Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft
File:                     lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft (raw, json)
Hash identifier:          ylaPm0f6HMMbkGA3xgC/r72lZrQW29P/z5na5KED34s=
Subject key identifier:   79:9C:9A:3D:F6:9E:09:41:84:AE:90:6D:46:BC:65:B9:B7:D3:99:9D
Authority key identifier: 95:4C:F7:21:C0:8C:8E:9B:C5:24:2D:56:19:66:77:21:73:50:45:5C
Certificate issuer:       /CN=954cf721c08c8e9bc5242d56196677217350455c
Certificate serial:       0197B6A219504AFDF918C7FBBE02D703B960
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft
Manifest number:          05D4
Signing time:             Sat 28 Jun 2025 13:02:45 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:45 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:45 +0000
Files and hashes:         1: lUz3IcCMjpvFJC1WGWZ3IXNQRVw.crl (hash: QGY6J+7Eqm4Ku7/UfyJG9Cg+ESUmcDlgmuOeHXplHnk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a2:19:50:4a:fd:f9:18:c7:fb:be:02:d7:03:b9:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=954cf721c08c8e9bc5242d56196677217350455c
        Validity
            Not Before: Jun 28 13:02:45 2025 GMT
            Not After : Jun 29 13:02:45 2025 GMT
        Subject: CN=799c9a3df69e094184ae906d46bc65b9b7d3999d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:69:78:e7:07:c0:9f:3e:8d:fd:53:5d:78:e6:
                    af:fc:d0:51:93:b0:c9:fd:23:0e:ba:37:3c:32:c7:
                    9a:93:c4:7b:ca:d9:a6:ab:01:92:90:ea:99:2d:be:
                    88:63:c5:bc:b0:d1:ef:f3:b4:d1:bc:21:95:0c:75:
                    2c:8c:c0:6f:4d:45:4c:cf:3a:ab:2e:6d:c2:f5:be:
                    89:fd:cf:c9:89:36:05:f0:cf:81:e0:ca:13:cc:40:
                    de:ab:53:b1:64:e5:00:81:15:1b:ae:73:9e:a4:4e:
                    5c:7d:61:04:29:16:e3:74:bd:83:02:21:77:c9:d6:
                    84:c7:6d:4a:2b:5f:66:9e:a8:aa:03:66:4d:91:1a:
                    06:2f:08:fd:89:ef:b0:66:ef:de:51:17:e5:3f:57:
                    42:0b:75:a3:f0:a9:f9:69:0e:7e:b7:ab:39:7a:2d:
                    6b:34:c8:1f:b8:4d:96:61:d3:57:4c:5d:91:8e:83:
                    1b:76:5a:fe:3e:fb:a6:a2:5b:be:3c:ff:03:47:d7:
                    96:32:41:c8:62:b2:d6:e9:c6:c9:e8:5e:14:2c:cb:
                    07:41:b8:0a:46:16:82:f8:e6:2a:3d:aa:77:3d:cf:
                    54:b5:8a:40:96:81:4c:65:41:9c:40:ce:81:3c:b7:
                    ce:18:13:45:a3:af:5b:8e:6c:80:ef:9e:de:e0:b0:
                    e0:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:9C:9A:3D:F6:9E:09:41:84:AE:90:6D:46:BC:65:B9:B7:D3:99:9D
            X509v3 Authority Key Identifier:
                keyid:95:4C:F7:21:C0:8C:8E:9B:C5:24:2D:56:19:66:77:21:73:50:45:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:fe:4d:9f:24:c3:20:16:d2:18:c3:69:6f:ce:57:a6:a5:48:
         e9:9b:ac:28:8d:19:cb:71:a5:d8:9a:61:0c:30:52:bc:ce:cd:
         37:fa:21:eb:49:94:54:db:d7:42:34:f8:fe:8c:7d:45:21:ca:
         b1:6a:d5:69:4e:0b:a9:19:33:bd:1a:1e:36:a9:05:91:73:e4:
         39:18:af:ce:87:89:6e:37:68:43:90:b7:eb:cb:6b:0d:fe:91:
         b5:18:2a:81:d9:e5:47:6d:c5:22:57:de:8b:de:c9:c1:80:79:
         9f:72:9d:57:7c:10:8e:52:d8:71:8c:ea:52:4e:05:05:36:2a:
         ff:4c:b7:89:50:36:cc:96:0a:65:7d:d8:11:b5:93:c3:cf:ce:
         41:08:db:60:8f:60:93:9c:a6:bb:92:46:8f:83:61:d5:48:9e:
         de:f2:de:10:73:1c:02:6f:69:bd:72:30:43:b1:66:5a:bf:d2:
         38:0a:64:72:e1:a3:3c:10:cb:68:d1:3f:49:0e:2e:b2:94:0e:
         b0:c1:b9:58:b5:7c:19:2c:6f:de:24:c2:4f:c7:7a:30:79:3f:
         e6:92:b4:2c:68:61:bf:f3:3e:65:71:72:bb:2c:c2:01:39:9e:
         d5:88:75:2a:c8:c7:ac:5e:d1:50:77:b0:77:a7:e0:c2:c3:a0:
         d8:f6:ed:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2ohlQSv35GMf7vgLXA7lgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NGNmNzIxYzA4YzhlOWJjNTI0MmQ1NjE5NjY3NzIxNzM1
MDQ1NWMwHhcNMjUwNjI4MTMwMjQ1WhcNMjUwNjI5MTMwMjQ1WjAzMTEwLwYDVQQD
Eyg3OTljOWEzZGY2OWUwOTQxODRhZTkwNmQ0NmJjNjViOWI3ZDM5OTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvml45wfAnz6N/VNdeOav/NBRk7DJ
/SMOujc8Mseak8R7ytmmqwGSkOqZLb6IY8W8sNHv87TRvCGVDHUsjMBvTUVMzzqr
Lm3C9b6J/c/JiTYF8M+B4MoTzEDeq1OxZOUAgRUbrnOepE5cfWEEKRbjdL2DAiF3
ydaEx21KK19mnqiqA2ZNkRoGLwj9ie+wZu/eURflP1dCC3Wj8Kn5aQ5+t6s5ei1r
NMgfuE2WYdNXTF2RjoMbdlr+Pvumolu+PP8DR9eWMkHIYrLW6cbJ6F4ULMsHQbgK
RhaC+OYqPap3Pc9UtYpAloFMZUGcQM6BPLfOGBNFo69bjmyA757e4LDg/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHmcmj32nglBhK6QbUa8Zbm305mdMB8GA1UdIwQY
MBaAFJVM9yHAjI6bxSQtVhlmdyFzUEVcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFV6M0ljQ01qcHZGSkMxV0dXWjNJWE5RUlZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8yODIzZGQtMjVhMS00NGEwLWJmYzEt
Y2JiZDA4YWQzZWMyLzEvbFV6M0ljQ01qcHZGSkMxV0dXWjNJWE5RUlZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8yODIzZGQtMjVhMS00NGEwLWJmYzEtY2JiZDA4YWQzZWMy
LzEvbFV6M0ljQ01qcHZGSkMxV0dXWjNJWE5RUlZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAif5NnyTD
IBbSGMNpb85XpqVI6ZusKI0Zy3Gl2JphDDBSvM7NN/oh60mUVNvXQjT4/ox9RSHK
sWrVaU4LqRkzvRoeNqkFkXPkORivzoeJbjdoQ5C368trDf6RtRgqgdnlR23FIlfe
i97JwYB5n3KdV3wQjlLYcYzqUk4FBTYq/0y3iVA2zJYKZX3YEbWTw8/OQQjbYI9g
k5ymu5JGj4Nh1Uie3vLeEHMcAm9pvXIwQ7FmWr/SOApkcuGjPBDLaNE/SQ4uspQO
sMG5WLV8GSxv3iTCT8d6MHk/5pK0LGhhv/M+ZXFyuyzCATme1Yh1KsjHrF7RUHew
d6fgwsOg2PbtmQ==
-----END CERTIFICATE-----