Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/4ef629-12e2-4d99-9b4a-336623afe898/1/lM53iNLj_vf8ANXOEz19bcAPhik.mft
File:                     lM53iNLj_vf8ANXOEz19bcAPhik.mft (raw, json)
Hash identifier:          2T4vzN0sJGYCYUBNdVJQFvXAqpWmC/4KWU93bSFboiE=
Subject key identifier:   24:FC:56:8B:EA:2B:5A:5D:B7:E9:83:F1:FF:1E:67:81:16:21:53:90
Authority key identifier: 94:CE:77:88:D2:E3:FE:F7:FC:00:D5:CE:13:3D:7D:6D:C0:0F:86:29
Certificate issuer:       /CN=94ce7788d2e3fef7fc00d5ce133d7d6dc00f8629
Certificate serial:       0198D6CD5568F490D977BD2CC76883E1E2C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lM53iNLj_vf8ANXOEz19bcAPhik.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/96/4ef629-12e2-4d99-9b4a-336623afe898/1/lM53iNLj_vf8ANXOEz19bcAPhik.mft
Manifest number:          0DC0
Signing time:             Sat 23 Aug 2025 12:00:37 +0000
Manifest this update:     Sat 23 Aug 2025 12:00:37 +0000
Manifest next update:     Sun 24 Aug 2025 12:00:37 +0000
Files and hashes:         1: lM53iNLj_vf8ANXOEz19bcAPhik.crl (hash: oOXBXh0BFKLVlXx4S9CUbM94N/Xhr6lQUilAAGUUzHw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/96/4ef629-12e2-4d99-9b4a-336623afe898/1/lM53iNLj_vf8ANXOEz19bcAPhik.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/96/4ef629-12e2-4d99-9b4a-336623afe898/1/lM53iNLj_vf8ANXOEz19bcAPhik.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lM53iNLj_vf8ANXOEz19bcAPhik.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:cd:55:68:f4:90:d9:77:bd:2c:c7:68:83:e1:e2:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94ce7788d2e3fef7fc00d5ce133d7d6dc00f8629
        Validity
            Not Before: Aug 23 12:00:37 2025 GMT
            Not After : Aug 24 12:00:37 2025 GMT
        Subject: CN=24fc568bea2b5a5db7e983f1ff1e678116215390
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:c6:ab:0a:9c:6e:7c:c8:c8:e5:86:f8:af:c0:
                    c8:72:e5:6f:4d:4e:af:d8:af:49:6a:09:c6:5b:2f:
                    3e:b3:8c:ec:95:32:2b:82:b3:ae:91:e6:14:54:64:
                    c5:b6:d4:f5:8b:55:7e:61:94:58:42:de:6e:5f:4b:
                    af:89:1a:6d:74:d0:d3:40:46:96:b0:9d:60:2b:a9:
                    12:17:60:0a:43:27:86:ea:d1:5a:50:4a:5e:2b:b4:
                    19:d5:4b:da:90:1f:5b:09:e5:ea:ef:2d:c6:20:9e:
                    c5:73:9f:c9:58:46:84:0d:da:1a:d1:be:39:63:1f:
                    82:d0:50:30:30:fb:b3:fd:47:59:b3:50:26:c2:27:
                    02:8e:11:c5:e8:de:b6:7e:ec:37:35:6d:a6:1d:9a:
                    fd:8d:13:d2:b3:f6:1d:ca:b0:3c:fa:be:04:11:1d:
                    32:fc:78:1c:b5:91:27:e1:b3:95:d2:be:b4:d7:bd:
                    8d:7b:2a:b2:ef:16:00:a2:bd:70:8d:15:fb:0a:f7:
                    2d:d8:c3:2c:4b:65:86:0c:26:98:94:8f:94:61:37:
                    f0:fc:b6:cf:74:47:88:cb:6c:a2:c1:2b:1f:96:1f:
                    af:69:c7:7c:a6:c2:75:50:6d:92:fa:30:0e:1f:ab:
                    96:83:91:5f:ba:d2:1a:43:b5:ee:5b:3b:ed:23:93:
                    7f:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:FC:56:8B:EA:2B:5A:5D:B7:E9:83:F1:FF:1E:67:81:16:21:53:90
            X509v3 Authority Key Identifier:
                keyid:94:CE:77:88:D2:E3:FE:F7:FC:00:D5:CE:13:3D:7D:6D:C0:0F:86:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lM53iNLj_vf8ANXOEz19bcAPhik.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/4ef629-12e2-4d99-9b4a-336623afe898/1/lM53iNLj_vf8ANXOEz19bcAPhik.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/96/4ef629-12e2-4d99-9b4a-336623afe898/1/lM53iNLj_vf8ANXOEz19bcAPhik.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:71:f6:68:93:f3:07:9a:a8:c3:b2:33:87:49:b4:80:25:34:
         52:55:93:5c:02:1c:af:54:da:ee:c2:ad:d2:5c:e8:63:eb:96:
         19:7a:14:59:67:d9:ed:6c:72:f7:89:54:3e:b7:4e:c7:8b:5c:
         20:28:88:94:15:9d:8f:1a:f3:0f:cc:59:20:ad:b3:28:39:05:
         78:48:10:7f:19:90:c2:ed:6f:7b:6d:81:f1:09:9b:cb:e8:d5:
         21:1c:8a:82:76:89:df:56:08:f8:bd:a9:79:51:e1:bd:55:ac:
         86:d5:c8:f5:7c:1e:04:c9:f6:2f:f8:3e:04:5d:85:3f:85:47:
         75:4e:54:82:01:5d:b1:95:69:6f:f2:6c:83:5f:e8:53:79:d7:
         6b:94:e1:6c:b8:8e:7e:f7:86:a6:8d:01:8f:01:eb:81:7b:b8:
         40:6c:ad:b9:b0:8a:63:38:94:01:c9:21:a2:de:8c:d1:4d:34:
         ea:0a:97:0d:3b:a6:38:e9:d9:15:01:d3:e8:8d:91:a4:8c:cc:
         9f:57:79:6b:26:e7:aa:4b:b0:80:4e:96:f9:7a:fe:bb:12:e2:
         b6:67:ab:24:97:3c:33:30:59:54:0b:f5:70:09:fc:5d:7a:56:
         23:b6:17:a9:b8:07:ea:d4:00:2f:ca:71:ad:ee:e3:fd:5a:04:
         f7:0d:77:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzVVo9JDZd70sx2iD4eLIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0Y2U3Nzg4ZDJlM2ZlZjdmYzAwZDVjZTEzM2Q3ZDZkYzAw
Zjg2MjkwHhcNMjUwODIzMTIwMDM3WhcNMjUwODI0MTIwMDM3WjAzMTEwLwYDVQQD
EygyNGZjNTY4YmVhMmI1YTVkYjdlOTgzZjFmZjFlNjc4MTE2MjE1MzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsarCpxufMjI5Yb4r8DIcuVvTU6v
2K9JagnGWy8+s4zslTIrgrOukeYUVGTFttT1i1V+YZRYQt5uX0uviRptdNDTQEaW
sJ1gK6kSF2AKQyeG6tFaUEpeK7QZ1UvakB9bCeXq7y3GIJ7Fc5/JWEaEDdoa0b45
Yx+C0FAwMPuz/UdZs1AmwicCjhHF6N62fuw3NW2mHZr9jRPSs/YdyrA8+r4EER0y
/HgctZEn4bOV0r60172Neyqy7xYAor1wjRX7Cvct2MMsS2WGDCaYlI+UYTfw/LbP
dEeIy2yiwSsflh+vacd8psJ1UG2S+jAOH6uWg5FfutIaQ7XuWzvtI5N/pQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCT8VovqK1pdt+mD8f8eZ4EWIVOQMB8GA1UdIwQY
MBaAFJTOd4jS4/73/ADVzhM9fW3AD4YpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE01M2lOTGpfdmY4QU5YT0V6MTliY0FQaGlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni80ZWY2MjktMTJlMi00ZDk5LTliNGEt
MzM2NjIzYWZlODk4LzEvbE01M2lOTGpfdmY4QU5YT0V6MTliY0FQaGlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni80ZWY2MjktMTJlMi00ZDk5LTliNGEtMzM2NjIzYWZlODk4
LzEvbE01M2lOTGpfdmY4QU5YT0V6MTliY0FQaGlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsnH2aJPz
B5qow7Izh0m0gCU0UlWTXAIcr1Ta7sKt0lzoY+uWGXoUWWfZ7Wxy94lUPrdOx4tc
ICiIlBWdjxrzD8xZIK2zKDkFeEgQfxmQwu1ve22B8Qmby+jVIRyKgnaJ31YI+L2p
eVHhvVWshtXI9XweBMn2L/g+BF2FP4VHdU5UggFdsZVpb/Jsg1/oU3nXa5ThbLiO
fveGpo0BjwHrgXu4QGytubCKYziUAckhot6M0U006gqXDTumOOnZFQHT6I2RpIzM
n1d5aybnqkuwgE6W+Xr+uxLitmerJJc8MzBZVAv1cAn8XXpWI7YXqbgH6tQAL8px
re7j/VoE9w13Iw==
-----END CERTIFICATE-----