Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/9d9112-f57e-49c7-a93b-d8549edf7cef/1/dLMSaPL_fozq3x3pX5fwsdKxX5Y.mft
File:                     dLMSaPL_fozq3x3pX5fwsdKxX5Y.mft (raw, json)
Hash identifier:          KJZfJkD8ZevK8szcqQgYZykqyJyO3h+oaE0AHlg7URw=
Subject key identifier:   75:67:3E:8D:8D:79:A5:CB:2B:54:54:07:C4:01:66:B2:7F:C7:F6:E0
Authority key identifier: 74:B3:12:68:F2:FF:7E:8C:EA:DF:1D:E9:5F:97:F0:B1:D2:B1:5F:96
Certificate issuer:       /CN=74b31268f2ff7e8ceadf1de95f97f0b1d2b15f96
Certificate serial:       01965011C55AAFE5A2C19506BA4ED1F8A23E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dLMSaPL_fozq3x3pX5fwsdKxX5Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/9d9112-f57e-49c7-a93b-d8549edf7cef/1/dLMSaPL_fozq3x3pX5fwsdKxX5Y.mft
Manifest number:          0FCD
Signing time:             Sat 19 Apr 2025 22:01:03 +0000
Manifest this update:     Sat 19 Apr 2025 22:01:03 +0000
Manifest next update:     Sun 20 Apr 2025 22:01:03 +0000
Files and hashes:         1: dLMSaPL_fozq3x3pX5fwsdKxX5Y.crl (hash: USA20v636mT9yj7cDqOa1EeOR3oVIWHaj5Do7YUAcfI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/9d9112-f57e-49c7-a93b-d8549edf7cef/1/dLMSaPL_fozq3x3pX5fwsdKxX5Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/9d9112-f57e-49c7-a93b-d8549edf7cef/1/dLMSaPL_fozq3x3pX5fwsdKxX5Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dLMSaPL_fozq3x3pX5fwsdKxX5Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:50:11:c5:5a:af:e5:a2:c1:95:06:ba:4e:d1:f8:a2:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74b31268f2ff7e8ceadf1de95f97f0b1d2b15f96
        Validity
            Not Before: Apr 19 22:01:03 2025 GMT
            Not After : Apr 20 22:01:03 2025 GMT
        Subject: CN=75673e8d8d79a5cb2b545407c40166b27fc7f6e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:02:87:b7:2c:b9:27:11:49:ab:79:55:db:3d:
                    19:f4:e0:43:d4:b2:85:7c:a3:c2:24:e4:ce:9f:85:
                    9f:95:1a:cc:c8:ec:32:00:df:af:8a:62:90:bf:d2:
                    03:01:6b:76:11:d3:89:59:a0:aa:61:be:12:95:9e:
                    9e:26:c7:5e:3e:1c:76:43:24:51:f2:eb:7f:e9:f5:
                    00:fc:46:88:7c:bf:e2:49:7c:05:4a:e0:d8:f7:ac:
                    8f:9f:9f:63:05:97:5b:cd:d0:f8:87:60:45:64:9e:
                    d8:2e:97:67:cf:5a:e2:ea:5a:6c:ab:5a:8e:0e:af:
                    b8:c7:64:16:e2:5b:23:4e:cb:b6:65:0d:3c:62:60:
                    4c:5a:e0:50:5b:8c:5b:87:bb:aa:e5:bd:d7:66:96:
                    b7:19:49:e1:c3:a5:02:1e:e6:74:76:63:47:3d:4a:
                    22:d4:a7:f0:74:5d:a0:84:d6:b1:b1:0d:50:68:0f:
                    45:4b:41:be:b0:7c:7b:46:66:7d:f9:af:d8:8a:55:
                    3b:be:15:08:f5:31:ca:9c:45:b4:22:5e:a1:36:e2:
                    4f:22:c5:ba:34:2f:d6:29:d3:55:ac:99:26:fb:e8:
                    1a:0d:41:a5:67:f9:a1:50:a4:e5:cc:cc:99:ab:1b:
                    d4:5b:f0:c5:82:11:4f:e2:2a:11:7b:09:f0:fd:5b:
                    6e:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:67:3E:8D:8D:79:A5:CB:2B:54:54:07:C4:01:66:B2:7F:C7:F6:E0
            X509v3 Authority Key Identifier:
                keyid:74:B3:12:68:F2:FF:7E:8C:EA:DF:1D:E9:5F:97:F0:B1:D2:B1:5F:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dLMSaPL_fozq3x3pX5fwsdKxX5Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/9d9112-f57e-49c7-a93b-d8549edf7cef/1/dLMSaPL_fozq3x3pX5fwsdKxX5Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/9d9112-f57e-49c7-a93b-d8549edf7cef/1/dLMSaPL_fozq3x3pX5fwsdKxX5Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:c7:04:ce:ae:de:78:3f:d0:ce:fb:65:38:d3:2a:29:bd:39:
         10:3e:7a:5f:55:97:7c:1e:61:3c:26:f1:6d:78:87:41:59:d7:
         0b:6c:92:29:98:e5:a6:20:5d:ab:3b:59:d4:5d:ca:80:1a:6e:
         00:cc:a9:fc:05:46:d2:23:20:ae:47:1b:6d:ee:94:99:0a:72:
         5e:43:a4:78:aa:ce:0e:aa:55:9c:f1:39:01:81:75:30:f7:7e:
         96:dc:39:6f:bf:31:1d:63:82:5c:a6:16:02:d4:52:b4:e5:40:
         9d:3c:e9:05:83:02:b7:a9:0c:f8:4b:3f:1e:3c:14:59:b6:74:
         c9:36:ce:8b:7a:d8:50:3d:6a:06:bf:e9:1a:51:21:54:db:01:
         34:24:d6:dd:c2:b0:73:8f:e6:5f:3e:63:a0:f9:43:be:a7:b7:
         0c:56:1b:76:bf:5c:50:31:b8:5f:bd:4f:3f:15:7e:43:6b:bd:
         30:44:a5:fc:44:56:b1:08:df:58:32:c9:8f:d5:3d:19:1d:0a:
         a7:bc:6c:ea:78:a3:fa:99:1c:62:30:a1:5d:85:56:a4:89:9e:
         73:a8:a2:80:b1:ed:e4:07:e1:22:b1:19:de:85:07:28:4e:80:
         e5:94:84:a3:8d:4c:7e:5d:4a:50:a6:4c:69:ed:f1:73:cd:b1:
         9b:5b:99:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZQEcVar+WiwZUGuk7R+KI+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YjMxMjY4ZjJmZjdlOGNlYWRmMWRlOTVmOTdmMGIxZDJi
MTVmOTYwHhcNMjUwNDE5MjIwMTAzWhcNMjUwNDIwMjIwMTAzWjAzMTEwLwYDVQQD
Eyg3NTY3M2U4ZDhkNzlhNWNiMmI1NDU0MDdjNDAxNjZiMjdmYzdmNmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwKHtyy5JxFJq3lV2z0Z9OBD1LKF
fKPCJOTOn4WflRrMyOwyAN+vimKQv9IDAWt2EdOJWaCqYb4SlZ6eJsdePhx2QyRR
8ut/6fUA/EaIfL/iSXwFSuDY96yPn59jBZdbzdD4h2BFZJ7YLpdnz1ri6lpsq1qO
Dq+4x2QW4lsjTsu2ZQ08YmBMWuBQW4xbh7uq5b3XZpa3GUnhw6UCHuZ0dmNHPUoi
1KfwdF2ghNaxsQ1QaA9FS0G+sHx7RmZ9+a/YilU7vhUI9THKnEW0Il6hNuJPIsW6
NC/WKdNVrJkm++gaDUGlZ/mhUKTlzMyZqxvUW/DFghFP4ioRewnw/VtuLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHVnPo2NeaXLK1RUB8QBZrJ/x/bgMB8GA1UdIwQY
MBaAFHSzEmjy/36M6t8d6V+X8LHSsV+WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZExNU2FQTF9mb3pxM3gzcFg1ZndzZEt4WDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS85ZDkxMTItZjU3ZS00OWM3LWE5M2It
ZDg1NDllZGY3Y2VmLzEvZExNU2FQTF9mb3pxM3gzcFg1ZndzZEt4WDVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS85ZDkxMTItZjU3ZS00OWM3LWE5M2ItZDg1NDllZGY3Y2Vm
LzEvZExNU2FQTF9mb3pxM3gzcFg1ZndzZEt4WDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApscEzq7e
eD/QzvtlONMqKb05ED56X1WXfB5hPCbxbXiHQVnXC2ySKZjlpiBdqztZ1F3KgBpu
AMyp/AVG0iMgrkcbbe6UmQpyXkOkeKrODqpVnPE5AYF1MPd+ltw5b78xHWOCXKYW
AtRStOVAnTzpBYMCt6kM+Es/HjwUWbZ0yTbOi3rYUD1qBr/pGlEhVNsBNCTW3cKw
c4/mXz5joPlDvqe3DFYbdr9cUDG4X71PPxV+Q2u9MESl/ERWsQjfWDLJj9U9GR0K
p7xs6nij+pkcYjChXYVWpImec6iigLHt5AfhIrEZ3oUHKE6A5ZSEo41Mfl1KUKZM
ae3xc82xm1uZLw==
-----END CERTIFICATE-----