Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft
File:                     1lcpIU0Paz-lGho4A32rjeSOBVg.mft (raw, json)
Hash identifier:          t8Kb9K+pYCzxSps+NgXfrBoDv0te8If1TmetTXBN8bM=
Subject key identifier:   8F:80:00:B8:92:B5:DA:D5:1F:26:6A:D3:FB:00:95:AE:B3:27:96:B1
Authority key identifier: D6:57:29:21:4D:0F:6B:3F:A5:1A:1A:38:03:7D:AB:8D:E4:8E:05:58
Certificate issuer:       /CN=d65729214d0f6b3fa51a1a38037dab8de48e0558
Certificate serial:       0196C7CCF5423A6EEE2D8DD71230AF12ECA7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1lcpIU0Paz-lGho4A32rjeSOBVg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft
Manifest number:          059A
Signing time:             Tue 13 May 2025 04:00:20 +0000
Manifest this update:     Tue 13 May 2025 04:00:20 +0000
Manifest next update:     Wed 14 May 2025 04:00:20 +0000
Files and hashes:         1: 1lcpIU0Paz-lGho4A32rjeSOBVg.crl (hash: VJm55Xh83aTKN3PztHPwSx9MlTTZAMLH/jykNgStlzo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1lcpIU0Paz-lGho4A32rjeSOBVg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c7:cc:f5:42:3a:6e:ee:2d:8d:d7:12:30:af:12:ec:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d65729214d0f6b3fa51a1a38037dab8de48e0558
        Validity
            Not Before: May 13 04:00:20 2025 GMT
            Not After : May 14 04:00:20 2025 GMT
        Subject: CN=8f8000b892b5dad51f266ad3fb0095aeb32796b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:8b:00:cc:7a:75:19:b8:fc:da:24:e8:73:9f:
                    d0:72:c0:2e:44:d3:ef:4d:63:74:33:01:00:07:35:
                    39:98:40:3f:e0:b8:30:b6:e1:27:2c:67:f1:63:09:
                    e5:92:f2:96:e0:21:2b:60:75:02:a3:a9:ec:74:54:
                    0b:c8:3f:d5:77:e9:91:4f:e7:b0:46:17:4e:3a:76:
                    67:6b:48:97:b6:b1:2a:da:80:90:91:f7:5e:c9:bd:
                    a7:58:9f:2c:70:d2:eb:0e:12:28:75:8d:a7:5a:37:
                    05:7a:59:4c:49:e6:0f:4d:f9:a1:ad:4b:4f:5c:ba:
                    0b:d0:63:ab:13:40:48:d0:08:f3:4b:eb:d5:b0:07:
                    9e:60:99:ec:03:61:6d:15:55:c6:d9:7b:a2:60:41:
                    44:35:23:0b:90:22:97:a6:8a:1b:2d:c8:5b:2c:35:
                    c1:30:35:50:c3:08:72:5f:a9:39:0e:17:38:69:64:
                    21:fa:b1:0f:55:c2:e7:4d:4d:41:b1:99:54:a3:5a:
                    c1:ea:39:30:25:99:c3:bd:05:5f:79:b1:04:c0:87:
                    7c:9e:4c:9f:92:67:3e:c7:95:9e:bc:ce:ff:06:42:
                    36:b4:d6:ce:d4:44:89:a3:5c:e4:fa:c6:d7:a5:02:
                    17:54:ed:3d:ab:e7:b2:65:87:57:58:a7:64:0d:75:
                    da:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:80:00:B8:92:B5:DA:D5:1F:26:6A:D3:FB:00:95:AE:B3:27:96:B1
            X509v3 Authority Key Identifier:
                keyid:D6:57:29:21:4D:0F:6B:3F:A5:1A:1A:38:03:7D:AB:8D:E4:8E:05:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1lcpIU0Paz-lGho4A32rjeSOBVg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:21:f1:42:99:fb:d6:9e:27:4e:ee:8b:b2:13:1f:88:5e:91:
         09:86:d2:05:ca:a9:94:2d:d5:20:2b:b0:2e:1d:57:bc:c0:09:
         58:44:a8:37:61:f8:da:e7:b6:6b:6c:ca:76:72:3e:75:2c:ee:
         28:52:03:8e:12:f7:10:e1:9d:81:26:06:bd:54:15:ec:c4:3e:
         96:30:e5:e8:04:f8:ef:fb:41:41:59:ad:da:34:8b:cd:4c:ef:
         fb:26:81:2f:dc:6d:3c:65:16:a3:92:cd:c3:fa:69:19:f8:3d:
         61:19:29:77:b9:c0:14:8b:ea:a5:3b:54:ee:c1:2e:8a:3a:80:
         9f:f7:07:32:73:eb:12:24:4d:cc:00:ae:9f:09:83:d7:12:49:
         63:de:de:38:59:a0:6f:b3:e8:b1:07:52:b4:d3:34:8a:60:04:
         cf:b3:bd:d4:5a:e7:34:78:af:15:9e:a6:59:30:27:48:97:9c:
         1e:99:fa:d2:9a:0c:0f:6c:ab:ed:22:ba:ce:a4:3f:79:96:a7:
         4b:92:0a:33:8c:2a:ad:d8:4a:54:c3:eb:7d:76:1e:b5:b1:f1:
         51:df:c1:71:e2:a2:3d:40:a0:d7:b4:5d:60:64:57:f4:70:20:
         ad:e9:68:18:17:29:40:a8:06:e5:f4:60:8c:0c:7a:36:0e:83:
         68:bf:5f:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbHzPVCOm7uLY3XEjCvEuynMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2NTcyOTIxNGQwZjZiM2ZhNTFhMWEzODAzN2RhYjhkZTQ4
ZTA1NTgwHhcNMjUwNTEzMDQwMDIwWhcNMjUwNTE0MDQwMDIwWjAzMTEwLwYDVQQD
Eyg4ZjgwMDBiODkyYjVkYWQ1MWYyNjZhZDNmYjAwOTVhZWIzMjc5NmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYsAzHp1Gbj82iToc5/QcsAuRNPv
TWN0MwEABzU5mEA/4LgwtuEnLGfxYwnlkvKW4CErYHUCo6nsdFQLyD/Vd+mRT+ew
RhdOOnZna0iXtrEq2oCQkfdeyb2nWJ8scNLrDhIodY2nWjcFellMSeYPTfmhrUtP
XLoL0GOrE0BI0AjzS+vVsAeeYJnsA2FtFVXG2XuiYEFENSMLkCKXpoobLchbLDXB
MDVQwwhyX6k5Dhc4aWQh+rEPVcLnTU1BsZlUo1rB6jkwJZnDvQVfebEEwId8nkyf
kmc+x5WevM7/BkI2tNbO1ESJo1zk+sbXpQIXVO09q+eyZYdXWKdkDXXa/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI+AALiStdrVHyZq0/sAla6zJ5axMB8GA1UdIwQY
MBaAFNZXKSFND2s/pRoaOAN9q43kjgVYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWxjcElVMFBhei1sR2hvNEEzMnJqZVNPQlZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8wODViZDMtYzM0Zi00OGNmLTlhNzMt
ZWM0M2ZkNmMyMjdhLzEvMWxjcElVMFBhei1sR2hvNEEzMnJqZVNPQlZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8wODViZDMtYzM0Zi00OGNmLTlhNzMtZWM0M2ZkNmMyMjdh
LzEvMWxjcElVMFBhei1sR2hvNEEzMnJqZVNPQlZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAliHxQpn7
1p4nTu6LshMfiF6RCYbSBcqplC3VICuwLh1XvMAJWESoN2H42ue2a2zKdnI+dSzu
KFIDjhL3EOGdgSYGvVQV7MQ+ljDl6AT47/tBQVmt2jSLzUzv+yaBL9xtPGUWo5LN
w/ppGfg9YRkpd7nAFIvqpTtU7sEuijqAn/cHMnPrEiRNzACunwmD1xJJY97eOFmg
b7PosQdStNM0imAEz7O91FrnNHivFZ6mWTAnSJecHpn60poMD2yr7SK6zqQ/eZan
S5IKM4wqrdhKVMPrfXYetbHxUd/BceKiPUCg17RdYGRX9HAgreloGBcpQKgG5fRg
jAx6Ng6DaL9f9g==
-----END CERTIFICATE-----