Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft
File:                     LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft (raw, json)
Hash identifier:          UH42jkxXjfwXXp9wdOeLpNd2MzR17GWA+5bXOjwsjds=
Subject key identifier:   90:1D:5D:D5:FC:DB:7B:70:01:4F:42:67:CF:3A:95:B4:8A:95:9B:A5
Authority key identifier: 2E:31:63:12:AD:2B:21:AA:9A:04:81:1F:62:AD:03:6B:F6:88:85:D9
Certificate issuer:       /CN=2e316312ad2b21aa9a04811f62ad036bf68885d9
Certificate serial:       0197B6A143CEA650FA2A7EA2C96290AF4990
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LjFjEq0rIaqaBIEfYq0Da_aIhdk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft
Manifest number:          0A2E
Signing time:             Sat 28 Jun 2025 13:01:51 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:51 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:51 +0000
Files and hashes:         1: LjFjEq0rIaqaBIEfYq0Da_aIhdk.crl (hash: 0zcahrJglvSOrqJUjy1U8xToudIRqlfr76dyYqNxlFI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LjFjEq0rIaqaBIEfYq0Da_aIhdk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:43:ce:a6:50:fa:2a:7e:a2:c9:62:90:af:49:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e316312ad2b21aa9a04811f62ad036bf68885d9
        Validity
            Not Before: Jun 28 13:01:51 2025 GMT
            Not After : Jun 29 13:01:51 2025 GMT
        Subject: CN=901d5dd5fcdb7b70014f4267cf3a95b48a959ba5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:ab:9b:ec:da:c0:df:e1:cc:65:d5:6c:dd:66:
                    32:9f:4e:fa:01:f4:69:2b:a7:a2:45:23:b5:90:9d:
                    7a:78:96:08:5b:3a:53:99:cc:69:9d:3d:6c:9b:c0:
                    29:82:b5:ae:6c:80:05:9a:d9:99:b0:87:b3:3e:18:
                    f0:eb:dc:03:28:8f:22:eb:63:8b:d0:27:d4:b1:fb:
                    72:cd:ba:90:c3:50:21:0b:fb:cd:ce:53:91:03:bf:
                    69:43:79:af:f5:61:46:4d:b5:aa:e8:74:82:0b:76:
                    82:05:27:04:3b:3b:1a:f2:ca:c9:a1:c2:f7:d4:cc:
                    14:0c:bb:ad:d0:86:c1:23:53:a6:2e:59:f5:9a:0a:
                    c8:03:35:98:54:c1:25:e3:89:2f:b5:16:51:22:08:
                    21:0a:b7:17:e6:96:64:28:e6:4a:91:21:9b:68:11:
                    dd:c6:d4:99:97:a6:a2:3f:a4:8b:40:f2:59:d6:82:
                    e3:02:60:ce:cd:05:f0:57:64:15:c0:d2:5b:65:8d:
                    d0:f7:32:29:0f:a0:d2:c3:d9:cf:5f:1b:4e:fe:95:
                    fd:0e:90:2a:b7:7b:1f:4f:71:fa:11:11:7e:cf:25:
                    d7:74:91:20:8a:fa:c8:f6:d0:95:4d:f4:a2:c8:99:
                    f7:e7:66:66:0e:4b:83:40:29:37:7d:4a:7a:4a:4b:
                    79:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:1D:5D:D5:FC:DB:7B:70:01:4F:42:67:CF:3A:95:B4:8A:95:9B:A5
            X509v3 Authority Key Identifier:
                keyid:2E:31:63:12:AD:2B:21:AA:9A:04:81:1F:62:AD:03:6B:F6:88:85:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LjFjEq0rIaqaBIEfYq0Da_aIhdk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:1b:46:d9:72:cb:d8:3f:c2:30:7b:99:f2:08:26:f2:e5:e6:
         d9:d9:6f:c0:5f:48:63:c8:19:1f:56:93:d5:e2:2d:2d:d9:57:
         c9:bb:f5:8e:ed:d6:f8:e2:3e:95:a8:fa:31:01:c7:7e:a6:f8:
         4a:19:9f:cc:54:51:fa:10:86:b1:14:f9:fb:bc:fc:84:2f:51:
         c0:3e:3a:fa:94:09:43:13:93:80:63:4a:a9:38:89:64:27:64:
         f7:df:de:4e:f4:6d:d4:13:ef:21:aa:cd:73:67:64:53:ab:e3:
         4a:5c:ed:0b:75:2a:7e:48:30:ba:fc:51:48:66:8d:33:57:61:
         83:df:d9:1b:60:63:66:86:ab:24:9f:f5:84:f5:f8:8d:68:a5:
         5e:65:08:22:e7:ae:63:82:8c:5b:46:4f:b9:47:2e:20:07:3b:
         ee:59:db:57:ba:ce:c9:30:d0:49:26:1b:47:f5:00:f7:13:fa:
         12:bf:ec:c1:6f:89:58:0e:df:5b:f9:34:4c:d7:77:46:17:0f:
         97:f9:5c:de:f9:5a:67:09:df:1d:b4:d0:63:1c:0b:74:c1:00:
         55:d3:89:30:ae:9d:b8:d4:b6:1e:0b:53:a8:ba:e2:88:d4:6d:
         93:71:a0:6f:9c:0e:bd:00:f3:15:ec:38:ef:4d:21:55:4a:06:
         58:6a:20:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oUPOplD6Kn6iyWKQr0mQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMzE2MzEyYWQyYjIxYWE5YTA0ODExZjYyYWQwMzZiZjY4
ODg1ZDkwHhcNMjUwNjI4MTMwMTUxWhcNMjUwNjI5MTMwMTUxWjAzMTEwLwYDVQQD
Eyg5MDFkNWRkNWZjZGI3YjcwMDE0ZjQyNjdjZjNhOTViNDhhOTU5YmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6ub7NrA3+HMZdVs3WYyn076AfRp
K6eiRSO1kJ16eJYIWzpTmcxpnT1sm8ApgrWubIAFmtmZsIezPhjw69wDKI8i62OL
0CfUsftyzbqQw1AhC/vNzlORA79pQ3mv9WFGTbWq6HSCC3aCBScEOzsa8srJocL3
1MwUDLut0IbBI1OmLln1mgrIAzWYVMEl44kvtRZRIgghCrcX5pZkKOZKkSGbaBHd
xtSZl6aiP6SLQPJZ1oLjAmDOzQXwV2QVwNJbZY3Q9zIpD6DSw9nPXxtO/pX9DpAq
t3sfT3H6ERF+zyXXdJEgivrI9tCVTfSiyJn352ZmDkuDQCk3fUp6Skt5cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJAdXdX823twAU9CZ886lbSKlZulMB8GA1UdIwQY
MBaAFC4xYxKtKyGqmgSBH2KtA2v2iIXZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGpGakVxMHJJYXFhQklFZllxMERhX2FJaGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC83YjlkMmMtN2Q0OS00YTE5LWE1NWQt
M2I0NzY2NmQxMzY1LzEvTGpGakVxMHJJYXFhQklFZllxMERhX2FJaGRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC83YjlkMmMtN2Q0OS00YTE5LWE1NWQtM2I0NzY2NmQxMzY1
LzEvTGpGakVxMHJJYXFhQklFZllxMERhX2FJaGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaxtG2XLL
2D/CMHuZ8ggm8uXm2dlvwF9IY8gZH1aT1eItLdlXybv1ju3W+OI+laj6MQHHfqb4
ShmfzFRR+hCGsRT5+7z8hC9RwD46+pQJQxOTgGNKqTiJZCdk99/eTvRt1BPvIarN
c2dkU6vjSlztC3UqfkgwuvxRSGaNM1dhg9/ZG2BjZoarJJ/1hPX4jWilXmUIIueu
Y4KMW0ZPuUcuIAc77lnbV7rOyTDQSSYbR/UA9xP6Er/swW+JWA7fW/k0TNd3RhcP
l/lc3vlaZwnfHbTQYxwLdMEAVdOJMK6duNS2HgtTqLriiNRtk3Ggb5wOvQDzFew4
700hVUoGWGognQ==
-----END CERTIFICATE-----