Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/9eaf5c-8c54-45ed-bfc4-673c3889161d/1/lQSgmkWW2BV9pp3DNGxavOTOThM.mft
File:                     lQSgmkWW2BV9pp3DNGxavOTOThM.mft (raw, json)
Hash identifier:          jgDH280fFrOCe7C4osJeHgu8RMFaK/7hzVYa/4Jbol4=
Subject key identifier:   87:93:45:F8:21:87:69:AA:44:8B:19:6F:0D:AC:1B:A9:FA:B7:FC:D4
Authority key identifier: 95:04:A0:9A:45:96:D8:15:7D:A6:9D:C3:34:6C:5A:BC:E4:CE:4E:13
Certificate issuer:       /CN=9504a09a4596d8157da69dc3346c5abce4ce4e13
Certificate serial:       0197B6D7978F755B76160A91B412A7DEC1CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lQSgmkWW2BV9pp3DNGxavOTOThM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/9eaf5c-8c54-45ed-bfc4-673c3889161d/1/lQSgmkWW2BV9pp3DNGxavOTOThM.mft
Manifest number:          0211
Signing time:             Sat 28 Jun 2025 14:01:11 +0000
Manifest this update:     Sat 28 Jun 2025 14:01:11 +0000
Manifest next update:     Sun 29 Jun 2025 14:01:11 +0000
Files and hashes:         1: lQSgmkWW2BV9pp3DNGxavOTOThM.crl (hash: yRh+8kDousWoUI+u6mpDCbPOru58EyYY4BtO06nx1sk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/9eaf5c-8c54-45ed-bfc4-673c3889161d/1/lQSgmkWW2BV9pp3DNGxavOTOThM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/9eaf5c-8c54-45ed-bfc4-673c3889161d/1/lQSgmkWW2BV9pp3DNGxavOTOThM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lQSgmkWW2BV9pp3DNGxavOTOThM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 14:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:d7:97:8f:75:5b:76:16:0a:91:b4:12:a7:de:c1:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9504a09a4596d8157da69dc3346c5abce4ce4e13
        Validity
            Not Before: Jun 28 14:01:11 2025 GMT
            Not After : Jun 29 14:01:11 2025 GMT
        Subject: CN=879345f8218769aa448b196f0dac1ba9fab7fcd4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:ca:41:46:da:d4:e1:09:dd:2a:de:d9:16:88:
                    16:30:3f:43:3e:5d:6c:24:b5:76:f3:bb:9a:59:32:
                    c1:8b:00:fc:94:09:3d:00:07:9a:46:3a:b5:b9:38:
                    a8:2e:47:63:e1:d3:84:38:d3:62:e2:52:0e:c9:5f:
                    f9:18:41:a1:37:ab:be:73:c2:cc:3f:11:41:f2:72:
                    a7:d6:20:59:9e:96:b8:cd:1c:8d:dd:c9:2b:d7:1a:
                    38:2f:3a:e5:4a:a7:5a:41:bb:33:67:e3:8b:13:40:
                    55:b9:5c:ec:d4:3f:f4:57:26:68:db:48:81:07:b9:
                    b6:9c:f4:df:79:c2:ae:6d:04:f9:7d:e6:82:0d:cd:
                    1f:31:c0:7d:83:5a:07:eb:dc:02:bd:7f:3b:91:58:
                    77:46:7f:97:53:d1:13:4b:c6:13:ae:56:d9:a4:25:
                    9a:69:89:4c:37:7b:fa:43:b1:c5:c0:70:ee:4d:32:
                    dc:8b:7c:3c:d2:08:ca:43:3b:c2:dd:56:dd:46:57:
                    08:da:c7:fb:64:be:09:4d:dc:df:2a:23:cc:b4:45:
                    22:54:cb:94:4f:2a:af:a5:e7:25:f6:80:22:b0:05:
                    ab:56:29:6a:77:38:6c:e1:17:65:11:12:87:14:22:
                    d4:69:98:56:54:08:3d:e0:60:c1:ce:2d:18:92:19:
                    d0:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:93:45:F8:21:87:69:AA:44:8B:19:6F:0D:AC:1B:A9:FA:B7:FC:D4
            X509v3 Authority Key Identifier:
                keyid:95:04:A0:9A:45:96:D8:15:7D:A6:9D:C3:34:6C:5A:BC:E4:CE:4E:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQSgmkWW2BV9pp3DNGxavOTOThM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/9eaf5c-8c54-45ed-bfc4-673c3889161d/1/lQSgmkWW2BV9pp3DNGxavOTOThM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/9eaf5c-8c54-45ed-bfc4-673c3889161d/1/lQSgmkWW2BV9pp3DNGxavOTOThM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:ac:0a:d5:d3:45:3c:25:3c:fb:5d:3f:a3:21:29:ac:e9:0e:
         b0:b8:13:4e:83:11:5c:0f:45:7f:b9:ed:7d:08:8c:18:4a:26:
         55:f1:fe:43:d7:36:a6:05:7d:b5:24:e7:1d:36:2a:d6:36:ea:
         79:37:30:51:cf:ed:98:66:f5:63:02:cd:42:60:cf:32:53:30:
         fb:d3:de:58:35:12:0f:f5:c2:1b:82:aa:e8:90:49:bb:70:78:
         f9:b3:48:17:b9:e9:a0:c7:3c:e5:eb:30:83:28:5d:3e:3f:d0:
         eb:e3:e5:d0:7a:b6:d4:32:36:13:54:be:51:b1:be:5e:da:66:
         5f:b6:72:67:d8:19:19:31:81:af:7b:cb:83:4b:6e:da:c6:67:
         17:a0:59:d8:32:94:04:24:4f:9f:3e:83:f0:35:b2:71:7c:cf:
         ed:0f:55:f3:5a:96:4f:f0:46:08:4d:44:e6:02:d8:68:6d:8f:
         53:52:59:69:3d:0f:5b:aa:8d:82:a9:57:ef:ea:0b:f8:6f:23:
         64:a7:d1:8d:6c:54:8e:1f:b0:eb:e0:f6:dc:f6:52:27:91:44:
         1e:08:9c:a5:0e:cd:57:3b:c0:79:a2:71:aa:c0:10:8a:1a:c6:
         fa:a1:60:c3:1d:23:c9:f4:7d:a7:c2:24:7e:11:51:71:f4:74:
         05:3a:f5:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe215ePdVt2FgqRtBKn3sHMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MDRhMDlhNDU5NmQ4MTU3ZGE2OWRjMzM0NmM1YWJjZTRj
ZTRlMTMwHhcNMjUwNjI4MTQwMTExWhcNMjUwNjI5MTQwMTExWjAzMTEwLwYDVQQD
Eyg4NzkzNDVmODIxODc2OWFhNDQ4YjE5NmYwZGFjMWJhOWZhYjdmY2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzspBRtrU4QndKt7ZFogWMD9DPl1s
JLV287uaWTLBiwD8lAk9AAeaRjq1uTioLkdj4dOEONNi4lIOyV/5GEGhN6u+c8LM
PxFB8nKn1iBZnpa4zRyN3ckr1xo4LzrlSqdaQbszZ+OLE0BVuVzs1D/0VyZo20iB
B7m2nPTfecKubQT5feaCDc0fMcB9g1oH69wCvX87kVh3Rn+XU9ETS8YTrlbZpCWa
aYlMN3v6Q7HFwHDuTTLci3w80gjKQzvC3VbdRlcI2sf7ZL4JTdzfKiPMtEUiVMuU
Tyqvpecl9oAisAWrVilqdzhs4RdlERKHFCLUaZhWVAg94GDBzi0YkhnQYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIeTRfghh2mqRIsZbw2sG6n6t/zUMB8GA1UdIwQY
MBaAFJUEoJpFltgVfaadwzRsWrzkzk4TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFFTZ21rV1cyQlY5cHAzRE5HeGF2T1RPVGhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC85ZWFmNWMtOGM1NC00NWVkLWJmYzQt
NjczYzM4ODkxNjFkLzEvbFFTZ21rV1cyQlY5cHAzRE5HeGF2T1RPVGhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC85ZWFmNWMtOGM1NC00NWVkLWJmYzQtNjczYzM4ODkxNjFk
LzEvbFFTZ21rV1cyQlY5cHAzRE5HeGF2T1RPVGhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApKwK1dNF
PCU8+10/oyEprOkOsLgTToMRXA9Ff7ntfQiMGEomVfH+Q9c2pgV9tSTnHTYq1jbq
eTcwUc/tmGb1YwLNQmDPMlMw+9PeWDUSD/XCG4Kq6JBJu3B4+bNIF7npoMc85esw
gyhdPj/Q6+Pl0Hq21DI2E1S+UbG+XtpmX7ZyZ9gZGTGBr3vLg0tu2sZnF6BZ2DKU
BCRPnz6D8DWycXzP7Q9V81qWT/BGCE1E5gLYaG2PU1JZaT0PW6qNgqlX7+oL+G8j
ZKfRjWxUjh+w6+D23PZSJ5FEHgicpQ7NVzvAeaJxqsAQihrG+qFgwx0jyfR9p8Ik
fhFRcfR0BTr13A==
-----END CERTIFICATE-----