Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft
File:                     LsJnz2xrO4jpahG_KemnOlWMXkA.mft (raw, json)
Hash identifier:          gNj+Si3odRP+IluqbjD3ZI/pRsmCwTPHwvhZ/HZD4uU=
Subject key identifier:   F1:8A:7E:6B:D3:FE:24:32:D8:42:31:11:8B:B5:F6:F7:9D:45:A9:69
Authority key identifier: 2E:C2:67:CF:6C:6B:3B:88:E9:6A:11:BF:29:E9:A7:3A:55:8C:5E:40
Certificate issuer:       /CN=2ec267cf6c6b3b88e96a11bf29e9a73a558c5e40
Certificate serial:       0197B6D7B9DC9564F09B473087A80AE131E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LsJnz2xrO4jpahG_KemnOlWMXkA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft
Manifest number:          1544
Signing time:             Sat 28 Jun 2025 14:01:20 +0000
Manifest this update:     Sat 28 Jun 2025 14:01:20 +0000
Manifest next update:     Sun 29 Jun 2025 14:01:20 +0000
Files and hashes:         1: LsJnz2xrO4jpahG_KemnOlWMXkA.crl (hash: a0TUUmUOpNtugT7eqzgE901iJkZgWoFRDmulLbGa6VU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LsJnz2xrO4jpahG_KemnOlWMXkA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 14:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:d7:b9:dc:95:64:f0:9b:47:30:87:a8:0a:e1:31:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ec267cf6c6b3b88e96a11bf29e9a73a558c5e40
        Validity
            Not Before: Jun 28 14:01:20 2025 GMT
            Not After : Jun 29 14:01:20 2025 GMT
        Subject: CN=f18a7e6bd3fe2432d84231118bb5f6f79d45a969
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:34:d3:88:cf:10:ad:df:ca:89:fd:f2:ff:b6:
                    76:6d:39:a2:e2:02:d1:b6:b4:a8:29:c2:40:ec:6d:
                    f3:a0:cc:fc:d9:40:46:0e:7a:ba:31:d7:04:11:d9:
                    59:f4:41:45:96:78:88:57:c7:cf:16:27:6a:bf:1e:
                    30:c3:0d:2c:da:53:e0:7d:08:a8:54:da:2c:58:dc:
                    5b:fb:43:ad:6e:e7:9e:a4:79:1c:3d:d1:c8:86:52:
                    7a:c7:98:f5:f7:c9:5c:ee:50:57:1e:20:c1:50:4e:
                    f2:63:c6:35:cf:ff:76:49:1b:02:b2:0b:59:a3:e5:
                    bd:56:3f:8d:32:86:57:cd:69:46:fb:1b:de:a2:b7:
                    63:7c:0b:39:de:44:e4:73:46:48:54:11:b4:97:dc:
                    e8:a2:25:b5:a5:ee:b7:85:62:36:0a:88:e5:02:1b:
                    5d:92:04:85:a4:5f:57:a8:c5:cb:75:23:85:28:dc:
                    62:40:67:e3:0f:49:1c:b2:9d:d1:0d:14:8e:38:26:
                    76:17:ef:f1:8c:c5:e1:18:63:a4:8a:14:ef:dd:dd:
                    c6:6b:81:c2:4e:09:12:f7:c0:6f:1b:fa:69:1d:ed:
                    51:86:28:5f:0b:b1:97:cd:a3:e3:b9:43:d3:57:d1:
                    06:30:a0:1e:1b:38:b9:16:5e:a7:13:75:7b:80:f3:
                    a5:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:8A:7E:6B:D3:FE:24:32:D8:42:31:11:8B:B5:F6:F7:9D:45:A9:69
            X509v3 Authority Key Identifier:
                keyid:2E:C2:67:CF:6C:6B:3B:88:E9:6A:11:BF:29:E9:A7:3A:55:8C:5E:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LsJnz2xrO4jpahG_KemnOlWMXkA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:b8:de:30:f7:d1:df:27:d8:6a:a3:c9:34:ad:92:dc:ce:03:
         c0:0b:b4:8c:0c:63:cf:bc:ba:09:88:6d:0f:a5:35:3d:91:f0:
         12:28:47:cd:2b:19:22:0d:89:4a:b6:b6:ac:4b:b7:e1:4f:df:
         4e:8b:e9:2d:a6:b0:76:18:37:e4:66:92:60:6b:79:f3:46:34:
         f3:26:c0:72:af:74:02:8f:d9:49:45:75:82:72:5c:9d:dc:5d:
         d7:37:dd:e6:dc:20:5e:81:e7:ee:35:b6:a6:c8:12:77:0f:b6:
         32:7f:94:c0:4a:3b:1b:5a:ea:f6:59:a3:49:2a:94:0a:20:fc:
         80:6e:93:4f:b4:bb:ec:c7:b1:57:1d:8e:bb:69:f2:2e:24:bd:
         d0:f3:33:50:9a:cb:50:94:69:55:db:4d:6c:f9:c4:9c:dd:fa:
         06:4c:c9:e5:af:bf:91:fc:0b:92:bb:9a:2b:3f:85:95:b2:45:
         1d:c2:36:c1:05:5e:21:2d:a5:5f:ca:1d:5d:b2:b8:ad:6b:dd:
         69:0d:17:bd:0e:83:77:49:55:4a:48:e9:8f:8c:1b:8a:82:25:
         3f:02:63:a6:d0:66:f2:29:df:90:e0:c1:8d:63:8e:bc:89:8e:
         01:f5:ae:3c:98:e4:6c:aa:ef:83:89:f4:fa:75:38:96:e9:59:
         e2:d0:34:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe217nclWTwm0cwh6gK4THoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlYzI2N2NmNmM2YjNiODhlOTZhMTFiZjI5ZTlhNzNhNTU4
YzVlNDAwHhcNMjUwNjI4MTQwMTIwWhcNMjUwNjI5MTQwMTIwWjAzMTEwLwYDVQQD
EyhmMThhN2U2YmQzZmUyNDMyZDg0MjMxMTE4YmI1ZjZmNzlkNDVhOTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8TTTiM8Qrd/Kif3y/7Z2bTmi4gLR
trSoKcJA7G3zoMz82UBGDnq6MdcEEdlZ9EFFlniIV8fPFidqvx4www0s2lPgfQio
VNosWNxb+0OtbueepHkcPdHIhlJ6x5j198lc7lBXHiDBUE7yY8Y1z/92SRsCsgtZ
o+W9Vj+NMoZXzWlG+xveordjfAs53kTkc0ZIVBG0l9zooiW1pe63hWI2CojlAhtd
kgSFpF9XqMXLdSOFKNxiQGfjD0kcsp3RDRSOOCZ2F+/xjMXhGGOkihTv3d3Ga4HC
TgkS98BvG/ppHe1RhihfC7GXzaPjuUPTV9EGMKAeGzi5Fl6nE3V7gPOlhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPGKfmvT/iQy2EIxEYu19vedRalpMB8GA1UdIwQY
MBaAFC7CZ89sazuI6WoRvynppzpVjF5AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHNKbnoyeHJPNGpwYWhHX0tlbW5PbFdNWGtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9jZWEwMWItZWU5NC00YTAyLThkNjIt
MGRjMDFmYzg4MTQxLzEvTHNKbnoyeHJPNGpwYWhHX0tlbW5PbFdNWGtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9jZWEwMWItZWU5NC00YTAyLThkNjItMGRjMDFmYzg4MTQx
LzEvTHNKbnoyeHJPNGpwYWhHX0tlbW5PbFdNWGtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAorjeMPfR
3yfYaqPJNK2S3M4DwAu0jAxjz7y6CYhtD6U1PZHwEihHzSsZIg2JSra2rEu34U/f
TovpLaawdhg35GaSYGt580Y08ybAcq90Ao/ZSUV1gnJcndxd1zfd5twgXoHn7jW2
psgSdw+2Mn+UwEo7G1rq9lmjSSqUCiD8gG6TT7S77MexVx2Ou2nyLiS90PMzUJrL
UJRpVdtNbPnEnN36BkzJ5a+/kfwLkruaKz+FlbJFHcI2wQVeIS2lX8odXbK4rWvd
aQ0XvQ6Dd0lVSkjpj4wbioIlPwJjptBm8infkODBjWOOvImOAfWuPJjkbKrvg4n0
+nU4lulZ4tA0dA==
-----END CERTIFICATE-----