Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
File:                     Lokc9xG_fhxC4ILWoviaBL7rldE.mft (raw, json)
Hash identifier:          szwxjyllWhiMFdJCpzLgq+yTcaPetvtcU2yrLXJqAz0=
Subject key identifier:   DA:D7:0A:AF:F6:81:FD:0E:84:16:FE:28:2D:D9:FA:B6:A3:EC:71:1A
Authority key identifier: 2E:89:1C:F7:11:BF:7E:1C:42:E0:82:D6:A2:F8:9A:04:BE:EB:95:D1
Certificate issuer:       /CN=2e891cf711bf7e1c42e082d6a2f89a04beeb95d1
Certificate serial:       0198D515FEF162B86D8C0CD7CD0EEA49B534
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
Manifest number:          024D
Signing time:             Sat 23 Aug 2025 04:00:45 +0000
Manifest this update:     Sat 23 Aug 2025 04:00:45 +0000
Manifest next update:     Sun 24 Aug 2025 04:00:45 +0000
Files and hashes:         1: Lokc9xG_fhxC4ILWoviaBL7rldE.crl (hash: qajpXFxCiW2G13C33mYsdJRrpZgRqQX2eQrJzhhuNyM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 04:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:15:fe:f1:62:b8:6d:8c:0c:d7:cd:0e:ea:49:b5:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e891cf711bf7e1c42e082d6a2f89a04beeb95d1
        Validity
            Not Before: Aug 23 04:00:45 2025 GMT
            Not After : Aug 24 04:00:45 2025 GMT
        Subject: CN=dad70aaff681fd0e8416fe282dd9fab6a3ec711a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:97:d3:79:a2:35:ac:9b:91:4c:d9:64:7c:92:
                    ae:d7:5a:47:da:32:e5:61:3d:a9:2f:40:2b:ff:d3:
                    dd:cd:07:aa:c8:7b:ec:f5:1b:36:9a:ad:15:b6:c5:
                    e4:f1:a3:d0:48:42:33:b0:02:6a:c6:0f:9c:e9:b9:
                    87:9d:af:cd:14:ee:08:b2:d3:3c:52:e8:b0:a2:29:
                    51:c6:d9:53:3c:cd:b9:33:c6:61:e7:b3:1f:81:ea:
                    14:21:47:fd:d3:ae:40:a4:7d:f1:71:e1:28:d7:9b:
                    3f:ff:10:6f:3e:5d:2e:99:fa:35:ed:17:a7:7b:23:
                    3e:cd:04:b3:53:17:25:fa:e8:61:87:e3:f1:73:41:
                    9a:89:91:5a:97:a1:11:c8:6f:0c:83:b7:e6:58:27:
                    3b:6c:f0:f2:18:9c:6b:bc:91:25:aa:d6:26:2d:af:
                    77:ce:85:03:58:1a:62:3d:7c:7a:27:8b:c1:9a:ad:
                    12:26:d3:dd:fa:0b:2a:7b:b7:e3:b9:e1:86:17:c2:
                    67:5b:c8:d9:aa:3a:0d:fa:cd:8a:bf:45:7e:4d:93:
                    e9:0e:31:95:ae:ea:fb:a0:78:ea:21:4a:c7:32:89:
                    6a:82:21:f5:e0:28:ff:3d:ee:dd:73:e4:3a:d1:9b:
                    17:93:63:fa:3a:62:7e:da:59:24:97:a3:60:e3:03:
                    d9:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:D7:0A:AF:F6:81:FD:0E:84:16:FE:28:2D:D9:FA:B6:A3:EC:71:1A
            X509v3 Authority Key Identifier:
                keyid:2E:89:1C:F7:11:BF:7E:1C:42:E0:82:D6:A2:F8:9A:04:BE:EB:95:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:22:2a:00:e9:a3:8c:a4:6a:1d:8c:5f:db:23:c3:85:6c:8f:
         89:53:99:13:99:48:d7:5b:36:a3:f1:2d:9e:f1:0f:af:46:0c:
         b2:7f:8d:5f:ef:36:7c:bb:9c:a1:f4:e4:23:2c:7b:cc:18:78:
         1e:01:8f:36:21:67:c8:dc:90:c2:cf:df:29:6d:d0:88:e3:5b:
         7a:01:08:2e:83:86:89:f1:36:61:5b:5c:12:b2:9c:79:90:c0:
         58:e4:1b:0f:40:9a:5f:7e:c1:87:86:22:34:50:5f:26:55:c1:
         fa:96:c1:a1:67:5a:9a:d0:7f:93:2a:aa:34:7d:ba:af:27:7a:
         56:70:2f:08:21:50:87:9c:e3:a6:1e:e1:ff:a3:a5:2d:21:7c:
         69:72:dc:39:8a:53:ed:fb:fb:f5:c4:df:06:b2:df:82:bb:cc:
         62:00:2d:d9:3a:c7:74:a2:08:c3:b9:24:f3:52:28:e7:1f:83:
         b1:6b:7e:54:bc:6d:d7:82:70:8d:fa:1d:da:b5:2d:6b:5d:d0:
         af:be:c8:b6:a0:ac:55:4a:1c:f9:ae:13:f1:47:08:23:df:8e:
         be:20:e9:4f:5b:91:dd:5b:99:23:a3:c2:e8:3d:b3:3a:b1:53:
         e5:24:c4:71:bc:8e:ab:7d:86:19:59:35:31:96:b2:b3:bf:65:
         35:e9:f3:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFf7xYrhtjAzXzQ7qSbU0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODkxY2Y3MTFiZjdlMWM0MmUwODJkNmEyZjg5YTA0YmVl
Yjk1ZDEwHhcNMjUwODIzMDQwMDQ1WhcNMjUwODI0MDQwMDQ1WjAzMTEwLwYDVQQD
EyhkYWQ3MGFhZmY2ODFmZDBlODQxNmZlMjgyZGQ5ZmFiNmEzZWM3MTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupfTeaI1rJuRTNlkfJKu11pH2jLl
YT2pL0Ar/9PdzQeqyHvs9Rs2mq0VtsXk8aPQSEIzsAJqxg+c6bmHna/NFO4IstM8
UuiwoilRxtlTPM25M8Zh57MfgeoUIUf9065ApH3xceEo15s//xBvPl0umfo17Ren
eyM+zQSzUxcl+uhhh+Pxc0GaiZFal6ERyG8Mg7fmWCc7bPDyGJxrvJElqtYmLa93
zoUDWBpiPXx6J4vBmq0SJtPd+gsqe7fjueGGF8JnW8jZqjoN+s2Kv0V+TZPpDjGV
rur7oHjqIUrHMolqgiH14Cj/Pe7dc+Q60ZsXk2P6OmJ+2lkkl6Ng4wPZvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNrXCq/2gf0OhBb+KC3Z+raj7HEaMB8GA1UdIwQY
MBaAFC6JHPcRv34cQuCC1qL4mgS+65XRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS81MGI1NTAtZjg1ZS00ODliLTg0NzMt
ZTAzNjUzODFiYjg1LzEvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS81MGI1NTAtZjg1ZS00ODliLTg0NzMtZTAzNjUzODFiYjg1
LzEvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsiIqAOmj
jKRqHYxf2yPDhWyPiVOZE5lI11s2o/EtnvEPr0YMsn+NX+82fLucofTkIyx7zBh4
HgGPNiFnyNyQws/fKW3QiONbegEILoOGifE2YVtcErKceZDAWOQbD0CaX37Bh4Yi
NFBfJlXB+pbBoWdamtB/kyqqNH26ryd6VnAvCCFQh5zjph7h/6OlLSF8aXLcOYpT
7fv79cTfBrLfgrvMYgAt2TrHdKIIw7kk81Io5x+DsWt+VLxt14Jwjfod2rUta13Q
r77ItqCsVUoc+a4T8UcII9+OviDpT1uR3VuZI6PC6D2zOrFT5STEcbyOq32GGVk1
MZays79lNenzMA==
-----END CERTIFICATE-----