Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft
File:                     lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft (raw, json)
Hash identifier:          PpNnOdQg4FNzVWND28JS5eUl1Byuxuask8Zf90iPYkk=
Subject key identifier:   61:B8:A4:CF:DC:F9:72:14:20:A1:06:75:99:C7:1F:AB:EC:86:03:E0
Authority key identifier: 94:62:21:F7:9A:BE:A6:D3:C0:C3:48:06:42:59:0D:D0:AE:0C:AA:3B
Certificate issuer:       /CN=946221f79abea6d3c0c3480642590dd0ae0caa3b
Certificate serial:       019510C7ACCBDD726F8CE62867D2202E5D96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lGIh95q-ptPAw0gGQlkN0K4Mqjs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft
Manifest number:          1156
Signing time:             Sun 16 Feb 2025 22:01:16 +0000
Manifest this update:     Sun 16 Feb 2025 22:01:16 +0000
Manifest next update:     Mon 17 Feb 2025 22:01:16 +0000
Files and hashes:         1: lGIh95q-ptPAw0gGQlkN0K4Mqjs.crl (hash: eyqA0TcgXDWPMYpSEGjDyJFTRSQMCG8WMYbit7wviho=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lGIh95q-ptPAw0gGQlkN0K4Mqjs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:ac:cb:dd:72:6f:8c:e6:28:67:d2:20:2e:5d:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=946221f79abea6d3c0c3480642590dd0ae0caa3b
        Validity
            Not Before: Feb 16 22:01:16 2025 GMT
            Not After : Feb 17 22:01:16 2025 GMT
        Subject: CN=61b8a4cfdcf9721420a1067599c71fabec8603e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:99:4e:6f:2a:e5:fe:bc:da:89:b9:32:07:c5:
                    a3:45:c4:6b:e3:ed:d2:0f:9c:aa:27:20:ce:20:03:
                    4c:d6:c6:c8:37:84:66:fb:1f:cc:00:fc:f7:77:37:
                    f0:aa:51:a1:82:c6:24:88:47:93:40:e4:00:3c:23:
                    36:c4:d7:f6:a8:34:8c:5c:b6:2f:95:5e:9d:bd:e1:
                    3a:45:82:ca:37:10:45:7e:ec:3d:09:54:00:83:f6:
                    2b:57:69:5d:2e:0a:e2:5e:70:cb:5e:be:c9:93:8e:
                    33:2f:02:8a:8d:00:2d:80:2d:d6:67:ed:3b:09:11:
                    f1:90:5a:f1:29:b8:53:d4:bb:e6:95:29:25:81:3c:
                    87:06:74:f2:85:fa:08:29:dd:51:ea:03:ba:b5:0a:
                    b7:50:de:9a:4c:d4:08:8c:11:59:ef:c3:13:fa:54:
                    e8:f4:dc:f6:16:ab:34:e5:ec:fb:9d:35:86:60:5a:
                    f0:25:96:ba:91:db:90:2a:a0:e9:5e:db:c3:be:79:
                    47:16:cc:fe:f8:5b:25:06:30:09:3f:98:aa:07:4f:
                    64:f2:4b:cc:93:60:50:3e:9f:ff:d3:27:aa:d0:ff:
                    13:6e:bf:22:83:1c:98:80:67:3a:17:52:92:2d:43:
                    4e:fe:d8:3d:70:c1:6e:5e:8b:b3:59:cd:db:64:7c:
                    a2:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:B8:A4:CF:DC:F9:72:14:20:A1:06:75:99:C7:1F:AB:EC:86:03:E0
            X509v3 Authority Key Identifier:
                keyid:94:62:21:F7:9A:BE:A6:D3:C0:C3:48:06:42:59:0D:D0:AE:0C:AA:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lGIh95q-ptPAw0gGQlkN0K4Mqjs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:d5:0c:16:f6:5c:78:e4:8f:0c:6c:b4:ce:53:b7:89:5f:93:
         c7:94:74:e1:33:5e:6c:6b:a7:3d:b6:cf:66:d7:6d:32:55:0d:
         f0:a0:d1:99:b5:61:ec:21:58:3d:c9:da:40:07:b9:54:ef:df:
         81:3b:8c:ce:ef:6b:1d:4b:e8:0a:62:8e:32:89:cc:6e:bc:cd:
         50:8d:90:05:35:84:17:61:7a:ac:dd:e5:9e:d2:a1:1f:80:ab:
         67:fa:f5:67:6f:ed:6c:c9:c3:a6:48:44:ef:99:f7:e0:7c:71:
         9c:aa:ac:2b:07:3f:b9:0f:90:f7:5e:b6:7b:21:e5:4f:63:3d:
         37:a1:0e:d8:d1:a9:26:40:87:ea:81:94:c9:fe:4a:18:e6:95:
         62:39:4f:91:01:16:4c:0d:79:2e:d1:8d:3d:8d:d7:5a:a4:09:
         a0:17:11:b4:39:c4:a3:ae:19:20:45:ba:e3:7f:3f:bd:b8:d2:
         2d:19:b3:80:d8:22:09:0f:9f:1c:70:6b:9b:d3:62:a4:c6:e9:
         85:b1:d4:cd:0b:47:b3:c5:8c:dd:74:68:07:53:f9:21:fc:50:
         49:78:ac:c0:9c:fd:06:30:a6:6f:fd:93:c4:2c:56:64:05:9f:
         ed:a0:ea:48:fa:ad:d8:e2:75:a7:cd:0a:ef:20:97:13:68:b1:
         39:59:b3:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQx6zL3XJvjOYoZ9IgLl2WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NjIyMWY3OWFiZWE2ZDNjMGMzNDgwNjQyNTkwZGQwYWUw
Y2FhM2IwHhcNMjUwMjE2MjIwMTE2WhcNMjUwMjE3MjIwMTE2WjAzMTEwLwYDVQQD
Eyg2MWI4YTRjZmRjZjk3MjE0MjBhMTA2NzU5OWM3MWZhYmVjODYwM2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1plObyrl/rzaibkyB8WjRcRr4+3S
D5yqJyDOIANM1sbIN4Rm+x/MAPz3dzfwqlGhgsYkiEeTQOQAPCM2xNf2qDSMXLYv
lV6dveE6RYLKNxBFfuw9CVQAg/YrV2ldLgriXnDLXr7Jk44zLwKKjQAtgC3WZ+07
CRHxkFrxKbhT1LvmlSklgTyHBnTyhfoIKd1R6gO6tQq3UN6aTNQIjBFZ78MT+lTo
9Nz2Fqs05ez7nTWGYFrwJZa6kduQKqDpXtvDvnlHFsz++FslBjAJP5iqB09k8kvM
k2BQPp//0yeq0P8Tbr8igxyYgGc6F1KSLUNO/tg9cMFuXouzWc3bZHyitwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGG4pM/c+XIUIKEGdZnHH6vshgPgMB8GA1UdIwQY
MBaAFJRiIfeavqbTwMNIBkJZDdCuDKo7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEdJaDk1cS1wdFBBdzBnR1Fsa04wSzRNcWpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi84ZDlhYTUtZDUyYS00ODZmLWI2NGMt
N2M2MDVkMzIxNjVkLzEvbEdJaDk1cS1wdFBBdzBnR1Fsa04wSzRNcWpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi84ZDlhYTUtZDUyYS00ODZmLWI2NGMtN2M2MDVkMzIxNjVk
LzEvbEdJaDk1cS1wdFBBdzBnR1Fsa04wSzRNcWpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMdUMFvZc
eOSPDGy0zlO3iV+Tx5R04TNebGunPbbPZtdtMlUN8KDRmbVh7CFYPcnaQAe5VO/f
gTuMzu9rHUvoCmKOMonMbrzNUI2QBTWEF2F6rN3lntKhH4CrZ/r1Z2/tbMnDpkhE
75n34HxxnKqsKwc/uQ+Q9162eyHlT2M9N6EO2NGpJkCH6oGUyf5KGOaVYjlPkQEW
TA15LtGNPY3XWqQJoBcRtDnEo64ZIEW6438/vbjSLRmzgNgiCQ+fHHBrm9NipMbp
hbHUzQtHs8WM3XRoB1P5IfxQSXiswJz9BjCmb/2TxCxWZAWf7aDqSPqt2OJ1p80K
7yCXE2ixOVmzNg==
-----END CERTIFICATE-----