Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft
File:                     Le43b1HIyKVVUo1MFesfTKOZxJE.mft (raw, json)
Hash identifier:          wI28wKML6wnbfTpkhRkCVvZWXL9jf3NhV9RQX4Ikch8=
Subject key identifier:   2B:79:60:A5:27:F8:28:6C:68:55:62:2A:29:AD:65:AC:3C:18:2D:64
Authority key identifier: 2D:EE:37:6F:51:C8:C8:A5:55:52:8D:4C:15:EB:1F:4C:A3:99:C4:91
Certificate issuer:       /CN=2dee376f51c8c8a555528d4c15eb1f4ca399c491
Certificate serial:       0194C387DE5E65C462831DC6AF949C69C21D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Le43b1HIyKVVUo1MFesfTKOZxJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft
Manifest number:          142A
Signing time:             Sat 01 Feb 2025 22:00:48 +0000
Manifest this update:     Sat 01 Feb 2025 22:00:48 +0000
Manifest next update:     Sun 02 Feb 2025 22:00:48 +0000
Files and hashes:         1: Le43b1HIyKVVUo1MFesfTKOZxJE.crl (hash: j5nV1zlT/Q8EGObgP2c6CykNl/liwIxFQIOJImWEXtA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Le43b1HIyKVVUo1MFesfTKOZxJE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:87:de:5e:65:c4:62:83:1d:c6:af:94:9c:69:c2:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2dee376f51c8c8a555528d4c15eb1f4ca399c491
        Validity
            Not Before: Feb  1 22:00:48 2025 GMT
            Not After : Feb  2 22:00:48 2025 GMT
        Subject: CN=2b7960a527f8286c6855622a29ad65ac3c182d64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:f7:85:aa:83:7d:c9:8f:70:d6:91:af:b9:08:
                    9d:15:cb:59:c0:1d:7c:29:f0:e1:34:19:c9:28:de:
                    be:a9:08:78:8f:05:be:43:3a:aa:92:ee:17:38:5b:
                    f1:c4:2a:17:2e:50:46:1d:06:dc:91:59:6b:32:9f:
                    74:83:2c:6c:63:08:be:98:15:7f:6d:8f:62:e9:41:
                    f1:c5:c0:76:d2:56:ac:fc:f7:14:03:06:83:80:18:
                    d6:10:02:b3:1b:7f:a9:03:51:6c:84:25:a3:ee:f2:
                    87:80:a9:49:3c:e6:cd:39:ef:1f:88:bb:f6:8f:be:
                    f4:52:f3:36:ef:c4:78:c9:0d:4f:25:71:f7:54:77:
                    cd:a8:51:cb:4c:66:c5:27:93:79:a4:58:d8:c3:3b:
                    5a:b4:65:b8:75:ef:3f:fb:50:38:2f:12:e5:99:e0:
                    75:8b:c4:b5:02:b0:c4:b0:2c:12:cb:fe:11:97:80:
                    b3:0a:69:79:76:ce:32:95:89:b7:d5:8a:da:b6:20:
                    33:13:41:ca:2e:d0:cc:b8:84:53:b6:8c:bd:5c:02:
                    50:10:32:4c:90:a5:3a:ce:52:c5:86:de:b4:d2:08:
                    16:6c:3c:11:85:17:af:bd:e3:27:26:5e:11:1c:94:
                    b6:eb:fe:8e:d7:8a:39:0a:68:79:b0:30:6d:dd:fe:
                    9a:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:79:60:A5:27:F8:28:6C:68:55:62:2A:29:AD:65:AC:3C:18:2D:64
            X509v3 Authority Key Identifier:
                keyid:2D:EE:37:6F:51:C8:C8:A5:55:52:8D:4C:15:EB:1F:4C:A3:99:C4:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Le43b1HIyKVVUo1MFesfTKOZxJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:87:fd:1d:90:55:ef:07:53:46:87:ab:d1:cb:4f:66:3e:c0:
         33:70:30:80:49:f3:7c:5e:da:c6:5a:dc:13:b3:a3:a5:90:20:
         82:4d:cd:7f:c4:b4:d5:3a:81:a9:45:eb:8b:4a:ea:75:1f:07:
         65:b6:27:35:c0:ca:c4:fa:7a:a0:01:53:4a:83:57:6c:f9:f9:
         5c:d1:ac:65:41:9e:57:bf:a6:86:08:09:c1:58:8c:22:ac:cc:
         69:67:80:60:04:3b:63:54:c9:11:dd:4a:42:08:14:1b:57:d7:
         f2:af:0b:02:d4:38:d1:a7:2c:06:dd:3c:ce:24:80:6d:4f:8e:
         d1:7a:f3:2a:85:61:5a:37:46:d7:41:bb:10:45:31:d7:c4:a3:
         cf:da:4a:3f:5d:ba:36:be:c0:d3:47:52:76:6e:70:23:05:af:
         c4:00:9e:b5:90:ae:13:f6:f0:85:67:34:6f:51:d0:34:e3:6b:
         8c:d7:87:0c:e5:54:33:24:2a:2b:1d:4d:e0:f2:a9:e4:9c:98:
         70:fe:6f:55:6c:8c:ca:e8:eb:e4:8b:f4:6c:70:44:cd:c9:e0:
         c0:92:9f:bb:63:79:eb:64:77:e8:43:d5:78:fd:9c:6b:26:89:
         84:ed:91:e4:b4:af:3b:b6:4f:6d:7d:6a:6f:c4:ee:e9:81:eb:
         41:fc:19:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh95eZcRigx3Gr5ScacIdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkZWUzNzZmNTFjOGM4YTU1NTUyOGQ0YzE1ZWIxZjRjYTM5
OWM0OTEwHhcNMjUwMjAxMjIwMDQ4WhcNMjUwMjAyMjIwMDQ4WjAzMTEwLwYDVQQD
EygyYjc5NjBhNTI3ZjgyODZjNjg1NTYyMmEyOWFkNjVhYzNjMTgyZDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfeFqoN9yY9w1pGvuQidFctZwB18
KfDhNBnJKN6+qQh4jwW+Qzqqku4XOFvxxCoXLlBGHQbckVlrMp90gyxsYwi+mBV/
bY9i6UHxxcB20las/PcUAwaDgBjWEAKzG3+pA1FshCWj7vKHgKlJPObNOe8fiLv2
j770UvM278R4yQ1PJXH3VHfNqFHLTGbFJ5N5pFjYwztatGW4de8/+1A4LxLlmeB1
i8S1ArDEsCwSy/4Rl4CzCml5ds4ylYm31YratiAzE0HKLtDMuIRTtoy9XAJQEDJM
kKU6zlLFht600ggWbDwRhRevveMnJl4RHJS26/6O14o5Cmh5sDBt3f6a4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCt5YKUn+ChsaFViKimtZaw8GC1kMB8GA1UdIwQY
MBaAFC3uN29RyMilVVKNTBXrH0yjmcSRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGU0M2IxSEl5S1ZWVW8xTUZlc2ZUS09aeEpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8zYmUwOTctMjhmNC00OWU4LWFkMjUt
ZmY1Y2JkYWM1ODQ1LzEvTGU0M2IxSEl5S1ZWVW8xTUZlc2ZUS09aeEpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8zYmUwOTctMjhmNC00OWU4LWFkMjUtZmY1Y2JkYWM1ODQ1
LzEvTGU0M2IxSEl5S1ZWVW8xTUZlc2ZUS09aeEpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbYf9HZBV
7wdTRoer0ctPZj7AM3AwgEnzfF7axlrcE7OjpZAggk3Nf8S01TqBqUXri0rqdR8H
ZbYnNcDKxPp6oAFTSoNXbPn5XNGsZUGeV7+mhggJwViMIqzMaWeAYAQ7Y1TJEd1K
QggUG1fX8q8LAtQ40acsBt08ziSAbU+O0XrzKoVhWjdG10G7EEUx18Sjz9pKP126
Nr7A00dSdm5wIwWvxACetZCuE/bwhWc0b1HQNONrjNeHDOVUMyQqKx1N4PKp5JyY
cP5vVWyMyujr5Iv0bHBEzcngwJKfu2N562R36EPVeP2cayaJhO2R5LSvO7ZPbX1q
b8Tu6YHrQfwZLQ==
-----END CERTIFICATE-----