Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft
File:                     1lcpIU0Paz-lGho4A32rjeSOBVg.mft (raw, json)
Hash identifier:          Q6CIrBKsUX6ziHjGpZPZHwyk62yzrzaF0qlijGlbfK4=
Subject key identifier:   46:1D:02:67:AF:D8:0C:35:4B:61:48:46:0C:03:37:7F:8F:81:0F:23
Authority key identifier: D6:57:29:21:4D:0F:6B:3F:A5:1A:1A:38:03:7D:AB:8D:E4:8E:05:58
Certificate issuer:       /CN=d65729214d0f6b3fa51a1a38037dab8de48e0558
Certificate serial:       0198D515659F8F08A859A504FB50F5AEF249
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1lcpIU0Paz-lGho4A32rjeSOBVg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft
Manifest number:          06AA
Signing time:             Sat 23 Aug 2025 04:00:05 +0000
Manifest this update:     Sat 23 Aug 2025 04:00:05 +0000
Manifest next update:     Sun 24 Aug 2025 04:00:05 +0000
Files and hashes:         1: 1lcpIU0Paz-lGho4A32rjeSOBVg.crl (hash: StZPysboNNHSEWGbjqwCRjqbw2DE4T8B7Q+9QzZiMK4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1lcpIU0Paz-lGho4A32rjeSOBVg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 04:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:15:65:9f:8f:08:a8:59:a5:04:fb:50:f5:ae:f2:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d65729214d0f6b3fa51a1a38037dab8de48e0558
        Validity
            Not Before: Aug 23 04:00:05 2025 GMT
            Not After : Aug 24 04:00:05 2025 GMT
        Subject: CN=461d0267afd80c354b6148460c03377f8f810f23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:04:90:06:df:13:22:38:d9:17:04:31:f2:8d:
                    30:2a:01:d4:8c:91:70:6e:c6:7b:c1:22:cb:6d:b0:
                    1b:50:ab:2f:2f:24:ac:78:51:8e:d4:61:af:11:74:
                    ea:5c:00:a2:ba:00:f6:c5:4e:ff:04:6a:c3:0b:85:
                    50:3f:54:7e:99:d0:29:8c:18:74:21:74:a3:de:13:
                    99:39:8c:f8:96:29:d9:1b:f2:7e:f1:db:75:85:b1:
                    3d:0e:ad:94:d9:8e:57:6b:9c:71:6d:9b:c8:df:b2:
                    50:9c:5a:30:01:2f:ac:bf:1a:cb:7c:73:a5:f1:72:
                    6c:08:1d:eb:1a:b3:83:92:f4:72:2d:7b:12:39:7d:
                    b5:1d:dc:d3:7e:01:74:b3:fb:c4:bb:08:cb:e7:5d:
                    a6:6b:d2:46:f5:d2:04:21:73:f2:7a:87:45:f4:5a:
                    27:3a:f5:82:c0:6e:0f:9d:fb:44:10:5d:62:a6:39:
                    64:52:09:25:cb:93:52:31:fb:41:a3:5c:67:12:fc:
                    53:ae:03:2b:09:9a:48:b7:0f:38:22:f0:c6:78:ad:
                    c6:33:f9:92:08:8a:c2:2c:4a:d6:c3:43:aa:d1:c5:
                    01:e4:a0:c3:59:8c:85:48:5e:ba:a7:bf:c4:58:ed:
                    b5:7b:9a:90:2a:73:1c:36:68:67:ab:b9:04:d7:0f:
                    6b:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:1D:02:67:AF:D8:0C:35:4B:61:48:46:0C:03:37:7F:8F:81:0F:23
            X509v3 Authority Key Identifier:
                keyid:D6:57:29:21:4D:0F:6B:3F:A5:1A:1A:38:03:7D:AB:8D:E4:8E:05:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1lcpIU0Paz-lGho4A32rjeSOBVg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:9e:2a:29:92:0e:c5:af:ff:52:9b:95:41:b0:56:67:d6:54:
         b2:09:51:74:3e:ff:fe:53:81:d4:57:7e:fc:54:d5:3e:b5:a0:
         6d:dd:18:28:be:b2:7b:5f:db:44:f0:8e:79:a5:eb:35:a1:42:
         80:f1:f8:28:3e:dc:f7:ea:73:30:6e:d6:bd:06:09:66:f4:f6:
         4c:24:8c:44:04:95:b8:fa:e6:f7:be:e7:32:42:f2:6a:0c:6c:
         27:87:fa:d1:ca:34:f4:6a:27:82:a9:a3:9e:bc:f3:f0:a0:7c:
         40:ba:7a:b8:ad:db:f7:69:91:2c:8c:54:0d:3a:9f:d4:b6:97:
         16:b3:e0:82:3e:64:fe:55:e7:1f:fc:31:9d:ff:86:60:de:47:
         da:98:6b:09:40:66:9a:16:7e:42:0e:41:c7:fa:7a:1c:62:82:
         75:59:76:25:31:e4:8b:12:ea:4c:b8:8d:52:91:ae:a3:9f:b1:
         c4:1c:8b:67:20:20:5b:2c:c0:bf:e3:88:c0:51:95:02:f2:ba:
         01:0a:30:a4:74:e7:2d:31:3b:5f:a8:07:11:c0:19:77:da:8b:
         03:ac:d3:5b:ea:85:5b:01:e9:b8:f1:17:cb:58:ec:b7:5e:ea:
         92:6c:80:2b:ed:27:a2:1c:e7:60:7f:8c:6f:08:80:97:92:0e:
         ae:bb:07:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFWWfjwioWaUE+1D1rvJJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2NTcyOTIxNGQwZjZiM2ZhNTFhMWEzODAzN2RhYjhkZTQ4
ZTA1NTgwHhcNMjUwODIzMDQwMDA1WhcNMjUwODI0MDQwMDA1WjAzMTEwLwYDVQQD
Eyg0NjFkMDI2N2FmZDgwYzM1NGI2MTQ4NDYwYzAzMzc3ZjhmODEwZjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQSQBt8TIjjZFwQx8o0wKgHUjJFw
bsZ7wSLLbbAbUKsvLySseFGO1GGvEXTqXACiugD2xU7/BGrDC4VQP1R+mdApjBh0
IXSj3hOZOYz4linZG/J+8dt1hbE9Dq2U2Y5Xa5xxbZvI37JQnFowAS+svxrLfHOl
8XJsCB3rGrODkvRyLXsSOX21HdzTfgF0s/vEuwjL512ma9JG9dIEIXPyeodF9Fon
OvWCwG4PnftEEF1ipjlkUgkly5NSMftBo1xnEvxTrgMrCZpItw84IvDGeK3GM/mS
CIrCLErWw0Oq0cUB5KDDWYyFSF66p7/EWO21e5qQKnMcNmhnq7kE1w9rNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEYdAmev2Aw1S2FIRgwDN3+PgQ8jMB8GA1UdIwQY
MBaAFNZXKSFND2s/pRoaOAN9q43kjgVYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWxjcElVMFBhei1sR2hvNEEzMnJqZVNPQlZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8wODViZDMtYzM0Zi00OGNmLTlhNzMt
ZWM0M2ZkNmMyMjdhLzEvMWxjcElVMFBhei1sR2hvNEEzMnJqZVNPQlZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8wODViZDMtYzM0Zi00OGNmLTlhNzMtZWM0M2ZkNmMyMjdh
LzEvMWxjcElVMFBhei1sR2hvNEEzMnJqZVNPQlZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADZ4qKZIO
xa//UpuVQbBWZ9ZUsglRdD7//lOB1Fd+/FTVPrWgbd0YKL6ye1/bRPCOeaXrNaFC
gPH4KD7c9+pzMG7WvQYJZvT2TCSMRASVuPrm977nMkLyagxsJ4f60co09Gongqmj
nrzz8KB8QLp6uK3b92mRLIxUDTqf1LaXFrPggj5k/lXnH/wxnf+GYN5H2phrCUBm
mhZ+Qg5Bx/p6HGKCdVl2JTHkixLqTLiNUpGuo5+xxByLZyAgWyzAv+OIwFGVAvK6
AQowpHTnLTE7X6gHEcAZd9qLA6zTW+qFWwHpuPEXy1jst17qkmyAK+0nohznYH+M
bwiAl5IOrrsHJg==
-----END CERTIFICATE-----