Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/dc9224-3cd7-437d-a1dc-e8c39cf66b3f/1/lPhZ34Ux35GpQAj0tJIKQSPrDws.mft
File:                     lPhZ34Ux35GpQAj0tJIKQSPrDws.mft (raw, json)
Hash identifier:          vbUPwpsbfYbmD1OblNqtSVNqRN1Hsqkk2fBewS8K8Ac=
Subject key identifier:   BA:B6:43:29:05:0F:FE:94:34:66:C9:20:7F:47:ED:BA:2C:82:02:32
Authority key identifier: 94:F8:59:DF:85:31:DF:91:A9:40:08:F4:B4:92:0A:41:23:EB:0F:0B
Certificate issuer:       /CN=94f859df8531df91a94008f4b4920a4123eb0f0b
Certificate serial:       0198D65F8D4D58B32788D19848CCA541AE97
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lPhZ34Ux35GpQAj0tJIKQSPrDws.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/dc9224-3cd7-437d-a1dc-e8c39cf66b3f/1/lPhZ34Ux35GpQAj0tJIKQSPrDws.mft
Manifest number:          14D1
Signing time:             Sat 23 Aug 2025 10:00:42 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:42 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:42 +0000
Files and hashes:         1: lPhZ34Ux35GpQAj0tJIKQSPrDws.crl (hash: nFirL+qZ7YZ0VworqfN1m9Ap62+RxFjDY6n+HTl2CeU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/dc9224-3cd7-437d-a1dc-e8c39cf66b3f/1/lPhZ34Ux35GpQAj0tJIKQSPrDws.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/dc9224-3cd7-437d-a1dc-e8c39cf66b3f/1/lPhZ34Ux35GpQAj0tJIKQSPrDws.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lPhZ34Ux35GpQAj0tJIKQSPrDws.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:8d:4d:58:b3:27:88:d1:98:48:cc:a5:41:ae:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94f859df8531df91a94008f4b4920a4123eb0f0b
        Validity
            Not Before: Aug 23 10:00:42 2025 GMT
            Not After : Aug 24 10:00:42 2025 GMT
        Subject: CN=bab64329050ffe943466c9207f47edba2c820232
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:2d:8a:12:29:7c:62:b3:65:d2:70:f9:3e:76:
                    27:3a:08:fc:6e:29:c5:40:47:f3:71:cc:ad:7b:7b:
                    4f:38:24:35:da:1d:19:29:dc:29:46:a1:24:77:5c:
                    79:f2:b0:be:11:92:0c:47:4b:b6:87:62:96:79:a1:
                    6a:cf:da:d3:05:c5:3b:73:62:27:80:d9:b3:ed:fa:
                    89:fc:04:32:be:c3:03:92:f5:2d:a7:45:82:f4:c5:
                    51:17:a9:b3:a5:aa:e3:fb:e8:da:84:8a:3c:9a:76:
                    a1:37:87:b1:db:04:ca:5c:80:eb:81:33:93:ca:fd:
                    66:2f:d0:18:d1:92:3d:50:ad:78:43:39:28:e8:e8:
                    c3:aa:0c:4f:07:bf:97:f6:37:32:55:11:62:ad:8c:
                    4e:0e:bc:1c:94:14:e8:a8:2b:e5:45:52:38:0b:04:
                    02:e8:eb:a8:2f:ae:51:ad:7b:46:4d:1e:ee:cb:d0:
                    66:5a:ad:c0:cd:32:84:60:ce:cb:df:1f:63:50:57:
                    82:c1:69:b3:66:37:ad:5d:d0:e3:58:c5:37:93:a2:
                    69:41:8f:96:16:13:3c:a9:72:20:90:98:54:f0:81:
                    d8:10:15:06:0b:b0:1d:bc:b1:ef:b0:a7:d0:54:cd:
                    de:15:97:5c:34:4c:1d:61:fc:c9:16:8a:0d:8c:88:
                    63:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:B6:43:29:05:0F:FE:94:34:66:C9:20:7F:47:ED:BA:2C:82:02:32
            X509v3 Authority Key Identifier:
                keyid:94:F8:59:DF:85:31:DF:91:A9:40:08:F4:B4:92:0A:41:23:EB:0F:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lPhZ34Ux35GpQAj0tJIKQSPrDws.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/dc9224-3cd7-437d-a1dc-e8c39cf66b3f/1/lPhZ34Ux35GpQAj0tJIKQSPrDws.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/dc9224-3cd7-437d-a1dc-e8c39cf66b3f/1/lPhZ34Ux35GpQAj0tJIKQSPrDws.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:fc:0e:f2:4e:d4:4c:51:b4:8f:32:d1:ae:93:1f:5e:e0:61:
         e8:62:d7:2f:06:0c:0c:75:a1:44:7d:56:85:fd:3d:59:c6:b4:
         6b:e9:b5:5d:2a:ec:e6:8f:3f:ac:60:0a:00:7b:af:c2:9f:f6:
         98:8a:91:b4:f0:db:21:60:c0:ca:09:f0:43:0e:e1:c9:b6:4c:
         d1:08:5d:c6:4e:30:30:9f:ee:2d:9b:db:41:1a:ae:d6:48:4f:
         5f:fd:8c:4a:4b:9c:7b:b3:48:85:a0:3b:be:0f:83:b4:93:5b:
         13:07:30:58:c5:ae:ef:b5:ec:e4:82:1c:60:95:d7:df:ad:b0:
         36:38:52:74:3a:04:2d:b9:57:56:19:96:ad:35:a8:b4:c3:bd:
         a6:8d:3d:90:46:54:f6:07:6c:c6:d3:df:90:00:5a:6a:fc:62:
         c5:ee:c9:38:a3:9f:f4:16:d7:25:32:f9:02:5b:d0:5a:97:33:
         4b:3b:71:b7:98:87:a2:ca:5f:76:41:16:9f:6c:79:f3:32:dc:
         05:6d:d9:a6:8b:4a:e4:82:4c:3b:61:f7:9e:0e:c2:e8:5c:9d:
         f4:60:84:94:39:8d:5c:af:67:96:79:5e:0a:17:bf:34:0e:7c:
         e8:0e:9a:ff:f2:57:eb:a6:4b:a8:e7:2c:4e:e3:10:10:bd:ee:
         68:f6:92:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX41NWLMniNGYSMylQa6XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0Zjg1OWRmODUzMWRmOTFhOTQwMDhmNGI0OTIwYTQxMjNl
YjBmMGIwHhcNMjUwODIzMTAwMDQyWhcNMjUwODI0MTAwMDQyWjAzMTEwLwYDVQQD
EyhiYWI2NDMyOTA1MGZmZTk0MzQ2NmM5MjA3ZjQ3ZWRiYTJjODIwMjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzC2KEil8YrNl0nD5PnYnOgj8binF
QEfzccyte3tPOCQ12h0ZKdwpRqEkd1x58rC+EZIMR0u2h2KWeaFqz9rTBcU7c2In
gNmz7fqJ/AQyvsMDkvUtp0WC9MVRF6mzparj++jahIo8mnahN4ex2wTKXIDrgTOT
yv1mL9AY0ZI9UK14Qzko6OjDqgxPB7+X9jcyVRFirYxODrwclBToqCvlRVI4CwQC
6OuoL65RrXtGTR7uy9BmWq3AzTKEYM7L3x9jUFeCwWmzZjetXdDjWMU3k6JpQY+W
FhM8qXIgkJhU8IHYEBUGC7AdvLHvsKfQVM3eFZdcNEwdYfzJFooNjIhjSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLq2QykFD/6UNGbJIH9H7bosggIyMB8GA1UdIwQY
MBaAFJT4Wd+FMd+RqUAI9LSSCkEj6w8LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFBoWjM0VXgzNUdwUUFqMHRKSUtRU1ByRHdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9kYzkyMjQtM2NkNy00MzdkLWExZGMt
ZThjMzljZjY2YjNmLzEvbFBoWjM0VXgzNUdwUUFqMHRKSUtRU1ByRHdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9kYzkyMjQtM2NkNy00MzdkLWExZGMtZThjMzljZjY2YjNm
LzEvbFBoWjM0VXgzNUdwUUFqMHRKSUtRU1ByRHdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMfwO8k7U
TFG0jzLRrpMfXuBh6GLXLwYMDHWhRH1Whf09Wca0a+m1XSrs5o8/rGAKAHuvwp/2
mIqRtPDbIWDAygnwQw7hybZM0Qhdxk4wMJ/uLZvbQRqu1khPX/2MSkuce7NIhaA7
vg+DtJNbEwcwWMWu77Xs5IIcYJXX362wNjhSdDoELblXVhmWrTWotMO9po09kEZU
9gdsxtPfkABaavxixe7JOKOf9BbXJTL5AlvQWpczSztxt5iHospfdkEWn2x58zLc
BW3ZpotK5IJMO2H3ng7C6Fyd9GCElDmNXK9nlnleChe/NA586A6a//JX66ZLqOcs
TuMQEL3uaPaS2g==
-----END CERTIFICATE-----