Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/dc9224-3cd7-437d-a1dc-e8c39cf66b3f/1/lPhZ34Ux35GpQAj0tJIKQSPrDws.mft
File:                     lPhZ34Ux35GpQAj0tJIKQSPrDws.mft (raw, json)
Hash identifier:          XgTQQq1Y66ml9+knwWmWBOiIAKPsxWzgNVXklJpBOq0=
Subject key identifier:   E2:35:37:DF:96:CA:6E:C3:96:51:13:AA:8C:9C:01:1E:BE:34:FF:60
Authority key identifier: 94:F8:59:DF:85:31:DF:91:A9:40:08:F4:B4:92:0A:41:23:EB:0F:0B
Certificate issuer:       /CN=94f859df8531df91a94008f4b4920a4123eb0f0b
Certificate serial:       0197B88FB48272B578A66D1B210D1E84FF62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lPhZ34Ux35GpQAj0tJIKQSPrDws.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/dc9224-3cd7-437d-a1dc-e8c39cf66b3f/1/lPhZ34Ux35GpQAj0tJIKQSPrDws.mft
Manifest number:          143D
Signing time:             Sat 28 Jun 2025 22:01:54 +0000
Manifest this update:     Sat 28 Jun 2025 22:01:54 +0000
Manifest next update:     Sun 29 Jun 2025 22:01:54 +0000
Files and hashes:         1: lPhZ34Ux35GpQAj0tJIKQSPrDws.crl (hash: cUfKWRSSph3CH0QPlc0sPvR/92BOJELjPpWxurPJe88=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/dc9224-3cd7-437d-a1dc-e8c39cf66b3f/1/lPhZ34Ux35GpQAj0tJIKQSPrDws.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/dc9224-3cd7-437d-a1dc-e8c39cf66b3f/1/lPhZ34Ux35GpQAj0tJIKQSPrDws.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lPhZ34Ux35GpQAj0tJIKQSPrDws.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 22:01:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:b4:82:72:b5:78:a6:6d:1b:21:0d:1e:84:ff:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94f859df8531df91a94008f4b4920a4123eb0f0b
        Validity
            Not Before: Jun 28 22:01:54 2025 GMT
            Not After : Jun 29 22:01:54 2025 GMT
        Subject: CN=e23537df96ca6ec3965113aa8c9c011ebe34ff60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:10:71:3e:d4:ad:70:f5:35:db:8b:6b:04:53:
                    cb:2f:e5:b5:0a:9e:b6:d6:58:b9:c8:d5:6f:1d:6c:
                    f1:90:42:41:80:2a:43:8b:2c:ba:30:e6:ed:b2:fd:
                    7c:b1:e6:5f:4e:5e:ba:80:16:6e:05:ee:cf:82:ec:
                    34:31:71:d1:88:15:46:a6:c1:9b:ec:78:91:0e:35:
                    11:3e:7f:a4:b1:0a:62:85:69:42:9d:0c:fd:75:0b:
                    69:95:6a:40:69:26:01:a4:83:aa:78:0f:a3:ad:57:
                    6e:f7:82:51:4f:c2:eb:b1:53:e4:cb:0d:d9:17:07:
                    e1:ac:fd:67:65:40:ca:62:f4:7c:45:99:3a:f2:58:
                    cb:43:97:4c:9e:2f:16:8f:0a:dc:58:f5:f7:79:d4:
                    7c:b2:5f:4b:db:9f:93:48:53:2e:76:ae:5f:ee:aa:
                    01:3b:e7:33:5b:9e:fc:7a:ee:1c:5a:ec:98:69:4b:
                    3c:5a:ef:22:6a:5d:bb:77:0a:55:23:c2:c6:d4:9e:
                    b7:0e:37:4e:9a:78:8e:25:bd:af:15:50:0d:48:1f:
                    94:3c:48:3d:b2:17:05:3b:cd:4a:94:60:38:4c:26:
                    35:ee:d4:3e:fe:9e:16:b7:57:d0:95:08:5b:77:5b:
                    5b:b8:65:e3:c8:8e:17:cc:ab:f2:58:e2:ae:01:61:
                    98:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:35:37:DF:96:CA:6E:C3:96:51:13:AA:8C:9C:01:1E:BE:34:FF:60
            X509v3 Authority Key Identifier:
                keyid:94:F8:59:DF:85:31:DF:91:A9:40:08:F4:B4:92:0A:41:23:EB:0F:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lPhZ34Ux35GpQAj0tJIKQSPrDws.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/dc9224-3cd7-437d-a1dc-e8c39cf66b3f/1/lPhZ34Ux35GpQAj0tJIKQSPrDws.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/dc9224-3cd7-437d-a1dc-e8c39cf66b3f/1/lPhZ34Ux35GpQAj0tJIKQSPrDws.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:8d:70:6f:11:c8:ef:ce:95:12:a9:78:64:07:37:37:27:50:
         2b:e4:6b:eb:9d:1a:07:b6:87:82:e8:fe:02:34:42:26:22:98:
         1b:c3:9a:21:28:d4:b9:9b:74:6e:cb:c3:9a:11:5b:2a:90:ca:
         f8:19:b5:5a:53:19:c9:77:01:51:24:d5:2b:43:66:1f:5a:53:
         12:0e:95:bc:85:fa:45:4b:36:d4:03:0b:bf:6e:ba:2e:5c:67:
         4e:c6:60:ab:74:df:2e:69:35:ad:ce:e5:f4:73:bb:ec:d8:53:
         e6:d0:57:c4:79:41:fc:87:b9:43:1e:c7:8c:6a:76:0b:e9:22:
         5e:27:1e:be:54:28:ac:f4:72:fe:c7:24:76:2d:17:d3:09:5d:
         84:71:2f:77:39:9f:c3:e7:5b:ae:eb:be:13:e4:f3:b0:7b:79:
         0c:5d:43:84:14:c5:cc:45:57:ae:d3:29:9b:3f:24:76:f4:2c:
         77:21:ee:fb:b8:22:06:a5:b4:d7:d4:58:1a:64:61:ab:8c:30:
         9f:aa:b0:0a:25:fe:16:24:dd:22:5d:c2:cf:bc:7a:39:96:68:
         60:6f:8e:79:2c:32:26:c0:c9:e1:2b:3d:f0:b4:78:34:08:1f:
         52:8a:84:a4:66:80:c5:95:8f:d5:18:1b:13:da:74:15:60:6d:
         5b:99:49:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4j7SCcrV4pm0bIQ0ehP9iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0Zjg1OWRmODUzMWRmOTFhOTQwMDhmNGI0OTIwYTQxMjNl
YjBmMGIwHhcNMjUwNjI4MjIwMTU0WhcNMjUwNjI5MjIwMTU0WjAzMTEwLwYDVQQD
EyhlMjM1MzdkZjk2Y2E2ZWMzOTY1MTEzYWE4YzljMDExZWJlMzRmZjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhBxPtStcPU124trBFPLL+W1Cp62
1li5yNVvHWzxkEJBgCpDiyy6MObtsv18seZfTl66gBZuBe7Pguw0MXHRiBVGpsGb
7HiRDjURPn+ksQpihWlCnQz9dQtplWpAaSYBpIOqeA+jrVdu94JRT8LrsVPkyw3Z
FwfhrP1nZUDKYvR8RZk68ljLQ5dMni8WjwrcWPX3edR8sl9L25+TSFMudq5f7qoB
O+czW578eu4cWuyYaUs8Wu8ial27dwpVI8LG1J63DjdOmniOJb2vFVANSB+UPEg9
shcFO81KlGA4TCY17tQ+/p4Wt1fQlQhbd1tbuGXjyI4XzKvyWOKuAWGYkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOI1N9+Wym7DllETqoycAR6+NP9gMB8GA1UdIwQY
MBaAFJT4Wd+FMd+RqUAI9LSSCkEj6w8LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFBoWjM0VXgzNUdwUUFqMHRKSUtRU1ByRHdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9kYzkyMjQtM2NkNy00MzdkLWExZGMt
ZThjMzljZjY2YjNmLzEvbFBoWjM0VXgzNUdwUUFqMHRKSUtRU1ByRHdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9kYzkyMjQtM2NkNy00MzdkLWExZGMtZThjMzljZjY2YjNm
LzEvbFBoWjM0VXgzNUdwUUFqMHRKSUtRU1ByRHdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArY1wbxHI
786VEql4ZAc3NydQK+Rr650aB7aHguj+AjRCJiKYG8OaISjUuZt0bsvDmhFbKpDK
+Bm1WlMZyXcBUSTVK0NmH1pTEg6VvIX6RUs21AMLv266LlxnTsZgq3TfLmk1rc7l
9HO77NhT5tBXxHlB/Ie5Qx7HjGp2C+kiXicevlQorPRy/sckdi0X0wldhHEvdzmf
w+dbruu+E+TzsHt5DF1DhBTFzEVXrtMpmz8kdvQsdyHu+7giBqW019RYGmRhq4ww
n6qwCiX+FiTdIl3Cz7x6OZZoYG+OeSwyJsDJ4Ss98LR4NAgfUoqEpGaAxZWP1Rgb
E9p0FWBtW5lJ7g==
-----END CERTIFICATE-----