Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/3108a3-5b5d-48d2-853b-f12b6ac5a2b2/1/lvMFpB83TbAVgTN3CNHHnr6nlxw.mft
File:                     lvMFpB83TbAVgTN3CNHHnr6nlxw.mft (raw, json)
Hash identifier:          IdPmttrB6NrHXekbBJo5mzVTK/4cxoo+P9fYjsCKCsI=
Subject key identifier:   3D:7A:43:91:C4:AF:CA:44:90:77:E5:2B:92:D4:A9:B1:5B:D7:04:BF
Authority key identifier: 96:F3:05:A4:1F:37:4D:B0:15:81:33:77:08:D1:C7:9E:BE:A7:97:1C
Certificate issuer:       /CN=96f305a41f374db01581337708d1c79ebea7971c
Certificate serial:       0191FB22E90084CFBB858635A0DB2AD80F11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lvMFpB83TbAVgTN3CNHHnr6nlxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/3108a3-5b5d-48d2-853b-f12b6ac5a2b2/1/lvMFpB83TbAVgTN3CNHHnr6nlxw.mft
Manifest number:          013F
Signing time:             Mon 16 Sep 2024 14:00:54 +0000
Manifest this update:     Mon 16 Sep 2024 14:00:54 +0000
Manifest next update:     Tue 17 Sep 2024 14:00:54 +0000
Files and hashes:         1: lvMFpB83TbAVgTN3CNHHnr6nlxw.crl (hash: mtonqc6yD8uUQTVuW5dA8o62HH99JrvNgofw2AmKmdg=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/78/3108a3-5b5d-48d2-853b-f12b6ac5a2b2/1/lvMFpB83TbAVgTN3CNHHnr6nlxw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/78/3108a3-5b5d-48d2-853b-f12b6ac5a2b2/1/lvMFpB83TbAVgTN3CNHHnr6nlxw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lvMFpB83TbAVgTN3CNHHnr6nlxw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Sep 2024 14:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:fb:22:e9:00:84:cf:bb:85:86:35:a0:db:2a:d8:0f:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=96f305a41f374db01581337708d1c79ebea7971c
        Validity
            Not Before: Sep 16 14:00:54 2024 GMT
            Not After : Sep 17 14:00:54 2024 GMT
        Subject: CN=3d7a4391c4afca449077e52b92d4a9b15bd704bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:a9:84:25:cd:b6:0c:be:30:ee:4d:df:ac:40:
                    07:87:3b:c9:3f:c3:51:19:a1:33:77:51:e6:d0:74:
                    da:64:d3:08:03:84:48:c5:11:e0:ac:fa:7f:7c:1c:
                    7f:ae:d8:a7:98:44:76:df:a3:08:17:3f:78:8d:a8:
                    c0:8c:7a:6d:dd:5a:93:a6:52:95:0c:ce:a0:1d:fb:
                    ce:1a:a7:5f:32:9b:ea:25:74:be:5d:64:e0:78:06:
                    61:33:dc:6a:1d:4f:a1:7d:c0:1b:27:58:f4:e1:60:
                    ab:87:c4:cc:23:f4:07:df:9f:58:19:af:06:5d:aa:
                    42:44:f0:7d:c4:03:ae:15:b8:65:62:c2:eb:de:ce:
                    3e:1f:b2:00:de:9a:4a:58:14:fd:ca:52:36:1a:66:
                    e0:07:e0:f5:d5:a2:60:bb:8e:73:b7:60:b2:f7:f1:
                    9a:44:79:d4:ae:04:4f:d4:25:6d:55:1d:11:04:0b:
                    fa:7a:27:e8:80:ba:47:5c:b3:d9:18:97:8c:97:a6:
                    c8:76:10:6d:2d:85:42:dc:05:78:ba:80:93:77:55:
                    04:6e:d1:e2:a2:51:70:b7:e2:89:11:fe:8d:82:31:
                    6e:bd:ba:ff:43:dc:fc:68:bf:da:f8:82:26:ed:83:
                    fd:dd:5d:e9:88:b2:b6:dc:c4:af:3d:0c:b7:56:ad:
                    72:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:7A:43:91:C4:AF:CA:44:90:77:E5:2B:92:D4:A9:B1:5B:D7:04:BF
            X509v3 Authority Key Identifier:
                keyid:96:F3:05:A4:1F:37:4D:B0:15:81:33:77:08:D1:C7:9E:BE:A7:97:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lvMFpB83TbAVgTN3CNHHnr6nlxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/3108a3-5b5d-48d2-853b-f12b6ac5a2b2/1/lvMFpB83TbAVgTN3CNHHnr6nlxw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/3108a3-5b5d-48d2-853b-f12b6ac5a2b2/1/lvMFpB83TbAVgTN3CNHHnr6nlxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c8:94:b7:28:c7:82:86:8d:e2:00:fb:e7:40:87:27:22:e6:b3:
         b5:92:cb:be:21:b2:82:05:b2:fe:34:56:36:a5:cc:bb:14:57:
         0d:ae:55:5c:fa:da:81:b5:da:7b:e7:72:99:cb:69:45:4c:dc:
         f8:16:36:1c:ed:81:3f:bf:e6:55:45:51:63:5b:9f:1b:40:c6:
         1b:5a:27:64:a6:e6:8e:2f:85:b8:14:f8:3b:6e:ba:7c:fe:4e:
         1a:a2:dd:6f:52:98:cb:9b:16:c6:64:e5:7e:79:9b:f4:a9:5e:
         a6:07:57:5c:3c:0c:cd:5c:f1:61:ae:47:62:8a:3f:04:32:ec:
         24:ec:d0:9d:92:48:f3:62:67:55:13:61:08:d2:83:da:6a:0a:
         5d:78:22:ec:c7:5a:5c:9b:04:30:25:c1:7c:fe:8b:fd:8f:89:
         cd:88:ae:b7:4d:27:a6:88:ed:53:62:72:c1:02:32:5d:0b:97:
         a9:a5:7f:e4:51:e0:e8:59:31:cf:57:8c:1c:9e:3c:67:63:5e:
         63:95:fd:cf:c1:6d:eb:b0:01:6f:e6:17:de:29:37:08:e2:79:
         37:06:20:52:13:6d:d2:05:a0:a6:d0:86:c9:ea:56:e7:e9:de:
         03:6e:2e:bc:1e:e5:02:1f:fa:ae:a9:a6:ff:f5:48:a1:67:ec:
         f7:08:93:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZH7IukAhM+7hYY1oNsq2A8RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2ZjMwNWE0MWYzNzRkYjAxNTgxMzM3NzA4ZDFjNzllYmVh
Nzk3MWMwHhcNMjQwOTE2MTQwMDU0WhcNMjQwOTE3MTQwMDU0WjAzMTEwLwYDVQQD
EygzZDdhNDM5MWM0YWZjYTQ0OTA3N2U1MmI5MmQ0YTliMTViZDcwNGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsamEJc22DL4w7k3frEAHhzvJP8NR
GaEzd1Hm0HTaZNMIA4RIxRHgrPp/fBx/rtinmER236MIFz94jajAjHpt3VqTplKV
DM6gHfvOGqdfMpvqJXS+XWTgeAZhM9xqHU+hfcAbJ1j04WCrh8TMI/QH359YGa8G
XapCRPB9xAOuFbhlYsLr3s4+H7IA3ppKWBT9ylI2GmbgB+D11aJgu45zt2Cy9/Ga
RHnUrgRP1CVtVR0RBAv6eifogLpHXLPZGJeMl6bIdhBtLYVC3AV4uoCTd1UEbtHi
olFwt+KJEf6NgjFuvbr/Q9z8aL/a+IIm7YP93V3piLK23MSvPQy3Vq1ygwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD16Q5HEr8pEkHflK5LUqbFb1wS/MB8GA1UdIwQY
MBaAFJbzBaQfN02wFYEzdwjRx56+p5ccMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHZNRnBCODNUYkFWZ1ROM0NOSEhucjZubHh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8zMTA4YTMtNWI1ZC00OGQyLTg1M2It
ZjEyYjZhYzVhMmIyLzEvbHZNRnBCODNUYkFWZ1ROM0NOSEhucjZubHh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8zMTA4YTMtNWI1ZC00OGQyLTg1M2ItZjEyYjZhYzVhMmIy
LzEvbHZNRnBCODNUYkFWZ1ROM0NOSEhucjZubHh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyJS3KMeC
ho3iAPvnQIcnIuaztZLLviGyggWy/jRWNqXMuxRXDa5VXPragbXae+dymctpRUzc
+BY2HO2BP7/mVUVRY1ufG0DGG1onZKbmji+FuBT4O266fP5OGqLdb1KYy5sWxmTl
fnmb9KlepgdXXDwMzVzxYa5HYoo/BDLsJOzQnZJI82JnVRNhCNKD2moKXXgi7Mda
XJsEMCXBfP6L/Y+JzYiut00npojtU2JywQIyXQuXqaV/5FHg6Fkxz1eMHJ48Z2Ne
Y5X9z8Ft67ABb+YX3ik3COJ5NwYgUhNt0gWgptCGyepW5+neA24uvB7lAh/6rqmm
//VIoWfs9wiTdg==
-----END CERTIFICATE-----