Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft
File:                     leN5E1KsgsnSB0NCTNxhcAlvT68.mft (raw, json)
Hash identifier:          sHCS13l+I1tpTBqefsSzG61m6y9T2ZrXmOrl9d3Ir28=
Subject key identifier:   58:32:24:0A:6C:3A:CD:89:A9:00:17:81:90:B0:09:50:10:D9:AC:7F
Authority key identifier: 95:E3:79:13:52:AC:82:C9:D2:07:43:42:4C:DC:61:70:09:6F:4F:AF
Certificate issuer:       /CN=95e3791352ac82c9d20743424cdc6170096f4faf
Certificate serial:       0197C236FB89794C61CCE77DF7A2A57548DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/leN5E1KsgsnSB0NCTNxhcAlvT68.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft
Manifest number:          15B7
Signing time:             Mon 30 Jun 2025 19:01:12 +0000
Manifest this update:     Mon 30 Jun 2025 19:01:12 +0000
Manifest next update:     Tue 01 Jul 2025 19:01:12 +0000
Files and hashes:         1: leN5E1KsgsnSB0NCTNxhcAlvT68.crl (hash: XQPWv2Nv9D3fEPLJ4WIfjc/Ziwoer+eO4cYvY0v97l8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/leN5E1KsgsnSB0NCTNxhcAlvT68.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 01 Jul 2025 14:23:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c2:36:fb:89:79:4c:61:cc:e7:7d:f7:a2:a5:75:48:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95e3791352ac82c9d20743424cdc6170096f4faf
        Validity
            Not Before: Jun 30 19:01:12 2025 GMT
            Not After : Jul  1 19:01:12 2025 GMT
        Subject: CN=5832240a6c3acd89a900178190b0095010d9ac7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:0e:ad:87:07:54:2d:19:3c:36:a5:c1:ed:67:
                    9c:6e:8d:bb:e6:0d:b2:8c:90:78:eb:77:6b:3c:b3:
                    4d:20:e8:15:b9:d2:34:8e:e5:f8:d1:b4:7a:51:ee:
                    62:8e:c4:37:d7:48:74:4a:4b:16:7c:01:61:d5:42:
                    1c:c7:34:fe:b4:c9:55:3e:aa:58:af:3e:97:61:86:
                    05:b6:71:7e:2c:8a:52:f4:e3:a4:ed:8b:74:90:8f:
                    06:f7:48:78:64:c5:fd:1c:ff:50:b3:91:58:8b:95:
                    2b:02:8e:5f:66:27:88:6f:05:cd:ea:09:3a:3e:bc:
                    f2:2a:30:64:13:b4:78:3f:3f:62:2a:eb:94:23:20:
                    38:7b:ae:02:83:c7:f4:e2:e8:01:32:46:15:1f:66:
                    28:83:8a:31:1a:82:9b:e5:75:55:da:b8:b4:3e:b0:
                    b5:da:1a:a0:fb:2e:a5:78:7b:e9:5e:41:21:49:0c:
                    4e:45:62:31:3c:e4:d8:30:59:4b:ec:b8:aa:8e:8c:
                    60:42:e3:d1:53:06:67:29:f4:ef:cf:a5:3c:7f:3a:
                    d0:76:6c:e7:43:e4:78:9d:54:8d:d0:d0:88:04:7a:
                    aa:4a:46:f3:1f:ba:5c:19:07:d5:32:13:d1:68:16:
                    47:b3:f1:69:1d:39:26:89:30:4d:62:36:eb:f9:c1:
                    58:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:32:24:0A:6C:3A:CD:89:A9:00:17:81:90:B0:09:50:10:D9:AC:7F
            X509v3 Authority Key Identifier:
                keyid:95:E3:79:13:52:AC:82:C9:D2:07:43:42:4C:DC:61:70:09:6F:4F:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/leN5E1KsgsnSB0NCTNxhcAlvT68.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:d3:72:49:60:85:f2:ca:34:d9:4e:50:fd:d5:21:49:4a:68:
         40:1f:d2:55:c2:89:df:25:33:83:b3:82:49:dc:3a:d9:8c:3a:
         92:ee:ef:94:75:1f:81:06:02:0b:7e:2d:72:6d:a5:73:70:73:
         52:a6:27:08:72:fc:dc:42:e9:bd:f7:9e:23:8d:a6:91:95:1c:
         06:d4:af:15:78:f7:8e:ad:80:a5:3c:b8:13:9f:fd:90:fd:30:
         fe:83:c3:4a:a5:1a:5c:8c:92:a6:36:bb:e9:2a:1e:a8:95:be:
         50:55:ad:b3:5e:b0:c2:00:c5:c0:9c:e4:95:6b:c4:a4:e2:ee:
         bd:02:a1:9f:2f:1a:9d:0a:0b:63:0b:26:05:72:e4:01:b2:54:
         2d:ed:06:25:b3:3b:80:02:19:ac:0a:31:18:09:86:21:53:85:
         6a:0a:76:aa:8f:ce:9d:44:b9:de:1c:76:2c:3a:cf:7d:37:30:
         45:1f:eb:d6:ce:62:bb:b6:79:86:58:f8:8a:cd:92:e7:f9:e9:
         50:eb:de:b8:93:90:0e:11:2a:1e:96:6c:44:c2:e2:2b:5f:8f:
         20:66:f5:aa:89:1e:4f:3a:54:6e:8c:21:2e:67:40:2d:59:11:
         37:2a:46:c1:18:4f:32:5e:22:a9:74:61:6d:f4:3f:49:22:39:
         39:85:6e:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfCNvuJeUxhzOd996KldUjaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZTM3OTEzNTJhYzgyYzlkMjA3NDM0MjRjZGM2MTcwMDk2
ZjRmYWYwHhcNMjUwNjMwMTkwMTEyWhcNMjUwNzAxMTkwMTEyWjAzMTEwLwYDVQQD
Eyg1ODMyMjQwYTZjM2FjZDg5YTkwMDE3ODE5MGIwMDk1MDEwZDlhYzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlA6thwdULRk8NqXB7Wecbo275g2y
jJB463drPLNNIOgVudI0juX40bR6Ue5ijsQ310h0SksWfAFh1UIcxzT+tMlVPqpY
rz6XYYYFtnF+LIpS9OOk7Yt0kI8G90h4ZMX9HP9Qs5FYi5UrAo5fZieIbwXN6gk6
PrzyKjBkE7R4Pz9iKuuUIyA4e64Cg8f04ugBMkYVH2Yog4oxGoKb5XVV2ri0PrC1
2hqg+y6leHvpXkEhSQxORWIxPOTYMFlL7LiqjoxgQuPRUwZnKfTvz6U8fzrQdmzn
Q+R4nVSN0NCIBHqqSkbzH7pcGQfVMhPRaBZHs/FpHTkmiTBNYjbr+cFYXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFgyJApsOs2JqQAXgZCwCVAQ2ax/MB8GA1UdIwQY
MBaAFJXjeRNSrILJ0gdDQkzcYXAJb0+vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGVONUUxS3Nnc25TQjBOQ1ROeGhjQWx2VDY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xYTQ3MmYtYTEzNy00MmM5LWFjOWYt
NGMyYzBjOGYyNDYyLzEvbGVONUUxS3Nnc25TQjBOQ1ROeGhjQWx2VDY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xYTQ3MmYtYTEzNy00MmM5LWFjOWYtNGMyYzBjOGYyNDYy
LzEvbGVONUUxS3Nnc25TQjBOQ1ROeGhjQWx2VDY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUdNySWCF
8so02U5Q/dUhSUpoQB/SVcKJ3yUzg7OCSdw62Yw6ku7vlHUfgQYCC34tcm2lc3Bz
UqYnCHL83ELpvfeeI42mkZUcBtSvFXj3jq2ApTy4E5/9kP0w/oPDSqUaXIySpja7
6SoeqJW+UFWts16wwgDFwJzklWvEpOLuvQKhny8anQoLYwsmBXLkAbJULe0GJbM7
gAIZrAoxGAmGIVOFagp2qo/OnUS53hx2LDrPfTcwRR/r1s5iu7Z5hlj4is2S5/np
UOveuJOQDhEqHpZsRMLiK1+PIGb1qokeTzpUbowhLmdALVkRNypGwRhPMl4iqXRh
bfQ/SSI5OYVuQA==
-----END CERTIFICATE-----