Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft
File:                     l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft (raw, json)
Hash identifier:          pXVa5EpKSMesMRq3PVokeCpTs2HuQC9I6YlLCMwOavA=
Subject key identifier:   2F:39:7A:4C:61:68:74:53:ED:6B:D4:B3:96:27:D4:4C:4A:8D:68:5D
Authority key identifier: 97:57:7F:84:18:8E:28:3F:DB:5D:7A:6F:CC:CC:48:56:C1:99:49:B8
Certificate issuer:       /CN=97577f84188e283fdb5d7a6fcccc4856c19949b8
Certificate serial:       0198D4E0B26A9C70E7B9E523D2B857C1611A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l1d_hBiOKD_bXXpvzMxIVsGZSbg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft
Manifest number:          1644
Signing time:             Sat 23 Aug 2025 03:02:32 +0000
Manifest this update:     Sat 23 Aug 2025 03:02:32 +0000
Manifest next update:     Sun 24 Aug 2025 03:02:32 +0000
Files and hashes:         1: l1d_hBiOKD_bXXpvzMxIVsGZSbg.crl (hash: hEJ6l5QDyila1T9/q75phO2x7BxnNNSgH6dLv00NR20=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/l1d_hBiOKD_bXXpvzMxIVsGZSbg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:02:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:b2:6a:9c:70:e7:b9:e5:23:d2:b8:57:c1:61:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97577f84188e283fdb5d7a6fcccc4856c19949b8
        Validity
            Not Before: Aug 23 03:02:32 2025 GMT
            Not After : Aug 24 03:02:32 2025 GMT
        Subject: CN=2f397a4c61687453ed6bd4b39627d44c4a8d685d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:25:9a:46:f6:9f:04:78:17:44:e4:b9:79:b1:
                    b5:54:91:4d:a1:06:ed:7e:db:a4:c3:a9:33:b3:56:
                    51:ae:6e:c8:10:e6:c5:24:4a:fa:bd:80:56:a5:a5:
                    fb:64:d3:7a:41:79:6b:1b:a3:24:ec:79:d1:b2:80:
                    48:dd:96:00:72:a4:f5:51:ba:26:d0:52:41:f5:ed:
                    1b:77:4b:a5:16:e3:52:16:2e:12:d3:67:37:ed:d4:
                    9a:68:cf:75:e7:07:eb:a8:79:91:61:d6:4f:e6:ee:
                    c3:21:d2:d1:7c:6a:a0:6d:6d:0e:3f:f1:7f:2e:91:
                    2a:38:22:87:dd:f9:16:b7:2a:cb:59:26:31:aa:d2:
                    9d:07:e6:bc:f1:30:08:be:e6:1c:b9:c4:f3:09:4c:
                    db:77:a4:35:da:37:17:86:99:8b:fc:66:b1:da:db:
                    41:d5:1a:f9:eb:e7:e4:76:dc:bb:77:08:04:e2:f2:
                    66:df:d9:5c:02:f6:e0:da:d1:df:5d:be:92:e7:ca:
                    21:fa:bb:00:3c:f6:c8:e0:d9:94:50:cb:f3:1b:e3:
                    b9:6b:b8:4c:44:44:07:0e:fe:ed:3a:1d:37:3d:fb:
                    73:71:e4:9b:2d:7c:d9:cf:c0:28:2f:6c:a4:e8:97:
                    1e:da:ff:c2:a3:48:60:b7:88:46:9f:2b:19:68:06:
                    90:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:39:7A:4C:61:68:74:53:ED:6B:D4:B3:96:27:D4:4C:4A:8D:68:5D
            X509v3 Authority Key Identifier:
                keyid:97:57:7F:84:18:8E:28:3F:DB:5D:7A:6F:CC:CC:48:56:C1:99:49:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l1d_hBiOKD_bXXpvzMxIVsGZSbg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:43:30:ed:23:92:56:21:f7:72:88:df:a8:c0:9e:06:5a:46:
         cf:0b:a8:93:85:54:a4:7f:b5:63:9b:56:a6:4d:08:9b:6c:a1:
         88:73:1d:ea:48:49:1f:1f:b3:25:f9:f5:3f:b5:98:e1:b7:b5:
         8b:a8:36:0c:df:0b:0a:fe:78:6d:be:7e:b1:a5:fd:0b:21:a4:
         34:b1:d9:fe:64:07:8d:64:9f:3d:d2:d6:3e:18:dd:9c:d3:22:
         e5:a3:a6:3b:13:92:3f:30:78:9e:58:03:9c:fe:22:58:0c:c5:
         e3:d6:7a:77:a5:21:72:8e:cd:87:a1:77:97:09:a5:4e:bd:fb:
         1c:20:85:cb:cc:8f:58:eb:f1:b5:d5:29:20:92:46:cd:76:06:
         f6:c9:9b:76:15:71:92:b5:64:4c:c3:eb:41:f9:50:ef:19:2c:
         6f:31:2b:4b:16:38:3a:0f:bd:2d:d3:e3:03:6f:58:16:0c:65:
         f0:6e:5f:6b:46:c9:4d:79:05:fd:f7:fa:e7:b9:ed:31:64:dd:
         52:dc:40:5f:f2:81:9e:4c:4f:48:6e:34:b3:7c:fe:7a:05:d9:
         92:f8:9d:69:d7:b4:95:d4:98:83:b3:11:c1:17:17:80:44:c9:
         ea:c4:44:b7:77:d5:90:64:04:5d:96:07:30:d8:c6:09:de:a8:
         cf:f9:63:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4LJqnHDnueUj0rhXwWEaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NTc3Zjg0MTg4ZTI4M2ZkYjVkN2E2ZmNjY2M0ODU2YzE5
OTQ5YjgwHhcNMjUwODIzMDMwMjMyWhcNMjUwODI0MDMwMjMyWjAzMTEwLwYDVQQD
EygyZjM5N2E0YzYxNjg3NDUzZWQ2YmQ0YjM5NjI3ZDQ0YzRhOGQ2ODVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1CWaRvafBHgXROS5ebG1VJFNoQbt
ftukw6kzs1ZRrm7IEObFJEr6vYBWpaX7ZNN6QXlrG6Mk7HnRsoBI3ZYAcqT1Ubom
0FJB9e0bd0ulFuNSFi4S02c37dSaaM915wfrqHmRYdZP5u7DIdLRfGqgbW0OP/F/
LpEqOCKH3fkWtyrLWSYxqtKdB+a88TAIvuYcucTzCUzbd6Q12jcXhpmL/Gax2ttB
1Rr56+fkdty7dwgE4vJm39lcAvbg2tHfXb6S58oh+rsAPPbI4NmUUMvzG+O5a7hM
REQHDv7tOh03PftzceSbLXzZz8AoL2yk6Jce2v/Co0hgt4hGnysZaAaQGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC85ekxhaHRT7WvUs5Yn1ExKjWhdMB8GA1UdIwQY
MBaAFJdXf4QYjig/2116b8zMSFbBmUm4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDFkX2hCaU9LRF9iWFhwdnpNeElWc0daU2JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9iMzg0YmEtNDBlYy00MmE0LTgzMzAt
YTFhNjRiNDlmYTUwLzEvbDFkX2hCaU9LRF9iWFhwdnpNeElWc0daU2JnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9iMzg0YmEtNDBlYy00MmE0LTgzMzAtYTFhNjRiNDlmYTUw
LzEvbDFkX2hCaU9LRF9iWFhwdnpNeElWc0daU2JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASUMw7SOS
ViH3cojfqMCeBlpGzwuok4VUpH+1Y5tWpk0Im2yhiHMd6khJHx+zJfn1P7WY4be1
i6g2DN8LCv54bb5+saX9CyGkNLHZ/mQHjWSfPdLWPhjdnNMi5aOmOxOSPzB4nlgD
nP4iWAzF49Z6d6Uhco7Nh6F3lwmlTr37HCCFy8yPWOvxtdUpIJJGzXYG9smbdhVx
krVkTMPrQflQ7xksbzErSxY4Og+9LdPjA29YFgxl8G5fa0bJTXkF/ff657ntMWTd
UtxAX/KBnkxPSG40s3z+egXZkvidade0ldSYg7MRwRcXgETJ6sREt3fVkGQEXZYH
MNjGCd6oz/ljSw==
-----END CERTIFICATE-----