Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.mft
File:                     PtWjaKny40iTSpFIiEVZQ2I_lus.mft (raw, json)
Hash identifier:          xiuXlVFJE5HRx3DtawKn3bgTk5g2gSSn0ykkLsWTMJ8=
Subject key identifier:   EC:87:76:39:8C:0A:98:67:9C:26:E4:A1:F6:54:B6:FC:F8:31:E1:9B
Authority key identifier: 3E:D5:A3:68:A9:F2:E3:48:93:4A:91:48:88:45:59:43:62:3F:96:EB
Certificate issuer:       /CN=3ed5a368a9f2e348934a914888455943623f96eb
Certificate serial:       01965B02C1D6200727AF1C59719A1BCFF199
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PtWjaKny40iTSpFIiEVZQ2I_lus.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.mft
Manifest number:          10E4
Signing time:             Tue 22 Apr 2025 01:00:29 +0000
Manifest this update:     Tue 22 Apr 2025 01:00:29 +0000
Manifest next update:     Wed 23 Apr 2025 01:00:29 +0000
Files and hashes:         1: PtWjaKny40iTSpFIiEVZQ2I_lus.crl (hash: P0kY91wM46yzpFwdP0iFpWkzZuqzRuEW7ifo5clV7LI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PtWjaKny40iTSpFIiEVZQ2I_lus.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Apr 2025 01:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5b:02:c1:d6:20:07:27:af:1c:59:71:9a:1b:cf:f1:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ed5a368a9f2e348934a914888455943623f96eb
        Validity
            Not Before: Apr 22 01:00:29 2025 GMT
            Not After : Apr 23 01:00:29 2025 GMT
        Subject: CN=ec8776398c0a98679c26e4a1f654b6fcf831e19b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:4f:16:f6:ba:5c:94:e7:58:e0:52:b1:63:f1:
                    39:a6:58:20:7f:33:a4:01:8b:5f:d8:37:2a:7d:1f:
                    fe:a5:d1:d7:c8:98:d5:d8:6c:f8:55:aa:ab:20:7c:
                    81:fa:25:bf:42:08:f0:6f:ef:67:d7:af:ba:04:1d:
                    f4:6b:56:0b:53:fe:cd:82:b0:21:dd:8c:e8:60:cd:
                    7e:67:89:11:db:14:43:4a:73:38:a2:82:08:8f:74:
                    bf:72:a6:a8:26:18:28:48:66:f2:57:35:0e:10:5e:
                    d2:69:9c:cb:e8:6c:a3:8a:53:c8:cf:9c:dd:58:ae:
                    1a:8d:ab:2d:19:7f:c8:19:9b:33:9f:94:f7:d1:13:
                    b6:47:fa:4a:b3:b3:6c:18:31:09:6e:a4:21:5e:fc:
                    9c:7e:bc:bd:c5:84:20:3f:5c:c3:41:1b:11:43:08:
                    53:20:57:b7:39:53:29:18:05:e7:3a:e9:d4:13:e7:
                    a6:be:a6:dc:11:4f:42:c4:42:c2:b6:53:71:59:0f:
                    32:8d:88:d6:40:55:01:76:53:e8:bc:f0:6a:ac:73:
                    e9:fa:f1:9a:4c:40:ab:58:2a:02:27:6c:e6:93:6e:
                    5f:fa:10:35:14:96:9a:c2:36:4e:90:e5:55:6b:0c:
                    f9:66:89:83:2b:c3:15:c9:dd:a0:07:f1:5b:f6:06:
                    ec:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:87:76:39:8C:0A:98:67:9C:26:E4:A1:F6:54:B6:FC:F8:31:E1:9B
            X509v3 Authority Key Identifier:
                keyid:3E:D5:A3:68:A9:F2:E3:48:93:4A:91:48:88:45:59:43:62:3F:96:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PtWjaKny40iTSpFIiEVZQ2I_lus.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:55:8f:95:e9:a5:8b:b0:cb:1c:c1:61:0c:4c:13:7e:ef:02:
         48:72:dd:08:9b:38:a5:e9:2c:38:d8:02:14:09:f9:bd:9c:7c:
         34:ec:18:ca:a8:f3:1c:dc:21:dc:99:14:92:b5:8d:58:a5:d9:
         48:c9:2c:a6:03:ed:03:eb:e3:c0:87:df:58:d4:7b:aa:e7:19:
         05:13:1d:b7:3f:24:80:7e:b6:cb:04:da:ee:52:f9:60:82:f7:
         b8:2f:08:0e:5b:e4:e0:9b:37:4b:9e:85:9d:88:8d:be:92:fd:
         82:6c:0e:70:0e:c2:e0:b7:bc:65:de:f2:cd:29:23:1f:be:3d:
         af:41:f0:cc:d4:b7:15:ec:0b:91:be:e8:b9:48:07:3d:b5:a4:
         0d:ca:60:3e:50:59:4c:15:67:9e:45:33:c9:34:9c:13:37:70:
         5f:ea:88:a7:f7:4f:41:b5:62:8a:04:98:69:0b:cf:e6:87:0d:
         9d:4a:9d:5d:c1:e8:18:cb:2e:75:3c:28:9c:b9:85:87:97:2c:
         8d:ac:03:df:f6:a1:c5:e7:67:29:09:bc:47:97:a9:fc:cc:b7:
         ee:2c:77:24:84:a9:67:dc:d6:0f:66:00:35:ac:7c:92:0c:01:
         b2:c4:25:31:fd:61:b9:f2:a6:ab:47:49:5e:25:fd:e9:0a:77:
         fd:16:93:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZbAsHWIAcnrxxZcZobz/GZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZDVhMzY4YTlmMmUzNDg5MzRhOTE0ODg4NDU1OTQzNjIz
Zjk2ZWIwHhcNMjUwNDIyMDEwMDI5WhcNMjUwNDIzMDEwMDI5WjAzMTEwLwYDVQQD
EyhlYzg3NzYzOThjMGE5ODY3OWMyNmU0YTFmNjU0YjZmY2Y4MzFlMTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA108W9rpclOdY4FKxY/E5plggfzOk
AYtf2DcqfR/+pdHXyJjV2Gz4VaqrIHyB+iW/Qgjwb+9n16+6BB30a1YLU/7NgrAh
3YzoYM1+Z4kR2xRDSnM4ooIIj3S/cqaoJhgoSGbyVzUOEF7SaZzL6GyjilPIz5zd
WK4ajastGX/IGZszn5T30RO2R/pKs7NsGDEJbqQhXvycfry9xYQgP1zDQRsRQwhT
IFe3OVMpGAXnOunUE+emvqbcEU9CxELCtlNxWQ8yjYjWQFUBdlPovPBqrHPp+vGa
TECrWCoCJ2zmk25f+hA1FJaawjZOkOVVawz5ZomDK8MVyd2gB/Fb9gbsDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOyHdjmMCphnnCbkofZUtvz4MeGbMB8GA1UdIwQY
MBaAFD7Vo2ip8uNIk0qRSIhFWUNiP5brMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHRXamFLbnk0MGlUU3BGSWlFVlpRMklfbHVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84YzcwYzQtOTA2MC00ZmZjLThhZDMt
NmYwMTdlMWYxZWVkLzEvUHRXamFLbnk0MGlUU3BGSWlFVlpRMklfbHVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84YzcwYzQtOTA2MC00ZmZjLThhZDMtNmYwMTdlMWYxZWVk
LzEvUHRXamFLbnk0MGlUU3BGSWlFVlpRMklfbHVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATVWPleml
i7DLHMFhDEwTfu8CSHLdCJs4peksONgCFAn5vZx8NOwYyqjzHNwh3JkUkrWNWKXZ
SMkspgPtA+vjwIffWNR7qucZBRMdtz8kgH62ywTa7lL5YIL3uC8IDlvk4Js3S56F
nYiNvpL9gmwOcA7C4Le8Zd7yzSkjH749r0HwzNS3FewLkb7ouUgHPbWkDcpgPlBZ
TBVnnkUzyTScEzdwX+qIp/dPQbViigSYaQvP5ocNnUqdXcHoGMsudTwonLmFh5cs
jawD3/ahxednKQm8R5ep/My37ix3JISpZ9zWD2YANax8kgwBssQlMf1hufKmq0dJ
XiX96Qp3/RaTlQ==
-----END CERTIFICATE-----