Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.mft
File:                     PtWjaKny40iTSpFIiEVZQ2I_lus.mft (raw, json)
Hash identifier:          n6DPeBUELYJrlbbycv5MMA1ZJNYRmOVq1HR7Zo5pSU0=
Subject key identifier:   40:43:8C:F3:CB:A8:75:11:18:AB:24:F6:1B:A6:4C:2D:6F:22:52:17
Authority key identifier: 3E:D5:A3:68:A9:F2:E3:48:93:4A:91:48:88:45:59:43:62:3F:96:EB
Certificate issuer:       /CN=3ed5a368a9f2e348934a914888455943623f96eb
Certificate serial:       0194C3887470E9DB320A6E2D6361A61A8430
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PtWjaKny40iTSpFIiEVZQ2I_lus.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.mft
Manifest number:          1011
Signing time:             Sat 01 Feb 2025 22:01:27 +0000
Manifest this update:     Sat 01 Feb 2025 22:01:27 +0000
Manifest next update:     Sun 02 Feb 2025 22:01:27 +0000
Files and hashes:         1: PtWjaKny40iTSpFIiEVZQ2I_lus.crl (hash: jU80DhKJsjjy1J7jMXVe3sPRZZ4DOdPL0Pb8piKyG38=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PtWjaKny40iTSpFIiEVZQ2I_lus.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:88:74:70:e9:db:32:0a:6e:2d:63:61:a6:1a:84:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ed5a368a9f2e348934a914888455943623f96eb
        Validity
            Not Before: Feb  1 22:01:27 2025 GMT
            Not After : Feb  2 22:01:27 2025 GMT
        Subject: CN=40438cf3cba8751118ab24f61ba64c2d6f225217
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:ce:77:78:50:0c:53:64:8c:da:93:43:cc:6a:
                    26:7a:09:13:52:34:18:50:af:42:67:dd:8f:f3:35:
                    f7:64:a2:4a:88:b8:11:d6:9f:af:ad:9f:25:16:e1:
                    f6:71:40:1a:eb:9a:b9:3e:23:9f:68:22:e1:73:39:
                    52:2d:68:36:15:b5:18:cd:35:e9:76:02:50:ae:06:
                    6e:e4:2a:88:6a:56:7c:af:55:cc:40:80:9c:47:9b:
                    bf:60:9c:eb:6a:5f:e4:42:93:55:81:98:0c:71:9d:
                    e5:1e:20:a6:f6:49:0d:3f:9e:b7:a5:aa:00:00:95:
                    38:63:52:7f:df:28:7f:7e:09:5f:a3:d5:1e:2d:6b:
                    d9:b9:f0:27:a1:64:1a:c6:38:a2:0d:4a:ea:1e:95:
                    3e:86:df:03:6e:b8:f6:c0:10:d4:71:21:d6:2f:d9:
                    bc:d4:8d:c6:b1:a8:78:f7:c9:16:8f:72:7f:d8:f2:
                    ba:6b:84:17:f9:1d:b1:4c:a9:53:2b:03:7a:5b:f0:
                    d8:41:76:26:a7:f1:10:c2:99:ed:be:c3:6f:ae:44:
                    af:44:e6:f4:17:c2:c3:2d:73:92:66:7a:c3:8b:b7:
                    63:b4:b9:f4:80:12:95:67:b1:94:d3:ab:07:2e:bd:
                    b2:d5:db:c1:2f:dd:c5:2e:a6:1f:7e:dd:75:2f:e3:
                    d8:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:43:8C:F3:CB:A8:75:11:18:AB:24:F6:1B:A6:4C:2D:6F:22:52:17
            X509v3 Authority Key Identifier:
                keyid:3E:D5:A3:68:A9:F2:E3:48:93:4A:91:48:88:45:59:43:62:3F:96:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PtWjaKny40iTSpFIiEVZQ2I_lus.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:06:11:19:1a:a0:08:33:51:fb:47:5a:0a:f7:2d:66:2d:98:
         78:1d:8c:76:ea:74:ad:0c:e9:ea:31:c6:22:83:e2:d6:81:da:
         57:b2:fe:0c:ac:21:49:02:73:32:8b:7d:ee:d7:88:75:a8:bb:
         59:73:e9:1a:ea:fa:e6:5e:32:ee:13:c5:f5:e9:28:42:b7:af:
         fb:0a:18:0e:f9:a9:f8:0d:e1:83:bf:38:dd:a5:94:a7:08:4a:
         eb:c2:aa:0c:6e:6b:7f:46:ef:40:5e:9c:c4:76:68:fb:4a:6f:
         65:a6:cb:49:5b:bb:07:07:2d:62:18:28:27:cc:37:2b:f9:4b:
         3f:36:bd:7d:98:78:47:55:ad:e5:e7:07:d3:92:fd:c9:7f:b6:
         4c:82:d0:a7:51:58:2f:a2:be:ef:17:b8:70:49:00:60:c3:5c:
         ce:dc:44:ea:01:35:4b:07:08:56:da:4e:9b:1b:6d:c3:dd:0a:
         8b:3f:3e:51:29:8c:a1:e0:ef:da:6d:2f:a3:6d:30:28:b9:87:
         01:84:72:1d:3f:4e:bd:30:14:18:ed:0e:71:9e:a1:9f:9a:c7:
         c6:32:13:0d:17:aa:22:4a:76:5c:0a:98:56:2f:0a:a5:d2:e8:
         7f:2f:d6:05:e3:a4:81:8e:67:3b:69:a9:78:55:3d:c7:db:ae:
         b7:c9:e4:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDiHRw6dsyCm4tY2GmGoQwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZDVhMzY4YTlmMmUzNDg5MzRhOTE0ODg4NDU1OTQzNjIz
Zjk2ZWIwHhcNMjUwMjAxMjIwMTI3WhcNMjUwMjAyMjIwMTI3WjAzMTEwLwYDVQQD
Eyg0MDQzOGNmM2NiYTg3NTExMThhYjI0ZjYxYmE2NGMyZDZmMjI1MjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuc53eFAMU2SM2pNDzGomegkTUjQY
UK9CZ92P8zX3ZKJKiLgR1p+vrZ8lFuH2cUAa65q5PiOfaCLhczlSLWg2FbUYzTXp
dgJQrgZu5CqIalZ8r1XMQICcR5u/YJzral/kQpNVgZgMcZ3lHiCm9kkNP563paoA
AJU4Y1J/3yh/fglfo9UeLWvZufAnoWQaxjiiDUrqHpU+ht8Dbrj2wBDUcSHWL9m8
1I3Gsah498kWj3J/2PK6a4QX+R2xTKlTKwN6W/DYQXYmp/EQwpntvsNvrkSvROb0
F8LDLXOSZnrDi7djtLn0gBKVZ7GU06sHLr2y1dvBL93FLqYfft11L+PYSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEBDjPPLqHURGKsk9humTC1vIlIXMB8GA1UdIwQY
MBaAFD7Vo2ip8uNIk0qRSIhFWUNiP5brMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHRXamFLbnk0MGlUU3BGSWlFVlpRMklfbHVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84YzcwYzQtOTA2MC00ZmZjLThhZDMt
NmYwMTdlMWYxZWVkLzEvUHRXamFLbnk0MGlUU3BGSWlFVlpRMklfbHVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84YzcwYzQtOTA2MC00ZmZjLThhZDMtNmYwMTdlMWYxZWVk
LzEvUHRXamFLbnk0MGlUU3BGSWlFVlpRMklfbHVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsgYRGRqg
CDNR+0daCvctZi2YeB2Mdup0rQzp6jHGIoPi1oHaV7L+DKwhSQJzMot97teIdai7
WXPpGur65l4y7hPF9ekoQrev+woYDvmp+A3hg7843aWUpwhK68KqDG5rf0bvQF6c
xHZo+0pvZabLSVu7BwctYhgoJ8w3K/lLPza9fZh4R1Wt5ecH05L9yX+2TILQp1FY
L6K+7xe4cEkAYMNcztxE6gE1SwcIVtpOmxttw90Kiz8+USmMoeDv2m0vo20wKLmH
AYRyHT9OvTAUGO0OcZ6hn5rHxjITDReqIkp2XAqYVi8KpdLofy/WBeOkgY5nO2mp
eFU9x9uut8nkTQ==
-----END CERTIFICATE-----