Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/1b1be4-bcc0-4b21-80df-203dcbf7d3fc/1/lPzeRTBb0MyNJdfG7cpxkTb1YG0.mft
File:                     lPzeRTBb0MyNJdfG7cpxkTb1YG0.mft (raw, json)
Hash identifier:          R8X7I+tuDVQH79FVHkt9Md0WhYmYVOb8NLdpiumPa88=
Subject key identifier:   54:47:F5:4F:3F:B0:27:5C:E7:D3:B3:0D:06:45:2B:E5:20:94:F0:8D
Authority key identifier: 94:FC:DE:45:30:5B:D0:CC:8D:25:D7:C6:ED:CA:71:91:36:F5:60:6D
Certificate issuer:       /CN=94fcde45305bd0cc8d25d7c6edca719136f5606d
Certificate serial:       0196542509274349B1A4D36B287FDC0AF4E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lPzeRTBb0MyNJdfG7cpxkTb1YG0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/1b1be4-bcc0-4b21-80df-203dcbf7d3fc/1/lPzeRTBb0MyNJdfG7cpxkTb1YG0.mft
Manifest number:          12AB
Signing time:             Sun 20 Apr 2025 17:00:35 +0000
Manifest this update:     Sun 20 Apr 2025 17:00:35 +0000
Manifest next update:     Mon 21 Apr 2025 17:00:35 +0000
Files and hashes:         1: lPzeRTBb0MyNJdfG7cpxkTb1YG0.crl (hash: p+X6DXfsjWC+1JuJyhVkTw06dVIzmPOz7FNX5EhhxYY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/1b1be4-bcc0-4b21-80df-203dcbf7d3fc/1/lPzeRTBb0MyNJdfG7cpxkTb1YG0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/1b1be4-bcc0-4b21-80df-203dcbf7d3fc/1/lPzeRTBb0MyNJdfG7cpxkTb1YG0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lPzeRTBb0MyNJdfG7cpxkTb1YG0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:54:25:09:27:43:49:b1:a4:d3:6b:28:7f:dc:0a:f4:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94fcde45305bd0cc8d25d7c6edca719136f5606d
        Validity
            Not Before: Apr 20 17:00:35 2025 GMT
            Not After : Apr 21 17:00:35 2025 GMT
        Subject: CN=5447f54f3fb0275ce7d3b30d06452be52094f08d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:35:b5:e5:33:a7:77:6a:97:cb:b5:dc:e9:ae:
                    b1:e9:9c:8c:e0:74:bf:20:90:80:07:f9:42:fe:bd:
                    7d:24:f9:61:d0:b0:46:98:38:85:5d:ca:17:63:a4:
                    fd:45:a3:a3:ee:32:00:85:27:5e:a3:86:63:bf:32:
                    f2:63:5e:48:71:11:fe:31:e7:11:14:a9:ba:64:f4:
                    0e:0c:e5:d5:f7:4d:01:f7:83:64:13:e7:ca:14:23:
                    84:6c:ff:f8:97:55:c3:2b:48:32:9e:88:e8:20:33:
                    c9:ad:6d:ca:26:69:3a:0a:4f:19:55:89:ba:dc:40:
                    90:a5:45:e7:3a:c8:02:77:b9:dd:02:5e:c4:0f:76:
                    71:b7:24:24:69:17:eb:96:6f:82:0d:b1:9b:05:05:
                    a1:1f:5f:10:cc:24:65:88:95:58:d4:71:59:25:0c:
                    f6:ad:f6:1f:e0:f9:03:a0:70:3c:32:d8:75:80:d6:
                    b4:0f:c0:93:16:de:28:ad:8f:35:37:ab:94:7d:2a:
                    10:58:57:2d:1e:71:fc:2d:b3:02:87:7e:48:d6:11:
                    c8:f1:ab:cd:4e:a1:64:f9:af:c2:ec:a1:ea:f1:f0:
                    da:d9:ab:3c:99:c2:6d:20:40:2e:69:bc:be:cf:16:
                    7a:6b:55:9d:f8:58:37:49:07:eb:c4:a5:eb:a4:c1:
                    a3:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:47:F5:4F:3F:B0:27:5C:E7:D3:B3:0D:06:45:2B:E5:20:94:F0:8D
            X509v3 Authority Key Identifier:
                keyid:94:FC:DE:45:30:5B:D0:CC:8D:25:D7:C6:ED:CA:71:91:36:F5:60:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lPzeRTBb0MyNJdfG7cpxkTb1YG0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/1b1be4-bcc0-4b21-80df-203dcbf7d3fc/1/lPzeRTBb0MyNJdfG7cpxkTb1YG0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/1b1be4-bcc0-4b21-80df-203dcbf7d3fc/1/lPzeRTBb0MyNJdfG7cpxkTb1YG0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:15:cd:cf:96:83:53:29:60:1d:36:46:29:d0:da:bf:77:8c:
         cc:55:d8:aa:47:2b:f6:4c:af:e6:b6:70:5d:d4:4f:2d:e6:52:
         e9:da:c8:6f:2e:4f:62:61:45:cd:1c:73:88:5f:8c:be:13:12:
         69:17:42:69:95:a2:c7:fc:5a:2e:f2:85:c0:1d:d5:21:d2:6a:
         fa:4b:b0:9e:61:a7:36:8c:5f:65:0c:2f:88:7e:b2:21:21:f1:
         d3:bb:23:19:72:97:ef:2a:3e:a8:97:d9:a5:f7:eb:f8:fd:94:
         48:54:18:e4:e5:18:e5:7b:83:d5:ce:05:a6:1a:63:87:a4:5a:
         53:3f:d7:46:73:a7:da:b3:0c:c3:d0:63:29:bb:2c:ae:9f:96:
         89:44:76:e9:3c:1b:d4:e6:de:58:be:90:52:29:69:28:f4:ff:
         19:b4:5c:6d:55:28:a7:3a:1c:f3:be:79:e2:4b:04:53:2f:18:
         0c:a0:5d:15:44:77:e2:ef:3d:d2:29:0a:61:74:c2:0c:e9:dc:
         fa:fd:cd:8a:7f:e6:11:a8:15:7f:c7:bc:04:85:ff:26:67:78:
         30:e1:bc:73:1a:cd:c4:a1:a9:5d:94:48:ab:30:ca:93:94:6e:
         ba:2a:2b:d5:bb:74:34:aa:05:e1:69:c8:b3:26:bf:bb:17:84:
         de:38:24:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUJQknQ0mxpNNrKH/cCvTnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZmNkZTQ1MzA1YmQwY2M4ZDI1ZDdjNmVkY2E3MTkxMzZm
NTYwNmQwHhcNMjUwNDIwMTcwMDM1WhcNMjUwNDIxMTcwMDM1WjAzMTEwLwYDVQQD
Eyg1NDQ3ZjU0ZjNmYjAyNzVjZTdkM2IzMGQwNjQ1MmJlNTIwOTRmMDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjW15TOnd2qXy7Xc6a6x6ZyM4HS/
IJCAB/lC/r19JPlh0LBGmDiFXcoXY6T9RaOj7jIAhSdeo4ZjvzLyY15IcRH+MecR
FKm6ZPQODOXV900B94NkE+fKFCOEbP/4l1XDK0gynojoIDPJrW3KJmk6Ck8ZVYm6
3ECQpUXnOsgCd7ndAl7ED3ZxtyQkaRfrlm+CDbGbBQWhH18QzCRliJVY1HFZJQz2
rfYf4PkDoHA8Mth1gNa0D8CTFt4orY81N6uUfSoQWFctHnH8LbMCh35I1hHI8avN
TqFk+a/C7KHq8fDa2as8mcJtIEAuaby+zxZ6a1Wd+Fg3SQfrxKXrpMGjKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFRH9U8/sCdc59OzDQZFK+UglPCNMB8GA1UdIwQY
MBaAFJT83kUwW9DMjSXXxu3KcZE29WBtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFB6ZVJUQmIwTXlOSmRmRzdjcHhrVGIxWUcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8xYjFiZTQtYmNjMC00YjIxLTgwZGYt
MjAzZGNiZjdkM2ZjLzEvbFB6ZVJUQmIwTXlOSmRmRzdjcHhrVGIxWUcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8xYjFiZTQtYmNjMC00YjIxLTgwZGYtMjAzZGNiZjdkM2Zj
LzEvbFB6ZVJUQmIwTXlOSmRmRzdjcHhrVGIxWUcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgBXNz5aD
UylgHTZGKdDav3eMzFXYqkcr9kyv5rZwXdRPLeZS6drIby5PYmFFzRxziF+MvhMS
aRdCaZWix/xaLvKFwB3VIdJq+kuwnmGnNoxfZQwviH6yISHx07sjGXKX7yo+qJfZ
pffr+P2USFQY5OUY5XuD1c4Fphpjh6RaUz/XRnOn2rMMw9BjKbssrp+WiUR26Twb
1ObeWL6QUilpKPT/GbRcbVUopzoc87554ksEUy8YDKBdFUR34u890ikKYXTCDOnc
+v3Nin/mEagVf8e8BIX/Jmd4MOG8cxrNxKGpXZRIqzDKk5Ruuior1bt0NKoF4WnI
sya/uxeE3jgkKA==
-----END CERTIFICATE-----