Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/edc41e-352e-412b-9ae6-a0951ef7dfcd/1/lkptHqRrxAuqMavE9ByQZn7-Nu0.mft
File:                     lkptHqRrxAuqMavE9ByQZn7-Nu0.mft (raw, json)
Hash identifier:          gIyC0rrjdG//ghOdOmKo7Z7ShM2XUR5SrQI+Yscgafc=
Subject key identifier:   09:65:F8:2B:A8:10:5A:0C:54:5C:DE:DC:28:4B:B5:33:A4:B7:A9:4D
Authority key identifier: 96:4A:6D:1E:A4:6B:C4:0B:AA:31:AB:C4:F4:1C:90:66:7E:FE:36:ED
Certificate issuer:       /CN=964a6d1ea46bc40baa31abc4f41c90667efe36ed
Certificate serial:       0197BA7E5E840BF65EE06813E4D3241319A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lkptHqRrxAuqMavE9ByQZn7-Nu0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/edc41e-352e-412b-9ae6-a0951ef7dfcd/1/lkptHqRrxAuqMavE9ByQZn7-Nu0.mft
Manifest number:          0683
Signing time:             Sun 29 Jun 2025 07:02:13 +0000
Manifest this update:     Sun 29 Jun 2025 07:02:13 +0000
Manifest next update:     Mon 30 Jun 2025 07:02:13 +0000
Files and hashes:         1: lkptHqRrxAuqMavE9ByQZn7-Nu0.crl (hash: DS1obISqDrf33p3ojwFvqP09dpxxtpa7gOmMuq9uBJY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/edc41e-352e-412b-9ae6-a0951ef7dfcd/1/lkptHqRrxAuqMavE9ByQZn7-Nu0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/edc41e-352e-412b-9ae6-a0951ef7dfcd/1/lkptHqRrxAuqMavE9ByQZn7-Nu0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lkptHqRrxAuqMavE9ByQZn7-Nu0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 04:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:ba:7e:5e:84:0b:f6:5e:e0:68:13:e4:d3:24:13:19:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=964a6d1ea46bc40baa31abc4f41c90667efe36ed
        Validity
            Not Before: Jun 29 07:02:13 2025 GMT
            Not After : Jun 30 07:02:13 2025 GMT
        Subject: CN=0965f82ba8105a0c545cdedc284bb533a4b7a94d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:04:0d:4f:3e:73:5b:ef:71:1e:8b:5d:2c:58:
                    23:99:85:fc:02:04:0c:ba:e6:a5:f6:c6:ec:23:89:
                    4a:af:10:46:ff:be:d4:42:3b:f1:d3:9a:97:9e:ee:
                    c0:ae:5e:67:d6:0c:a8:3e:7e:1e:b8:fc:ae:1f:03:
                    ee:6d:7b:42:ee:4c:5a:04:47:d0:85:1e:8e:1f:23:
                    b5:f7:52:d3:ab:1c:53:ca:1c:46:34:37:d0:84:74:
                    c2:79:e8:8a:05:f9:24:34:36:e2:b2:5a:68:94:27:
                    3f:6c:c8:66:7a:14:a5:57:d7:fb:08:f8:8e:90:bd:
                    a3:7f:9a:f6:09:a4:6d:73:b2:09:56:43:c4:52:6b:
                    17:21:a7:d5:f6:ad:e4:2d:c2:1d:76:9b:3c:5b:1b:
                    45:43:31:45:ba:52:d8:ca:74:55:0e:d6:fa:5f:6f:
                    b2:d3:e4:8b:c2:56:86:c7:1a:2f:eb:95:40:64:2a:
                    87:2b:58:0b:2a:01:04:e6:1b:c0:b7:02:46:91:17:
                    fe:21:cb:f9:bf:a9:03:73:1d:58:6c:b1:20:67:9c:
                    a6:21:97:b6:c3:b8:72:ca:44:60:aa:fb:51:96:60:
                    62:7f:d9:fe:2b:ac:fc:d5:0c:6d:42:bf:ca:3e:5f:
                    24:b3:bb:79:f5:2d:5b:d1:70:ec:5c:da:b4:6d:ce:
                    80:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:65:F8:2B:A8:10:5A:0C:54:5C:DE:DC:28:4B:B5:33:A4:B7:A9:4D
            X509v3 Authority Key Identifier:
                keyid:96:4A:6D:1E:A4:6B:C4:0B:AA:31:AB:C4:F4:1C:90:66:7E:FE:36:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lkptHqRrxAuqMavE9ByQZn7-Nu0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/edc41e-352e-412b-9ae6-a0951ef7dfcd/1/lkptHqRrxAuqMavE9ByQZn7-Nu0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/edc41e-352e-412b-9ae6-a0951ef7dfcd/1/lkptHqRrxAuqMavE9ByQZn7-Nu0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:8d:d0:b2:80:e0:05:17:f4:e8:81:75:1d:6b:f0:d3:36:2c:
         db:da:39:89:5b:c0:ab:8d:2c:97:18:7f:f0:91:fc:a0:0c:4c:
         62:13:4b:09:e4:20:d4:f8:ee:45:4f:48:94:3a:39:9a:32:ba:
         fe:34:cb:3a:46:e0:33:ba:ef:24:4a:78:1d:e9:4f:39:8e:68:
         ea:f9:a0:81:08:b3:9d:10:dd:99:1d:c9:ee:83:e7:94:d5:53:
         ef:7a:65:01:42:03:b4:9b:09:a9:d4:b7:f8:74:3f:2e:a7:aa:
         29:d0:b1:c3:3f:10:d0:cd:df:39:66:09:8e:c9:c3:3e:3b:05:
         2a:91:84:ae:50:93:a7:d3:0f:66:38:32:6b:f7:b3:88:18:4c:
         67:d8:a4:d8:7b:58:32:17:6e:ad:37:eb:00:cd:dd:61:cd:da:
         88:1b:eb:f4:8f:47:45:11:91:b1:1a:31:d1:fb:9a:7b:ac:5a:
         27:8b:9c:ef:60:c3:94:01:8d:d9:a1:03:96:58:fa:eb:71:f4:
         68:f4:b6:08:0d:af:cb:6b:0d:20:5f:f3:49:8d:14:85:a5:8e:
         bb:eb:e7:31:da:fe:e2:bc:dc:04:1c:29:7b:95:8c:44:f9:ff:
         06:ab:39:9b:89:b6:3b:85:54:b8:e6:ac:a1:be:ec:1d:d0:0d:
         3d:9b:f0:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe6fl6EC/Ze4GgT5NMkExmiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2NGE2ZDFlYTQ2YmM0MGJhYTMxYWJjNGY0MWM5MDY2N2Vm
ZTM2ZWQwHhcNMjUwNjI5MDcwMjEzWhcNMjUwNjMwMDcwMjEzWjAzMTEwLwYDVQQD
EygwOTY1ZjgyYmE4MTA1YTBjNTQ1Y2RlZGMyODRiYjUzM2E0YjdhOTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwQNTz5zW+9xHotdLFgjmYX8AgQM
uual9sbsI4lKrxBG/77UQjvx05qXnu7Arl5n1gyoPn4euPyuHwPubXtC7kxaBEfQ
hR6OHyO191LTqxxTyhxGNDfQhHTCeeiKBfkkNDbislpolCc/bMhmehSlV9f7CPiO
kL2jf5r2CaRtc7IJVkPEUmsXIafV9q3kLcIddps8WxtFQzFFulLYynRVDtb6X2+y
0+SLwlaGxxov65VAZCqHK1gLKgEE5hvAtwJGkRf+Icv5v6kDcx1YbLEgZ5ymIZe2
w7hyykRgqvtRlmBif9n+K6z81QxtQr/KPl8ks7t59S1b0XDsXNq0bc6AnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAll+CuoEFoMVFze3ChLtTOkt6lNMB8GA1UdIwQY
MBaAFJZKbR6ka8QLqjGrxPQckGZ+/jbtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGtwdEhxUnJ4QXVxTWF2RTlCeVFabjctTnUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lZGM0MWUtMzUyZS00MTJiLTlhZTYt
YTA5NTFlZjdkZmNkLzEvbGtwdEhxUnJ4QXVxTWF2RTlCeVFabjctTnUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lZGM0MWUtMzUyZS00MTJiLTlhZTYtYTA5NTFlZjdkZmNk
LzEvbGtwdEhxUnJ4QXVxTWF2RTlCeVFabjctTnUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABY3QsoDg
BRf06IF1HWvw0zYs29o5iVvAq40slxh/8JH8oAxMYhNLCeQg1PjuRU9IlDo5mjK6
/jTLOkbgM7rvJEp4HelPOY5o6vmggQiznRDdmR3J7oPnlNVT73plAUIDtJsJqdS3
+HQ/LqeqKdCxwz8Q0M3fOWYJjsnDPjsFKpGErlCTp9MPZjgya/eziBhMZ9ik2HtY
MhdurTfrAM3dYc3aiBvr9I9HRRGRsRox0fuae6xaJ4uc72DDlAGN2aEDllj663H0
aPS2CA2vy2sNIF/zSY0UhaWOu+vnMdr+4rzcBBwpe5WMRPn/Bqs5m4m2O4VUuOas
ob7sHdANPZvwWQ==
-----END CERTIFICATE-----