Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/225f46-c456-4f65-a3db-4190b18460a7/1/L1OI95ZqevrAc2x57WA7K3iGVsQ.mft
File:                     L1OI95ZqevrAc2x57WA7K3iGVsQ.mft (raw, json)
Hash identifier:          EbOPG3+rjPTA6LOlFD5TFeYGlCdXK7hh7WcF3G33dG4=
Subject key identifier:   24:E1:30:AF:5F:7F:EA:A5:89:E1:5E:1D:0D:B8:DD:2F:89:05:88:1C
Authority key identifier: 2F:53:88:F7:96:6A:7A:FA:C0:73:6C:79:ED:60:3B:2B:78:86:56:C4
Certificate issuer:       /CN=2f5388f7966a7afac0736c79ed603b2b788656c4
Certificate serial:       0198D705B09633911C52C51A267BD9E8D760
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L1OI95ZqevrAc2x57WA7K3iGVsQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/225f46-c456-4f65-a3db-4190b18460a7/1/L1OI95ZqevrAc2x57WA7K3iGVsQ.mft
Manifest number:          C1
Signing time:             Sat 23 Aug 2025 13:02:10 +0000
Manifest this update:     Sat 23 Aug 2025 13:02:10 +0000
Manifest next update:     Sun 24 Aug 2025 13:02:10 +0000
Files and hashes:         1: L1OI95ZqevrAc2x57WA7K3iGVsQ.crl (hash: v+ewJLUzw/deqUV4NNLIQag4ICGF2+im9mFqDNkPDF4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/225f46-c456-4f65-a3db-4190b18460a7/1/L1OI95ZqevrAc2x57WA7K3iGVsQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/225f46-c456-4f65-a3db-4190b18460a7/1/L1OI95ZqevrAc2x57WA7K3iGVsQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/L1OI95ZqevrAc2x57WA7K3iGVsQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 13:02:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:05:b0:96:33:91:1c:52:c5:1a:26:7b:d9:e8:d7:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f5388f7966a7afac0736c79ed603b2b788656c4
        Validity
            Not Before: Aug 23 13:02:10 2025 GMT
            Not After : Aug 24 13:02:10 2025 GMT
        Subject: CN=24e130af5f7feaa589e15e1d0db8dd2f8905881c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:12:07:74:7e:e1:bb:5e:18:61:29:17:67:d5:
                    2a:38:3e:7d:93:7d:fe:78:8e:1e:ed:2d:b2:8b:c6:
                    75:9a:6d:fb:d3:40:c6:cb:ef:d7:1a:dd:97:7c:75:
                    b8:1d:3a:33:83:2a:9e:18:01:49:5e:45:f6:bc:f6:
                    ba:91:4d:6e:c4:b3:46:f3:75:e6:f2:5b:94:22:34:
                    4c:cc:8b:50:1c:75:b0:cf:ff:01:83:3f:33:cc:c5:
                    1d:6c:86:21:5d:52:91:d3:ad:27:bd:23:b0:87:32:
                    e7:79:bc:ef:9a:d0:2a:32:5e:9b:0a:a6:1f:0b:4a:
                    c6:9b:78:03:90:6b:88:22:1c:47:b8:78:bc:bb:51:
                    15:12:9c:83:5f:7a:92:fe:71:e5:dd:18:fd:f4:95:
                    ab:75:e0:42:7f:23:64:d0:2d:0b:3d:ba:ce:dc:53:
                    67:d0:8b:76:df:22:b2:15:a0:7e:35:7e:a8:1e:f9:
                    9d:02:fe:44:cb:82:23:14:d6:3c:c2:e9:30:6f:24:
                    85:72:11:1b:8b:75:bc:12:f0:6f:dc:6c:6a:c8:56:
                    56:21:40:1e:cb:3a:7d:6c:1d:8e:75:51:5e:87:4a:
                    66:a0:62:7b:d0:78:74:c1:ee:89:e7:12:89:1a:54:
                    98:b8:81:61:81:22:15:d3:69:37:26:42:a0:60:d1:
                    72:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:E1:30:AF:5F:7F:EA:A5:89:E1:5E:1D:0D:B8:DD:2F:89:05:88:1C
            X509v3 Authority Key Identifier:
                keyid:2F:53:88:F7:96:6A:7A:FA:C0:73:6C:79:ED:60:3B:2B:78:86:56:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L1OI95ZqevrAc2x57WA7K3iGVsQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/225f46-c456-4f65-a3db-4190b18460a7/1/L1OI95ZqevrAc2x57WA7K3iGVsQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/225f46-c456-4f65-a3db-4190b18460a7/1/L1OI95ZqevrAc2x57WA7K3iGVsQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c9:14:65:d0:e1:1f:58:67:34:c4:b5:01:1e:56:63:45:d5:0e:
         ba:f9:80:4b:6d:80:9d:f3:9d:61:35:04:b9:8e:8e:97:08:46:
         61:5e:b6:d5:d7:91:b0:66:03:c3:93:5b:7f:ae:41:89:93:14:
         46:74:df:c3:a2:69:ab:b9:d0:5c:78:c4:8b:be:7d:ff:78:46:
         9b:f7:68:0f:fc:bd:d8:fc:f4:33:bc:37:06:e9:ba:49:79:bb:
         c6:3d:c8:c7:72:ba:21:83:cb:8a:c2:d7:f1:07:89:e6:a0:2d:
         9b:1c:f1:86:74:d8:1b:dc:f1:6a:6d:de:4a:7b:e9:c8:cd:c7:
         74:d3:ee:63:87:73:0a:39:7f:f5:90:e8:e0:b4:55:09:6b:3c:
         c5:c6:6a:fe:35:06:c5:fb:8a:3c:25:c4:80:d5:a0:f4:cc:6c:
         7b:8f:84:27:36:b0:40:c4:6d:e3:c1:04:b2:fc:1e:1f:97:e7:
         35:c9:6c:2e:44:cd:9a:cd:c6:bd:40:24:c3:29:9a:7e:06:59:
         57:29:df:df:ec:23:88:5c:43:a0:ac:d8:bc:e0:6a:16:b6:9a:
         0f:b2:cc:b4:07:cc:fb:78:09:79:1e:ef:21:c6:50:ce:43:3a:
         78:9e:3e:94:bf:4d:d0:c9:12:2b:8c:08:8a:ae:78:41:10:15:
         42:9f:99:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXBbCWM5EcUsUaJnvZ6NdgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNTM4OGY3OTY2YTdhZmFjMDczNmM3OWVkNjAzYjJiNzg4
NjU2YzQwHhcNMjUwODIzMTMwMjEwWhcNMjUwODI0MTMwMjEwWjAzMTEwLwYDVQQD
EygyNGUxMzBhZjVmN2ZlYWE1ODllMTVlMWQwZGI4ZGQyZjg5MDU4ODFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxIHdH7hu14YYSkXZ9UqOD59k33+
eI4e7S2yi8Z1mm3700DGy+/XGt2XfHW4HTozgyqeGAFJXkX2vPa6kU1uxLNG83Xm
8luUIjRMzItQHHWwz/8Bgz8zzMUdbIYhXVKR060nvSOwhzLnebzvmtAqMl6bCqYf
C0rGm3gDkGuIIhxHuHi8u1EVEpyDX3qS/nHl3Rj99JWrdeBCfyNk0C0LPbrO3FNn
0It23yKyFaB+NX6oHvmdAv5Ey4IjFNY8wukwbySFchEbi3W8EvBv3GxqyFZWIUAe
yzp9bB2OdVFeh0pmoGJ70Hh0we6J5xKJGlSYuIFhgSIV02k3JkKgYNFykwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCThMK9ff+qlieFeHQ243S+JBYgcMB8GA1UdIwQY
MBaAFC9TiPeWanr6wHNsee1gOyt4hlbEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDFPSTk1WnFldnJBYzJ4NTdXQTdLM2lHVnNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8yMjVmNDYtYzQ1Ni00ZjY1LWEzZGIt
NDE5MGIxODQ2MGE3LzEvTDFPSTk1WnFldnJBYzJ4NTdXQTdLM2lHVnNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8yMjVmNDYtYzQ1Ni00ZjY1LWEzZGItNDE5MGIxODQ2MGE3
LzEvTDFPSTk1WnFldnJBYzJ4NTdXQTdLM2lHVnNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyRRl0OEf
WGc0xLUBHlZjRdUOuvmAS22AnfOdYTUEuY6OlwhGYV621deRsGYDw5Nbf65BiZMU
RnTfw6Jpq7nQXHjEi759/3hGm/doD/y92Pz0M7w3Bum6SXm7xj3Ix3K6IYPLisLX
8QeJ5qAtmxzxhnTYG9zxam3eSnvpyM3HdNPuY4dzCjl/9ZDo4LRVCWs8xcZq/jUG
xfuKPCXEgNWg9Mxse4+EJzawQMRt48EEsvweH5fnNclsLkTNms3GvUAkwymafgZZ
Vynf3+wjiFxDoKzYvOBqFraaD7LMtAfM+3gJeR7vIcZQzkM6eJ4+lL9N0MkSK4wI
iq54QRAVQp+ZFQ==
-----END CERTIFICATE-----