Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/55314e-9156-4776-9e01-570dca7ad13e/1/LDfpq5czmfAvAyfJgRoYdQDEtsk.mft
File:                     LDfpq5czmfAvAyfJgRoYdQDEtsk.mft (raw, json)
Hash identifier:          7b3ZOjSt9cwbtvHXFuX0ulhzpMTA0f9ZNXAcnBEsM7g=
Subject key identifier:   86:17:43:4B:6A:46:CB:51:7B:EB:D3:59:2E:21:AF:4C:08:1F:56:1D
Authority key identifier: 2C:37:E9:AB:97:33:99:F0:2F:03:27:C9:81:1A:18:75:00:C4:B6:C9
Certificate issuer:       /CN=2c37e9ab973399f02f0327c9811a187500c4b6c9
Certificate serial:       019511A2935832D4DB4D888197FB2B81EB1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LDfpq5czmfAvAyfJgRoYdQDEtsk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/55314e-9156-4776-9e01-570dca7ad13e/1/LDfpq5czmfAvAyfJgRoYdQDEtsk.mft
Manifest number:          028E
Signing time:             Mon 17 Feb 2025 02:00:21 +0000
Manifest this update:     Mon 17 Feb 2025 02:00:21 +0000
Manifest next update:     Tue 18 Feb 2025 02:00:21 +0000
Files and hashes:         1: LDfpq5czmfAvAyfJgRoYdQDEtsk.crl (hash: 8dD3FK/evDWRnljqqBcCnq8hZbJgolVY8sJImDKCNJU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/75/55314e-9156-4776-9e01-570dca7ad13e/1/LDfpq5czmfAvAyfJgRoYdQDEtsk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/75/55314e-9156-4776-9e01-570dca7ad13e/1/LDfpq5czmfAvAyfJgRoYdQDEtsk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LDfpq5czmfAvAyfJgRoYdQDEtsk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:a2:93:58:32:d4:db:4d:88:81:97:fb:2b:81:eb:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2c37e9ab973399f02f0327c9811a187500c4b6c9
        Validity
            Not Before: Feb 17 02:00:21 2025 GMT
            Not After : Feb 18 02:00:21 2025 GMT
        Subject: CN=8617434b6a46cb517bebd3592e21af4c081f561d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:f8:67:aa:a2:1e:e0:81:e2:e5:c5:5a:f2:a3:
                    a3:24:87:d4:80:81:a7:0b:5b:32:ed:d3:ac:23:d7:
                    e2:e7:0d:e7:bb:b4:9d:12:df:93:ad:bb:f3:09:01:
                    e6:5e:e2:0b:bd:fa:77:7e:14:8b:10:59:80:c0:db:
                    8d:96:a1:ab:72:02:f8:88:f0:7e:de:0e:98:8a:80:
                    ed:16:f2:5b:b8:74:58:ed:b7:f5:d7:f0:ad:11:9f:
                    7a:98:c6:de:5f:c8:05:b8:6d:82:a8:40:1c:f3:18:
                    4c:bd:66:ab:dc:71:76:53:b6:80:6b:a2:02:d5:27:
                    4c:59:7c:44:a1:a2:8e:88:8a:cf:97:40:2e:9b:48:
                    1a:fe:e2:7a:d5:0d:ec:77:e1:85:b3:d7:b7:e0:25:
                    ac:3f:33:a8:b7:34:c3:1c:f8:c5:b1:4e:f7:81:f4:
                    e5:58:f2:6f:7f:0c:1c:04:46:41:25:0d:cc:59:21:
                    69:de:c7:58:eb:d9:5f:7d:ee:8a:bf:20:9b:3f:89:
                    a6:f4:0d:ca:e7:93:30:b7:9b:a9:75:14:fa:81:e6:
                    17:40:9d:8a:78:75:1d:30:c6:96:2c:37:01:4c:b0:
                    0b:32:a2:d1:10:90:d5:8b:e9:d7:92:44:94:e6:8e:
                    ee:bd:c8:46:d2:7d:35:15:c8:0d:47:c5:54:27:de:
                    fa:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:17:43:4B:6A:46:CB:51:7B:EB:D3:59:2E:21:AF:4C:08:1F:56:1D
            X509v3 Authority Key Identifier:
                keyid:2C:37:E9:AB:97:33:99:F0:2F:03:27:C9:81:1A:18:75:00:C4:B6:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LDfpq5czmfAvAyfJgRoYdQDEtsk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/55314e-9156-4776-9e01-570dca7ad13e/1/LDfpq5czmfAvAyfJgRoYdQDEtsk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/55314e-9156-4776-9e01-570dca7ad13e/1/LDfpq5czmfAvAyfJgRoYdQDEtsk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:dd:92:df:9e:34:4e:d3:01:88:5a:7c:54:fd:9b:20:a0:92:
         89:77:1e:c8:6e:f9:d0:86:16:26:27:f0:c7:73:d1:da:e9:90:
         d2:68:46:3b:a3:13:ab:e4:56:fe:38:c9:04:e5:90:56:47:1b:
         76:b2:67:af:1c:08:34:cd:40:96:ce:00:f2:77:fe:92:21:0f:
         30:a7:85:d0:f6:9e:26:f1:95:a7:b2:76:0b:c8:81:ac:b3:fd:
         57:2a:df:b5:03:b0:3a:bf:e0:5d:6c:d4:56:b3:54:27:9c:a1:
         70:d0:3f:7e:13:2a:b0:97:13:9e:b4:88:38:61:c5:41:99:44:
         82:1d:87:d0:7b:71:0b:d5:9e:4b:43:d0:e0:c6:1e:2c:b9:3a:
         a3:c8:43:33:fb:f7:9a:54:b9:55:42:1d:88:19:cb:27:5c:b7:
         e2:1a:0c:18:6d:68:d1:ea:2b:4b:ad:4a:73:e7:4f:2a:1a:0b:
         a5:80:ce:b2:29:b2:29:02:fe:cc:0f:93:75:62:8f:90:9e:96:
         02:46:b4:b3:4b:f6:39:b8:68:72:6b:4f:13:84:37:01:76:74:
         a6:bb:7a:71:7c:53:b4:3f:9e:ca:59:4d:c1:78:9d:e5:37:b7:
         00:49:71:13:b4:35:32:cb:96:20:c8:e0:36:66:d8:60:96:e3:
         a8:cd:38:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURopNYMtTbTYiBl/srgesdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjMzdlOWFiOTczMzk5ZjAyZjAzMjdjOTgxMWExODc1MDBj
NGI2YzkwHhcNMjUwMjE3MDIwMDIxWhcNMjUwMjE4MDIwMDIxWjAzMTEwLwYDVQQD
Eyg4NjE3NDM0YjZhNDZjYjUxN2JlYmQzNTkyZTIxYWY0YzA4MWY1NjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPhnqqIe4IHi5cVa8qOjJIfUgIGn
C1sy7dOsI9fi5w3nu7SdEt+TrbvzCQHmXuILvfp3fhSLEFmAwNuNlqGrcgL4iPB+
3g6YioDtFvJbuHRY7bf11/CtEZ96mMbeX8gFuG2CqEAc8xhMvWar3HF2U7aAa6IC
1SdMWXxEoaKOiIrPl0Aum0ga/uJ61Q3sd+GFs9e34CWsPzOotzTDHPjFsU73gfTl
WPJvfwwcBEZBJQ3MWSFp3sdY69lffe6KvyCbP4mm9A3K55Mwt5updRT6geYXQJ2K
eHUdMMaWLDcBTLALMqLREJDVi+nXkkSU5o7uvchG0n01FcgNR8VUJ976eQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIYXQ0tqRstRe+vTWS4hr0wIH1YdMB8GA1UdIwQY
MBaAFCw36auXM5nwLwMnyYEaGHUAxLbJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTERmcHE1Y3ptZkF2QXlmSmdSb1lkUURFdHNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81NTMxNGUtOTE1Ni00Nzc2LTllMDEt
NTcwZGNhN2FkMTNlLzEvTERmcHE1Y3ptZkF2QXlmSmdSb1lkUURFdHNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81NTMxNGUtOTE1Ni00Nzc2LTllMDEtNTcwZGNhN2FkMTNl
LzEvTERmcHE1Y3ptZkF2QXlmSmdSb1lkUURFdHNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAad2S3540
TtMBiFp8VP2bIKCSiXceyG750IYWJifwx3PR2umQ0mhGO6MTq+RW/jjJBOWQVkcb
drJnrxwINM1Als4A8nf+kiEPMKeF0PaeJvGVp7J2C8iBrLP9VyrftQOwOr/gXWzU
VrNUJ5yhcNA/fhMqsJcTnrSIOGHFQZlEgh2H0HtxC9WeS0PQ4MYeLLk6o8hDM/v3
mlS5VUIdiBnLJ1y34hoMGG1o0eorS61Kc+dPKhoLpYDOsimyKQL+zA+TdWKPkJ6W
Aka0s0v2ObhocmtPE4Q3AXZ0prt6cXxTtD+eyllNwXid5Te3AElxE7Q1MsuWIMjg
NmbYYJbjqM04DA==
-----END CERTIFICATE-----