Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/be730a-27e6-4136-b2c5-cae40384c6bf/1/LZKAom-DFWYViyYXyV0Z0zjuFdM.mft
File:                     LZKAom-DFWYViyYXyV0Z0zjuFdM.mft (raw, json)
Hash identifier:          hVubybw7gznQZ/d8gi7n0zWxzZPsCvph7jFK7e1sroE=
Subject key identifier:   13:83:DF:EA:3F:7B:D7:BD:D9:6D:3B:CE:FA:85:60:97:07:A0:0A:72
Authority key identifier: 2D:92:80:A2:6F:83:15:66:15:8B:26:17:C9:5D:19:D3:38:EE:15:D3
Certificate issuer:       /CN=2d9280a26f831566158b2617c95d19d338ee15d3
Certificate serial:       0194C463A26FC62E3A5E69B53281A98A6D95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LZKAom-DFWYViyYXyV0Z0zjuFdM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/be730a-27e6-4136-b2c5-cae40384c6bf/1/LZKAom-DFWYViyYXyV0Z0zjuFdM.mft
Manifest number:          0143
Signing time:             Sun 02 Feb 2025 02:00:51 +0000
Manifest this update:     Sun 02 Feb 2025 02:00:51 +0000
Manifest next update:     Mon 03 Feb 2025 02:00:51 +0000
Files and hashes:         1: LZKAom-DFWYViyYXyV0Z0zjuFdM.crl (hash: oYZGYtYZIWv65hMLzC4eBHhEgKqpWG/L8RNg+CmbcGQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/be730a-27e6-4136-b2c5-cae40384c6bf/1/LZKAom-DFWYViyYXyV0Z0zjuFdM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/be730a-27e6-4136-b2c5-cae40384c6bf/1/LZKAom-DFWYViyYXyV0Z0zjuFdM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LZKAom-DFWYViyYXyV0Z0zjuFdM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:63:a2:6f:c6:2e:3a:5e:69:b5:32:81:a9:8a:6d:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d9280a26f831566158b2617c95d19d338ee15d3
        Validity
            Not Before: Feb  2 02:00:51 2025 GMT
            Not After : Feb  3 02:00:51 2025 GMT
        Subject: CN=1383dfea3f7bd7bdd96d3bcefa85609707a00a72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:99:16:f1:dc:8c:75:4f:2e:b7:05:f4:79:a5:
                    a9:24:a5:73:2c:7f:bd:c1:a3:0d:11:aa:60:3f:ed:
                    c7:62:ec:e9:40:06:a4:80:1c:38:b4:e1:b3:ba:54:
                    d9:aa:05:51:8e:04:b4:9d:05:ff:9f:37:ed:b8:d2:
                    e7:41:10:e6:b2:3d:58:54:b2:27:35:23:cd:30:a1:
                    bf:24:31:95:45:1b:7f:69:5b:ef:1c:09:6c:ba:dd:
                    47:1e:57:d9:47:3d:5e:51:7d:96:e9:02:0f:f4:0a:
                    91:9c:e1:57:1c:00:27:bc:8f:57:2c:e7:7b:02:02:
                    c6:e8:ad:78:bb:41:d0:53:35:61:ae:63:99:01:c2:
                    d6:ce:7f:1a:7d:6b:7c:0f:f2:0b:02:06:06:c5:16:
                    8b:eb:ca:bf:71:6a:30:36:fe:4c:5d:f4:c1:0a:5a:
                    96:81:a8:d6:da:4d:ed:f1:b8:94:53:05:f3:4b:4c:
                    eb:64:b7:c0:33:fd:cf:e4:bb:f9:b9:8d:b3:09:0c:
                    fa:07:58:ba:f4:2e:61:95:10:c2:5e:b2:91:3f:7d:
                    0f:21:2f:02:6e:63:9c:cf:2a:46:f2:f6:26:a9:5d:
                    8d:db:8b:9c:c4:e6:75:fc:02:ef:f6:92:5c:ce:74:
                    30:71:6b:e1:64:cb:3b:c6:e8:06:54:8a:e5:a7:3d:
                    24:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:83:DF:EA:3F:7B:D7:BD:D9:6D:3B:CE:FA:85:60:97:07:A0:0A:72
            X509v3 Authority Key Identifier:
                keyid:2D:92:80:A2:6F:83:15:66:15:8B:26:17:C9:5D:19:D3:38:EE:15:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LZKAom-DFWYViyYXyV0Z0zjuFdM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/be730a-27e6-4136-b2c5-cae40384c6bf/1/LZKAom-DFWYViyYXyV0Z0zjuFdM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/be730a-27e6-4136-b2c5-cae40384c6bf/1/LZKAom-DFWYViyYXyV0Z0zjuFdM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c5:79:ed:4a:14:d7:2b:ec:ad:92:70:84:e3:ad:82:d6:db:3c:
         8b:fc:f2:c9:12:74:d5:dc:bc:44:35:93:dc:09:2b:9a:bc:18:
         fb:a9:6f:48:ac:e3:9e:29:32:c9:67:72:f3:17:c7:13:51:a7:
         b4:e4:96:63:21:c5:79:5e:2d:a5:2d:eb:56:a4:9b:ac:a7:ea:
         78:68:51:48:8f:62:26:e7:1e:3d:58:5f:1a:1a:5b:56:6b:cc:
         48:23:ea:ea:36:3b:bf:09:43:11:a2:e8:f3:06:a3:a9:f5:9b:
         8d:9a:17:e0:a8:da:e0:98:cb:fa:29:30:31:ce:a7:20:35:57:
         33:74:22:b3:6a:42:ab:45:f0:96:1d:6d:a4:76:ee:44:5f:d4:
         85:f7:3a:d9:c6:6f:1b:77:e3:b6:6d:8a:19:a3:6c:12:9c:6f:
         bf:13:ef:8d:90:c6:c2:df:ac:1c:4a:fb:67:4c:16:f7:4c:56:
         02:74:e2:67:44:f4:77:68:cb:49:6f:3d:65:e3:fe:17:47:ef:
         20:1f:89:56:2c:dd:a0:c1:9a:4e:3d:14:73:41:af:d9:13:db:
         f5:72:37:b2:2e:19:35:c6:0f:fa:c9:cc:0f:0d:07:8e:be:57:
         d3:ad:cb:7a:31:a9:5b:fd:4d:36:2f:1b:f4:47:62:86:56:2d:
         1c:11:ea:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTEY6Jvxi46Xmm1MoGpim2VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkOTI4MGEyNmY4MzE1NjYxNThiMjYxN2M5NWQxOWQzMzhl
ZTE1ZDMwHhcNMjUwMjAyMDIwMDUxWhcNMjUwMjAzMDIwMDUxWjAzMTEwLwYDVQQD
EygxMzgzZGZlYTNmN2JkN2JkZDk2ZDNiY2VmYTg1NjA5NzA3YTAwYTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJkW8dyMdU8utwX0eaWpJKVzLH+9
waMNEapgP+3HYuzpQAakgBw4tOGzulTZqgVRjgS0nQX/nzftuNLnQRDmsj1YVLIn
NSPNMKG/JDGVRRt/aVvvHAlsut1HHlfZRz1eUX2W6QIP9AqRnOFXHAAnvI9XLOd7
AgLG6K14u0HQUzVhrmOZAcLWzn8afWt8D/ILAgYGxRaL68q/cWowNv5MXfTBClqW
gajW2k3t8biUUwXzS0zrZLfAM/3P5Lv5uY2zCQz6B1i69C5hlRDCXrKRP30PIS8C
bmOczypG8vYmqV2N24ucxOZ1/ALv9pJcznQwcWvhZMs7xugGVIrlpz0kHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBOD3+o/e9e92W07zvqFYJcHoApyMB8GA1UdIwQY
MBaAFC2SgKJvgxVmFYsmF8ldGdM47hXTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFpLQW9tLURGV1lWaXlZWHlWMFowemp1RmRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9iZTczMGEtMjdlNi00MTM2LWIyYzUt
Y2FlNDAzODRjNmJmLzEvTFpLQW9tLURGV1lWaXlZWHlWMFowemp1RmRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9iZTczMGEtMjdlNi00MTM2LWIyYzUtY2FlNDAzODRjNmJm
LzEvTFpLQW9tLURGV1lWaXlZWHlWMFowemp1RmRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxXntShTX
K+ytknCE462C1ts8i/zyyRJ01dy8RDWT3AkrmrwY+6lvSKzjnikyyWdy8xfHE1Gn
tOSWYyHFeV4tpS3rVqSbrKfqeGhRSI9iJucePVhfGhpbVmvMSCPq6jY7vwlDEaLo
8wajqfWbjZoX4Kja4JjL+ikwMc6nIDVXM3Qis2pCq0Xwlh1tpHbuRF/Uhfc62cZv
G3fjtm2KGaNsEpxvvxPvjZDGwt+sHEr7Z0wW90xWAnTiZ0T0d2jLSW89ZeP+F0fv
IB+JVizdoMGaTj0Uc0Gv2RPb9XI3si4ZNcYP+snMDw0Hjr5X063LejGpW/1NNi8b
9EdihlYtHBHqAA==
-----END CERTIFICATE-----