Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft
File:                     1lcpIU0Paz-lGho4A32rjeSOBVg.mft (raw, json)
Hash identifier:          J9GYH8KWiI7vynshm4KoccQmS2KUEbpqW0v3qGcASos=
Subject key identifier:   36:BE:06:F5:B5:B3:16:22:15:80:8F:41:1E:6A:7F:6B:1B:1A:50:56
Authority key identifier: D6:57:29:21:4D:0F:6B:3F:A5:1A:1A:38:03:7D:AB:8D:E4:8E:05:58
Certificate issuer:       /CN=d65729214d0f6b3fa51a1a38037dab8de48e0558
Certificate serial:       0197B74575066067515E56B8143E9B86F9AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1lcpIU0Paz-lGho4A32rjeSOBVg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft
Manifest number:          0616
Signing time:             Sat 28 Jun 2025 16:01:11 +0000
Manifest this update:     Sat 28 Jun 2025 16:01:11 +0000
Manifest next update:     Sun 29 Jun 2025 16:01:11 +0000
Files and hashes:         1: 1lcpIU0Paz-lGho4A32rjeSOBVg.crl (hash: u7tUAcI9XEPThLOQHpo/OMt3eGvSnolxHcoM8rKyy/M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1lcpIU0Paz-lGho4A32rjeSOBVg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:75:06:60:67:51:5e:56:b8:14:3e:9b:86:f9:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d65729214d0f6b3fa51a1a38037dab8de48e0558
        Validity
            Not Before: Jun 28 16:01:11 2025 GMT
            Not After : Jun 29 16:01:11 2025 GMT
        Subject: CN=36be06f5b5b3162215808f411e6a7f6b1b1a5056
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:78:1e:e7:8d:70:16:78:82:d6:b1:1e:bc:2d:
                    95:f3:c7:ec:f8:6b:64:55:75:6a:b5:ff:44:c2:ca:
                    83:6d:c0:fa:2c:78:0b:73:69:e3:90:53:7f:cc:a0:
                    c4:16:87:2b:3d:09:0a:71:2b:e3:5c:7b:0b:37:4f:
                    a4:4b:54:a7:56:d6:02:9f:25:3b:95:f2:ff:48:ba:
                    40:7b:bc:b3:13:60:80:e4:95:b8:fe:9a:f2:bb:be:
                    d6:46:33:7f:82:9b:01:96:f8:d2:c6:ed:d5:60:a3:
                    24:24:1c:5b:9f:46:11:26:f5:7e:60:ba:a7:6e:7f:
                    66:dd:ae:c1:91:f5:0e:ff:18:6f:b0:a3:9a:1d:6e:
                    9e:ac:df:8b:04:cc:47:fb:38:31:73:35:17:fd:1c:
                    2f:f5:05:4a:27:2a:f3:c8:71:fc:e5:1f:96:65:9d:
                    83:1b:fe:dc:0d:f9:4b:96:ed:8d:82:a6:7f:d4:71:
                    b6:f9:78:20:4d:25:3f:1a:f9:52:94:99:ff:7a:25:
                    00:b8:63:f3:63:53:9d:59:bf:ac:9f:47:83:d3:1f:
                    c9:68:9e:97:c7:e6:b3:e7:73:f2:77:fe:c8:5e:35:
                    f5:29:f6:4c:75:eb:08:1b:21:5d:fc:49:15:9f:5c:
                    89:df:4a:87:66:a9:6a:af:2e:e1:ca:63:f8:26:d4:
                    31:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:BE:06:F5:B5:B3:16:22:15:80:8F:41:1E:6A:7F:6B:1B:1A:50:56
            X509v3 Authority Key Identifier:
                keyid:D6:57:29:21:4D:0F:6B:3F:A5:1A:1A:38:03:7D:AB:8D:E4:8E:05:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1lcpIU0Paz-lGho4A32rjeSOBVg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:21:8a:f5:12:d3:df:95:1f:f0:fe:24:ac:68:f7:c2:a9:59:
         35:25:2b:95:7a:1e:a3:dd:8c:e0:57:68:3e:b0:50:be:1a:6c:
         29:7c:48:42:1e:d4:d2:a9:26:3c:e5:8f:1f:28:99:58:55:71:
         0a:7d:2c:72:0b:ed:ba:30:d7:57:d9:dd:d7:3d:60:ed:5b:a3:
         cf:4e:9d:d8:4b:ab:38:9e:db:6f:f4:4d:93:f2:58:c8:49:33:
         8b:66:72:b2:29:5c:08:63:00:e0:00:0e:78:46:b8:8c:fc:df:
         82:af:f0:74:2e:86:4a:dd:c1:8c:44:de:90:65:95:0b:13:12:
         26:fb:60:24:84:7c:94:12:72:f3:d3:e7:5b:73:12:7d:b5:ae:
         a1:b0:4e:cf:20:67:71:2e:52:13:71:93:2e:53:89:1e:02:27:
         d3:14:5c:a9:93:89:e7:f3:27:07:e3:d8:e6:e2:5b:b4:61:09:
         40:ea:0a:e8:44:87:3b:76:b2:11:f2:15:8f:3a:1a:42:9b:fa:
         b9:c0:8b:20:a4:f6:93:8f:89:45:42:fa:7d:20:c8:69:fd:29:
         aa:1d:09:59:d4:c4:49:db:4f:e3:70:b7:c2:6b:03:21:71:c2:
         87:30:af:f2:fc:62:29:c1:b4:5f:f9:7e:a4:a7:b7:0e:1a:15:
         f2:fb:bc:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RXUGYGdRXla4FD6bhvmrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2NTcyOTIxNGQwZjZiM2ZhNTFhMWEzODAzN2RhYjhkZTQ4
ZTA1NTgwHhcNMjUwNjI4MTYwMTExWhcNMjUwNjI5MTYwMTExWjAzMTEwLwYDVQQD
EygzNmJlMDZmNWI1YjMxNjIyMTU4MDhmNDExZTZhN2Y2YjFiMWE1MDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXge541wFniC1rEevC2V88fs+Gtk
VXVqtf9EwsqDbcD6LHgLc2njkFN/zKDEFocrPQkKcSvjXHsLN0+kS1SnVtYCnyU7
lfL/SLpAe7yzE2CA5JW4/pryu77WRjN/gpsBlvjSxu3VYKMkJBxbn0YRJvV+YLqn
bn9m3a7BkfUO/xhvsKOaHW6erN+LBMxH+zgxczUX/Rwv9QVKJyrzyHH85R+WZZ2D
G/7cDflLlu2NgqZ/1HG2+XggTSU/GvlSlJn/eiUAuGPzY1OdWb+sn0eD0x/JaJ6X
x+az53Pyd/7IXjX1KfZMdesIGyFd/EkVn1yJ30qHZqlqry7hymP4JtQx6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDa+BvW1sxYiFYCPQR5qf2sbGlBWMB8GA1UdIwQY
MBaAFNZXKSFND2s/pRoaOAN9q43kjgVYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWxjcElVMFBhei1sR2hvNEEzMnJqZVNPQlZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8wODViZDMtYzM0Zi00OGNmLTlhNzMt
ZWM0M2ZkNmMyMjdhLzEvMWxjcElVMFBhei1sR2hvNEEzMnJqZVNPQlZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8wODViZDMtYzM0Zi00OGNmLTlhNzMtZWM0M2ZkNmMyMjdh
LzEvMWxjcElVMFBhei1sR2hvNEEzMnJqZVNPQlZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADiGK9RLT
35Uf8P4krGj3wqlZNSUrlXoeo92M4FdoPrBQvhpsKXxIQh7U0qkmPOWPHyiZWFVx
Cn0scgvtujDXV9nd1z1g7Vujz06d2EurOJ7bb/RNk/JYyEkzi2ZysilcCGMA4AAO
eEa4jPzfgq/wdC6GSt3BjETekGWVCxMSJvtgJIR8lBJy89PnW3MSfbWuobBOzyBn
cS5SE3GTLlOJHgIn0xRcqZOJ5/MnB+PY5uJbtGEJQOoK6ESHO3ayEfIVjzoaQpv6
ucCLIKT2k4+JRUL6fSDIaf0pqh0JWdTESdtP43C3wmsDIXHChzCv8vxiKcG0X/l+
pKe3DhoV8vu8Lw==
-----END CERTIFICATE-----