Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/4b1f9e-88fe-4939-ad58-f23f29cefee6/1/LKVMSc_kyVm2nIriZoMm8QX2K50.mft
File:                     LKVMSc_kyVm2nIriZoMm8QX2K50.mft (raw, json)
Hash identifier:          SsHZ3Z/Qjwy4/DKjFdxcKmU2QeTtft57n3zqdkC8dCA=
Subject key identifier:   AB:9C:BC:32:4A:74:32:01:52:89:2E:A8:02:C6:BB:34:87:44:14:D8
Authority key identifier: 2C:A5:4C:49:CF:E4:C9:59:B6:9C:8A:E2:66:83:26:F1:05:F6:2B:9D
Certificate issuer:       /CN=2ca54c49cfe4c959b69c8ae2668326f105f62b9d
Certificate serial:       01936AEB6E79939A4962377A5797BDD6945A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LKVMSc_kyVm2nIriZoMm8QX2K50.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/4b1f9e-88fe-4939-ad58-f23f29cefee6/1/LKVMSc_kyVm2nIriZoMm8QX2K50.mft
Manifest number:          035D
Signing time:             Wed 27 Nov 2024 00:00:34 +0000
Manifest this update:     Wed 27 Nov 2024 00:00:34 +0000
Manifest next update:     Thu 28 Nov 2024 00:00:34 +0000
Files and hashes:         1: LKVMSc_kyVm2nIriZoMm8QX2K50.crl (hash: 9dL0bhtq933R5YCqBVJq9rypRxADph03i0sbmn3sHKk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/4b1f9e-88fe-4939-ad58-f23f29cefee6/1/LKVMSc_kyVm2nIriZoMm8QX2K50.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/4b1f9e-88fe-4939-ad58-f23f29cefee6/1/LKVMSc_kyVm2nIriZoMm8QX2K50.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LKVMSc_kyVm2nIriZoMm8QX2K50.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6a:eb:6e:79:93:9a:49:62:37:7a:57:97:bd:d6:94:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ca54c49cfe4c959b69c8ae2668326f105f62b9d
        Validity
            Not Before: Nov 27 00:00:34 2024 GMT
            Not After : Nov 28 00:00:34 2024 GMT
        Subject: CN=ab9cbc324a74320152892ea802c6bb34874414d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:6c:e7:77:64:8d:e2:85:61:98:53:f3:9b:14:
                    1c:50:7b:81:5f:a9:41:37:04:c2:ec:b9:0d:e9:4b:
                    31:d5:dc:1d:ed:85:cd:9e:0e:be:41:49:42:a2:16:
                    5a:80:bc:97:52:ca:f2:f1:77:e5:19:e1:15:43:a9:
                    03:0a:42:42:c6:51:23:c7:ed:30:e6:19:d2:74:15:
                    8c:f1:52:b6:d5:fe:99:77:dc:98:b9:99:1e:ae:2b:
                    19:f5:c6:71:59:a0:96:7a:25:8e:e9:29:b9:36:07:
                    76:ef:b6:d7:03:eb:8b:ef:09:04:7c:b8:95:00:e5:
                    99:f1:a3:db:65:d4:34:2e:9d:03:e3:f0:b4:07:fe:
                    07:67:d7:84:93:5f:0f:a8:79:c0:3b:6f:6b:88:0f:
                    f8:62:9b:27:6c:37:2a:88:36:cc:96:34:ad:f7:cf:
                    68:42:6e:4a:28:65:17:93:0e:c7:e7:a7:07:3d:44:
                    a4:21:90:3c:21:a4:c1:ed:cd:ba:0b:00:9f:0e:80:
                    96:74:44:d4:28:be:6c:f5:01:27:7a:bd:b0:20:b3:
                    f5:dd:45:4c:17:fc:85:9d:79:6f:ab:9e:1a:41:95:
                    b4:e9:98:91:6a:60:0d:56:15:1f:7c:ea:3a:af:b3:
                    1b:0e:ee:b9:e2:a2:fa:04:ac:32:12:cf:f9:ee:e3:
                    6a:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:9C:BC:32:4A:74:32:01:52:89:2E:A8:02:C6:BB:34:87:44:14:D8
            X509v3 Authority Key Identifier:
                keyid:2C:A5:4C:49:CF:E4:C9:59:B6:9C:8A:E2:66:83:26:F1:05:F6:2B:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LKVMSc_kyVm2nIriZoMm8QX2K50.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/4b1f9e-88fe-4939-ad58-f23f29cefee6/1/LKVMSc_kyVm2nIriZoMm8QX2K50.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/4b1f9e-88fe-4939-ad58-f23f29cefee6/1/LKVMSc_kyVm2nIriZoMm8QX2K50.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:0e:bb:47:ef:ad:23:93:63:5e:84:15:85:34:d5:e3:f8:ce:
         38:73:64:37:e7:86:a6:31:15:f5:3b:6b:40:76:f3:51:4f:99:
         1e:e3:37:ba:6f:35:1c:e4:c9:58:8d:41:a5:38:54:97:8f:33:
         2e:e7:d7:81:57:b8:f4:46:61:93:39:54:fe:fa:16:3c:1e:c7:
         4c:e9:bb:29:4d:14:bf:89:cb:a1:49:d4:73:eb:8b:00:f2:91:
         4d:ec:bc:c6:ba:d6:8c:57:02:f3:98:7a:7e:e5:f8:6f:39:8c:
         ba:44:4e:59:fd:d2:63:dd:2e:ca:d7:29:ca:ff:00:e9:21:9f:
         91:e7:18:4b:5a:03:d4:0a:08:d4:b4:d7:4a:54:08:b3:71:db:
         3c:3e:4d:01:8a:29:7b:00:44:14:97:4b:a4:fd:64:4d:16:b9:
         85:18:bf:a4:79:9b:e0:6f:f4:b6:2f:e3:1c:89:7c:23:5d:f3:
         23:7a:7a:64:3e:24:6a:e9:f6:37:c6:d3:fc:3b:ef:0e:fc:4e:
         5d:41:fa:63:7d:b9:36:c5:25:7e:f1:77:5f:fc:6f:c5:bf:5f:
         0b:c4:5a:0b:1c:fc:22:e4:5f:19:99:46:52:b5:7a:50:e5:49:
         8c:a0:ac:1d:e6:28:99:b9:4e:39:64:ed:6e:03:1c:dd:f0:c1:
         0b:ca:0e:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNq6255k5pJYjd6V5e91pRaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjYTU0YzQ5Y2ZlNGM5NTliNjljOGFlMjY2ODMyNmYxMDVm
NjJiOWQwHhcNMjQxMTI3MDAwMDM0WhcNMjQxMTI4MDAwMDM0WjAzMTEwLwYDVQQD
EyhhYjljYmMzMjRhNzQzMjAxNTI4OTJlYTgwMmM2YmIzNDg3NDQxNGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWznd2SN4oVhmFPzmxQcUHuBX6lB
NwTC7LkN6Usx1dwd7YXNng6+QUlCohZagLyXUsry8XflGeEVQ6kDCkJCxlEjx+0w
5hnSdBWM8VK21f6Zd9yYuZkerisZ9cZxWaCWeiWO6Sm5Ngd277bXA+uL7wkEfLiV
AOWZ8aPbZdQ0Lp0D4/C0B/4HZ9eEk18PqHnAO29riA/4YpsnbDcqiDbMljSt989o
Qm5KKGUXkw7H56cHPUSkIZA8IaTB7c26CwCfDoCWdETUKL5s9QEner2wILP13UVM
F/yFnXlvq54aQZW06ZiRamANVhUffOo6r7MbDu654qL6BKwyEs/57uNqswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKucvDJKdDIBUokuqALGuzSHRBTYMB8GA1UdIwQY
MBaAFCylTEnP5MlZtpyK4maDJvEF9iudMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEtWTVNjX2t5Vm0ybklyaVpvTW04UVgySzUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC80YjFmOWUtODhmZS00OTM5LWFkNTgt
ZjIzZjI5Y2VmZWU2LzEvTEtWTVNjX2t5Vm0ybklyaVpvTW04UVgySzUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC80YjFmOWUtODhmZS00OTM5LWFkNTgtZjIzZjI5Y2VmZWU2
LzEvTEtWTVNjX2t5Vm0ybklyaVpvTW04UVgySzUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApg67R++t
I5NjXoQVhTTV4/jOOHNkN+eGpjEV9TtrQHbzUU+ZHuM3um81HOTJWI1BpThUl48z
LufXgVe49EZhkzlU/voWPB7HTOm7KU0Uv4nLoUnUc+uLAPKRTey8xrrWjFcC85h6
fuX4bzmMukROWf3SY90uytcpyv8A6SGfkecYS1oD1AoI1LTXSlQIs3HbPD5NAYop
ewBEFJdLpP1kTRa5hRi/pHmb4G/0ti/jHIl8I13zI3p6ZD4kaun2N8bT/DvvDvxO
XUH6Y325NsUlfvF3X/xvxb9fC8RaCxz8IuRfGZlGUrV6UOVJjKCsHeYomblOOWTt
bgMc3fDBC8oOog==
-----END CERTIFICATE-----