Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/668bf3-77dc-43ea-8fdd-485eda34998f/1/LkWQWSMqS7ky9j-w37ZUk-ucgng.mft
File:                     LkWQWSMqS7ky9j-w37ZUk-ucgng.mft (raw, json)
Hash identifier:          Db28NKYO6DlFFieydR8WldoB308FU64u70gLrJ2SvF0=
Subject key identifier:   3C:E7:94:39:66:6E:75:57:D6:EC:19:C9:62:9E:8C:11:FD:B1:35:71
Authority key identifier: 2E:45:90:59:23:2A:4B:B9:32:F6:3F:B0:DF:B6:54:93:EB:9C:82:78
Certificate issuer:       /CN=2e459059232a4bb932f63fb0dfb65493eb9c8278
Certificate serial:       01965B02A78C6801442C8C2E831157004C1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LkWQWSMqS7ky9j-w37ZUk-ucgng.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/668bf3-77dc-43ea-8fdd-485eda34998f/1/LkWQWSMqS7ky9j-w37ZUk-ucgng.mft
Manifest number:          1490
Signing time:             Tue 22 Apr 2025 01:00:22 +0000
Manifest this update:     Tue 22 Apr 2025 01:00:22 +0000
Manifest next update:     Wed 23 Apr 2025 01:00:22 +0000
Files and hashes:         1: LkWQWSMqS7ky9j-w37ZUk-ucgng.crl (hash: HoPVk7/HfCFq9dpVgB6gxjzAuqnBtgQcdUMrNlkFz+0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/88/668bf3-77dc-43ea-8fdd-485eda34998f/1/LkWQWSMqS7ky9j-w37ZUk-ucgng.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/88/668bf3-77dc-43ea-8fdd-485eda34998f/1/LkWQWSMqS7ky9j-w37ZUk-ucgng.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LkWQWSMqS7ky9j-w37ZUk-ucgng.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 20:20:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5b:02:a7:8c:68:01:44:2c:8c:2e:83:11:57:00:4c:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e459059232a4bb932f63fb0dfb65493eb9c8278
        Validity
            Not Before: Apr 22 01:00:22 2025 GMT
            Not After : Apr 23 01:00:22 2025 GMT
        Subject: CN=3ce79439666e7557d6ec19c9629e8c11fdb13571
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:7a:64:8d:19:79:06:e2:85:54:fd:8f:34:29:
                    e6:75:d6:5a:3d:ca:1d:04:4f:9b:6b:7d:3e:0a:5f:
                    3c:0c:a9:d9:25:32:79:1f:d8:99:78:6f:e9:07:62:
                    5b:a3:e1:45:1b:c5:a2:36:21:ed:ef:d3:c2:4d:f7:
                    2a:47:cd:d4:81:95:c9:65:99:06:b7:bd:86:3f:cd:
                    c3:e9:86:9a:93:0a:84:9e:6b:b1:f0:0c:6b:db:c0:
                    72:50:fa:71:44:6b:f2:48:05:42:97:44:bb:f9:e0:
                    b0:b7:77:37:bc:f3:98:05:40:3e:b6:a2:f3:d7:a7:
                    ce:29:72:7a:81:9e:02:fb:55:31:bb:28:da:72:16:
                    7b:21:5b:86:b4:89:f9:96:62:f9:ef:a9:8e:c6:12:
                    a2:78:bb:b1:3a:32:31:56:92:1e:85:ae:59:03:e8:
                    72:d2:3d:5d:d3:7f:7a:fb:70:b1:80:8a:cc:a9:e5:
                    9d:3c:e2:b0:60:2e:08:0f:35:22:70:80:d2:a7:f2:
                    f9:27:c7:e3:86:be:46:02:4f:bc:65:5d:63:d2:ee:
                    77:4a:2e:c7:36:ed:86:80:d9:03:8b:c4:3d:ca:da:
                    a0:a6:cb:ec:22:cc:61:55:58:b7:99:4c:a5:39:22:
                    32:8d:79:13:83:b9:8c:81:55:c0:73:05:b5:37:f0:
                    59:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:E7:94:39:66:6E:75:57:D6:EC:19:C9:62:9E:8C:11:FD:B1:35:71
            X509v3 Authority Key Identifier:
                keyid:2E:45:90:59:23:2A:4B:B9:32:F6:3F:B0:DF:B6:54:93:EB:9C:82:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LkWQWSMqS7ky9j-w37ZUk-ucgng.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/668bf3-77dc-43ea-8fdd-485eda34998f/1/LkWQWSMqS7ky9j-w37ZUk-ucgng.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/668bf3-77dc-43ea-8fdd-485eda34998f/1/LkWQWSMqS7ky9j-w37ZUk-ucgng.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:de:f8:d4:ae:35:42:22:4a:8e:16:76:b7:4a:fd:69:bd:1f:
         f7:64:41:dd:63:d5:9f:f4:38:32:ca:fe:8d:bc:52:88:03:f6:
         02:ae:1c:92:dd:8d:96:25:a2:01:cb:88:7e:d9:25:e9:c9:2d:
         e0:68:c1:0c:e4:92:78:be:6f:7f:28:5e:2f:a9:38:9c:52:c7:
         3e:cd:b3:f4:5b:64:6c:71:f9:bd:91:23:48:9c:4a:02:e9:93:
         44:90:0d:54:e7:de:c6:80:c0:8a:24:bb:1e:bb:83:61:46:8f:
         2b:b6:21:ab:02:41:c3:a9:96:28:c0:2c:cc:1e:a5:47:e1:db:
         3a:60:38:47:b6:30:b1:c5:60:db:2e:c6:29:42:1c:66:ad:2c:
         93:05:3f:30:89:47:42:fc:17:4a:be:42:30:fd:6d:1c:95:fb:
         0d:77:ce:7c:c8:8a:cc:17:0e:7a:e4:9a:36:56:97:97:93:71:
         e4:4b:94:a7:33:3f:a4:94:6c:63:c0:86:b9:ef:d8:46:5f:85:
         9d:66:78:cd:81:46:99:8e:13:e9:a2:de:7a:67:5c:bf:3c:0b:
         69:88:ef:46:46:34:a3:d5:2f:9a:7a:06:a8:a1:d0:5a:59:4b:
         78:66:25:4b:af:59:7d:5a:54:6a:42:3e:9d:12:af:7c:9d:39:
         08:5a:95:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZbAqeMaAFELIwugxFXAEwdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNDU5MDU5MjMyYTRiYjkzMmY2M2ZiMGRmYjY1NDkzZWI5
YzgyNzgwHhcNMjUwNDIyMDEwMDIyWhcNMjUwNDIzMDEwMDIyWjAzMTEwLwYDVQQD
EygzY2U3OTQzOTY2NmU3NTU3ZDZlYzE5Yzk2MjllOGMxMWZkYjEzNTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3pkjRl5BuKFVP2PNCnmddZaPcod
BE+ba30+Cl88DKnZJTJ5H9iZeG/pB2Jbo+FFG8WiNiHt79PCTfcqR83UgZXJZZkG
t72GP83D6YaakwqEnmux8Axr28ByUPpxRGvySAVCl0S7+eCwt3c3vPOYBUA+tqLz
16fOKXJ6gZ4C+1UxuyjachZ7IVuGtIn5lmL576mOxhKieLuxOjIxVpIeha5ZA+hy
0j1d0396+3CxgIrMqeWdPOKwYC4IDzUicIDSp/L5J8fjhr5GAk+8ZV1j0u53Si7H
Nu2GgNkDi8Q9ytqgpsvsIsxhVVi3mUylOSIyjXkTg7mMgVXAcwW1N/BZZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDznlDlmbnVX1uwZyWKejBH9sTVxMB8GA1UdIwQY
MBaAFC5FkFkjKku5MvY/sN+2VJPrnIJ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGtXUVdTTXFTN2t5OWotdzM3WlVrLXVjZ25nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC82NjhiZjMtNzdkYy00M2VhLThmZGQt
NDg1ZWRhMzQ5OThmLzEvTGtXUVdTTXFTN2t5OWotdzM3WlVrLXVjZ25nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC82NjhiZjMtNzdkYy00M2VhLThmZGQtNDg1ZWRhMzQ5OThm
LzEvTGtXUVdTTXFTN2t5OWotdzM3WlVrLXVjZ25nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW9741K41
QiJKjhZ2t0r9ab0f92RB3WPVn/Q4Msr+jbxSiAP2Aq4ckt2NliWiAcuIftkl6ckt
4GjBDOSSeL5vfyheL6k4nFLHPs2z9FtkbHH5vZEjSJxKAumTRJANVOfexoDAiiS7
HruDYUaPK7YhqwJBw6mWKMAszB6lR+HbOmA4R7YwscVg2y7GKUIcZq0skwU/MIlH
QvwXSr5CMP1tHJX7DXfOfMiKzBcOeuSaNlaXl5Nx5EuUpzM/pJRsY8CGue/YRl+F
nWZ4zYFGmY4T6aLeemdcvzwLaYjvRkY0o9UvmnoGqKHQWllLeGYlS69ZfVpUakI+
nRKvfJ05CFqVag==
-----END CERTIFICATE-----