NTAtZjg1ZS00ODliLTg0NzMt
ZTAzNjUzODFiYjg1LzEvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS81MGI1NTAtZjg1ZS00ODliLTg0NzMtZTAzNjUzODFiYjg1
LzEvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ6n3lkfY
qYFSbKauqYhmbR8cK1dhXl2Q5o01V7VNK6c2Mk/VahKHBz9hULpeC8vsz00SE/u1
X2CnaX6KdAOjvVU1fWsY9o0r8ovTcSmDCpK8h9RtxOStvzMcZwTJDSRrsmHhkQCO
21g3ZkFKS41oYKb4/orn4QnzTg03d1NhXX0GZaz1kHElNqpvDMNOYNkIwOs7JAyc
MF6x3kfsw8rFU95ggV5lafKt48ALF5an0IICKmURVv7RqjvtCcT8DySsIPXW+9Ep
ZdWvaqx8dDUOL8DuB577Q7hB+SoYYeu1WlAwFN8o6ufH6wVAdx4c/1OOojtZgk5r
fKP6/0EVjP9D2Q==
-----END CERTIFICATE-----