Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.mft
File:                     lKTi_J7qzc9bD1CrkyhM07CUIXE.mft (raw, json)
Hash identifier:          DvcaMo7TuOLly3uK+ujyB5nbwBMp7gdjCDk2bw9eyq0=
Subject key identifier:   2D:7E:AD:D6:4B:6F:89:0F:94:06:BD:A0:BA:BB:0F:B4:8B:4E:B2:9E
Authority key identifier: 94:A4:E2:FC:9E:EA:CD:CF:5B:0F:50:AB:93:28:4C:D3:B0:94:21:71
Certificate issuer:       /CN=94a4e2fc9eeacdcf5b0f50ab93284cd3b0942171
Certificate serial:       0198D65F1AB04F3B806646F592E8B267D357
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lKTi_J7qzc9bD1CrkyhM07CUIXE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.mft
Manifest number:          0E09
Signing time:             Sat 23 Aug 2025 10:00:13 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:13 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:13 +0000
Files and hashes:         1: lKTi_J7qzc9bD1CrkyhM07CUIXE.crl (hash: wuipy6a85M8YQdrcHKArWvIYwr+2wqwG+x+4+dLT/w8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lKTi_J7qzc9bD1CrkyhM07CUIXE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:1a:b0:4f:3b:80:66:46:f5:92:e8:b2:67:d3:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94a4e2fc9eeacdcf5b0f50ab93284cd3b0942171
        Validity
            Not Before: Aug 23 10:00:13 2025 GMT
            Not After : Aug 24 10:00:13 2025 GMT
        Subject: CN=2d7eadd64b6f890f9406bda0babb0fb48b4eb29e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:37:4e:ce:c6:dd:57:d1:db:9f:ac:da:26:c4:
                    27:b6:53:fb:10:79:cd:20:0a:11:8e:bb:03:5b:1e:
                    df:a0:7a:1d:c5:22:92:5b:cc:07:ea:16:69:e9:14:
                    43:20:45:1c:1c:f6:10:7d:be:2e:8b:9b:c6:48:5b:
                    49:f1:15:6a:50:12:2a:e6:86:74:8b:92:df:ef:0e:
                    19:d1:20:30:d2:8a:dc:c6:c4:e9:81:b2:c3:ed:66:
                    d2:9c:fc:8e:a8:17:77:58:44:21:53:b0:69:90:3f:
                    e1:22:69:14:e8:67:97:35:a3:f0:52:45:1c:03:4e:
                    cb:98:f9:66:b7:ea:42:19:9e:36:3d:c6:53:fe:49:
                    f7:8b:75:a2:3a:b2:64:d9:26:2c:7a:42:b3:f7:42:
                    e3:32:29:e8:e7:09:12:0a:ac:4a:34:47:8e:9b:05:
                    d9:cb:c8:5c:09:80:90:0e:3c:3a:54:80:79:95:56:
                    99:1f:b2:8a:7f:25:f1:33:2c:84:13:a4:cb:63:f1:
                    f2:4d:4c:83:8e:5c:46:6d:93:af:23:c3:29:b2:69:
                    cc:91:c4:44:3e:e9:48:4a:13:55:b3:15:7b:8f:b9:
                    c0:46:ad:d4:61:ff:3a:df:8c:67:a4:84:fd:17:3f:
                    21:fe:e5:60:2d:b4:a0:f2:e8:fb:fe:f5:ad:39:25:
                    32:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:7E:AD:D6:4B:6F:89:0F:94:06:BD:A0:BA:BB:0F:B4:8B:4E:B2:9E
            X509v3 Authority Key Identifier:
                keyid:94:A4:E2:FC:9E:EA:CD:CF:5B:0F:50:AB:93:28:4C:D3:B0:94:21:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lKTi_J7qzc9bD1CrkyhM07CUIXE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:f9:2f:8b:15:61:49:ba:7d:92:90:3d:d2:43:48:db:d7:39:
         b9:0e:e4:b4:5c:04:f4:26:b5:76:e6:da:e2:68:12:b2:c6:66:
         a5:5e:c2:61:0b:ff:df:07:3b:62:ab:86:2b:c3:c2:e9:72:14:
         d6:67:39:6f:35:73:8f:37:ba:c5:07:a7:aa:b7:da:d0:f3:c7:
         b9:1e:bd:c8:24:27:6f:a4:72:b7:bb:ee:62:0a:b7:01:cc:a9:
         84:7a:4e:e3:8d:ea:0e:0d:39:67:10:0c:e9:9c:f8:43:65:bf:
         9b:b9:00:12:84:35:fe:93:3d:e1:2b:e0:2a:88:0a:d0:38:81:
         0b:13:25:5f:bd:39:a6:3b:eb:28:07:9d:6f:29:69:bb:81:e9:
         6a:6b:47:84:24:dd:ba:4e:eb:75:ef:c3:cf:41:38:fd:37:a2:
         51:e7:5e:46:e9:b5:2f:e0:62:ff:c0:68:a1:15:6d:34:3c:05:
         31:98:ab:f5:73:f1:a4:b0:60:6f:d4:62:4d:07:c0:d9:82:e0:
         4f:80:23:b2:eb:df:14:a1:dd:23:9d:a4:06:9f:62:55:ed:62:
         75:57:de:a4:47:77:bd:7e:ba:f0:e2:e2:a0:56:b7:22:2d:89:
         df:b7:a3:a2:7d:48:c0:c4:11:74:ea:f8:b3:60:30:71:d9:cc:
         d4:b1:81:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWXxqwTzuAZkb1kuiyZ9NXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0YTRlMmZjOWVlYWNkY2Y1YjBmNTBhYjkzMjg0Y2QzYjA5
NDIxNzEwHhcNMjUwODIzMTAwMDEzWhcNMjUwODI0MTAwMDEzWjAzMTEwLwYDVQQD
EygyZDdlYWRkNjRiNmY4OTBmOTQwNmJkYTBiYWJiMGZiNDhiNGViMjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3zdOzsbdV9Hbn6zaJsQntlP7EHnN
IAoRjrsDWx7foHodxSKSW8wH6hZp6RRDIEUcHPYQfb4ui5vGSFtJ8RVqUBIq5oZ0
i5Lf7w4Z0SAw0orcxsTpgbLD7WbSnPyOqBd3WEQhU7BpkD/hImkU6GeXNaPwUkUc
A07LmPlmt+pCGZ42PcZT/kn3i3WiOrJk2SYsekKz90LjMino5wkSCqxKNEeOmwXZ
y8hcCYCQDjw6VIB5lVaZH7KKfyXxMyyEE6TLY/HyTUyDjlxGbZOvI8MpsmnMkcRE
PulIShNVsxV7j7nARq3UYf8634xnpIT9Fz8h/uVgLbSg8uj7/vWtOSUyEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC1+rdZLb4kPlAa9oLq7D7SLTrKeMB8GA1UdIwQY
MBaAFJSk4vye6s3PWw9Qq5MoTNOwlCFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEtUaV9KN3F6YzliRDFDcmt5aE0wN0NVSVhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZmY3YTctMjdjYi00MDcyLWIzM2It
MDI0OGQ2YWZkNjNmLzEvbEtUaV9KN3F6YzliRDFDcmt5aE0wN0NVSVhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zZmY3YTctMjdjYi00MDcyLWIzM2ItMDI0OGQ2YWZkNjNm
LzEvbEtUaV9KN3F6YzliRDFDcmt5aE0wN0NVSVhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjvkvixVh
Sbp9kpA90kNI29c5uQ7ktFwE9Ca1duba4mgSssZmpV7CYQv/3wc7YquGK8PC6XIU
1mc5bzVzjze6xQenqrfa0PPHuR69yCQnb6Ryt7vuYgq3AcyphHpO443qDg05ZxAM
6Zz4Q2W/m7kAEoQ1/pM94SvgKogK0DiBCxMlX705pjvrKAedbylpu4HpamtHhCTd
uk7rde/Dz0E4/TeiUedeRum1L+Bi/8BooRVtNDwFMZir9XPxpLBgb9RiTQfA2YLg
T4AjsuvfFKHdI52kBp9iVe1idVfepEd3vX668OLioFa3Ii2J37ejon1IwMQRdOr4
s2AwcdnM1LGB0A==
-----END CERTIFICATE-----