Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.mft
File:                     l37KDVyVbeF79pcQRvLrlc5hXik.mft (raw, json)
Hash identifier:          HRQsMlf/uGOzJZWf6jrWRiyZeLXMbdslWkZVD+vmHRs=
Subject key identifier:   D1:1A:2E:00:A6:3E:5E:36:0B:39:45:4C:68:24:4A:E1:56:C8:B1:F5
Authority key identifier: 97:7E:CA:0D:5C:95:6D:E1:7B:F6:97:10:46:F2:EB:95:CE:61:5E:29
Certificate issuer:       /CN=977eca0d5c956de17bf6971046f2eb95ce615e29
Certificate serial:       0197B88FE655B47BEAA765A39F64C32B45C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l37KDVyVbeF79pcQRvLrlc5hXik.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.mft
Manifest number:          15B3
Signing time:             Sat 28 Jun 2025 22:02:07 +0000
Manifest this update:     Sat 28 Jun 2025 22:02:07 +0000
Manifest next update:     Sun 29 Jun 2025 22:02:07 +0000
Files and hashes:         1: l37KDVyVbeF79pcQRvLrlc5hXik.crl (hash: eXRVSf8Iqmde2U94iGqHxG6FdllhDVcQSBmArcig58w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/l37KDVyVbeF79pcQRvLrlc5hXik.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 22:02:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:e6:55:b4:7b:ea:a7:65:a3:9f:64:c3:2b:45:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=977eca0d5c956de17bf6971046f2eb95ce615e29
        Validity
            Not Before: Jun 28 22:02:07 2025 GMT
            Not After : Jun 29 22:02:07 2025 GMT
        Subject: CN=d11a2e00a63e5e360b39454c68244ae156c8b1f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:8c:4d:e5:7d:86:3e:ee:4b:93:5a:6e:03:4d:
                    16:6b:e7:ed:e5:01:eb:3f:6d:09:cb:ac:7d:7c:bc:
                    89:58:14:aa:d1:ee:c9:cc:05:64:ce:11:80:8c:7d:
                    14:13:f6:02:9c:21:6a:d9:29:02:6e:d9:7d:93:29:
                    dd:18:05:0a:0b:f9:d3:fb:76:a4:0d:53:f0:14:e7:
                    32:ce:b1:3a:67:11:d0:08:e2:b0:68:1e:d8:24:91:
                    d3:4b:a1:ae:11:39:c3:26:bc:95:2a:4b:32:30:be:
                    81:4e:23:4c:71:f6:dc:a5:92:5d:42:4c:73:71:8e:
                    77:8d:89:97:08:8f:cc:2e:4c:a1:4f:4c:97:9f:06:
                    ab:87:66:5d:73:69:81:e5:c6:4b:95:55:86:da:26:
                    bb:e9:a5:59:31:2e:b1:df:36:8d:1d:50:9b:91:b1:
                    f4:36:76:d0:b7:a4:6f:0a:c1:03:1a:ae:c5:79:00:
                    f3:95:dd:17:7f:6e:48:0f:b7:56:8d:0c:5d:ed:cc:
                    8e:d1:0e:7f:bc:7d:84:30:6b:d2:5a:91:31:b9:66:
                    ce:f2:01:7c:ab:5d:8d:fa:e3:6c:10:86:64:11:c2:
                    6c:ca:ab:26:f7:99:a8:26:85:51:ea:d8:f6:51:6d:
                    e0:1b:10:7d:5d:e7:c0:81:ab:d9:e9:f5:20:b3:d9:
                    c3:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:1A:2E:00:A6:3E:5E:36:0B:39:45:4C:68:24:4A:E1:56:C8:B1:F5
            X509v3 Authority Key Identifier:
                keyid:97:7E:CA:0D:5C:95:6D:E1:7B:F6:97:10:46:F2:EB:95:CE:61:5E:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l37KDVyVbeF79pcQRvLrlc5hXik.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b3:cb:0b:69:2b:49:81:80:88:94:56:ad:3f:26:d5:2d:5e:dc:
         61:af:22:eb:5e:14:15:e7:ba:fa:23:10:fb:03:8b:af:07:54:
         4c:7a:c0:12:75:48:38:f0:80:03:82:45:5b:96:08:c8:be:34:
         28:cb:4e:a4:4a:ad:72:f7:ba:c2:22:97:33:48:59:4a:12:a3:
         da:48:0e:00:76:a6:b0:56:e6:2e:dd:c1:fc:e0:67:36:29:c4:
         5c:da:f2:44:64:b2:d1:ad:39:fb:7d:fd:32:81:78:f3:4c:4b:
         a8:f9:02:f3:82:da:6f:9d:e7:b8:8e:66:0d:d9:52:92:32:26:
         61:a7:48:c1:c6:d8:9f:6b:15:2f:4c:d1:44:34:de:ac:ba:c1:
         f5:ec:cc:f7:1c:12:1d:2d:f3:49:9b:59:d3:eb:e6:ba:86:b5:
         d3:1b:88:a4:84:03:ed:42:e7:50:86:cf:ed:82:38:ad:3a:e2:
         21:1b:38:4f:59:68:74:1e:1d:1e:ec:af:e1:77:a8:58:5f:13:
         64:6b:ed:17:00:1e:d2:b3:4c:45:37:d5:95:89:c6:77:51:cf:
         3d:5d:18:75:75:62:38:85:56:45:a7:90:8c:45:96:d6:00:5a:
         a7:ac:bf:8e:dc:8b:f8:ed:55:02:9a:60:87:de:86:d5:b3:b7:
         2c:66:c3:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4j+ZVtHvqp2Wjn2TDK0XJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3N2VjYTBkNWM5NTZkZTE3YmY2OTcxMDQ2ZjJlYjk1Y2U2
MTVlMjkwHhcNMjUwNjI4MjIwMjA3WhcNMjUwNjI5MjIwMjA3WjAzMTEwLwYDVQQD
EyhkMTFhMmUwMGE2M2U1ZTM2MGIzOTQ1NGM2ODI0NGFlMTU2YzhiMWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4oxN5X2GPu5Lk1puA00Wa+ft5QHr
P20Jy6x9fLyJWBSq0e7JzAVkzhGAjH0UE/YCnCFq2SkCbtl9kyndGAUKC/nT+3ak
DVPwFOcyzrE6ZxHQCOKwaB7YJJHTS6GuETnDJryVKksyML6BTiNMcfbcpZJdQkxz
cY53jYmXCI/MLkyhT0yXnwarh2Zdc2mB5cZLlVWG2ia76aVZMS6x3zaNHVCbkbH0
NnbQt6RvCsEDGq7FeQDzld0Xf25ID7dWjQxd7cyO0Q5/vH2EMGvSWpExuWbO8gF8
q12N+uNsEIZkEcJsyqsm95moJoVR6tj2UW3gGxB9XefAgavZ6fUgs9nDBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNEaLgCmPl42CzlFTGgkSuFWyLH1MB8GA1UdIwQY
MBaAFJd+yg1clW3he/aXEEby65XOYV4pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDM3S0RWeVZiZUY3OXBjUVJ2THJsYzVoWGlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8zMmFiZDgtYmVkYi00YjdkLWE0NjMt
Nzk3MDZiMzQ1YmJiLzEvbDM3S0RWeVZiZUY3OXBjUVJ2THJsYzVoWGlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8zMmFiZDgtYmVkYi00YjdkLWE0NjMtNzk3MDZiMzQ1YmJi
LzEvbDM3S0RWeVZiZUY3OXBjUVJ2THJsYzVoWGlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs8sLaStJ
gYCIlFatPybVLV7cYa8i614UFee6+iMQ+wOLrwdUTHrAEnVIOPCAA4JFW5YIyL40
KMtOpEqtcve6wiKXM0hZShKj2kgOAHamsFbmLt3B/OBnNinEXNryRGSy0a05+339
MoF480xLqPkC84Lab53nuI5mDdlSkjImYadIwcbYn2sVL0zRRDTerLrB9ezM9xwS
HS3zSZtZ0+vmuoa10xuIpIQD7ULnUIbP7YI4rTriIRs4T1lodB4dHuyv4XeoWF8T
ZGvtFwAe0rNMRTfVlYnGd1HPPV0YdXViOIVWRaeQjEWW1gBap6y/jtyL+O1VAppg
h96G1bO3LGbDjQ==
-----END CERTIFICATE-----