Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/76a471-08e0-49e6-9537-53b55fae023d/1/LSdW5QjQEzSbJE4wfX8jliafJwg.mft
File:                     LSdW5QjQEzSbJE4wfX8jliafJwg.mft (raw, json)
Hash identifier:          zvqQK1wxZBlcBwqRPkXLmxIxvrhBLIHAIxO1p3hgLC4=
Subject key identifier:   F2:0F:56:9B:BF:5C:72:85:B4:79:A0:89:94:18:7A:CB:41:D9:06:49
Authority key identifier: 2D:27:56:E5:08:D0:13:34:9B:24:4E:30:7D:7F:23:96:26:9F:27:08
Certificate issuer:       /CN=2d2756e508d013349b244e307d7f2396269f2708
Certificate serial:       01958F6142E9B101CCBA9B8CB872C3370BD1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LSdW5QjQEzSbJE4wfX8jliafJwg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/76a471-08e0-49e6-9537-53b55fae023d/1/LSdW5QjQEzSbJE4wfX8jliafJwg.mft
Manifest number:          1128
Signing time:             Thu 13 Mar 2025 12:01:10 +0000
Manifest this update:     Thu 13 Mar 2025 12:01:10 +0000
Manifest next update:     Fri 14 Mar 2025 12:01:10 +0000
Files and hashes:         1: LSdW5QjQEzSbJE4wfX8jliafJwg.crl (hash: lPAudnuanENYVg/bH+MJF6PYEebFbKatHYEmrod0j4M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/76a471-08e0-49e6-9537-53b55fae023d/1/LSdW5QjQEzSbJE4wfX8jliafJwg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/76a471-08e0-49e6-9537-53b55fae023d/1/LSdW5QjQEzSbJE4wfX8jliafJwg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LSdW5QjQEzSbJE4wfX8jliafJwg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 14 Mar 2025 12:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8f:61:42:e9:b1:01:cc:ba:9b:8c:b8:72:c3:37:0b:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d2756e508d013349b244e307d7f2396269f2708
        Validity
            Not Before: Mar 13 12:01:10 2025 GMT
            Not After : Mar 14 12:01:10 2025 GMT
        Subject: CN=f20f569bbf5c7285b479a08994187acb41d90649
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:66:96:65:7e:37:60:81:42:0e:84:8b:8f:be:
                    5e:77:a6:6f:3c:ac:ce:0b:e2:d2:dc:70:db:41:26:
                    71:d5:16:fc:42:6b:69:85:11:f7:07:de:35:b5:42:
                    cb:00:d0:fa:67:5a:1e:64:6f:b8:1a:6e:65:c8:21:
                    bd:9e:04:ae:06:12:80:80:38:34:2d:28:da:9d:78:
                    c1:4a:af:eb:4c:e6:9b:3e:23:e6:4f:fc:68:ab:07:
                    6d:af:c2:6a:e3:42:c7:17:40:df:fa:3f:4f:9b:0e:
                    f1:3c:cc:c7:ac:aa:4a:63:2b:ef:75:2f:13:76:cc:
                    c1:8b:f3:61:ce:54:5e:d3:5a:63:dc:49:92:d8:a9:
                    75:34:c0:77:92:d6:65:f1:6c:0e:a9:a0:ee:3b:dc:
                    d9:47:de:83:6c:9c:e4:7b:a9:98:fa:6d:ae:ca:b2:
                    b5:d1:cd:33:cb:fe:51:58:df:db:35:33:f3:85:84:
                    31:15:ff:09:a9:20:bc:d0:15:5d:1b:c8:bd:c9:e9:
                    37:8b:e3:08:71:0b:7f:f1:0a:c4:29:dc:21:b5:8b:
                    84:03:a6:22:8e:0e:97:3f:1f:e9:9c:aa:c4:6b:ba:
                    d2:bb:16:f2:e5:ee:99:35:93:b6:d9:f1:52:fb:f6:
                    34:8f:fd:08:81:6b:1b:4b:3c:b9:bf:aa:67:ea:00:
                    92:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:0F:56:9B:BF:5C:72:85:B4:79:A0:89:94:18:7A:CB:41:D9:06:49
            X509v3 Authority Key Identifier:
                keyid:2D:27:56:E5:08:D0:13:34:9B:24:4E:30:7D:7F:23:96:26:9F:27:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LSdW5QjQEzSbJE4wfX8jliafJwg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/76a471-08e0-49e6-9537-53b55fae023d/1/LSdW5QjQEzSbJE4wfX8jliafJwg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/76a471-08e0-49e6-9537-53b55fae023d/1/LSdW5QjQEzSbJE4wfX8jliafJwg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:6c:b6:02:91:d8:bd:9b:38:89:c8:78:30:9a:d4:89:f6:e4:
         df:a1:f8:7e:e0:e5:72:22:4f:27:64:b1:db:24:ff:4b:aa:80:
         e3:47:1f:14:12:0c:ce:46:3e:8c:4c:dc:f8:2b:fe:31:6c:0f:
         fc:9c:c3:e8:42:12:70:5d:65:5f:25:f3:5d:ab:58:01:87:f5:
         a9:e3:cf:13:de:73:d3:9d:5e:15:00:30:87:a7:02:7d:cc:e8:
         51:c8:a6:79:5f:92:27:12:bd:fb:03:6e:58:8b:f2:3f:8e:9c:
         f6:7e:76:2a:b6:0c:85:b5:53:99:d4:d3:ab:7d:76:0c:25:71:
         18:dc:36:ef:a9:a3:c2:c4:cd:b4:ec:da:50:4e:69:32:54:73:
         c0:e3:9d:27:d3:02:fd:59:9a:a4:bd:72:fc:81:2e:33:a3:bc:
         5a:41:9e:11:43:17:bb:38:75:45:ec:9f:36:79:57:b7:de:15:
         e1:4e:81:2b:4c:53:a5:0b:66:14:d0:34:05:df:c8:3b:4c:5c:
         ab:02:b6:02:e2:31:6e:43:ab:92:7a:bb:28:7d:0d:eb:ff:47:
         91:c2:ad:48:19:53:e0:cd:85:7c:e0:9e:b5:12:9e:ba:9a:7c:
         1d:40:83:05:c5:34:d8:49:f8:ea:70:51:7d:99:e4:b7:f1:05:
         13:b7:b3:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWPYULpsQHMupuMuHLDNwvRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMjc1NmU1MDhkMDEzMzQ5YjI0NGUzMDdkN2YyMzk2MjY5
ZjI3MDgwHhcNMjUwMzEzMTIwMTEwWhcNMjUwMzE0MTIwMTEwWjAzMTEwLwYDVQQD
EyhmMjBmNTY5YmJmNWM3Mjg1YjQ3OWEwODk5NDE4N2FjYjQxZDkwNjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2aWZX43YIFCDoSLj75ed6ZvPKzO
C+LS3HDbQSZx1Rb8QmtphRH3B941tULLAND6Z1oeZG+4Gm5lyCG9ngSuBhKAgDg0
LSjanXjBSq/rTOabPiPmT/xoqwdtr8Jq40LHF0Df+j9Pmw7xPMzHrKpKYyvvdS8T
dszBi/NhzlRe01pj3EmS2Kl1NMB3ktZl8WwOqaDuO9zZR96DbJzke6mY+m2uyrK1
0c0zy/5RWN/bNTPzhYQxFf8JqSC80BVdG8i9yek3i+MIcQt/8QrEKdwhtYuEA6Yi
jg6XPx/pnKrEa7rSuxby5e6ZNZO22fFS+/Y0j/0IgWsbSzy5v6pn6gCSGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPIPVpu/XHKFtHmgiZQYestB2QZJMB8GA1UdIwQY
MBaAFC0nVuUI0BM0myROMH1/I5YmnycIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFNkVzVRalFFelNiSkU0d2ZYOGpsaWFmSndnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC83NmE0NzEtMDhlMC00OWU2LTk1Mzct
NTNiNTVmYWUwMjNkLzEvTFNkVzVRalFFelNiSkU0d2ZYOGpsaWFmSndnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC83NmE0NzEtMDhlMC00OWU2LTk1MzctNTNiNTVmYWUwMjNk
LzEvTFNkVzVRalFFelNiSkU0d2ZYOGpsaWFmSndnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATGy2ApHY
vZs4ich4MJrUifbk36H4fuDlciJPJ2Sx2yT/S6qA40cfFBIMzkY+jEzc+Cv+MWwP
/JzD6EIScF1lXyXzXatYAYf1qePPE95z051eFQAwh6cCfczoUcimeV+SJxK9+wNu
WIvyP46c9n52KrYMhbVTmdTTq312DCVxGNw276mjwsTNtOzaUE5pMlRzwOOdJ9MC
/VmapL1y/IEuM6O8WkGeEUMXuzh1ReyfNnlXt94V4U6BK0xTpQtmFNA0Bd/IO0xc
qwK2AuIxbkOrknq7KH0N6/9HkcKtSBlT4M2FfOCetRKeupp8HUCDBcU02En46nBR
fZnkt/EFE7ezTQ==
-----END CERTIFICATE-----