Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.mft
File:                     lKTi_J7qzc9bD1CrkyhM07CUIXE.mft (raw, json)
Hash identifier:          hVA0Q+mKuM30ScYElkIz68Z8M5sMqWZ+natJjyyCodA=
Subject key identifier:   1A:37:71:B7:53:3F:82:38:79:C6:1B:4E:FA:AE:4D:49:DA:6A:C9:EA
Authority key identifier: 94:A4:E2:FC:9E:EA:CD:CF:5B:0F:50:AB:93:28:4C:D3:B0:94:21:71
Certificate issuer:       /CN=94a4e2fc9eeacdcf5b0f50ab93284cd3b0942171
Certificate serial:       0197B89042A0C80D1D5379E7FB9DEC783EE1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lKTi_J7qzc9bD1CrkyhM07CUIXE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.mft
Manifest number:          0D75
Signing time:             Sat 28 Jun 2025 22:02:31 +0000
Manifest this update:     Sat 28 Jun 2025 22:02:31 +0000
Manifest next update:     Sun 29 Jun 2025 22:02:31 +0000
Files and hashes:         1: lKTi_J7qzc9bD1CrkyhM07CUIXE.crl (hash: RV3IFbQIdAur8qVZFS+/i2S+dkaf7L70a7Nc9oCzQuk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lKTi_J7qzc9bD1CrkyhM07CUIXE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 22:02:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:90:42:a0:c8:0d:1d:53:79:e7:fb:9d:ec:78:3e:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94a4e2fc9eeacdcf5b0f50ab93284cd3b0942171
        Validity
            Not Before: Jun 28 22:02:31 2025 GMT
            Not After : Jun 29 22:02:31 2025 GMT
        Subject: CN=1a3771b7533f823879c61b4efaae4d49da6ac9ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:79:e5:da:c0:2a:8b:eb:2e:bd:97:4f:63:c0:
                    92:82:20:a4:ff:24:be:58:7e:6f:e5:fa:eb:5a:3c:
                    19:62:98:dc:c0:0a:03:e1:81:1a:f2:54:c0:bd:2f:
                    e1:54:f4:18:07:ee:36:8b:55:8c:c8:35:a1:b4:f9:
                    51:18:96:b4:02:7a:18:7d:6d:6d:9e:2e:01:e3:f8:
                    ec:03:dc:3f:97:61:51:4d:73:6d:ef:4a:b3:30:7e:
                    ba:7c:58:8f:05:c0:d2:c1:08:1f:f8:67:40:9d:43:
                    51:1d:10:00:24:9b:31:00:7a:7d:41:40:29:84:02:
                    9d:f5:fe:a2:85:eb:ba:d4:35:99:b7:4e:75:4b:4d:
                    c6:12:10:ba:55:d2:29:49:4e:bc:2c:3e:8d:f0:dc:
                    21:aa:ac:d5:2c:25:f4:8d:1c:a8:2c:f7:9f:a3:35:
                    6d:93:22:d8:41:e7:0e:91:81:a5:be:55:11:e3:c2:
                    fc:e7:a9:58:41:50:01:37:60:2f:ba:dc:0a:b2:a7:
                    d4:33:42:35:b7:2c:14:96:19:3a:35:4b:a6:02:c8:
                    6e:cc:49:37:fe:1e:f1:10:b5:2b:6a:41:ed:0c:3f:
                    e2:07:c0:77:9e:d8:08:b0:70:11:4f:16:d2:d4:ba:
                    92:98:7d:57:eb:60:ce:32:c7:ff:37:11:61:6e:44:
                    60:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:37:71:B7:53:3F:82:38:79:C6:1B:4E:FA:AE:4D:49:DA:6A:C9:EA
            X509v3 Authority Key Identifier:
                keyid:94:A4:E2:FC:9E:EA:CD:CF:5B:0F:50:AB:93:28:4C:D3:B0:94:21:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lKTi_J7qzc9bD1CrkyhM07CUIXE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:81:5e:df:89:86:f6:49:4e:82:41:57:d5:c9:6d:3b:fa:c2:
         17:94:f4:e2:6c:6c:bf:46:bd:75:6c:ae:17:88:ea:28:46:18:
         82:47:8a:96:01:ff:67:40:cb:55:ba:a6:ec:46:bd:78:d6:84:
         83:bd:a6:bc:b6:4c:2e:0e:c2:25:64:a3:54:49:de:19:0d:b0:
         ea:f6:ba:05:90:1f:87:a6:5b:ed:d2:a1:83:ce:d3:a5:c9:7b:
         2b:ed:66:2e:8d:3d:33:d5:14:d0:25:08:27:94:93:61:22:5b:
         46:8e:8d:de:b3:3a:63:8b:ea:cc:a9:37:84:cc:7b:90:55:51:
         ea:53:c0:9c:04:2b:df:93:ff:fc:37:eb:24:0a:c3:a9:03:10:
         07:14:9b:88:37:c9:de:b5:46:ea:9e:9c:9f:0c:d4:65:20:b9:
         d4:c7:f6:b5:89:f0:b1:28:a6:91:46:d1:ec:f9:5e:78:7d:6b:
         c8:c6:9f:0f:df:3b:0f:05:83:f5:3d:07:47:cf:59:02:bf:d9:
         5f:7f:3b:39:a2:56:49:6e:78:42:33:bc:1b:e1:eb:1e:c2:d5:
         de:64:e7:53:79:c2:4a:d4:5b:0a:48:97:23:fa:0d:78:e0:5c:
         02:89:0d:c0:f3:79:5d:cf:0f:70:e4:31:a7:0a:b0:d8:7a:aa:
         36:f1:f9:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4kEKgyA0dU3nn+53seD7hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0YTRlMmZjOWVlYWNkY2Y1YjBmNTBhYjkzMjg0Y2QzYjA5
NDIxNzEwHhcNMjUwNjI4MjIwMjMxWhcNMjUwNjI5MjIwMjMxWjAzMTEwLwYDVQQD
EygxYTM3NzFiNzUzM2Y4MjM4NzljNjFiNGVmYWFlNGQ0OWRhNmFjOWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnnl2sAqi+suvZdPY8CSgiCk/yS+
WH5v5frrWjwZYpjcwAoD4YEa8lTAvS/hVPQYB+42i1WMyDWhtPlRGJa0AnoYfW1t
ni4B4/jsA9w/l2FRTXNt70qzMH66fFiPBcDSwQgf+GdAnUNRHRAAJJsxAHp9QUAp
hAKd9f6iheu61DWZt051S03GEhC6VdIpSU68LD6N8NwhqqzVLCX0jRyoLPefozVt
kyLYQecOkYGlvlUR48L856lYQVABN2AvutwKsqfUM0I1tywUlhk6NUumAshuzEk3
/h7xELUrakHtDD/iB8B3ntgIsHARTxbS1LqSmH1X62DOMsf/NxFhbkRgEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBo3cbdTP4I4ecYbTvquTUnaasnqMB8GA1UdIwQY
MBaAFJSk4vye6s3PWw9Qq5MoTNOwlCFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEtUaV9KN3F6YzliRDFDcmt5aE0wN0NVSVhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZmY3YTctMjdjYi00MDcyLWIzM2It
MDI0OGQ2YWZkNjNmLzEvbEtUaV9KN3F6YzliRDFDcmt5aE0wN0NVSVhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zZmY3YTctMjdjYi00MDcyLWIzM2ItMDI0OGQ2YWZkNjNm
LzEvbEtUaV9KN3F6YzliRDFDcmt5aE0wN0NVSVhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJYFe34mG
9klOgkFX1cltO/rCF5T04mxsv0a9dWyuF4jqKEYYgkeKlgH/Z0DLVbqm7Ea9eNaE
g72mvLZMLg7CJWSjVEneGQ2w6va6BZAfh6Zb7dKhg87Tpcl7K+1mLo09M9UU0CUI
J5STYSJbRo6N3rM6Y4vqzKk3hMx7kFVR6lPAnAQr35P//DfrJArDqQMQBxSbiDfJ
3rVG6p6cnwzUZSC51Mf2tYnwsSimkUbR7PleeH1ryMafD987DwWD9T0HR89ZAr/Z
X387OaJWSW54QjO8G+HrHsLV3mTnU3nCStRbCkiXI/oNeOBcAokNwPN5Xc8PcOQx
pwqw2HqqNvH50w==
-----END CERTIFICATE-----