Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft
File:                     lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft (raw, json)
Hash identifier:          n9M9Ni4EHa/MW54+PH+ggyZCjZFYaYrUEsfa8Ki3dRY=
Subject key identifier:   C4:4D:70:F3:48:EF:84:42:4C:99:91:93:DA:00:35:73:9D:36:B7:7B
Authority key identifier: 95:4C:F7:21:C0:8C:8E:9B:C5:24:2D:56:19:66:77:21:73:50:45:5C
Certificate issuer:       /CN=954cf721c08c8e9bc5242d56196677217350455c
Certificate serial:       0198D660A38F58B805062CF523B7CB0D45BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft
Manifest number:          0669
Signing time:             Sat 23 Aug 2025 10:01:54 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:54 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:54 +0000
Files and hashes:         1: lUz3IcCMjpvFJC1WGWZ3IXNQRVw.crl (hash: IsfwCp+bpQPrn4sDcpdjJ6NlFY8SsYZcGgh8GQKFFdw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:a3:8f:58:b8:05:06:2c:f5:23:b7:cb:0d:45:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=954cf721c08c8e9bc5242d56196677217350455c
        Validity
            Not Before: Aug 23 10:01:54 2025 GMT
            Not After : Aug 24 10:01:54 2025 GMT
        Subject: CN=c44d70f348ef84424c999193da0035739d36b77b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:1a:8f:85:3e:9f:be:b7:25:1f:cd:3f:d0:3c:
                    ec:48:c5:fb:da:04:ea:56:bd:92:97:e4:84:32:0d:
                    b5:ca:2b:20:8e:b6:bd:44:78:16:1a:42:5a:86:c1:
                    7a:5e:b8:08:13:bf:95:e1:4f:b0:93:07:c5:1f:27:
                    28:a3:bc:ef:f7:b8:79:14:a5:78:cb:70:1b:54:f1:
                    b1:bf:92:d3:b0:0f:00:24:4e:c5:49:fd:f4:9c:32:
                    0a:23:eb:ff:22:57:d6:1d:6c:d4:74:e3:6f:14:ed:
                    1c:a0:a5:63:19:6e:b8:50:90:f4:c3:09:fe:81:fd:
                    fc:61:23:62:ea:c6:97:4a:39:a3:6e:2a:6a:f8:6b:
                    72:4b:6a:91:2e:dc:9d:1a:75:59:cf:21:ed:a5:37:
                    cb:cc:37:ad:b3:55:d5:77:3d:6e:69:a7:64:6e:c7:
                    46:7a:43:eb:d3:a2:eb:ca:ea:9a:5f:cf:a3:72:c0:
                    e8:bd:d6:cc:a6:e4:2c:93:bb:4e:8c:99:11:20:0e:
                    5d:a2:2c:de:09:17:68:00:b0:1d:e0:7a:62:c8:6b:
                    f6:51:7c:91:1f:fb:b6:cf:f0:f3:0d:c1:ed:6f:70:
                    98:a5:f5:cb:74:1b:41:84:89:ee:01:0e:10:2a:82:
                    b2:d4:5a:c8:e6:a8:37:d7:4e:2a:87:31:31:d4:7f:
                    8d:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:4D:70:F3:48:EF:84:42:4C:99:91:93:DA:00:35:73:9D:36:B7:7B
            X509v3 Authority Key Identifier:
                keyid:95:4C:F7:21:C0:8C:8E:9B:C5:24:2D:56:19:66:77:21:73:50:45:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:6f:da:44:00:d6:43:e3:1a:af:91:e1:a5:68:f0:d4:ae:78:
         17:a6:76:96:53:f0:43:c8:8c:22:c6:20:71:b0:9d:73:70:96:
         db:46:9f:8f:a1:79:f5:f8:a9:08:61:7c:1a:6f:42:0f:5a:be:
         f6:e3:d4:1d:b7:8e:00:2e:97:e0:83:ee:51:8a:83:9a:1b:f7:
         37:5a:8e:10:ed:72:67:d6:9b:51:39:16:0e:48:94:46:33:b1:
         28:50:33:20:03:8a:86:fd:a9:b0:04:16:09:d9:7d:c5:da:02:
         96:9f:f1:66:24:f5:6a:cb:d6:f0:02:86:63:f2:ab:06:a8:d5:
         e0:63:2f:d5:cd:31:8d:58:60:0c:ef:49:36:98:e7:d1:0d:b9:
         df:6e:55:31:7a:49:03:97:7a:e6:95:9f:7c:a8:8c:83:85:fe:
         ef:42:e1:6e:cd:46:82:00:a0:6e:77:22:79:6b:d5:ea:68:14:
         3f:6b:f9:c2:9f:8a:1d:5c:26:92:60:9e:b9:51:40:df:46:82:
         2e:74:84:c0:15:d2:9b:98:c8:02:0b:38:b6:5c:e2:22:f9:18:
         f6:fe:bb:ef:37:cb:29:7a:73:57:06:e3:8a:93:69:84:18:a2:
         fb:d8:ac:63:1a:a3:19:99:f3:ed:22:9c:1b:53:39:a6:c7:77:
         7e:75:c0:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYKOPWLgFBiz1I7fLDUW9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NGNmNzIxYzA4YzhlOWJjNTI0MmQ1NjE5NjY3NzIxNzM1
MDQ1NWMwHhcNMjUwODIzMTAwMTU0WhcNMjUwODI0MTAwMTU0WjAzMTEwLwYDVQQD
EyhjNDRkNzBmMzQ4ZWY4NDQyNGM5OTkxOTNkYTAwMzU3MzlkMzZiNzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0BqPhT6fvrclH80/0DzsSMX72gTq
Vr2Sl+SEMg21yisgjra9RHgWGkJahsF6XrgIE7+V4U+wkwfFHycoo7zv97h5FKV4
y3AbVPGxv5LTsA8AJE7FSf30nDIKI+v/IlfWHWzUdONvFO0coKVjGW64UJD0wwn+
gf38YSNi6saXSjmjbipq+GtyS2qRLtydGnVZzyHtpTfLzDets1XVdz1uaadkbsdG
ekPr06LryuqaX8+jcsDovdbMpuQsk7tOjJkRIA5doizeCRdoALAd4HpiyGv2UXyR
H/u2z/DzDcHtb3CYpfXLdBtBhInuAQ4QKoKy1FrI5qg3104qhzEx1H+NWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMRNcPNI74RCTJmRk9oANXOdNrd7MB8GA1UdIwQY
MBaAFJVM9yHAjI6bxSQtVhlmdyFzUEVcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFV6M0ljQ01qcHZGSkMxV0dXWjNJWE5RUlZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8yODIzZGQtMjVhMS00NGEwLWJmYzEt
Y2JiZDA4YWQzZWMyLzEvbFV6M0ljQ01qcHZGSkMxV0dXWjNJWE5RUlZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8yODIzZGQtMjVhMS00NGEwLWJmYzEtY2JiZDA4YWQzZWMy
LzEvbFV6M0ljQ01qcHZGSkMxV0dXWjNJWE5RUlZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXm/aRADW
Q+Mar5HhpWjw1K54F6Z2llPwQ8iMIsYgcbCdc3CW20afj6F59fipCGF8Gm9CD1q+
9uPUHbeOAC6X4IPuUYqDmhv3N1qOEO1yZ9abUTkWDkiURjOxKFAzIAOKhv2psAQW
Cdl9xdoClp/xZiT1asvW8AKGY/KrBqjV4GMv1c0xjVhgDO9JNpjn0Q25325VMXpJ
A5d65pWffKiMg4X+70Lhbs1GggCgbncieWvV6mgUP2v5wp+KHVwmkmCeuVFA30aC
LnSEwBXSm5jIAgs4tlziIvkY9v677zfLKXpzVwbjipNphBii+9isYxqjGZnz7SKc
G1M5psd3fnXAaA==
-----END CERTIFICATE-----