Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft
File:                     lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft (raw, json)
Hash identifier:          75r186XKFnq5uv8jNZCwyG8f1gqmJqtmWPhfOkg7zGw=
Subject key identifier:   DA:07:1B:80:FC:FE:84:AD:7A:AE:6F:70:FB:3C:91:E1:42:76:AA:CA
Authority key identifier: 94:75:ED:DC:A9:5B:73:66:53:A4:C9:F9:D9:15:40:D2:D3:EF:B5:3D
Certificate issuer:       /CN=9475eddca95b736653a4c9f9d91540d2d3efb53d
Certificate serial:       0194C350F4CD9A6359997BB10FAD749FF990
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft
Manifest number:          6B
Signing time:             Sat 01 Feb 2025 21:00:50 +0000
Manifest this update:     Sat 01 Feb 2025 21:00:50 +0000
Manifest next update:     Sun 02 Feb 2025 21:00:50 +0000
Files and hashes:         1: lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl (hash: JExk06yzZynxNt36142lOKfwEmlDoKVM2EB7HUjNovw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 21:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:50:f4:cd:9a:63:59:99:7b:b1:0f:ad:74:9f:f9:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9475eddca95b736653a4c9f9d91540d2d3efb53d
        Validity
            Not Before: Feb  1 21:00:50 2025 GMT
            Not After : Feb  2 21:00:50 2025 GMT
        Subject: CN=da071b80fcfe84ad7aae6f70fb3c91e14276aaca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:5d:c1:0c:a0:eb:b8:8b:c7:40:d9:dc:4f:2d:
                    1f:16:5a:2d:0d:51:92:eb:74:ee:46:54:6b:57:ee:
                    1e:72:f7:71:fa:88:49:aa:04:48:71:7d:fc:46:38:
                    69:a7:c0:59:28:0d:42:73:06:82:6d:48:a5:d8:68:
                    a5:40:30:a0:b3:ac:36:0c:0a:5f:08:91:2c:da:60:
                    62:fb:7c:78:35:09:4a:a4:61:32:7f:8a:60:86:cb:
                    b0:1d:e7:b7:87:8f:f5:3f:61:07:64:86:39:2b:d6:
                    7d:50:82:3e:f6:28:6b:9b:37:2c:ef:e7:b7:23:55:
                    34:7f:6c:f4:7a:af:0d:b6:a6:7f:83:38:e8:4d:cc:
                    9c:33:6b:2f:60:e3:9f:f3:e0:22:16:41:c0:f1:2a:
                    08:96:b9:40:bb:59:59:d5:1e:22:fd:9e:e2:ee:46:
                    50:e1:4c:ad:97:29:37:a1:34:a1:70:6b:59:69:ed:
                    b6:44:f4:3c:6f:fe:bc:40:f2:b7:35:cb:b8:70:22:
                    4f:15:23:8c:f1:ed:15:75:c9:0f:c8:00:0c:85:4c:
                    00:a7:3c:68:db:0e:8a:1f:4a:cc:d3:eb:17:9d:a3:
                    04:0d:a8:f1:96:f8:dc:36:b0:3f:c5:51:3f:72:48:
                    2f:04:5f:34:42:e8:d4:ef:13:2f:fc:44:37:17:d9:
                    96:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:07:1B:80:FC:FE:84:AD:7A:AE:6F:70:FB:3C:91:E1:42:76:AA:CA
            X509v3 Authority Key Identifier:
                keyid:94:75:ED:DC:A9:5B:73:66:53:A4:C9:F9:D9:15:40:D2:D3:EF:B5:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:e5:ee:64:78:3e:eb:44:f4:e5:40:3e:6d:7c:2f:5d:e8:b6:
         89:fd:02:bb:65:9e:2a:4b:57:5a:53:03:0a:63:6f:ea:31:ff:
         8d:ff:74:77:46:46:11:fb:0f:5c:b8:53:00:4f:2f:79:e2:f0:
         90:b0:22:50:61:e5:51:d2:89:eb:f5:c6:ec:3a:1c:7c:5e:d3:
         90:00:83:b3:a4:7e:49:03:be:b2:23:c9:52:81:5e:b2:eb:16:
         18:fa:55:6c:7b:dc:40:dd:15:83:bd:ec:71:b0:7e:02:4c:65:
         32:4f:7b:b8:59:df:4c:7f:f2:44:58:1e:b2:14:f4:0b:ff:bf:
         36:2d:7c:63:1b:96:d0:33:38:46:ba:cd:00:10:77:59:6d:21:
         27:2b:70:db:09:01:ce:c1:e4:6e:62:f1:9a:fe:a5:6e:80:67:
         df:3d:1a:c0:f3:e8:17:bd:85:3c:c1:76:14:cf:0e:ca:5b:9b:
         9f:af:11:1a:59:49:9c:b6:79:42:ac:1f:02:0d:8b:44:2f:cc:
         ed:d9:8b:a0:28:16:51:3f:53:c9:45:fa:5f:cd:37:69:0e:7f:
         0d:a1:3a:dc:52:b4:5d:4e:56:dd:de:2d:fe:e0:65:82:41:33:
         02:33:f8:d9:b4:95:02:d7:0e:5b:99:9d:b1:d2:1d:c7:a3:75:
         28:e7:38:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDUPTNmmNZmXuxD610n/mQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NzVlZGRjYTk1YjczNjY1M2E0YzlmOWQ5MTU0MGQyZDNl
ZmI1M2QwHhcNMjUwMjAxMjEwMDUwWhcNMjUwMjAyMjEwMDUwWjAzMTEwLwYDVQQD
EyhkYTA3MWI4MGZjZmU4NGFkN2FhZTZmNzBmYjNjOTFlMTQyNzZhYWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtl3BDKDruIvHQNncTy0fFlotDVGS
63TuRlRrV+4ecvdx+ohJqgRIcX38Rjhpp8BZKA1CcwaCbUil2GilQDCgs6w2DApf
CJEs2mBi+3x4NQlKpGEyf4pghsuwHee3h4/1P2EHZIY5K9Z9UII+9ihrmzcs7+e3
I1U0f2z0eq8NtqZ/gzjoTcycM2svYOOf8+AiFkHA8SoIlrlAu1lZ1R4i/Z7i7kZQ
4Uytlyk3oTShcGtZae22RPQ8b/68QPK3Ncu4cCJPFSOM8e0VdckPyAAMhUwApzxo
2w6KH0rM0+sXnaMEDajxlvjcNrA/xVE/ckgvBF80QujU7xMv/EQ3F9mWdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNoHG4D8/oSteq5vcPs8keFCdqrKMB8GA1UdIwQY
MBaAFJR17dypW3NmU6TJ+dkVQNLT77U9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yM2NhMjEtYmNlYi00MzNlLWI3ZDkt
N2IwMDM5ODRiODYzLzEvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yM2NhMjEtYmNlYi00MzNlLWI3ZDktN2IwMDM5ODRiODYz
LzEvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWOXuZHg+
60T05UA+bXwvXei2if0Cu2WeKktXWlMDCmNv6jH/jf90d0ZGEfsPXLhTAE8veeLw
kLAiUGHlUdKJ6/XG7DocfF7TkACDs6R+SQO+siPJUoFesusWGPpVbHvcQN0Vg73s
cbB+AkxlMk97uFnfTH/yRFgeshT0C/+/Ni18YxuW0DM4RrrNABB3WW0hJytw2wkB
zsHkbmLxmv6lboBn3z0awPPoF72FPMF2FM8Oylubn68RGllJnLZ5QqwfAg2LRC/M
7dmLoCgWUT9TyUX6X803aQ5/DaE63FK0XU5W3d4t/uBlgkEzAjP42bSVAtcOW5md
sdIdx6N1KOc4Cg==
-----END CERTIFICATE-----