Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft
File:                     LsJnz2xrO4jpahG_KemnOlWMXkA.mft (raw, json)
Hash identifier:          lZevU8YzIarVxsU8QZvSCiImw5R6KVcnixPhMEA9p1o=
Subject key identifier:   55:53:54:A6:9C:AC:9E:42:19:BA:BE:3A:63:EF:67:47:79:6A:E5:8F
Authority key identifier: 2E:C2:67:CF:6C:6B:3B:88:E9:6A:11:BF:29:E9:A7:3A:55:8C:5E:40
Certificate issuer:       /CN=2ec267cf6c6b3b88e96a11bf29e9a73a558c5e40
Certificate serial:       0194C3F5B695D21C108616722704A02E5175
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LsJnz2xrO4jpahG_KemnOlWMXkA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft
Manifest number:          13BD
Signing time:             Sun 02 Feb 2025 00:00:47 +0000
Manifest this update:     Sun 02 Feb 2025 00:00:47 +0000
Manifest next update:     Mon 03 Feb 2025 00:00:47 +0000
Files and hashes:         1: LsJnz2xrO4jpahG_KemnOlWMXkA.crl (hash: tkJg/YJhW31z7Ok/mQmdgLdj9JBZmJB0eATXud0661o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LsJnz2xrO4jpahG_KemnOlWMXkA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:f5:b6:95:d2:1c:10:86:16:72:27:04:a0:2e:51:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ec267cf6c6b3b88e96a11bf29e9a73a558c5e40
        Validity
            Not Before: Feb  2 00:00:47 2025 GMT
            Not After : Feb  3 00:00:47 2025 GMT
        Subject: CN=555354a69cac9e4219babe3a63ef6747796ae58f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:61:fe:55:d3:30:57:8f:34:e6:02:21:74:b5:
                    87:6e:37:78:0a:2a:2c:ad:6b:39:59:49:60:8b:1d:
                    a0:31:66:5b:16:3b:5c:bb:eb:10:1b:2f:21:be:8d:
                    09:da:6e:60:ad:0b:15:a3:fc:79:f7:98:41:b8:e2:
                    2c:5a:88:54:1b:e3:2d:84:92:bb:18:52:24:31:fa:
                    e1:4f:d9:a8:e0:4c:9a:b4:77:40:ce:1b:3b:ab:ef:
                    db:8a:81:aa:12:00:f5:22:87:e1:f3:ac:20:48:7f:
                    6e:a8:73:51:cf:df:fa:6e:c2:2d:ab:a2:83:9d:f6:
                    fb:d0:e6:d0:0d:ca:14:86:4d:47:85:27:58:93:6b:
                    9b:66:da:9a:b3:9b:9d:65:ff:75:f2:ff:cc:f9:cf:
                    2a:35:50:69:97:32:58:b2:39:2d:6f:75:99:2a:71:
                    d5:53:e0:5f:c0:51:59:a0:7b:32:1a:c5:7b:91:a2:
                    df:78:62:cf:76:97:29:3a:76:56:a4:6b:73:0e:f4:
                    72:b2:21:6b:24:f8:b8:2f:6d:b5:b0:d8:eb:8e:b8:
                    4b:04:d1:d5:d0:14:24:35:48:c4:e3:4f:91:64:0b:
                    5a:97:d5:8a:70:c7:0e:5b:43:eb:00:52:53:bc:b4:
                    ae:0e:67:c9:a9:26:9d:36:28:c2:ae:79:29:f1:c3:
                    35:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:53:54:A6:9C:AC:9E:42:19:BA:BE:3A:63:EF:67:47:79:6A:E5:8F
            X509v3 Authority Key Identifier:
                keyid:2E:C2:67:CF:6C:6B:3B:88:E9:6A:11:BF:29:E9:A7:3A:55:8C:5E:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LsJnz2xrO4jpahG_KemnOlWMXkA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:65:48:7b:8e:2b:29:de:0f:48:e6:c3:07:60:e9:01:9b:2b:
         73:60:ef:25:ca:fa:50:75:0f:9f:a3:be:b0:06:0a:97:93:bd:
         07:39:fa:fd:64:f5:51:a8:9e:b9:b3:44:7a:11:06:dc:5b:af:
         f5:6c:8f:a1:47:8b:ea:f2:89:cb:01:0c:eb:0c:da:21:fb:d0:
         07:c1:4a:3d:b5:4e:19:eb:ed:0b:02:10:e8:63:cf:be:14:d3:
         b1:e3:cf:99:40:e1:4b:e2:1e:e6:d1:75:e4:14:dc:6d:29:d8:
         8c:6f:74:ef:80:33:19:53:fe:66:ae:a3:63:2b:2e:d3:a1:3d:
         8a:27:9f:70:44:ea:3a:d1:77:41:9e:fb:f3:2e:ef:b4:5f:c1:
         0c:dd:5f:eb:87:42:be:b6:fa:36:ed:4f:5c:84:09:13:35:4f:
         f2:b9:a5:a7:74:2c:a9:fb:e5:e8:57:0c:d7:1f:c3:6f:8b:5c:
         bd:89:c6:9c:db:e4:1d:75:3c:ba:e4:95:0b:09:9a:15:91:9c:
         90:7c:d1:dd:1e:ed:ad:d8:8a:d6:fb:a5:bb:de:74:50:d8:cb:
         96:27:75:63:54:ff:0f:14:75:22:b0:5b:69:e0:35:cf:ec:4c:
         95:0c:c5:ff:ea:05:57:86:30:28:c8:ee:e7:7c:b0:e7:ba:07:
         93:7f:07:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTD9baV0hwQhhZyJwSgLlF1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlYzI2N2NmNmM2YjNiODhlOTZhMTFiZjI5ZTlhNzNhNTU4
YzVlNDAwHhcNMjUwMjAyMDAwMDQ3WhcNMjUwMjAzMDAwMDQ3WjAzMTEwLwYDVQQD
Eyg1NTUzNTRhNjljYWM5ZTQyMTliYWJlM2E2M2VmNjc0Nzc5NmFlNThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2H+VdMwV4805gIhdLWHbjd4Cios
rWs5WUlgix2gMWZbFjtcu+sQGy8hvo0J2m5grQsVo/x595hBuOIsWohUG+MthJK7
GFIkMfrhT9mo4EyatHdAzhs7q+/bioGqEgD1Iofh86wgSH9uqHNRz9/6bsItq6KD
nfb70ObQDcoUhk1HhSdYk2ubZtqas5udZf918v/M+c8qNVBplzJYsjktb3WZKnHV
U+BfwFFZoHsyGsV7kaLfeGLPdpcpOnZWpGtzDvRysiFrJPi4L221sNjrjrhLBNHV
0BQkNUjE40+RZAtal9WKcMcOW0PrAFJTvLSuDmfJqSadNijCrnkp8cM1xQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFVTVKacrJ5CGbq+OmPvZ0d5auWPMB8GA1UdIwQY
MBaAFC7CZ89sazuI6WoRvynppzpVjF5AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHNKbnoyeHJPNGpwYWhHX0tlbW5PbFdNWGtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9jZWEwMWItZWU5NC00YTAyLThkNjIt
MGRjMDFmYzg4MTQxLzEvTHNKbnoyeHJPNGpwYWhHX0tlbW5PbFdNWGtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9jZWEwMWItZWU5NC00YTAyLThkNjItMGRjMDFmYzg4MTQx
LzEvTHNKbnoyeHJPNGpwYWhHX0tlbW5PbFdNWGtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE2VIe44r
Kd4PSObDB2DpAZsrc2DvJcr6UHUPn6O+sAYKl5O9Bzn6/WT1UaieubNEehEG3Fuv
9WyPoUeL6vKJywEM6wzaIfvQB8FKPbVOGevtCwIQ6GPPvhTTsePPmUDhS+Ie5tF1
5BTcbSnYjG9074AzGVP+Zq6jYysu06E9iiefcETqOtF3QZ778y7vtF/BDN1f64dC
vrb6Nu1PXIQJEzVP8rmlp3Qsqfvl6FcM1x/Db4tcvYnGnNvkHXU8uuSVCwmaFZGc
kHzR3R7trdiK1vulu950UNjLlid1Y1T/DxR1IrBbaeA1z+xMlQzF/+oFV4YwKMju
53yw57oHk38Hqw==
-----END CERTIFICATE-----