Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/dc9224-3cd7-437d-a1dc-e8c39cf66b3f/1/lPhZ34Ux35GpQAj0tJIKQSPrDws.mft
File:                     lPhZ34Ux35GpQAj0tJIKQSPrDws.mft (raw, json)
Hash identifier:          XFR2pJqDH2GzkVeKn4dMO6m5EMtbX2bLoiFxgZEZP0E=
Subject key identifier:   6F:51:94:8F:1D:DB:81:4E:81:62:3D:E7:C2:2E:22:62:36:B2:C9:E9
Authority key identifier: 94:F8:59:DF:85:31:DF:91:A9:40:08:F4:B4:92:0A:41:23:EB:0F:0B
Certificate issuer:       /CN=94f859df8531df91a94008f4b4920a4123eb0f0b
Certificate serial:       0196C34C5616EB067FFAF95442F2779B19FE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lPhZ34Ux35GpQAj0tJIKQSPrDws.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/dc9224-3cd7-437d-a1dc-e8c39cf66b3f/1/lPhZ34Ux35GpQAj0tJIKQSPrDws.mft
Manifest number:          13BE
Signing time:             Mon 12 May 2025 07:01:21 +0000
Manifest this update:     Mon 12 May 2025 07:01:21 +0000
Manifest next update:     Tue 13 May 2025 07:01:21 +0000
Files and hashes:         1: lPhZ34Ux35GpQAj0tJIKQSPrDws.crl (hash: /A1asjhxQdsOAEgz3P+yZqzP/bJ1gQkoKTb3G1sPWpI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/dc9224-3cd7-437d-a1dc-e8c39cf66b3f/1/lPhZ34Ux35GpQAj0tJIKQSPrDws.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/dc9224-3cd7-437d-a1dc-e8c39cf66b3f/1/lPhZ34Ux35GpQAj0tJIKQSPrDws.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lPhZ34Ux35GpQAj0tJIKQSPrDws.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c3:4c:56:16:eb:06:7f:fa:f9:54:42:f2:77:9b:19:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94f859df8531df91a94008f4b4920a4123eb0f0b
        Validity
            Not Before: May 12 07:01:21 2025 GMT
            Not After : May 13 07:01:21 2025 GMT
        Subject: CN=6f51948f1ddb814e81623de7c22e226236b2c9e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:44:11:77:45:f5:8a:f6:81:11:7a:c7:73:68:
                    ea:38:2e:f9:da:09:ce:e6:18:cc:8e:6d:f1:8d:d9:
                    50:27:ba:a1:96:00:04:bf:34:85:ae:f6:6f:08:59:
                    2f:9f:59:c8:c3:cf:ab:8c:ef:6b:1b:07:c0:06:79:
                    16:62:56:5e:3b:ec:75:98:b0:6e:74:e0:0f:0f:0b:
                    67:20:a3:ba:a7:51:e8:6d:19:b7:03:fa:43:8d:4e:
                    c7:f3:b3:9c:66:53:be:84:5b:bc:a5:03:9b:6c:f0:
                    17:3b:a9:ad:f2:ce:a7:b9:0a:96:99:c6:0a:1e:ab:
                    b8:96:34:8c:d2:45:f8:d3:da:5a:64:ac:ee:be:75:
                    71:a2:31:e2:b3:82:1e:69:5b:32:c5:e4:ea:5c:06:
                    ed:14:9f:ec:4f:95:bc:84:14:ba:a1:f2:18:78:75:
                    3c:7a:86:5e:3a:fb:73:ae:7d:ff:9a:d1:a7:38:7e:
                    cf:6e:fe:db:50:9c:06:0b:06:f0:96:55:7c:63:3f:
                    d2:4c:f3:97:10:bf:af:51:e9:96:15:36:5a:1c:09:
                    ec:97:f2:1e:6b:7b:49:18:29:d3:e0:4f:6e:2e:64:
                    0c:9d:a5:5a:8a:94:f6:12:3a:e8:93:4a:6a:78:fd:
                    2f:42:ff:e6:e6:8c:b9:18:f5:55:0c:2c:5f:21:30:
                    e6:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:51:94:8F:1D:DB:81:4E:81:62:3D:E7:C2:2E:22:62:36:B2:C9:E9
            X509v3 Authority Key Identifier:
                keyid:94:F8:59:DF:85:31:DF:91:A9:40:08:F4:B4:92:0A:41:23:EB:0F:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lPhZ34Ux35GpQAj0tJIKQSPrDws.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/dc9224-3cd7-437d-a1dc-e8c39cf66b3f/1/lPhZ34Ux35GpQAj0tJIKQSPrDws.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/dc9224-3cd7-437d-a1dc-e8c39cf66b3f/1/lPhZ34Ux35GpQAj0tJIKQSPrDws.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:d7:17:47:7b:50:bc:15:60:30:fa:ba:90:60:d1:7f:75:52:
         f7:b6:8e:da:31:f8:b3:95:67:a0:69:d9:06:bf:4f:a4:1e:b9:
         61:e3:8e:f4:47:55:7e:c5:81:79:8a:e2:a1:90:ca:66:6d:bc:
         fe:50:b1:e6:de:76:47:cf:e5:2a:7d:1a:80:e0:0d:7a:03:e6:
         4b:ed:f0:c7:87:00:56:74:88:3d:d7:10:a8:88:4f:4f:43:88:
         93:65:a0:0f:ad:c6:78:5f:80:18:45:ba:d7:35:3d:5a:24:d9:
         da:e5:87:78:26:23:d0:29:1f:0e:f0:f2:31:cc:06:d8:c7:60:
         54:e2:3e:84:ba:6b:c5:bb:75:9a:cc:55:a7:a4:6f:17:58:30:
         ed:24:84:83:8e:6d:e9:60:cb:de:20:e4:d5:a1:9d:c8:e0:b3:
         55:c3:67:42:31:33:12:ba:4e:db:da:51:6d:54:f4:0f:5a:02:
         45:fa:e6:a2:a3:c7:08:68:59:b8:75:fd:30:9d:9d:60:d8:28:
         73:a4:7c:08:72:9d:32:fe:78:b2:67:d8:22:92:8d:d3:69:75:
         c3:97:73:ef:ff:63:23:57:1d:7d:83:97:26:7d:0d:8c:e1:6c:
         4a:ab:22:28:af:46:9a:ef:8f:28:94:18:cc:a2:4b:77:3c:cd:
         ab:f3:c0:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbDTFYW6wZ/+vlUQvJ3mxn+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0Zjg1OWRmODUzMWRmOTFhOTQwMDhmNGI0OTIwYTQxMjNl
YjBmMGIwHhcNMjUwNTEyMDcwMTIxWhcNMjUwNTEzMDcwMTIxWjAzMTEwLwYDVQQD
Eyg2ZjUxOTQ4ZjFkZGI4MTRlODE2MjNkZTdjMjJlMjI2MjM2YjJjOWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4EQRd0X1ivaBEXrHc2jqOC752gnO
5hjMjm3xjdlQJ7qhlgAEvzSFrvZvCFkvn1nIw8+rjO9rGwfABnkWYlZeO+x1mLBu
dOAPDwtnIKO6p1HobRm3A/pDjU7H87OcZlO+hFu8pQObbPAXO6mt8s6nuQqWmcYK
Hqu4ljSM0kX409paZKzuvnVxojHis4IeaVsyxeTqXAbtFJ/sT5W8hBS6ofIYeHU8
eoZeOvtzrn3/mtGnOH7Pbv7bUJwGCwbwllV8Yz/STPOXEL+vUemWFTZaHAnsl/Ie
a3tJGCnT4E9uLmQMnaVaipT2Ejrok0pqeP0vQv/m5oy5GPVVDCxfITDmBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG9RlI8d24FOgWI958IuImI2ssnpMB8GA1UdIwQY
MBaAFJT4Wd+FMd+RqUAI9LSSCkEj6w8LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFBoWjM0VXgzNUdwUUFqMHRKSUtRU1ByRHdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9kYzkyMjQtM2NkNy00MzdkLWExZGMt
ZThjMzljZjY2YjNmLzEvbFBoWjM0VXgzNUdwUUFqMHRKSUtRU1ByRHdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9kYzkyMjQtM2NkNy00MzdkLWExZGMtZThjMzljZjY2YjNm
LzEvbFBoWjM0VXgzNUdwUUFqMHRKSUtRU1ByRHdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABNcXR3tQ
vBVgMPq6kGDRf3VS97aO2jH4s5VnoGnZBr9PpB65YeOO9EdVfsWBeYrioZDKZm28
/lCx5t52R8/lKn0agOANegPmS+3wx4cAVnSIPdcQqIhPT0OIk2WgD63GeF+AGEW6
1zU9WiTZ2uWHeCYj0CkfDvDyMcwG2MdgVOI+hLprxbt1msxVp6RvF1gw7SSEg45t
6WDL3iDk1aGdyOCzVcNnQjEzErpO29pRbVT0D1oCRfrmoqPHCGhZuHX9MJ2dYNgo
c6R8CHKdMv54smfYIpKN02l1w5dz7/9jI1cdfYOXJn0NjOFsSqsiKK9Gmu+PKJQY
zKJLdzzNq/PAFw==
-----END CERTIFICATE-----