Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft
File:                     LsJnz2xrO4jpahG_KemnOlWMXkA.mft (raw, json)
Hash identifier:          f/z16LccpHm9W97LTN/Vg3rSvjOFw685Zw8KKNF8U2E=
Subject key identifier:   96:F6:17:C1:81:16:08:92:8D:EC:48:BD:BD:DB:BE:10:19:97:EA:D8
Authority key identifier: 2E:C2:67:CF:6C:6B:3B:88:E9:6A:11:BF:29:E9:A7:3A:55:8C:5E:40
Certificate issuer:       /CN=2ec267cf6c6b3b88e96a11bf29e9a73a558c5e40
Certificate serial:       01965D27F4D4EB1A5ACC4FD9C1EC01489BF7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LsJnz2xrO4jpahG_KemnOlWMXkA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft
Manifest number:          1491
Signing time:             Tue 22 Apr 2025 11:00:21 +0000
Manifest this update:     Tue 22 Apr 2025 11:00:21 +0000
Manifest next update:     Wed 23 Apr 2025 11:00:21 +0000
Files and hashes:         1: LsJnz2xrO4jpahG_KemnOlWMXkA.crl (hash: ElQO725M9rsagk03PESXvf7esSQR/femALK+dtE05DM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LsJnz2xrO4jpahG_KemnOlWMXkA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Apr 2025 11:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5d:27:f4:d4:eb:1a:5a:cc:4f:d9:c1:ec:01:48:9b:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ec267cf6c6b3b88e96a11bf29e9a73a558c5e40
        Validity
            Not Before: Apr 22 11:00:21 2025 GMT
            Not After : Apr 23 11:00:21 2025 GMT
        Subject: CN=96f617c1811608928dec48bdbddbbe101997ead8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:68:b6:59:07:a3:20:4f:de:f1:bb:9b:5f:b6:
                    34:17:79:e8:2b:e7:54:b5:bf:09:e1:69:32:f1:91:
                    0c:0f:39:27:75:e7:a1:9a:11:98:d2:31:38:85:8b:
                    47:00:74:a8:bd:dc:af:ca:ff:9b:e4:9b:ac:1a:eb:
                    f5:4a:bf:bd:4b:4d:fd:78:85:33:8b:62:21:46:6d:
                    07:ef:ee:02:2a:45:74:6b:b7:4e:ad:de:71:07:05:
                    1d:a2:7a:a8:bd:1c:af:20:b8:91:fc:99:a2:a3:24:
                    55:cd:26:7c:6a:20:bf:4d:05:d3:df:ca:73:ff:61:
                    73:64:9b:34:65:df:aa:f5:96:32:49:ce:b7:8f:5c:
                    46:7b:d8:cb:3a:40:17:f8:cf:39:31:1d:15:40:16:
                    19:a7:c5:eb:39:6c:5d:73:36:44:2c:60:46:e3:fb:
                    a2:ea:e8:69:80:36:9a:c3:45:04:4f:1f:58:8d:54:
                    13:a6:03:b2:47:6f:8b:db:ee:7b:89:71:10:e4:f0:
                    87:12:da:d4:38:b3:5a:93:d8:46:b4:96:02:e9:09:
                    a7:59:ff:3a:ff:42:2b:81:16:d8:d8:b3:e4:44:74:
                    2f:06:c9:81:88:11:90:22:77:8e:74:05:c9:f1:30:
                    c0:fc:19:d6:2e:1a:01:51:52:bb:26:4c:c0:e6:c2:
                    86:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:F6:17:C1:81:16:08:92:8D:EC:48:BD:BD:DB:BE:10:19:97:EA:D8
            X509v3 Authority Key Identifier:
                keyid:2E:C2:67:CF:6C:6B:3B:88:E9:6A:11:BF:29:E9:A7:3A:55:8C:5E:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LsJnz2xrO4jpahG_KemnOlWMXkA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:bb:09:1d:de:0b:e3:74:91:53:73:e0:85:c9:44:76:d3:1e:
         bb:dc:92:f3:8a:7a:5d:2f:65:cf:bb:59:a0:bd:72:a9:9c:18:
         89:a9:e3:c0:fa:9e:ef:55:76:7b:c1:71:52:e0:03:ab:ef:d1:
         59:db:80:6e:23:2d:80:22:cf:9a:e3:d7:4c:a7:50:4f:ad:e2:
         2c:a6:f6:28:8a:01:f3:40:26:44:0a:16:3a:6f:a3:6a:eb:c5:
         f7:a2:98:ea:62:29:14:6a:9f:d2:11:3d:52:93:0a:b5:d4:4f:
         6c:c3:45:5a:d9:79:55:a2:ff:7d:55:fa:19:5b:7c:98:5d:0d:
         06:3b:62:56:2e:60:23:d2:3a:41:30:f4:a5:fc:40:84:9f:21:
         38:25:be:55:e4:53:5c:1c:51:f0:0a:7c:af:98:5a:d3:45:47:
         49:24:79:09:d5:94:6b:6d:fc:89:0a:25:8a:70:1a:9f:f3:ea:
         97:a8:a0:68:49:09:2c:99:1c:e1:bf:75:7a:12:6f:70:7f:07:
         b3:26:8a:32:e6:c5:f5:f1:c6:3b:58:b5:be:58:6a:60:81:96:
         06:b8:6d:3d:98:76:4d:d5:49:48:e4:ce:6f:09:73:73:d2:e7:
         d0:eb:1d:e2:78:7b:8e:8b:c6:bf:fd:87:db:45:6d:67:ae:95:
         37:e9:4f:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZdJ/TU6xpazE/ZwewBSJv3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlYzI2N2NmNmM2YjNiODhlOTZhMTFiZjI5ZTlhNzNhNTU4
YzVlNDAwHhcNMjUwNDIyMTEwMDIxWhcNMjUwNDIzMTEwMDIxWjAzMTEwLwYDVQQD
Eyg5NmY2MTdjMTgxMTYwODkyOGRlYzQ4YmRiZGRiYmUxMDE5OTdlYWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWi2WQejIE/e8bubX7Y0F3noK+dU
tb8J4Wky8ZEMDzkndeehmhGY0jE4hYtHAHSovdyvyv+b5JusGuv1Sr+9S039eIUz
i2IhRm0H7+4CKkV0a7dOrd5xBwUdonqovRyvILiR/JmioyRVzSZ8aiC/TQXT38pz
/2FzZJs0Zd+q9ZYySc63j1xGe9jLOkAX+M85MR0VQBYZp8XrOWxdczZELGBG4/ui
6uhpgDaaw0UETx9YjVQTpgOyR2+L2+57iXEQ5PCHEtrUOLNak9hGtJYC6QmnWf86
/0IrgRbY2LPkRHQvBsmBiBGQIneOdAXJ8TDA/BnWLhoBUVK7JkzA5sKGgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJb2F8GBFgiSjexIvb3bvhAZl+rYMB8GA1UdIwQY
MBaAFC7CZ89sazuI6WoRvynppzpVjF5AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHNKbnoyeHJPNGpwYWhHX0tlbW5PbFdNWGtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9jZWEwMWItZWU5NC00YTAyLThkNjIt
MGRjMDFmYzg4MTQxLzEvTHNKbnoyeHJPNGpwYWhHX0tlbW5PbFdNWGtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9jZWEwMWItZWU5NC00YTAyLThkNjItMGRjMDFmYzg4MTQx
LzEvTHNKbnoyeHJPNGpwYWhHX0tlbW5PbFdNWGtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkLsJHd4L
43SRU3PghclEdtMeu9yS84p6XS9lz7tZoL1yqZwYianjwPqe71V2e8FxUuADq+/R
WduAbiMtgCLPmuPXTKdQT63iLKb2KIoB80AmRAoWOm+jauvF96KY6mIpFGqf0hE9
UpMKtdRPbMNFWtl5VaL/fVX6GVt8mF0NBjtiVi5gI9I6QTD0pfxAhJ8hOCW+VeRT
XBxR8Ap8r5ha00VHSSR5CdWUa238iQolinAan/Pql6igaEkJLJkc4b91ehJvcH8H
syaKMubF9fHGO1i1vlhqYIGWBrhtPZh2TdVJSOTObwlzc9Ln0Osd4nh7jovGv/2H
20VtZ66VN+lPvQ==
-----END CERTIFICATE-----