Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
File:                     Lokc9xG_fhxC4ILWoviaBL7rldE.mft (raw, json)
Hash identifier:          4/W0pYPy2pW57FcGj7yL/YiTvJhNbRCJ3zRAmb0JU7o=
Subject key identifier:   C0:A2:E6:2A:7A:6F:07:9B:C6:64:51:60:44:0A:EC:1F:95:F3:A4:B0
Authority key identifier: 2E:89:1C:F7:11:BF:7E:1C:42:E0:82:D6:A2:F8:9A:04:BE:EB:95:D1
Certificate issuer:       /CN=2e891cf711bf7e1c42e082d6a2f89a04beeb95d1
Certificate serial:       01965D96665C73E600643F4A7B6B11C7A9F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
Manifest number:          0106
Signing time:             Tue 22 Apr 2025 13:00:59 +0000
Manifest this update:     Tue 22 Apr 2025 13:00:59 +0000
Manifest next update:     Wed 23 Apr 2025 13:00:59 +0000
Files and hashes:         1: Lokc9xG_fhxC4ILWoviaBL7rldE.crl (hash: BG0yzYXFD4dWs3g0SffTS1cLaFxiYsEoOccMLI/3bO0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Apr 2025 13:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5d:96:66:5c:73:e6:00:64:3f:4a:7b:6b:11:c7:a9:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e891cf711bf7e1c42e082d6a2f89a04beeb95d1
        Validity
            Not Before: Apr 22 13:00:59 2025 GMT
            Not After : Apr 23 13:00:59 2025 GMT
        Subject: CN=c0a2e62a7a6f079bc6645160440aec1f95f3a4b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:d0:9a:45:80:fb:8b:a8:02:66:6f:33:13:ec:
                    ff:d0:6d:e6:8e:e8:63:8e:87:d7:2d:48:af:a3:d7:
                    b4:33:99:4a:9b:5a:f9:0b:6e:c3:83:8f:21:3b:a2:
                    5a:90:3c:ff:ea:95:4e:5b:a7:57:92:9b:96:16:c8:
                    92:22:ed:d7:ca:be:0d:ee:fd:50:b9:eb:fd:ed:7a:
                    e0:ae:c6:70:18:50:48:78:98:bd:27:10:f1:53:be:
                    58:b5:8f:5d:e6:67:d8:5f:77:3f:31:4a:7c:8c:32:
                    86:a8:ad:de:d7:9d:20:ed:68:89:04:8f:31:ab:02:
                    72:3a:74:20:73:b4:3c:81:4a:84:fd:ca:99:4e:15:
                    69:c3:59:c5:ce:20:fe:d9:be:39:5e:3f:da:f1:2c:
                    b7:bc:7e:50:0c:c4:68:96:1a:f0:fb:2d:a3:22:05:
                    ab:15:34:0b:7d:60:8e:0e:f6:88:6f:e1:22:b5:98:
                    20:99:a5:0b:d0:46:a8:6f:7a:7e:85:2a:48:f0:66:
                    5a:cb:c1:8c:87:fb:4c:cc:59:1a:04:5d:26:c0:26:
                    0e:70:36:57:e3:24:2b:5d:24:1e:85:d0:90:89:5e:
                    d1:0a:f5:96:78:4a:fe:b5:df:ed:cb:70:31:ea:e3:
                    a0:cb:f8:be:ac:7b:59:ca:b1:c0:ff:6f:9b:48:60:
                    64:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:A2:E6:2A:7A:6F:07:9B:C6:64:51:60:44:0A:EC:1F:95:F3:A4:B0
            X509v3 Authority Key Identifier:
                keyid:2E:89:1C:F7:11:BF:7E:1C:42:E0:82:D6:A2:F8:9A:04:BE:EB:95:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:59:71:5c:42:7b:c7:42:52:ac:39:b1:07:ee:7c:eb:d6:4a:
         c3:7a:01:b1:c8:fa:1a:21:d1:ca:6b:ec:77:bf:29:86:27:0d:
         5b:ed:1f:d1:6b:1d:9e:03:4d:58:a0:cb:30:81:cd:32:59:9a:
         ba:28:57:4b:d9:7a:2d:62:fd:ac:ed:5f:c2:d5:a8:6a:38:58:
         de:32:95:3b:8c:26:1e:ef:41:8c:5a:ff:33:74:9b:2a:65:59:
         60:9a:f2:61:3e:59:ad:0e:31:0b:7a:58:5b:55:36:10:90:74:
         00:b9:b5:5c:1e:67:ce:18:a7:c8:99:a2:b0:9a:17:1d:cf:1d:
         21:43:10:4b:72:9c:00:09:86:77:49:08:fb:2b:1b:4d:13:66:
         3e:ed:58:0c:fc:bf:d1:60:91:ac:c3:8b:9f:1c:e6:ad:b1:74:
         fa:4c:60:34:c4:27:39:6f:d6:71:b0:53:ea:a7:ed:0b:23:cf:
         a5:df:b8:8b:af:11:6f:06:e5:8b:e1:18:9f:99:54:ba:63:64:
         4f:5e:cc:be:a8:78:c4:49:04:dd:db:1c:34:08:a7:5e:f9:23:
         bc:4a:be:27:7e:0e:94:5b:4f:1b:ef:53:cc:99:03:1a:97:cf:
         0c:26:f8:25:59:53:61:e2:ef:39:61:b8:dd:a8:21:22:b5:3f:
         65:c0:f0:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZdlmZcc+YAZD9Ke2sRx6n5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODkxY2Y3MTFiZjdlMWM0MmUwODJkNmEyZjg5YTA0YmVl
Yjk1ZDEwHhcNMjUwNDIyMTMwMDU5WhcNMjUwNDIzMTMwMDU5WjAzMTEwLwYDVQQD
EyhjMGEyZTYyYTdhNmYwNzliYzY2NDUxNjA0NDBhZWMxZjk1ZjNhNGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9CaRYD7i6gCZm8zE+z/0G3mjuhj
jofXLUivo9e0M5lKm1r5C27Dg48hO6JakDz/6pVOW6dXkpuWFsiSIu3Xyr4N7v1Q
uev97XrgrsZwGFBIeJi9JxDxU75YtY9d5mfYX3c/MUp8jDKGqK3e150g7WiJBI8x
qwJyOnQgc7Q8gUqE/cqZThVpw1nFziD+2b45Xj/a8Sy3vH5QDMRolhrw+y2jIgWr
FTQLfWCODvaIb+EitZggmaUL0Eaob3p+hSpI8GZay8GMh/tMzFkaBF0mwCYOcDZX
4yQrXSQehdCQiV7RCvWWeEr+td/ty3Ax6uOgy/i+rHtZyrHA/2+bSGBkUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMCi5ip6bwebxmRRYEQK7B+V86SwMB8GA1UdIwQY
MBaAFC6JHPcRv34cQuCC1qL4mgS+65XRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS81MGI1NTAtZjg1ZS00ODliLTg0NzMt
ZTAzNjUzODFiYjg1LzEvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS81MGI1NTAtZjg1ZS00ODliLTg0NzMtZTAzNjUzODFiYjg1
LzEvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd1lxXEJ7
x0JSrDmxB+5869ZKw3oBscj6GiHRymvsd78phicNW+0f0WsdngNNWKDLMIHNMlma
uihXS9l6LWL9rO1fwtWoajhY3jKVO4wmHu9BjFr/M3SbKmVZYJryYT5ZrQ4xC3pY
W1U2EJB0ALm1XB5nzhinyJmisJoXHc8dIUMQS3KcAAmGd0kI+ysbTRNmPu1YDPy/
0WCRrMOLnxzmrbF0+kxgNMQnOW/WcbBT6qftCyPPpd+4i68Rbwbli+EYn5lUumNk
T17Mvqh4xEkE3dscNAinXvkjvEq+J34OlFtPG+9TzJkDGpfPDCb4JVlTYeLvOWG4
3aghIrU/ZcDw4A==
-----END CERTIFICATE-----