Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft
File:                     L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft (raw, json)
Hash identifier:          QdhmHTx2zrsyY/lJAqzGsUAPFo2/g3o3rWc4Q5pP7dI=
Subject key identifier:   67:A4:BA:25:4E:80:3C:2A:0B:26:76:66:C6:F4:70:20:02:C0:71:E0
Authority key identifier: 2F:70:53:26:64:34:3C:B3:D2:89:70:23:A1:27:F6:0B:A9:17:A5:DD
Certificate issuer:       /CN=2f70532664343cb3d2897023a127f60ba917a5dd
Certificate serial:       0197B70EFA514A16C7AE33EC1D9C6238AF6E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft
Manifest number:          0BA7
Signing time:             Sat 28 Jun 2025 15:01:41 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:41 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:41 +0000
Files and hashes:         1: L3BTJmQ0PLPSiXAjoSf2C6kXpd0.crl (hash: rnvRt1d/vQ7yrZgdCo7nQxZ3NoncxD2Y1sZftrergcA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:fa:51:4a:16:c7:ae:33:ec:1d:9c:62:38:af:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f70532664343cb3d2897023a127f60ba917a5dd
        Validity
            Not Before: Jun 28 15:01:41 2025 GMT
            Not After : Jun 29 15:01:41 2025 GMT
        Subject: CN=67a4ba254e803c2a0b267666c6f4702002c071e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:cf:17:75:03:3d:04:d0:cd:78:fa:43:26:2e:
                    3a:51:e1:77:a0:ec:6a:11:fe:f2:d5:bc:3d:d3:23:
                    24:f3:e0:97:3f:75:4d:04:62:51:0a:10:8e:b2:44:
                    ae:d2:3d:ca:a4:28:e9:bd:e0:60:d3:df:59:53:57:
                    54:92:7c:ca:6f:4f:ae:b9:5a:97:9f:19:ba:29:b8:
                    24:35:26:7f:46:a8:ee:7d:e0:cc:2e:2e:2d:44:b9:
                    9c:38:b7:35:d4:34:81:4b:57:3c:76:2b:ca:71:6e:
                    c3:c5:d8:0d:62:f1:39:7b:60:1c:dc:9d:8f:2c:27:
                    85:b6:9f:61:a8:c9:b5:8d:be:a9:af:a0:ad:ad:66:
                    5e:94:70:1c:0b:29:10:b4:24:53:c9:b8:4d:54:f4:
                    20:ce:a3:10:1f:45:3c:dc:7a:20:f4:8f:f1:57:27:
                    01:e3:6f:b1:f2:3e:c2:7a:13:98:73:09:81:3c:73:
                    14:58:60:c9:0e:1b:37:dd:6e:11:2d:28:4c:47:96:
                    fc:a0:e4:01:77:a6:3c:25:08:7d:05:ac:6a:3f:90:
                    e0:56:cd:d0:ad:78:78:8b:15:16:49:75:20:3f:de:
                    72:9f:6b:23:d8:19:fd:63:40:d7:79:04:1a:c1:cf:
                    9e:35:5d:96:d4:a7:62:17:76:e9:64:9f:41:62:38:
                    46:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:A4:BA:25:4E:80:3C:2A:0B:26:76:66:C6:F4:70:20:02:C0:71:E0
            X509v3 Authority Key Identifier:
                keyid:2F:70:53:26:64:34:3C:B3:D2:89:70:23:A1:27:F6:0B:A9:17:A5:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:f0:65:cc:8f:0f:2f:c9:d5:d8:e8:48:6c:f5:89:b8:32:ab:
         99:cc:3c:ee:8d:7f:35:aa:c7:32:f9:5c:53:86:c4:db:2d:65:
         b8:82:fa:a4:f1:c8:66:2e:c9:5d:72:61:10:e7:ba:bf:62:ab:
         bf:2b:80:a7:08:2a:f2:1b:97:a5:10:b4:1f:97:38:21:e4:31:
         c0:28:92:2f:8a:62:b2:1b:5d:0c:32:79:3e:54:1c:34:7e:f1:
         d8:5a:ed:21:b7:f8:c0:e7:b4:bb:1a:d3:ac:cc:ef:0b:99:76:
         22:28:38:d0:62:7f:6d:71:f4:44:ff:c5:34:d5:e3:d6:ec:25:
         e4:8f:be:00:b7:db:19:bf:fd:a9:98:7b:5c:c3:6f:a8:b2:f0:
         93:51:9e:32:7d:b4:bc:55:53:fe:fd:89:9b:b1:39:5d:d5:04:
         1b:fd:40:a1:16:46:a5:f0:82:37:33:b7:bd:c6:11:c8:61:91:
         55:0f:bf:5e:58:1f:01:74:06:7a:76:0b:1d:aa:00:c5:c1:f1:
         2a:4c:8d:b7:0c:1c:1f:96:c9:36:9f:72:d0:56:64:a1:88:2f:
         64:d5:07:ea:c7:fd:1d:91:17:37:a1:fd:c6:9a:f7:6d:78:c4:
         e3:a3:e7:e0:8c:66:5b:a5:43:4f:85:5e:4d:7d:c6:3b:94:3d:
         64:67:24:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DvpRShbHrjPsHZxiOK9uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNzA1MzI2NjQzNDNjYjNkMjg5NzAyM2ExMjdmNjBiYTkx
N2E1ZGQwHhcNMjUwNjI4MTUwMTQxWhcNMjUwNjI5MTUwMTQxWjAzMTEwLwYDVQQD
Eyg2N2E0YmEyNTRlODAzYzJhMGIyNjc2NjZjNmY0NzAyMDAyYzA3MWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmM8XdQM9BNDNePpDJi46UeF3oOxq
Ef7y1bw90yMk8+CXP3VNBGJRChCOskSu0j3KpCjpveBg099ZU1dUknzKb0+uuVqX
nxm6KbgkNSZ/RqjufeDMLi4tRLmcOLc11DSBS1c8divKcW7DxdgNYvE5e2Ac3J2P
LCeFtp9hqMm1jb6pr6CtrWZelHAcCykQtCRTybhNVPQgzqMQH0U83Hog9I/xVycB
42+x8j7CehOYcwmBPHMUWGDJDhs33W4RLShMR5b8oOQBd6Y8JQh9BaxqP5DgVs3Q
rXh4ixUWSXUgP95yn2sj2Bn9Y0DXeQQawc+eNV2W1KdiF3bpZJ9BYjhGJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGekuiVOgDwqCyZ2Zsb0cCACwHHgMB8GA1UdIwQY
MBaAFC9wUyZkNDyz0olwI6En9gupF6XdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDNCVEptUTBQTFBTaVhBam9TZjJDNmtYcGQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC82YzU5YzAtZWNkOC00NzI3LWIxZGUt
MzE1YTc5ZjU5ZTE4LzEvTDNCVEptUTBQTFBTaVhBam9TZjJDNmtYcGQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC82YzU5YzAtZWNkOC00NzI3LWIxZGUtMzE1YTc5ZjU5ZTE4
LzEvTDNCVEptUTBQTFBTaVhBam9TZjJDNmtYcGQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJfBlzI8P
L8nV2OhIbPWJuDKrmcw87o1/NarHMvlcU4bE2y1luIL6pPHIZi7JXXJhEOe6v2Kr
vyuApwgq8huXpRC0H5c4IeQxwCiSL4pishtdDDJ5PlQcNH7x2FrtIbf4wOe0uxrT
rMzvC5l2Iig40GJ/bXH0RP/FNNXj1uwl5I++ALfbGb/9qZh7XMNvqLLwk1GeMn20
vFVT/v2Jm7E5XdUEG/1AoRZGpfCCNzO3vcYRyGGRVQ+/XlgfAXQGenYLHaoAxcHx
KkyNtwwcH5bJNp9y0FZkoYgvZNUH6sf9HZEXN6H9xpr3bXjE46Pn4IxmW6VDT4Ve
TX3GO5Q9ZGckxw==
-----END CERTIFICATE-----