Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft
File:                     lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft (raw, json)
Hash identifier:          Kks211cH1eeBPzkaCCbOJGR85F4ZujYyPiDdK5BJT3Y=
Subject key identifier:   AE:F4:10:74:08:92:E6:5B:CD:FF:73:12:A1:1C:59:72:A2:95:6E:55
Authority key identifier: 95:6E:31:6C:98:38:04:C2:50:1E:CC:5A:BE:A5:3A:2A:83:B5:73:24
Certificate issuer:       /CN=956e316c983804c2501ecc5abea53a2a83b57324
Certificate serial:       0198D660635C95DF4EBCF3D34C6CC616D2A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lW4xbJg4BMJQHsxavqU6KoO1cyQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft
Manifest number:          161A
Signing time:             Sat 23 Aug 2025 10:01:37 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:37 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:37 +0000
Files and hashes:         1: lW4xbJg4BMJQHsxavqU6KoO1cyQ.crl (hash: O2UBbTpeAFrx5mBAL1opOU+Bud45RFDd18CM/BoGK7M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lW4xbJg4BMJQHsxavqU6KoO1cyQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:63:5c:95:df:4e:bc:f3:d3:4c:6c:c6:16:d2:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=956e316c983804c2501ecc5abea53a2a83b57324
        Validity
            Not Before: Aug 23 10:01:37 2025 GMT
            Not After : Aug 24 10:01:37 2025 GMT
        Subject: CN=aef410740892e65bcdff7312a11c5972a2956e55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:2d:57:08:f0:71:5f:b3:fd:42:1f:33:be:b1:
                    2e:8a:28:8e:a5:b9:4e:2f:5b:33:7c:0d:c6:d9:9e:
                    af:17:73:40:8f:0a:1b:62:97:ad:19:7b:99:51:56:
                    06:0a:47:67:4e:db:c5:c7:5c:94:f4:bf:4b:9e:2a:
                    57:96:4c:4f:41:bc:77:25:9d:f3:14:f8:5e:04:83:
                    28:6c:09:72:96:a5:10:a3:e2:e6:cc:95:59:ff:d0:
                    95:80:0d:a3:84:e7:fe:6a:43:e7:28:2e:cb:14:fb:
                    a9:15:ca:a5:99:48:7d:d5:20:4c:a9:59:a1:12:84:
                    a9:0b:74:2e:4d:01:25:1e:47:62:92:3d:24:57:9a:
                    d8:9b:f5:a0:cc:c9:23:94:c5:4e:b2:0d:65:e6:49:
                    f9:93:7f:0e:bd:12:16:7a:9b:6d:f8:52:cc:4a:02:
                    a5:4c:7b:ba:07:d6:1e:ee:f2:e5:42:45:ef:91:75:
                    9b:94:c5:0d:36:8b:d7:2f:32:94:8c:bc:95:cb:98:
                    ce:eb:ac:45:1c:f9:a8:67:fc:00:0c:cc:9e:d0:8e:
                    54:85:a4:19:dc:22:82:89:27:36:02:33:fe:0f:e4:
                    9a:aa:43:55:7c:25:8b:2b:a5:c3:1a:ee:ba:21:61:
                    4f:f3:98:0b:7c:c6:50:92:c0:6b:ed:45:83:9f:a7:
                    2f:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:F4:10:74:08:92:E6:5B:CD:FF:73:12:A1:1C:59:72:A2:95:6E:55
            X509v3 Authority Key Identifier:
                keyid:95:6E:31:6C:98:38:04:C2:50:1E:CC:5A:BE:A5:3A:2A:83:B5:73:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lW4xbJg4BMJQHsxavqU6KoO1cyQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:86:14:31:f4:0e:b4:97:5e:f8:0f:2b:c7:56:6b:ea:c5:f6:
         87:b1:10:08:f6:2f:7d:0f:ad:17:43:7f:af:fc:10:30:2d:9a:
         04:9f:ba:fa:0e:57:1d:5f:cd:08:f4:a0:4e:59:b1:38:d7:a5:
         a1:23:18:57:c6:44:dc:f6:ce:4b:8c:94:cb:fc:83:c5:1a:be:
         ad:c5:c6:8d:36:51:fe:e2:95:54:f9:f4:a7:1a:4c:4b:55:b5:
         cf:a0:7d:4b:85:36:4b:c0:78:a9:a3:e1:f2:d2:ba:03:8c:83:
         30:16:10:a4:1f:7e:9e:61:34:59:18:2d:08:02:25:5e:11:cf:
         39:57:87:00:58:87:39:ad:df:db:37:01:9a:90:83:82:3b:68:
         20:98:7a:0d:ba:db:a8:ba:15:4d:d1:25:98:b0:23:d1:14:45:
         08:05:54:f2:c1:fe:d4:8b:0f:31:b7:d2:69:52:f8:c3:4a:47:
         29:6a:ff:d7:3e:b1:7d:1a:2b:fb:82:ac:2f:83:41:f7:e7:b3:
         f8:54:0a:d8:69:34:3b:a8:65:67:0a:30:4f:39:cd:d6:e3:d0:
         d3:15:d6:d8:79:16:25:9b:f1:f2:a4:fc:56:6f:9d:3a:0b:cb:
         c5:78:a0:a8:47:fd:d7:37:fe:07:2b:b3:56:09:03:2d:3e:df:
         ec:be:0f:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYGNcld9OvPPTTGzGFtKlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NmUzMTZjOTgzODA0YzI1MDFlY2M1YWJlYTUzYTJhODNi
NTczMjQwHhcNMjUwODIzMTAwMTM3WhcNMjUwODI0MTAwMTM3WjAzMTEwLwYDVQQD
EyhhZWY0MTA3NDA4OTJlNjViY2RmZjczMTJhMTFjNTk3MmEyOTU2ZTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqC1XCPBxX7P9Qh8zvrEuiiiOpblO
L1szfA3G2Z6vF3NAjwobYpetGXuZUVYGCkdnTtvFx1yU9L9LnipXlkxPQbx3JZ3z
FPheBIMobAlylqUQo+LmzJVZ/9CVgA2jhOf+akPnKC7LFPupFcqlmUh91SBMqVmh
EoSpC3QuTQElHkdikj0kV5rYm/WgzMkjlMVOsg1l5kn5k38OvRIWeptt+FLMSgKl
THu6B9Ye7vLlQkXvkXWblMUNNovXLzKUjLyVy5jO66xFHPmoZ/wADMye0I5UhaQZ
3CKCiSc2AjP+D+SaqkNVfCWLK6XDGu66IWFP85gLfMZQksBr7UWDn6cvaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK70EHQIkuZbzf9zEqEcWXKilW5VMB8GA1UdIwQY
MBaAFJVuMWyYOATCUB7MWr6lOiqDtXMkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFc0eGJKZzRCTUpRSHN4YXZxVTZLb08xY3lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8wMjI0MGYtZTA4MC00YmU5LTkzYzQt
Mzk2ZmNkYTY0OTBjLzEvbFc0eGJKZzRCTUpRSHN4YXZxVTZLb08xY3lRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8wMjI0MGYtZTA4MC00YmU5LTkzYzQtMzk2ZmNkYTY0OTBj
LzEvbFc0eGJKZzRCTUpRSHN4YXZxVTZLb08xY3lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU4YUMfQO
tJde+A8rx1Zr6sX2h7EQCPYvfQ+tF0N/r/wQMC2aBJ+6+g5XHV/NCPSgTlmxONel
oSMYV8ZE3PbOS4yUy/yDxRq+rcXGjTZR/uKVVPn0pxpMS1W1z6B9S4U2S8B4qaPh
8tK6A4yDMBYQpB9+nmE0WRgtCAIlXhHPOVeHAFiHOa3f2zcBmpCDgjtoIJh6Dbrb
qLoVTdElmLAj0RRFCAVU8sH+1IsPMbfSaVL4w0pHKWr/1z6xfRor+4KsL4NB9+ez
+FQK2Gk0O6hlZwowTznN1uPQ0xXW2HkWJZvx8qT8Vm+dOgvLxXigqEf91zf+Byuz
VgkDLT7f7L4PGg==
-----END CERTIFICATE-----