Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft
File:                     pr640lzi1AsMuuWcEeKSvTcXDfo.mft (raw, json)
Hash identifier:          nMCJVjvo0O2AoO0GrbiN3LxveV8yoB8Hv3/vmkOmwNI=
Subject key identifier:   29:C7:0F:80:77:1F:27:6D:A3:AE:DB:20:EA:D4:7B:92:C8:9B:4F:1C
Authority key identifier: A6:BE:B8:D2:5C:E2:D4:0B:0C:BA:E5:9C:11:E2:92:BD:37:17:0D:FA
Certificate issuer:       /CN=a6beb8d25ce2d40b0cbae59c11e292bd37170dfa
Certificate serial:       0198D73B813D2F15D4676865C6C64A30A9F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pr640lzi1AsMuuWcEeKSvTcXDfo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft
Manifest number:          1042
Signing time:             Sat 23 Aug 2025 14:00:57 +0000
Manifest this update:     Sat 23 Aug 2025 14:00:57 +0000
Manifest next update:     Sun 24 Aug 2025 14:00:57 +0000
Files and hashes:         1: pr640lzi1AsMuuWcEeKSvTcXDfo.crl (hash: Xq5ifYRL3A/mf8FTeQzpTMxg68Wmc1CEFxAWTabGa7I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pr640lzi1AsMuuWcEeKSvTcXDfo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:50:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:3b:81:3d:2f:15:d4:67:68:65:c6:c6:4a:30:a9:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a6beb8d25ce2d40b0cbae59c11e292bd37170dfa
        Validity
            Not Before: Aug 23 14:00:57 2025 GMT
            Not After : Aug 24 14:00:57 2025 GMT
        Subject: CN=29c70f80771f276da3aedb20ead47b92c89b4f1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:d4:7e:d3:bf:e4:ce:d6:af:e6:56:67:5a:d3:
                    81:e4:13:12:41:bd:9a:f3:7e:e1:58:e7:9d:83:3a:
                    2a:44:cd:96:70:2b:89:95:06:66:6b:7d:b0:45:ee:
                    9f:2c:d3:4a:e9:01:b7:df:b8:5e:f9:7e:36:30:02:
                    4d:b1:80:4b:fc:7c:18:96:f7:b9:74:6f:fd:bb:bc:
                    59:ae:bd:a6:a9:12:1a:61:02:f5:c1:97:90:07:69:
                    c8:ff:a3:9b:82:38:95:6f:cd:a5:1c:62:47:db:70:
                    b8:2e:19:23:0b:b7:a8:5e:9c:4d:0e:56:04:e9:3e:
                    6d:e7:b1:6e:03:74:44:e1:94:b8:9a:21:25:53:f8:
                    31:54:9c:0a:67:a5:c4:eb:0d:84:c6:c0:2c:94:f3:
                    81:23:21:5b:49:45:f7:82:89:a7:7b:9c:0a:74:b9:
                    ab:e0:57:89:70:7d:7f:95:de:b0:24:31:11:15:c9:
                    6d:a1:51:65:c9:2d:ca:b6:81:ae:db:b9:07:d2:30:
                    a2:dc:7e:a8:89:51:c2:77:53:09:73:3f:a4:ac:56:
                    60:e0:15:89:84:75:aa:11:e9:7b:26:c6:a5:d5:cc:
                    f3:c1:10:ef:16:7c:93:b4:2c:18:17:a1:73:c1:0b:
                    32:0d:10:ef:3b:69:8e:b5:8f:56:d3:15:bb:a1:6b:
                    f0:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:C7:0F:80:77:1F:27:6D:A3:AE:DB:20:EA:D4:7B:92:C8:9B:4F:1C
            X509v3 Authority Key Identifier:
                keyid:A6:BE:B8:D2:5C:E2:D4:0B:0C:BA:E5:9C:11:E2:92:BD:37:17:0D:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pr640lzi1AsMuuWcEeKSvTcXDfo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:5f:5e:8a:23:b1:70:4f:94:9f:8e:bc:5a:93:67:b8:49:40:
         e3:96:66:25:9c:55:fc:ee:ec:fb:63:35:9e:30:e9:28:95:ce:
         97:86:21:df:05:be:fb:9b:89:78:fe:62:82:03:72:a3:1f:6d:
         0e:22:59:24:57:42:67:ed:63:4b:0f:dd:3c:42:60:54:55:78:
         65:1e:dd:a5:58:d8:fd:51:fb:0d:0d:b8:c7:1d:e6:68:81:db:
         81:82:42:bd:9b:e0:69:c2:5a:07:a2:4d:f7:97:d5:c1:5c:e9:
         9b:a3:c1:f5:c3:17:b7:7b:fd:36:bc:37:28:d7:bf:dd:bc:ae:
         32:c7:56:ed:6e:08:78:aa:cc:5d:ec:13:07:41:66:09:a0:0c:
         d7:07:45:54:e8:22:2d:ae:4d:5c:ae:83:a5:1e:1f:97:12:f2:
         79:a1:6b:3b:b2:00:23:90:f3:3e:85:b1:ab:06:c2:41:ec:c9:
         6c:af:6d:3b:3e:9f:e0:79:0d:d2:95:ef:84:cf:c7:17:c7:78:
         86:f7:9d:25:b1:b8:f4:a6:71:81:19:2a:c9:53:92:57:26:e1:
         99:2e:b5:4b:b4:98:f5:b7:64:97:b8:3f:bc:f4:4a:eb:3d:d6:
         20:17:2a:f7:10:ae:00:5b:25:df:c5:f4:8a:f1:bf:ce:b3:60:
         f7:d1:fc:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXO4E9LxXUZ2hlxsZKMKn2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2YmViOGQyNWNlMmQ0MGIwY2JhZTU5YzExZTI5MmJkMzcx
NzBkZmEwHhcNMjUwODIzMTQwMDU3WhcNMjUwODI0MTQwMDU3WjAzMTEwLwYDVQQD
EygyOWM3MGY4MDc3MWYyNzZkYTNhZWRiMjBlYWQ0N2I5MmM4OWI0ZjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdR+07/kztav5lZnWtOB5BMSQb2a
837hWOedgzoqRM2WcCuJlQZma32wRe6fLNNK6QG337he+X42MAJNsYBL/HwYlve5
dG/9u7xZrr2mqRIaYQL1wZeQB2nI/6ObgjiVb82lHGJH23C4LhkjC7eoXpxNDlYE
6T5t57FuA3RE4ZS4miElU/gxVJwKZ6XE6w2ExsAslPOBIyFbSUX3gomne5wKdLmr
4FeJcH1/ld6wJDERFcltoVFlyS3KtoGu27kH0jCi3H6oiVHCd1MJcz+krFZg4BWJ
hHWqEel7Jsal1czzwRDvFnyTtCwYF6FzwQsyDRDvO2mOtY9W0xW7oWvwxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCnHD4B3Hydto67bIOrUe5LIm08cMB8GA1UdIwQY
MBaAFKa+uNJc4tQLDLrlnBHikr03Fw36MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHI2NDBsemkxQXNNdXVXY0VlS1N2VGNYRGZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS81NDI0ZDktNTM0OC00ZjZmLTkzOTAt
NDVhNDBhMjFiOGQzLzEvcHI2NDBsemkxQXNNdXVXY0VlS1N2VGNYRGZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS81NDI0ZDktNTM0OC00ZjZmLTkzOTAtNDVhNDBhMjFiOGQz
LzEvcHI2NDBsemkxQXNNdXVXY0VlS1N2VGNYRGZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI19eiiOx
cE+Un468WpNnuElA45ZmJZxV/O7s+2M1njDpKJXOl4Yh3wW++5uJeP5iggNyox9t
DiJZJFdCZ+1jSw/dPEJgVFV4ZR7dpVjY/VH7DQ24xx3maIHbgYJCvZvgacJaB6JN
95fVwVzpm6PB9cMXt3v9Nrw3KNe/3byuMsdW7W4IeKrMXewTB0FmCaAM1wdFVOgi
La5NXK6DpR4flxLyeaFrO7IAI5DzPoWxqwbCQezJbK9tOz6f4HkN0pXvhM/HF8d4
hvedJbG49KZxgRkqyVOSVybhmS61S7SY9bdkl7g/vPRK6z3WIBcq9xCuAFsl38X0
ivG/zrNg99H8rQ==
-----END CERTIFICATE-----