Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft
File:                     LF3rfkKW4vu0wB_AZKH2gYlreXk.mft (raw, json)
Hash identifier:          UXQhUXr5Ol+RSWuLCw3G0HH8pT1RUOu9dDGXan2/V3U=
Subject key identifier:   C2:AC:9C:FA:5A:67:FC:87:8D:2C:9B:89:20:EF:4D:FF:47:73:9A:B2
Authority key identifier: 2C:5D:EB:7E:42:96:E2:FB:B4:C0:1F:C0:64:A1:F6:81:89:6B:79:79
Certificate issuer:       /CN=2c5deb7e4296e2fbb4c01fc064a1f681896b7979
Certificate serial:       0194BAF28402A238A67B9B62932911939191
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LF3rfkKW4vu0wB_AZKH2gYlreXk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft
Manifest number:          0401
Signing time:             Fri 31 Jan 2025 06:00:43 +0000
Manifest this update:     Fri 31 Jan 2025 06:00:43 +0000
Manifest next update:     Sat 01 Feb 2025 06:00:43 +0000
Files and hashes:         1: LF3rfkKW4vu0wB_AZKH2gYlreXk.crl (hash: 2rQ2pCNVIp0sXMbQdLrfy69t3C9V+18bXLl8jgieroQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LF3rfkKW4vu0wB_AZKH2gYlreXk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 06:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:ba:f2:84:02:a2:38:a6:7b:9b:62:93:29:11:93:91:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2c5deb7e4296e2fbb4c01fc064a1f681896b7979
        Validity
            Not Before: Jan 31 06:00:43 2025 GMT
            Not After : Feb  1 06:00:43 2025 GMT
        Subject: CN=c2ac9cfa5a67fc878d2c9b8920ef4dff47739ab2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:f7:a3:17:3f:65:d8:3a:3d:92:54:34:41:a6:
                    b4:0c:6c:48:cc:f9:e5:b3:a7:ed:2b:be:21:33:c6:
                    51:6d:07:92:5f:b7:df:af:e2:0a:47:5a:44:1d:e0:
                    8f:0c:2c:af:40:b8:92:f5:51:84:7f:fe:3f:90:82:
                    09:7c:6a:b2:fa:0b:7c:17:76:72:90:ca:63:50:2c:
                    46:c6:bb:d9:ba:d6:17:e2:1a:8f:c4:00:41:69:6e:
                    c9:9f:f8:c8:99:ea:b4:78:f9:1f:84:18:31:fe:ea:
                    82:bc:c2:8c:a9:0e:3b:86:14:6a:18:f1:51:67:2f:
                    bf:01:90:d6:51:ff:cb:ef:36:7a:9d:a5:08:96:59:
                    b9:12:40:06:e5:97:ae:a5:f9:be:db:35:6f:8b:3b:
                    f0:a6:93:25:bd:62:46:27:36:5c:aa:8f:9c:90:a6:
                    53:0b:98:d0:69:83:cb:73:32:14:e2:ae:1c:93:f8:
                    15:1f:4d:44:80:82:bb:47:68:1d:8f:d0:07:79:e3:
                    c1:0c:ac:95:05:db:54:1d:30:72:db:17:12:81:0d:
                    39:90:f2:55:71:c0:70:2a:0b:a4:2b:10:0a:38:89:
                    a9:59:c4:59:07:89:82:c1:07:20:33:05:3f:dc:51:
                    40:23:43:00:f8:c3:4d:f6:9d:63:89:fe:2f:1a:e5:
                    43:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:AC:9C:FA:5A:67:FC:87:8D:2C:9B:89:20:EF:4D:FF:47:73:9A:B2
            X509v3 Authority Key Identifier:
                keyid:2C:5D:EB:7E:42:96:E2:FB:B4:C0:1F:C0:64:A1:F6:81:89:6B:79:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LF3rfkKW4vu0wB_AZKH2gYlreXk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:91:ff:d8:66:c0:3d:bf:26:eb:f4:d5:3e:4a:d6:80:90:d6:
         ab:2f:b1:d7:ee:b6:01:bc:61:7c:bb:8e:a0:0c:6e:9e:18:b4:
         5c:76:c4:27:c5:92:86:6b:73:9b:43:91:93:79:a2:91:c9:9e:
         01:4d:36:a9:47:31:e9:70:c1:d6:bb:b2:52:08:01:c9:30:57:
         18:10:a6:f1:4c:35:4d:cb:6d:07:bd:e2:5d:84:a5:46:86:e0:
         27:95:59:f8:d6:ba:ec:1a:fa:75:1b:04:47:1d:4f:72:83:04:
         64:80:51:2a:9b:ee:7c:7d:1e:df:b7:99:a4:cc:83:1c:2b:2f:
         4b:e9:58:7a:8d:e7:6b:78:2e:4b:b7:24:84:76:99:50:ed:30:
         1a:69:8b:32:4d:26:ca:0a:e3:fe:f8:54:1c:d9:cd:45:d6:fa:
         5b:a4:21:bf:9e:49:f5:21:6d:e1:c1:3b:50:ee:87:1d:f6:9c:
         f6:45:57:dd:af:59:35:21:f3:06:5c:8f:5d:89:23:4a:54:a4:
         3f:0b:68:d4:b2:7f:8f:36:a0:6c:62:db:b4:ca:c9:ca:b9:df:
         88:bd:3d:a6:90:34:00:2a:ae:18:e7:4e:11:23:fc:b3:5d:06:
         b3:04:be:50:60:e8:f2:53:10:4c:49:31:53:af:6d:0d:51:e7:
         c5:4c:46:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS68oQCojime5tikykRk5GRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjNWRlYjdlNDI5NmUyZmJiNGMwMWZjMDY0YTFmNjgxODk2
Yjc5NzkwHhcNMjUwMTMxMDYwMDQzWhcNMjUwMjAxMDYwMDQzWjAzMTEwLwYDVQQD
EyhjMmFjOWNmYTVhNjdmYzg3OGQyYzliODkyMGVmNGRmZjQ3NzM5YWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/ejFz9l2Do9klQ0Qaa0DGxIzPnl
s6ftK74hM8ZRbQeSX7ffr+IKR1pEHeCPDCyvQLiS9VGEf/4/kIIJfGqy+gt8F3Zy
kMpjUCxGxrvZutYX4hqPxABBaW7Jn/jImeq0ePkfhBgx/uqCvMKMqQ47hhRqGPFR
Zy+/AZDWUf/L7zZ6naUIllm5EkAG5Zeupfm+2zVvizvwppMlvWJGJzZcqo+ckKZT
C5jQaYPLczIU4q4ck/gVH01EgIK7R2gdj9AHeePBDKyVBdtUHTBy2xcSgQ05kPJV
ccBwKgukKxAKOImpWcRZB4mCwQcgMwU/3FFAI0MA+MNN9p1jif4vGuVDQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMKsnPpaZ/yHjSybiSDvTf9Hc5qyMB8GA1UdIwQY
MBaAFCxd635CluL7tMAfwGSh9oGJa3l5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEYzcmZrS1c0dnUwd0JfQVpLSDJnWWxyZVhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85OTMyM2UtMDFmNi00OTU5LTk4MTYt
YTg2YWM1NjFhYjU2LzEvTEYzcmZrS1c0dnUwd0JfQVpLSDJnWWxyZVhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS85OTMyM2UtMDFmNi00OTU5LTk4MTYtYTg2YWM1NjFhYjU2
LzEvTEYzcmZrS1c0dnUwd0JfQVpLSDJnWWxyZVhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU5H/2GbA
Pb8m6/TVPkrWgJDWqy+x1+62AbxhfLuOoAxunhi0XHbEJ8WShmtzm0ORk3mikcme
AU02qUcx6XDB1ruyUggByTBXGBCm8Uw1TcttB73iXYSlRobgJ5VZ+Na67Br6dRsE
Rx1PcoMEZIBRKpvufH0e37eZpMyDHCsvS+lYeo3na3guS7ckhHaZUO0wGmmLMk0m
ygrj/vhUHNnNRdb6W6Qhv55J9SFt4cE7UO6HHfac9kVX3a9ZNSHzBlyPXYkjSlSk
Pwto1LJ/jzagbGLbtMrJyrnfiL09ppA0ACquGOdOESP8s10GswS+UGDo8lMQTEkx
U69tDVHnxUxGyQ==
-----END CERTIFICATE-----