Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/9d9112-f57e-49c7-a93b-d8549edf7cef/1/dLMSaPL_fozq3x3pX5fwsdKxX5Y.mft
File:                     dLMSaPL_fozq3x3pX5fwsdKxX5Y.mft (raw, json)
Hash identifier:          pReCvMyjLCTPR5yT9nAiVuEz4oelAPZ0N2egTZPNDkk=
Subject key identifier:   CA:93:88:01:7B:10:CA:3F:F6:1F:A1:49:7C:2B:9C:BE:3F:A8:4D:CE
Authority key identifier: 74:B3:12:68:F2:FF:7E:8C:EA:DF:1D:E9:5F:97:F0:B1:D2:B1:5F:96
Certificate issuer:       /CN=74b31268f2ff7e8ceadf1de95f97f0b1d2b15f96
Certificate serial:       0197B933C139342D7F06C4A55D0186FDC93C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dLMSaPL_fozq3x3pX5fwsdKxX5Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/9d9112-f57e-49c7-a93b-d8549edf7cef/1/dLMSaPL_fozq3x3pX5fwsdKxX5Y.mft
Manifest number:          1088
Signing time:             Sun 29 Jun 2025 01:01:06 +0000
Manifest this update:     Sun 29 Jun 2025 01:01:06 +0000
Manifest next update:     Mon 30 Jun 2025 01:01:06 +0000
Files and hashes:         1: dLMSaPL_fozq3x3pX5fwsdKxX5Y.crl (hash: 0v/VfNJ/Y1lhX8y+WrdKwJu93jHEfKeqePLitzUg+fs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/9d9112-f57e-49c7-a93b-d8549edf7cef/1/dLMSaPL_fozq3x3pX5fwsdKxX5Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/9d9112-f57e-49c7-a93b-d8549edf7cef/1/dLMSaPL_fozq3x3pX5fwsdKxX5Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dLMSaPL_fozq3x3pX5fwsdKxX5Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 01:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b9:33:c1:39:34:2d:7f:06:c4:a5:5d:01:86:fd:c9:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74b31268f2ff7e8ceadf1de95f97f0b1d2b15f96
        Validity
            Not Before: Jun 29 01:01:06 2025 GMT
            Not After : Jun 30 01:01:06 2025 GMT
        Subject: CN=ca9388017b10ca3ff61fa1497c2b9cbe3fa84dce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:26:dd:7c:c3:dc:d3:ac:7e:0c:98:73:39:6b:
                    f6:04:c9:5f:aa:45:51:e4:a5:d2:87:73:a9:c5:df:
                    b9:10:9f:5e:82:f3:2e:83:e9:43:d7:99:ad:36:30:
                    44:92:f0:df:e4:48:57:03:a8:e7:5a:d9:0d:b3:31:
                    a2:b9:b5:42:b6:b8:8d:cb:59:a3:cf:8e:78:17:c0:
                    08:44:04:7b:78:dc:d3:88:f5:09:56:f9:25:28:4a:
                    e7:ea:8b:9d:05:ab:19:30:a1:c6:a1:c3:58:5a:c0:
                    66:74:92:30:37:6e:7f:4b:14:84:f4:52:b6:40:d1:
                    0d:3f:54:92:6d:ab:3c:22:88:0c:91:5f:43:74:89:
                    10:f0:47:45:21:d3:4e:4c:af:d6:ed:52:a2:d7:e0:
                    be:c2:52:c9:40:30:6b:1d:a3:b9:d6:22:fa:cc:e3:
                    3d:db:84:7b:ff:36:2e:52:a0:de:37:47:9b:87:f1:
                    f5:61:45:35:00:23:1d:c8:4e:33:53:48:84:58:42:
                    da:50:9f:4e:9b:80:bb:82:00:bf:13:09:40:a4:a8:
                    16:5c:bb:2d:8d:63:52:12:f6:4c:ce:15:cf:70:4b:
                    66:b2:14:22:4c:35:48:aa:30:66:45:36:0f:80:8b:
                    f0:f1:a7:12:86:33:71:bf:15:41:0c:6c:e8:0f:15:
                    33:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:93:88:01:7B:10:CA:3F:F6:1F:A1:49:7C:2B:9C:BE:3F:A8:4D:CE
            X509v3 Authority Key Identifier:
                keyid:74:B3:12:68:F2:FF:7E:8C:EA:DF:1D:E9:5F:97:F0:B1:D2:B1:5F:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dLMSaPL_fozq3x3pX5fwsdKxX5Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/9d9112-f57e-49c7-a93b-d8549edf7cef/1/dLMSaPL_fozq3x3pX5fwsdKxX5Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/9d9112-f57e-49c7-a93b-d8549edf7cef/1/dLMSaPL_fozq3x3pX5fwsdKxX5Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:52:09:cb:55:2c:49:25:13:bd:ad:91:43:1b:19:9a:cb:15:
         28:41:9b:a4:2c:06:96:c0:02:30:f4:12:49:f5:f4:e7:ed:ad:
         39:08:cd:56:5e:32:49:ff:d0:66:ed:ff:47:4a:fd:ff:c3:41:
         62:2f:df:c2:4c:ab:38:32:59:71:84:06:da:31:09:f1:0e:46:
         4b:e9:6e:ed:6f:a6:b3:5b:de:ac:7f:df:be:cd:db:eb:af:79:
         57:11:b9:b2:85:2d:eb:3f:3a:97:99:6a:3b:18:92:63:e6:b1:
         59:98:ea:7f:87:e5:55:8b:8b:00:4b:4d:b1:46:07:b3:d6:18:
         40:f2:f7:39:c7:08:a8:71:3a:d3:03:14:33:38:b7:d0:ed:78:
         65:18:ca:7b:16:ba:6a:06:15:21:b1:2b:d5:04:11:3b:81:50:
         a6:e7:b4:bb:62:a1:1e:99:92:59:2b:68:dd:ab:cb:84:d6:a7:
         f8:92:76:35:bf:58:a4:73:a6:4a:70:a0:df:af:26:d3:de:4b:
         cd:d0:e8:a2:12:76:98:b3:a6:76:a5:35:b8:67:42:59:7a:a6:
         3f:36:c6:49:8c:6a:f0:bf:2b:4d:95:ae:5d:63:d0:6c:51:fa:
         ed:15:f9:3e:e4:e4:84:49:42:51:1c:9c:cb:73:e2:c0:d3:cd:
         d7:90:61:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe5M8E5NC1/BsSlXQGG/ck8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YjMxMjY4ZjJmZjdlOGNlYWRmMWRlOTVmOTdmMGIxZDJi
MTVmOTYwHhcNMjUwNjI5MDEwMTA2WhcNMjUwNjMwMDEwMTA2WjAzMTEwLwYDVQQD
EyhjYTkzODgwMTdiMTBjYTNmZjYxZmExNDk3YzJiOWNiZTNmYTg0ZGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmibdfMPc06x+DJhzOWv2BMlfqkVR
5KXSh3Opxd+5EJ9egvMug+lD15mtNjBEkvDf5EhXA6jnWtkNszGiubVCtriNy1mj
z454F8AIRAR7eNzTiPUJVvklKErn6oudBasZMKHGocNYWsBmdJIwN25/SxSE9FK2
QNENP1SSbas8IogMkV9DdIkQ8EdFIdNOTK/W7VKi1+C+wlLJQDBrHaO51iL6zOM9
24R7/zYuUqDeN0ebh/H1YUU1ACMdyE4zU0iEWELaUJ9Om4C7ggC/EwlApKgWXLst
jWNSEvZMzhXPcEtmshQiTDVIqjBmRTYPgIvw8acShjNxvxVBDGzoDxUz9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMqTiAF7EMo/9h+hSXwrnL4/qE3OMB8GA1UdIwQY
MBaAFHSzEmjy/36M6t8d6V+X8LHSsV+WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZExNU2FQTF9mb3pxM3gzcFg1ZndzZEt4WDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS85ZDkxMTItZjU3ZS00OWM3LWE5M2It
ZDg1NDllZGY3Y2VmLzEvZExNU2FQTF9mb3pxM3gzcFg1ZndzZEt4WDVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS85ZDkxMTItZjU3ZS00OWM3LWE5M2ItZDg1NDllZGY3Y2Vm
LzEvZExNU2FQTF9mb3pxM3gzcFg1ZndzZEt4WDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGVIJy1Us
SSUTva2RQxsZmssVKEGbpCwGlsACMPQSSfX05+2tOQjNVl4ySf/QZu3/R0r9/8NB
Yi/fwkyrODJZcYQG2jEJ8Q5GS+lu7W+ms1verH/fvs3b6695VxG5soUt6z86l5lq
OxiSY+axWZjqf4flVYuLAEtNsUYHs9YYQPL3OccIqHE60wMUMzi30O14ZRjKexa6
agYVIbEr1QQRO4FQpue0u2KhHpmSWSto3avLhNan+JJ2Nb9YpHOmSnCg368m095L
zdDoohJ2mLOmdqU1uGdCWXqmPzbGSYxq8L8rTZWuXWPQbFH67RX5PuTkhElCURyc
y3PiwNPN15Bh6A==
-----END CERTIFICATE-----