Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/cd41ba-2ea7-474f-8941-5fdb3228fe1f/1/L5FDTuFsYTNOwnDfVox3oLXeBSo.mft
File:                     L5FDTuFsYTNOwnDfVox3oLXeBSo.mft (raw, json)
Hash identifier:          kGx66R9p2XJIs1nawoKjBLMqEC+DCcm//YHc67fisw4=
Subject key identifier:   BB:1E:F3:C5:59:F9:91:B0:FA:F3:B5:3F:76:A9:D8:C4:CF:F9:26:3F
Authority key identifier: 2F:91:43:4E:E1:6C:61:33:4E:C2:70:DF:56:8C:77:A0:B5:DE:05:2A
Certificate issuer:       /CN=2f91434ee16c61334ec270df568c77a0b5de052a
Certificate serial:       0197B70EA687F78A37DC35522BDFA3A31F23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L5FDTuFsYTNOwnDfVox3oLXeBSo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/cd41ba-2ea7-474f-8941-5fdb3228fe1f/1/L5FDTuFsYTNOwnDfVox3oLXeBSo.mft
Manifest number:          0C9A
Signing time:             Sat 28 Jun 2025 15:01:20 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:20 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:20 +0000
Files and hashes:         1: L5FDTuFsYTNOwnDfVox3oLXeBSo.crl (hash: v+fa/I2NW6sm/9sTi3hdOeGqETb26hbU2WvWRLXS2go=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b6/cd41ba-2ea7-474f-8941-5fdb3228fe1f/1/L5FDTuFsYTNOwnDfVox3oLXeBSo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b6/cd41ba-2ea7-474f-8941-5fdb3228fe1f/1/L5FDTuFsYTNOwnDfVox3oLXeBSo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/L5FDTuFsYTNOwnDfVox3oLXeBSo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:a6:87:f7:8a:37:dc:35:52:2b:df:a3:a3:1f:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f91434ee16c61334ec270df568c77a0b5de052a
        Validity
            Not Before: Jun 28 15:01:20 2025 GMT
            Not After : Jun 29 15:01:20 2025 GMT
        Subject: CN=bb1ef3c559f991b0faf3b53f76a9d8c4cff9263f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:fc:23:ab:6c:e5:ac:f3:27:ee:76:d1:5b:9f:
                    51:a3:f5:a2:38:fc:c3:9c:e1:ab:2e:c6:55:86:f6:
                    7d:94:25:2b:3f:d4:1f:43:3f:f8:b1:d0:80:b2:7a:
                    35:46:2a:40:fa:e3:9f:d5:7d:f6:7f:39:f1:43:cd:
                    fd:1b:ee:4e:15:fe:ed:af:e4:15:f6:45:e3:ba:78:
                    9d:09:6f:b3:ef:19:05:53:f0:c0:2c:ac:e4:d0:a2:
                    29:e2:95:28:92:b5:ad:a8:bd:e9:ee:76:5a:8b:d7:
                    35:d1:50:9e:26:a1:4c:04:68:29:17:2b:8f:4d:5f:
                    d0:42:a7:85:2f:2b:44:cd:b7:f3:cc:30:4e:5e:c8:
                    25:e7:e9:23:7c:d0:b4:b0:b4:df:f9:39:0e:a8:34:
                    20:4c:d9:ae:67:3a:3c:cb:71:2c:c7:a7:83:b9:0f:
                    22:11:5c:05:bf:36:b3:54:e4:e5:d1:c1:69:19:a0:
                    05:a7:a5:d0:20:ed:54:54:fd:36:68:2a:62:4d:38:
                    ad:ef:44:78:e2:e5:9d:05:f5:09:11:25:43:68:24:
                    cc:9e:d3:35:0c:d9:49:70:5e:69:0f:05:df:6f:8b:
                    b1:22:e2:9e:91:02:40:9d:9b:ff:b7:5c:4a:b5:5d:
                    84:25:39:69:c9:79:8c:bc:46:54:70:92:a4:b6:68:
                    11:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:1E:F3:C5:59:F9:91:B0:FA:F3:B5:3F:76:A9:D8:C4:CF:F9:26:3F
            X509v3 Authority Key Identifier:
                keyid:2F:91:43:4E:E1:6C:61:33:4E:C2:70:DF:56:8C:77:A0:B5:DE:05:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L5FDTuFsYTNOwnDfVox3oLXeBSo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/cd41ba-2ea7-474f-8941-5fdb3228fe1f/1/L5FDTuFsYTNOwnDfVox3oLXeBSo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/cd41ba-2ea7-474f-8941-5fdb3228fe1f/1/L5FDTuFsYTNOwnDfVox3oLXeBSo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:25:eb:3e:89:96:b4:d9:3a:9f:b8:71:f5:8d:9b:e3:e1:27:
         46:ce:80:13:c6:83:41:e1:17:91:1f:4a:77:60:3a:b2:af:a9:
         a1:17:d9:ba:e9:37:cc:f2:a7:97:06:9c:10:da:11:26:ba:1c:
         d5:bc:0e:39:55:89:e3:4f:bb:cf:21:5d:17:f4:e7:13:d9:f6:
         a8:83:0d:d2:91:6c:3b:3d:b2:e5:0c:96:89:a9:24:97:eb:d1:
         e9:8b:45:b0:e9:66:5e:4e:f1:d5:6c:9f:a7:ec:9c:36:df:e3:
         4c:47:30:bc:9c:cc:90:1f:3e:36:ba:07:60:1c:49:af:1a:19:
         8e:72:66:2d:55:08:e4:c0:31:00:ad:ca:f7:a3:78:de:a8:43:
         1c:66:f4:9d:0e:46:51:cc:d4:eb:b9:b8:cb:81:d9:f2:5f:d4:
         d1:1e:88:08:57:ef:1b:53:93:e3:d8:24:d1:0d:38:91:52:99:
         81:2f:db:8d:6a:71:06:06:bd:f4:e7:46:4f:9b:7f:4d:39:18:
         1e:68:bd:32:39:b4:4f:7f:c8:cb:a2:e0:ef:f8:35:16:57:6c:
         81:61:03:1a:11:74:00:f6:15:2d:c6:60:ce:e9:d9:de:80:a0:
         dd:68:41:9f:37:48:8e:26:be:14:52:05:a6:25:51:e3:da:e0:
         8e:7c:1d:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DqaH94o33DVSK9+jox8jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmOTE0MzRlZTE2YzYxMzM0ZWMyNzBkZjU2OGM3N2EwYjVk
ZTA1MmEwHhcNMjUwNjI4MTUwMTIwWhcNMjUwNjI5MTUwMTIwWjAzMTEwLwYDVQQD
EyhiYjFlZjNjNTU5Zjk5MWIwZmFmM2I1M2Y3NmE5ZDhjNGNmZjkyNjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovwjq2zlrPMn7nbRW59Ro/WiOPzD
nOGrLsZVhvZ9lCUrP9QfQz/4sdCAsno1RipA+uOf1X32fznxQ839G+5OFf7tr+QV
9kXjunidCW+z7xkFU/DALKzk0KIp4pUokrWtqL3p7nZai9c10VCeJqFMBGgpFyuP
TV/QQqeFLytEzbfzzDBOXsgl5+kjfNC0sLTf+TkOqDQgTNmuZzo8y3Esx6eDuQ8i
EVwFvzazVOTl0cFpGaAFp6XQIO1UVP02aCpiTTit70R44uWdBfUJESVDaCTMntM1
DNlJcF5pDwXfb4uxIuKekQJAnZv/t1xKtV2EJTlpyXmMvEZUcJKktmgRSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLse88VZ+ZGw+vO1P3ap2MTP+SY/MB8GA1UdIwQY
MBaAFC+RQ07hbGEzTsJw31aMd6C13gUqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDVGRFR1RnNZVE5Pd25EZlZveDNvTFhlQlNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9jZDQxYmEtMmVhNy00NzRmLTg5NDEt
NWZkYjMyMjhmZTFmLzEvTDVGRFR1RnNZVE5Pd25EZlZveDNvTFhlQlNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9jZDQxYmEtMmVhNy00NzRmLTg5NDEtNWZkYjMyMjhmZTFm
LzEvTDVGRFR1RnNZVE5Pd25EZlZveDNvTFhlQlNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAESXrPomW
tNk6n7hx9Y2b4+EnRs6AE8aDQeEXkR9Kd2A6sq+poRfZuuk3zPKnlwacENoRJroc
1bwOOVWJ40+7zyFdF/TnE9n2qIMN0pFsOz2y5QyWiakkl+vR6YtFsOlmXk7x1Wyf
p+ycNt/jTEcwvJzMkB8+NroHYBxJrxoZjnJmLVUI5MAxAK3K96N43qhDHGb0nQ5G
UczU67m4y4HZ8l/U0R6ICFfvG1OT49gk0Q04kVKZgS/bjWpxBga99OdGT5t/TTkY
Hmi9Mjm0T3/Iy6Lg7/g1FldsgWEDGhF0APYVLcZgzunZ3oCg3WhBnzdIjia+FFIF
piVR49rgjnwdCw==
-----END CERTIFICATE-----