Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/76a471-08e0-49e6-9537-53b55fae023d/1/LSdW5QjQEzSbJE4wfX8jliafJwg.mft
File:                     LSdW5QjQEzSbJE4wfX8jliafJwg.mft (raw, json)
Hash identifier:          qXe7Rr4gvSKUKLMktJVLAH7gtLKX3oBrvqk3Iyv6Z8c=
Subject key identifier:   DC:86:19:A5:AD:B6:92:BA:A7:90:CB:2B:86:17:6E:74:B7:9F:45:A5
Authority key identifier: 2D:27:56:E5:08:D0:13:34:9B:24:4E:30:7D:7F:23:96:26:9F:27:08
Certificate issuer:       /CN=2d2756e508d013349b244e307d7f2396269f2708
Certificate serial:       019610C52204C6AF1B773477D0F6FDEFCB77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LSdW5QjQEzSbJE4wfX8jliafJwg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/76a471-08e0-49e6-9537-53b55fae023d/1/LSdW5QjQEzSbJE4wfX8jliafJwg.mft
Manifest number:          116B
Signing time:             Mon 07 Apr 2025 15:01:16 +0000
Manifest this update:     Mon 07 Apr 2025 15:01:16 +0000
Manifest next update:     Tue 08 Apr 2025 15:01:16 +0000
Files and hashes:         1: LSdW5QjQEzSbJE4wfX8jliafJwg.crl (hash: Skkr8fI9pmqx2LI9veZyzJRWwNYqOaVb0kMfGCM4Ge0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/76a471-08e0-49e6-9537-53b55fae023d/1/LSdW5QjQEzSbJE4wfX8jliafJwg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/76a471-08e0-49e6-9537-53b55fae023d/1/LSdW5QjQEzSbJE4wfX8jliafJwg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LSdW5QjQEzSbJE4wfX8jliafJwg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 08 Apr 2025 14:28:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:10:c5:22:04:c6:af:1b:77:34:77:d0:f6:fd:ef:cb:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d2756e508d013349b244e307d7f2396269f2708
        Validity
            Not Before: Apr  7 15:01:16 2025 GMT
            Not After : Apr  8 15:01:16 2025 GMT
        Subject: CN=dc8619a5adb692baa790cb2b86176e74b79f45a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:18:ed:e3:f0:c2:61:33:82:96:36:4a:7d:2c:
                    98:78:81:70:d2:d8:ed:31:28:9d:b2:d7:22:d2:9f:
                    07:dd:5d:d9:0d:03:ab:44:32:c7:24:96:11:60:dd:
                    c6:96:f4:2b:89:51:85:e8:65:6e:12:11:4b:c9:b0:
                    38:65:10:42:21:02:4b:24:2d:59:22:e1:8c:58:80:
                    e9:f9:95:11:eb:4c:c7:76:4a:9b:bc:66:b9:8b:0d:
                    91:df:7d:83:df:f9:ee:22:dc:ac:8e:7d:8a:40:27:
                    c6:02:95:ab:38:46:74:23:09:1b:9e:ea:3f:eb:a5:
                    2a:7b:f9:98:e0:87:bb:1a:ad:59:59:1d:ee:3f:0e:
                    ed:f2:2d:e7:3c:7a:95:fb:8c:1b:0f:87:5b:62:04:
                    de:02:3e:8c:45:f3:0b:4a:16:53:bf:fd:44:f5:67:
                    d9:62:6d:68:9c:60:6c:7a:98:d6:6d:15:eb:83:78:
                    48:df:88:dd:9c:ee:58:88:2e:85:01:20:27:e6:f5:
                    61:32:bf:28:9c:a9:86:ad:1d:1b:61:83:2a:ba:69:
                    75:6c:8f:1a:51:bf:04:7c:2b:f5:07:57:9e:92:05:
                    02:7c:c3:09:e1:1a:eb:11:54:d1:5c:43:c8:77:3a:
                    0e:21:cb:98:de:af:3c:f1:4b:d1:51:04:7c:7f:21:
                    31:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:86:19:A5:AD:B6:92:BA:A7:90:CB:2B:86:17:6E:74:B7:9F:45:A5
            X509v3 Authority Key Identifier:
                keyid:2D:27:56:E5:08:D0:13:34:9B:24:4E:30:7D:7F:23:96:26:9F:27:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LSdW5QjQEzSbJE4wfX8jliafJwg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/76a471-08e0-49e6-9537-53b55fae023d/1/LSdW5QjQEzSbJE4wfX8jliafJwg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/76a471-08e0-49e6-9537-53b55fae023d/1/LSdW5QjQEzSbJE4wfX8jliafJwg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:5a:32:58:e2:cd:18:7b:2e:ce:8b:3f:a6:8e:40:73:72:7e:
         b7:9a:4d:91:e1:88:c1:db:3f:03:6c:d2:37:fb:bd:dc:87:d7:
         a2:cd:6c:44:2e:81:d5:ea:4e:86:fd:53:1a:36:56:a7:80:64:
         b2:ff:d0:ca:d4:73:9d:22:56:e3:b5:05:2f:95:dc:b4:50:52:
         62:cc:7a:cf:12:6a:11:17:11:af:24:3c:0e:d1:29:72:ce:99:
         f4:de:a7:11:bd:84:10:01:f7:6f:8b:e2:4c:b3:ad:55:f2:d5:
         17:77:34:fa:2f:f3:91:70:1c:13:4d:f7:3f:d1:c1:f8:27:3c:
         23:65:bb:15:15:00:50:73:cd:c1:3e:34:93:61:db:9e:7f:a6:
         ee:39:ac:2b:7c:99:df:82:b1:fe:14:7a:6f:8c:db:04:32:d1:
         bc:0b:96:0f:05:19:ee:a2:c7:b1:d1:9b:eb:b0:71:19:a2:a9:
         d3:80:76:1b:aa:eb:51:44:8b:15:7f:1e:a9:c9:e0:53:3e:01:
         54:de:82:ec:11:ad:27:70:53:c9:da:8e:ae:c0:5a:1b:f7:fd:
         a2:f7:b2:cd:24:f5:1b:3f:ee:e3:5a:33:9e:5f:61:de:b5:d1:
         0f:c7:57:b5:83:12:08:99:81:9c:09:22:17:fe:bb:c9:c3:19:
         1c:ad:52:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYQxSIExq8bdzR30Pb978t3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMjc1NmU1MDhkMDEzMzQ5YjI0NGUzMDdkN2YyMzk2MjY5
ZjI3MDgwHhcNMjUwNDA3MTUwMTE2WhcNMjUwNDA4MTUwMTE2WjAzMTEwLwYDVQQD
EyhkYzg2MTlhNWFkYjY5MmJhYTc5MGNiMmI4NjE3NmU3NGI3OWY0NWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxjt4/DCYTOCljZKfSyYeIFw0tjt
MSidstci0p8H3V3ZDQOrRDLHJJYRYN3GlvQriVGF6GVuEhFLybA4ZRBCIQJLJC1Z
IuGMWIDp+ZUR60zHdkqbvGa5iw2R332D3/nuItysjn2KQCfGApWrOEZ0Iwkbnuo/
66Uqe/mY4Ie7Gq1ZWR3uPw7t8i3nPHqV+4wbD4dbYgTeAj6MRfMLShZTv/1E9WfZ
Ym1onGBsepjWbRXrg3hI34jdnO5YiC6FASAn5vVhMr8onKmGrR0bYYMquml1bI8a
Ub8EfCv1B1eekgUCfMMJ4RrrEVTRXEPIdzoOIcuY3q888UvRUQR8fyExqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNyGGaWttpK6p5DLK4YXbnS3n0WlMB8GA1UdIwQY
MBaAFC0nVuUI0BM0myROMH1/I5YmnycIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFNkVzVRalFFelNiSkU0d2ZYOGpsaWFmSndnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC83NmE0NzEtMDhlMC00OWU2LTk1Mzct
NTNiNTVmYWUwMjNkLzEvTFNkVzVRalFFelNiSkU0d2ZYOGpsaWFmSndnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC83NmE0NzEtMDhlMC00OWU2LTk1MzctNTNiNTVmYWUwMjNk
LzEvTFNkVzVRalFFelNiSkU0d2ZYOGpsaWFmSndnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVloyWOLN
GHsuzos/po5Ac3J+t5pNkeGIwds/A2zSN/u93IfXos1sRC6B1epOhv1TGjZWp4Bk
sv/QytRznSJW47UFL5XctFBSYsx6zxJqERcRryQ8DtEpcs6Z9N6nEb2EEAH3b4vi
TLOtVfLVF3c0+i/zkXAcE033P9HB+Cc8I2W7FRUAUHPNwT40k2Hbnn+m7jmsK3yZ
34Kx/hR6b4zbBDLRvAuWDwUZ7qLHsdGb67BxGaKp04B2G6rrUUSLFX8eqcngUz4B
VN6C7BGtJ3BTydqOrsBaG/f9oveyzST1Gz/u41oznl9h3rXRD8dXtYMSCJmBnAki
F/67ycMZHK1Spw==
-----END CERTIFICATE-----