Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft
File:                     LsJnz2xrO4jpahG_KemnOlWMXkA.mft (raw, json)
Hash identifier:          AUNnp0dVQCEaaBaZtJVTtg5dhcCQc1mwa3Sf1XVhUio=
Subject key identifier:   C9:1E:61:C4:3E:69:DB:AB:F4:C1:6C:84:D2:08:3D:77:B3:B4:12:C5
Authority key identifier: 2E:C2:67:CF:6C:6B:3B:88:E9:6A:11:BF:29:E9:A7:3A:55:8C:5E:40
Certificate issuer:       /CN=2ec267cf6c6b3b88e96a11bf29e9a73a558c5e40
Certificate serial:       0198D6983D1869051C096951E31BF502A634
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LsJnz2xrO4jpahG_KemnOlWMXkA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft
Manifest number:          15D9
Signing time:             Sat 23 Aug 2025 11:02:37 +0000
Manifest this update:     Sat 23 Aug 2025 11:02:37 +0000
Manifest next update:     Sun 24 Aug 2025 11:02:37 +0000
Files and hashes:         1: LsJnz2xrO4jpahG_KemnOlWMXkA.crl (hash: FMrfhiZ2D18zXXKukVwI32CrSscySmuJf4G685861IE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LsJnz2xrO4jpahG_KemnOlWMXkA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 11:02:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:98:3d:18:69:05:1c:09:69:51:e3:1b:f5:02:a6:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ec267cf6c6b3b88e96a11bf29e9a73a558c5e40
        Validity
            Not Before: Aug 23 11:02:37 2025 GMT
            Not After : Aug 24 11:02:37 2025 GMT
        Subject: CN=c91e61c43e69dbabf4c16c84d2083d77b3b412c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:81:68:d7:13:01:ec:16:45:33:85:e0:e8:ec:
                    44:89:6e:fa:dc:37:b8:93:73:e6:87:06:89:38:f4:
                    19:cc:46:cc:4b:4b:dd:f8:4f:17:f7:44:4c:a6:c5:
                    cb:09:27:31:54:24:f0:37:10:fd:44:a7:14:2a:fb:
                    4c:cc:13:a9:09:ad:ab:f2:b0:0b:e6:2a:59:7b:ca:
                    cc:0b:1b:8f:da:c5:53:d6:ce:6e:5a:bc:50:b7:c7:
                    f3:0a:f9:a9:95:dc:19:42:ae:81:56:a3:df:a3:04:
                    b1:bb:90:01:bf:93:77:dc:67:45:bf:95:14:3b:c2:
                    f6:7c:0e:f1:3a:7c:e8:ed:f4:4b:db:7a:15:a7:6e:
                    ca:f6:af:42:f7:fa:fe:82:e3:60:27:85:20:2e:80:
                    d7:7f:7b:64:b1:c7:f4:9e:ff:df:cd:95:bc:d7:86:
                    07:cd:31:fe:75:8c:7d:14:27:c0:ef:09:81:97:a2:
                    53:ac:0e:81:0b:d5:a6:e0:e1:bc:58:98:f8:93:b2:
                    6b:52:21:51:70:f4:d7:66:0a:77:f2:fc:0e:75:eb:
                    80:ee:ad:a2:ba:33:cb:10:5b:32:ed:00:21:0e:e1:
                    44:cf:f5:ff:5c:73:81:68:8f:98:d7:81:f5:5c:8c:
                    d6:bb:23:2f:af:7b:9c:b6:83:d8:f2:ad:36:0b:bd:
                    ca:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:1E:61:C4:3E:69:DB:AB:F4:C1:6C:84:D2:08:3D:77:B3:B4:12:C5
            X509v3 Authority Key Identifier:
                keyid:2E:C2:67:CF:6C:6B:3B:88:E9:6A:11:BF:29:E9:A7:3A:55:8C:5E:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LsJnz2xrO4jpahG_KemnOlWMXkA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:1b:28:0a:43:cf:47:c2:d8:10:38:11:d5:f9:f4:63:dd:d9:
         17:53:42:de:d3:8e:83:b1:30:e2:a1:55:5d:ba:f6:5f:8b:5f:
         61:85:e3:cb:2b:bb:7b:2c:bd:7a:a1:85:75:fb:f6:78:d9:fe:
         1a:38:49:6c:f4:64:69:d2:f6:a1:e3:7f:ed:d3:c8:24:09:08:
         7f:f9:5a:6e:8b:7e:48:c0:aa:cf:17:1e:66:38:ca:df:97:d2:
         9b:e6:22:82:31:a7:5d:fd:6b:60:a2:f1:d6:21:88:43:67:56:
         3f:d5:22:9a:3d:12:a4:58:b5:74:48:e3:b5:f8:c4:97:3c:0d:
         12:d8:53:2f:92:5c:23:44:00:35:52:84:d9:01:41:e8:20:fa:
         76:82:4e:75:e8:ff:79:ec:71:79:4c:39:09:47:96:67:3e:92:
         f6:c0:c0:72:6a:18:76:56:d9:9e:3c:36:96:33:1b:10:46:73:
         9e:2f:d4:7e:01:e1:a2:b9:12:23:e7:1a:e4:58:1c:07:d1:77:
         65:13:57:c8:5e:3f:36:44:4b:49:59:53:85:75:09:a1:1a:4b:
         02:1a:e2:e6:49:0b:4f:96:00:41:78:9b:99:96:dd:c5:d9:d3:
         27:57:c1:f5:4c:99:44:f2:12:a1:56:64:38:b0:39:a9:88:2a:
         c0:6e:4f:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWmD0YaQUcCWlR4xv1AqY0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlYzI2N2NmNmM2YjNiODhlOTZhMTFiZjI5ZTlhNzNhNTU4
YzVlNDAwHhcNMjUwODIzMTEwMjM3WhcNMjUwODI0MTEwMjM3WjAzMTEwLwYDVQQD
EyhjOTFlNjFjNDNlNjlkYmFiZjRjMTZjODRkMjA4M2Q3N2IzYjQxMmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4Fo1xMB7BZFM4Xg6OxEiW763De4
k3PmhwaJOPQZzEbMS0vd+E8X90RMpsXLCScxVCTwNxD9RKcUKvtMzBOpCa2r8rAL
5ipZe8rMCxuP2sVT1s5uWrxQt8fzCvmpldwZQq6BVqPfowSxu5ABv5N33GdFv5UU
O8L2fA7xOnzo7fRL23oVp27K9q9C9/r+guNgJ4UgLoDXf3tkscf0nv/fzZW814YH
zTH+dYx9FCfA7wmBl6JTrA6BC9Wm4OG8WJj4k7JrUiFRcPTXZgp38vwOdeuA7q2i
ujPLEFsy7QAhDuFEz/X/XHOBaI+Y14H1XIzWuyMvr3uctoPY8q02C73KbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMkeYcQ+adur9MFshNIIPXeztBLFMB8GA1UdIwQY
MBaAFC7CZ89sazuI6WoRvynppzpVjF5AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHNKbnoyeHJPNGpwYWhHX0tlbW5PbFdNWGtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9jZWEwMWItZWU5NC00YTAyLThkNjIt
MGRjMDFmYzg4MTQxLzEvTHNKbnoyeHJPNGpwYWhHX0tlbW5PbFdNWGtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9jZWEwMWItZWU5NC00YTAyLThkNjItMGRjMDFmYzg4MTQx
LzEvTHNKbnoyeHJPNGpwYWhHX0tlbW5PbFdNWGtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlRsoCkPP
R8LYEDgR1fn0Y93ZF1NC3tOOg7Ew4qFVXbr2X4tfYYXjyyu7eyy9eqGFdfv2eNn+
GjhJbPRkadL2oeN/7dPIJAkIf/labot+SMCqzxceZjjK35fSm+YigjGnXf1rYKLx
1iGIQ2dWP9Uimj0SpFi1dEjjtfjElzwNEthTL5JcI0QANVKE2QFB6CD6doJOdej/
eexxeUw5CUeWZz6S9sDAcmoYdlbZnjw2ljMbEEZzni/UfgHhorkSI+ca5FgcB9F3
ZRNXyF4/NkRLSVlThXUJoRpLAhri5kkLT5YAQXibmZbdxdnTJ1fB9UyZRPISoVZk
OLA5qYgqwG5Pwg==
-----END CERTIFICATE-----