Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/e27d9b-931a-488b-ac35-8ffbd6c73bf5/1/la6L0zJJzx7V8NQ5gUfv0y0lQho.mft
File:                     la6L0zJJzx7V8NQ5gUfv0y0lQho.mft (raw, json)
Hash identifier:          4Caffs/KLKXTBeXsas9eBeA7bV9WpQHji83d7H/mxrc=
Subject key identifier:   50:CC:D8:08:FD:A1:4D:A5:98:E8:88:CA:B0:24:EE:10:26:9C:ED:08
Authority key identifier: 95:AE:8B:D3:32:49:CF:1E:D5:F0:D4:39:81:47:EF:D3:2D:25:42:1A
Certificate issuer:       /CN=95ae8bd33249cf1ed5f0d4398147efd32d25421a
Certificate serial:       0197C613D145AC6EFBBBFFA84FBA0627CBA6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/la6L0zJJzx7V8NQ5gUfv0y0lQho.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/e27d9b-931a-488b-ac35-8ffbd6c73bf5/1/la6L0zJJzx7V8NQ5gUfv0y0lQho.mft
Manifest number:          0D2C
Signing time:             Tue 01 Jul 2025 13:01:16 +0000
Manifest this update:     Tue 01 Jul 2025 13:01:16 +0000
Manifest next update:     Wed 02 Jul 2025 13:01:16 +0000
Files and hashes:         1: la6L0zJJzx7V8NQ5gUfv0y0lQho.crl (hash: cg6+y6B5iaLpE3VFMBAvpH7FEuG4pzmYybx+kiPpbFo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/e27d9b-931a-488b-ac35-8ffbd6c73bf5/1/la6L0zJJzx7V8NQ5gUfv0y0lQho.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/e27d9b-931a-488b-ac35-8ffbd6c73bf5/1/la6L0zJJzx7V8NQ5gUfv0y0lQho.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/la6L0zJJzx7V8NQ5gUfv0y0lQho.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 02 Jul 2025 13:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c6:13:d1:45:ac:6e:fb:bb:ff:a8:4f:ba:06:27:cb:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95ae8bd33249cf1ed5f0d4398147efd32d25421a
        Validity
            Not Before: Jul  1 13:01:16 2025 GMT
            Not After : Jul  2 13:01:16 2025 GMT
        Subject: CN=50ccd808fda14da598e888cab024ee10269ced08
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:fa:1b:5a:d6:73:c5:0a:37:dc:48:47:07:36:
                    d4:1f:89:97:c6:8c:bd:f4:dc:dd:01:33:e7:59:e8:
                    8c:08:14:8e:be:cf:c1:dc:a2:2a:ca:d0:bc:72:43:
                    ef:77:dd:d0:a9:2c:20:46:dd:34:84:bd:07:9d:fa:
                    53:02:35:dc:80:4c:3e:e7:25:ff:07:6e:37:d0:c6:
                    1d:58:a7:bb:04:d4:2f:2b:57:53:fa:2e:32:0d:08:
                    c9:fa:b9:41:90:76:6e:a1:55:4b:8c:2d:a9:71:39:
                    a7:49:57:0c:63:52:16:70:0e:48:38:9c:f2:4f:9e:
                    44:7e:86:e6:bf:e6:8c:63:1b:2b:14:6f:36:90:40:
                    69:a1:b9:d3:1f:c5:80:0a:3a:42:88:b3:81:5a:bc:
                    fa:d7:f2:15:15:af:6d:0e:85:55:4b:c4:e6:bb:2b:
                    f0:d1:87:97:dd:2f:d0:25:3b:4b:7f:09:30:59:59:
                    e0:f2:07:56:6b:88:1f:c9:42:55:81:bf:be:55:80:
                    b0:89:7c:71:e1:62:f9:30:f6:dc:da:b6:3d:5b:fc:
                    88:19:1b:5d:c2:b7:d8:e6:cf:d0:1e:2f:f0:d8:93:
                    01:c8:85:2f:f0:29:b3:b7:75:e3:61:63:7b:43:0b:
                    35:07:cd:a8:4c:98:b2:1a:e5:db:17:79:69:e1:eb:
                    3a:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:CC:D8:08:FD:A1:4D:A5:98:E8:88:CA:B0:24:EE:10:26:9C:ED:08
            X509v3 Authority Key Identifier:
                keyid:95:AE:8B:D3:32:49:CF:1E:D5:F0:D4:39:81:47:EF:D3:2D:25:42:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/la6L0zJJzx7V8NQ5gUfv0y0lQho.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/e27d9b-931a-488b-ac35-8ffbd6c73bf5/1/la6L0zJJzx7V8NQ5gUfv0y0lQho.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/e27d9b-931a-488b-ac35-8ffbd6c73bf5/1/la6L0zJJzx7V8NQ5gUfv0y0lQho.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:59:60:85:4d:9e:0f:6c:85:f1:d2:37:a5:59:2c:76:39:13:
         f1:62:35:59:6e:d1:de:1f:ad:06:34:21:d6:7a:e6:0e:6a:73:
         2b:63:50:e5:d2:58:81:35:47:f8:49:e6:64:fb:01:38:06:74:
         e4:f4:29:59:a1:10:50:a1:a3:4f:00:82:40:9e:f6:ae:e9:f7:
         d9:41:9f:dc:7e:d5:e3:87:b3:54:66:f5:48:45:1d:40:f3:08:
         7a:b9:9e:29:4d:9f:0a:ee:f7:90:b1:a1:f6:24:56:1f:3a:b7:
         d0:8d:cc:82:4e:ec:4c:e1:bf:b4:66:19:43:23:98:21:91:d0:
         3f:f7:9e:20:f7:23:a7:1b:7f:9f:28:22:94:d9:b4:a4:b9:d8:
         13:ea:df:0c:22:88:d5:5f:03:4b:c1:60:a6:5b:31:74:6a:2e:
         9c:f3:49:d8:46:51:ae:bd:e9:e5:a1:27:74:64:4d:7d:15:76:
         8e:6c:56:77:64:19:9a:6f:f0:f7:8f:e9:25:c9:c2:69:b4:98:
         d9:4d:99:ae:48:1d:12:86:5c:53:05:44:33:84:38:ea:22:b4:
         9d:4b:83:66:12:e1:af:58:8a:39:8b:a7:76:fb:5d:e3:dc:b6:
         1b:6c:22:04:1a:4d:1e:1f:42:7a:0a:5e:01:99:16:d2:e1:5a:
         86:c6:38:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfGE9FFrG77u/+oT7oGJ8umMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YWU4YmQzMzI0OWNmMWVkNWYwZDQzOTgxNDdlZmQzMmQy
NTQyMWEwHhcNMjUwNzAxMTMwMTE2WhcNMjUwNzAyMTMwMTE2WjAzMTEwLwYDVQQD
Eyg1MGNjZDgwOGZkYTE0ZGE1OThlODg4Y2FiMDI0ZWUxMDI2OWNlZDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPobWtZzxQo33EhHBzbUH4mXxoy9
9NzdATPnWeiMCBSOvs/B3KIqytC8ckPvd93QqSwgRt00hL0HnfpTAjXcgEw+5yX/
B2430MYdWKe7BNQvK1dT+i4yDQjJ+rlBkHZuoVVLjC2pcTmnSVcMY1IWcA5IOJzy
T55Efobmv+aMYxsrFG82kEBpobnTH8WACjpCiLOBWrz61/IVFa9tDoVVS8Tmuyvw
0YeX3S/QJTtLfwkwWVng8gdWa4gfyUJVgb++VYCwiXxx4WL5MPbc2rY9W/yIGRtd
wrfY5s/QHi/w2JMByIUv8Cmzt3XjYWN7Qws1B82oTJiyGuXbF3lp4es64QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFDM2Aj9oU2lmOiIyrAk7hAmnO0IMB8GA1UdIwQY
MBaAFJWui9MySc8e1fDUOYFH79MtJUIaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGE2TDB6Skp6eDdWOE5RNWdVZnYweTBsUWhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9lMjdkOWItOTMxYS00ODhiLWFjMzUt
OGZmYmQ2YzczYmY1LzEvbGE2TDB6Skp6eDdWOE5RNWdVZnYweTBsUWhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9lMjdkOWItOTMxYS00ODhiLWFjMzUtOGZmYmQ2YzczYmY1
LzEvbGE2TDB6Skp6eDdWOE5RNWdVZnYweTBsUWhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhVlghU2e
D2yF8dI3pVksdjkT8WI1WW7R3h+tBjQh1nrmDmpzK2NQ5dJYgTVH+EnmZPsBOAZ0
5PQpWaEQUKGjTwCCQJ72run32UGf3H7V44ezVGb1SEUdQPMIermeKU2fCu73kLGh
9iRWHzq30I3Mgk7sTOG/tGYZQyOYIZHQP/eeIPcjpxt/nygilNm0pLnYE+rfDCKI
1V8DS8FgplsxdGounPNJ2EZRrr3p5aEndGRNfRV2jmxWd2QZmm/w94/pJcnCabSY
2U2ZrkgdEoZcUwVEM4Q46iK0nUuDZhLhr1iKOYundvtd49y2G2wiBBpNHh9Cegpe
AZkW0uFahsY4Cw==
-----END CERTIFICATE-----