Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/225f46-c456-4f65-a3db-4190b18460a7/1/L1OI95ZqevrAc2x57WA7K3iGVsQ.mft
File:                     L1OI95ZqevrAc2x57WA7K3iGVsQ.mft (raw, json)
Hash identifier:          pjMz6ybfO9aYCTR+tCi4gXLv4fHHcM0meMeyzEwnHzA=
Subject key identifier:   A0:19:16:1C:64:54:65:72:64:12:68:27:F6:09:1D:D5:46:62:15:0D
Authority key identifier: 2F:53:88:F7:96:6A:7A:FA:C0:73:6C:79:ED:60:3B:2B:78:86:56:C4
Certificate issuer:       /CN=2f5388f7966a7afac0736c79ed603b2b788656c4
Certificate serial:       0197B74534677B3C2EB64C84FF13E621BD01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L1OI95ZqevrAc2x57WA7K3iGVsQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/225f46-c456-4f65-a3db-4190b18460a7/1/L1OI95ZqevrAc2x57WA7K3iGVsQ.mft
Manifest number:          2C
Signing time:             Sat 28 Jun 2025 16:00:55 +0000
Manifest this update:     Sat 28 Jun 2025 16:00:55 +0000
Manifest next update:     Sun 29 Jun 2025 16:00:55 +0000
Files and hashes:         1: L1OI95ZqevrAc2x57WA7K3iGVsQ.crl (hash: GkNYnfeQX8XCzes+SmsA1aEWEmWG9K/ofP2X0ov3lnA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/225f46-c456-4f65-a3db-4190b18460a7/1/L1OI95ZqevrAc2x57WA7K3iGVsQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/225f46-c456-4f65-a3db-4190b18460a7/1/L1OI95ZqevrAc2x57WA7K3iGVsQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/L1OI95ZqevrAc2x57WA7K3iGVsQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:34:67:7b:3c:2e:b6:4c:84:ff:13:e6:21:bd:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f5388f7966a7afac0736c79ed603b2b788656c4
        Validity
            Not Before: Jun 28 16:00:55 2025 GMT
            Not After : Jun 29 16:00:55 2025 GMT
        Subject: CN=a019161c6454657264126827f6091dd54662150d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:d0:c3:e5:f9:47:a5:af:77:97:cd:98:d7:79:
                    2e:3d:96:97:f3:3b:d4:6e:b0:5e:e4:59:85:5c:bd:
                    87:2a:b1:3a:95:16:36:e6:f4:66:87:43:c1:e3:26:
                    83:77:ef:48:d3:d8:36:5e:72:e4:34:95:26:bf:34:
                    a2:94:cf:aa:40:68:2d:8c:b6:2c:d1:7c:71:f9:b7:
                    84:a5:02:92:e1:8f:79:b1:34:79:56:95:08:7a:03:
                    35:5a:e2:5b:42:6a:a4:73:44:50:75:1b:00:c4:35:
                    17:c0:e9:d3:65:41:d5:0d:bd:1a:36:d1:65:b5:26:
                    65:aa:4f:08:4f:0d:1e:4b:52:a3:b7:e9:17:2a:64:
                    65:48:46:79:38:99:f4:ce:8b:68:b0:a4:7a:12:7a:
                    3c:40:04:a7:e9:7d:e3:fa:7b:2d:81:b6:93:e8:10:
                    77:76:02:61:7d:4e:59:1f:73:84:b2:90:19:58:5b:
                    72:95:91:ea:4e:a1:fa:4e:e7:e4:8b:83:e3:8f:d4:
                    1e:00:c4:24:db:27:9f:2d:8a:87:e3:77:7a:76:ea:
                    28:ba:b5:09:8a:56:5a:cf:76:f9:fc:ad:64:9a:34:
                    3e:c1:e5:9c:fe:c0:13:b2:a1:fa:d4:94:d1:a6:9e:
                    ed:9f:6e:f7:d9:40:f9:5b:04:ba:98:41:fa:70:d7:
                    5a:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:19:16:1C:64:54:65:72:64:12:68:27:F6:09:1D:D5:46:62:15:0D
            X509v3 Authority Key Identifier:
                keyid:2F:53:88:F7:96:6A:7A:FA:C0:73:6C:79:ED:60:3B:2B:78:86:56:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L1OI95ZqevrAc2x57WA7K3iGVsQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/225f46-c456-4f65-a3db-4190b18460a7/1/L1OI95ZqevrAc2x57WA7K3iGVsQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/225f46-c456-4f65-a3db-4190b18460a7/1/L1OI95ZqevrAc2x57WA7K3iGVsQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:2f:17:fb:e9:b7:df:5c:61:b2:65:5f:ce:8e:d1:81:ef:31:
         4c:78:62:33:7b:7e:a6:f7:d3:72:3c:55:5b:67:ee:6f:b4:24:
         71:05:1d:12:15:a9:27:14:fa:4f:81:ff:43:8d:25:df:bf:20:
         b6:ce:4b:08:e0:73:61:2b:ea:1e:3f:38:b7:80:ff:84:79:da:
         ea:8c:ad:80:fb:8a:f8:d5:c3:7d:a7:90:cd:28:6f:13:c0:9a:
         5e:69:84:77:78:cf:24:86:ad:0e:43:d4:56:5a:10:89:4d:72:
         85:ae:62:33:34:5e:78:97:1b:04:47:65:58:73:5f:19:bd:ac:
         28:6a:12:61:be:ca:b8:2f:b4:b3:ab:8b:46:5c:cd:fc:19:22:
         ae:44:2c:62:95:fa:5a:33:1b:16:f6:c4:70:68:5c:59:b3:2a:
         9f:8a:1b:9f:a5:87:9c:1c:ca:dd:8c:83:fc:f1:37:95:93:37:
         3a:5e:7c:9b:be:16:53:da:cd:08:57:63:24:55:f3:85:11:35:
         4d:19:69:c3:0d:70:29:97:04:97:03:6c:e1:b5:b0:af:de:da:
         22:12:71:7f:16:b9:cb:33:47:39:2a:14:a0:05:b9:9a:00:6c:
         4c:a7:41:8d:fe:26:1a:21:90:ba:c3:13:af:a9:fb:c7:c2:14:
         4f:31:63:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RTRnezwutkyE/xPmIb0BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNTM4OGY3OTY2YTdhZmFjMDczNmM3OWVkNjAzYjJiNzg4
NjU2YzQwHhcNMjUwNjI4MTYwMDU1WhcNMjUwNjI5MTYwMDU1WjAzMTEwLwYDVQQD
EyhhMDE5MTYxYzY0NTQ2NTcyNjQxMjY4MjdmNjA5MWRkNTQ2NjIxNTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktDD5flHpa93l82Y13kuPZaX8zvU
brBe5FmFXL2HKrE6lRY25vRmh0PB4yaDd+9I09g2XnLkNJUmvzSilM+qQGgtjLYs
0Xxx+beEpQKS4Y95sTR5VpUIegM1WuJbQmqkc0RQdRsAxDUXwOnTZUHVDb0aNtFl
tSZlqk8ITw0eS1Kjt+kXKmRlSEZ5OJn0zotosKR6Eno8QASn6X3j+nstgbaT6BB3
dgJhfU5ZH3OEspAZWFtylZHqTqH6Tufki4Pjj9QeAMQk2yefLYqH43d6duoourUJ
ilZaz3b5/K1kmjQ+weWc/sATsqH61JTRpp7tn2732UD5WwS6mEH6cNdaiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKAZFhxkVGVyZBJoJ/YJHdVGYhUNMB8GA1UdIwQY
MBaAFC9TiPeWanr6wHNsee1gOyt4hlbEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDFPSTk1WnFldnJBYzJ4NTdXQTdLM2lHVnNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8yMjVmNDYtYzQ1Ni00ZjY1LWEzZGIt
NDE5MGIxODQ2MGE3LzEvTDFPSTk1WnFldnJBYzJ4NTdXQTdLM2lHVnNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8yMjVmNDYtYzQ1Ni00ZjY1LWEzZGItNDE5MGIxODQ2MGE3
LzEvTDFPSTk1WnFldnJBYzJ4NTdXQTdLM2lHVnNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAey8X++m3
31xhsmVfzo7Rge8xTHhiM3t+pvfTcjxVW2fub7QkcQUdEhWpJxT6T4H/Q40l378g
ts5LCOBzYSvqHj84t4D/hHna6oytgPuK+NXDfaeQzShvE8CaXmmEd3jPJIatDkPU
VloQiU1yha5iMzReeJcbBEdlWHNfGb2sKGoSYb7KuC+0s6uLRlzN/BkirkQsYpX6
WjMbFvbEcGhcWbMqn4obn6WHnBzK3YyD/PE3lZM3Ol58m74WU9rNCFdjJFXzhRE1
TRlpww1wKZcElwNs4bWwr97aIhJxfxa5yzNHOSoUoAW5mgBsTKdBjf4mGiGQusMT
r6n7x8IUTzFjpw==
-----END CERTIFICATE-----