Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/3feed9-ce5f-4a22-99b9-a4a9cc471599/1/lcGSBnFsXHnTW_FZJNszI6TsGMg.mft
File:                     lcGSBnFsXHnTW_FZJNszI6TsGMg.mft (raw, json)
Hash identifier:          T+w6X/J67oeMTR82SwrM5zkGLT1XcS4e2nHF5Jk/VwM=
Subject key identifier:   40:9D:D4:DD:5F:B7:B1:1C:29:53:03:82:A1:F4:1C:72:FC:C8:F9:7D
Authority key identifier: 95:C1:92:06:71:6C:5C:79:D3:5B:F1:59:24:DB:33:23:A4:EC:18:C8
Certificate issuer:       /CN=95c19206716c5c79d35bf15924db3323a4ec18c8
Certificate serial:       0194C42C13A7F0ACA9D7650529E13235B27E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lcGSBnFsXHnTW_FZJNszI6TsGMg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/3feed9-ce5f-4a22-99b9-a4a9cc471599/1/lcGSBnFsXHnTW_FZJNszI6TsGMg.mft
Manifest number:          0FFE
Signing time:             Sun 02 Feb 2025 01:00:10 +0000
Manifest this update:     Sun 02 Feb 2025 01:00:10 +0000
Manifest next update:     Mon 03 Feb 2025 01:00:10 +0000
Files and hashes:         1: lcGSBnFsXHnTW_FZJNszI6TsGMg.crl (hash: hr+DN76R7YnaqopkWI17v6twP7BWalihBVrW7X9V3aw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/3feed9-ce5f-4a22-99b9-a4a9cc471599/1/lcGSBnFsXHnTW_FZJNszI6TsGMg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/3feed9-ce5f-4a22-99b9-a4a9cc471599/1/lcGSBnFsXHnTW_FZJNszI6TsGMg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lcGSBnFsXHnTW_FZJNszI6TsGMg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:2c:13:a7:f0:ac:a9:d7:65:05:29:e1:32:35:b2:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95c19206716c5c79d35bf15924db3323a4ec18c8
        Validity
            Not Before: Feb  2 01:00:10 2025 GMT
            Not After : Feb  3 01:00:10 2025 GMT
        Subject: CN=409dd4dd5fb7b11c29530382a1f41c72fcc8f97d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:f6:dd:07:33:c4:07:6c:99:22:33:96:f6:bb:
                    d2:0e:ed:75:fa:a1:0a:56:68:b0:56:b2:c1:fc:b7:
                    65:2d:2c:53:75:f7:de:7b:fa:b4:76:f3:0b:d6:39:
                    b1:86:46:c0:a4:84:a9:55:56:31:92:b3:fc:f1:c5:
                    ef:61:22:80:cc:9e:10:76:e2:c6:01:64:73:88:d9:
                    74:34:ba:99:41:9e:c1:2f:5e:55:c5:f2:3f:64:e6:
                    54:9a:9b:b6:9b:aa:b9:5f:be:85:13:6d:fe:6d:41:
                    3e:a4:81:7d:b8:7f:52:62:78:6c:74:43:ed:f1:5c:
                    4d:23:37:12:35:b2:ba:e6:d8:17:8a:33:eb:75:a5:
                    8a:ec:54:05:62:cd:45:b4:8f:24:5c:a3:1e:5e:56:
                    b7:4f:5a:47:9c:a1:5b:44:f0:c0:5a:6b:d1:23:f7:
                    54:1e:d0:d9:95:28:c0:b1:d7:d9:b2:bf:f7:3e:ab:
                    a2:0b:f8:19:68:7e:ec:69:4d:bd:5d:f8:72:3a:f3:
                    c6:1d:45:dd:38:d2:83:6c:6f:73:a9:b8:0f:58:4a:
                    d4:dd:69:0e:e1:4b:a5:ca:3c:f6:51:0a:8c:20:c6:
                    1a:e1:f2:64:65:d2:60:fc:7f:05:a0:15:8a:4c:48:
                    a8:96:ef:97:07:41:53:8b:02:05:6b:69:7f:09:d8:
                    bb:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:9D:D4:DD:5F:B7:B1:1C:29:53:03:82:A1:F4:1C:72:FC:C8:F9:7D
            X509v3 Authority Key Identifier:
                keyid:95:C1:92:06:71:6C:5C:79:D3:5B:F1:59:24:DB:33:23:A4:EC:18:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lcGSBnFsXHnTW_FZJNszI6TsGMg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/3feed9-ce5f-4a22-99b9-a4a9cc471599/1/lcGSBnFsXHnTW_FZJNszI6TsGMg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/3feed9-ce5f-4a22-99b9-a4a9cc471599/1/lcGSBnFsXHnTW_FZJNszI6TsGMg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:13:95:d0:a5:9f:90:13:ca:9c:96:5d:8a:ea:c9:e2:45:54:
         42:aa:5e:ef:34:ab:fb:8c:a9:4b:de:bc:82:4e:d0:56:cf:14:
         3e:34:ac:67:63:c5:c5:d2:49:2c:ec:7f:2a:40:56:1a:1c:3b:
         3e:8e:de:9a:72:b2:d0:20:70:08:80:06:c6:65:7f:cb:c4:a8:
         12:dd:fc:5d:70:8e:3f:2b:54:06:a2:6a:da:7a:e6:8a:c8:54:
         60:11:00:09:af:53:bb:a1:11:8f:43:4c:eb:0f:b6:a5:42:63:
         d5:66:b0:0f:0e:99:58:97:99:c0:f5:14:5c:34:a9:27:89:c3:
         53:4c:6d:5f:0c:b6:99:f7:30:65:5a:2f:e2:79:79:72:87:92:
         02:42:e1:61:29:20:b9:bb:ed:8d:b9:ad:b6:4b:14:3b:e5:02:
         cb:16:b4:92:4e:c5:81:6d:9e:db:ea:d6:02:cc:00:8a:9f:cc:
         b5:45:23:3a:19:0f:0b:e7:04:a9:9c:07:8d:b5:68:0a:86:d6:
         f5:1a:8d:11:df:c6:91:3f:08:3a:ba:c6:b7:89:72:46:d5:a1:
         68:f2:7b:02:a9:12:bf:b5:14:18:22:2e:20:1d:f1:e6:78:44:
         0a:2f:4a:37:57:64:ee:4a:23:40:09:89:45:8b:63:75:e6:44:
         17:b9:20:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTELBOn8Kyp12UFKeEyNbJ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YzE5MjA2NzE2YzVjNzlkMzViZjE1OTI0ZGIzMzIzYTRl
YzE4YzgwHhcNMjUwMjAyMDEwMDEwWhcNMjUwMjAzMDEwMDEwWjAzMTEwLwYDVQQD
Eyg0MDlkZDRkZDVmYjdiMTFjMjk1MzAzODJhMWY0MWM3MmZjYzhmOTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/bdBzPEB2yZIjOW9rvSDu11+qEK
VmiwVrLB/LdlLSxTdffee/q0dvML1jmxhkbApISpVVYxkrP88cXvYSKAzJ4QduLG
AWRziNl0NLqZQZ7BL15VxfI/ZOZUmpu2m6q5X76FE23+bUE+pIF9uH9SYnhsdEPt
8VxNIzcSNbK65tgXijPrdaWK7FQFYs1FtI8kXKMeXla3T1pHnKFbRPDAWmvRI/dU
HtDZlSjAsdfZsr/3PquiC/gZaH7saU29XfhyOvPGHUXdONKDbG9zqbgPWErU3WkO
4Uulyjz2UQqMIMYa4fJkZdJg/H8FoBWKTEiolu+XB0FTiwIFa2l/Cdi7dwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFECd1N1ft7EcKVMDgqH0HHL8yPl9MB8GA1UdIwQY
MBaAFJXBkgZxbFx501vxWSTbMyOk7BjIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGNHU0JuRnNYSG5UV19GWkpOc3pJNlRzR01nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8zZmVlZDktY2U1Zi00YTIyLTk5Yjkt
YTRhOWNjNDcxNTk5LzEvbGNHU0JuRnNYSG5UV19GWkpOc3pJNlRzR01nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8zZmVlZDktY2U1Zi00YTIyLTk5YjktYTRhOWNjNDcxNTk5
LzEvbGNHU0JuRnNYSG5UV19GWkpOc3pJNlRzR01nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnBOV0KWf
kBPKnJZdiurJ4kVUQqpe7zSr+4ypS968gk7QVs8UPjSsZ2PFxdJJLOx/KkBWGhw7
Po7emnKy0CBwCIAGxmV/y8SoEt38XXCOPytUBqJq2nrmishUYBEACa9Tu6ERj0NM
6w+2pUJj1WawDw6ZWJeZwPUUXDSpJ4nDU0xtXwy2mfcwZVov4nl5coeSAkLhYSkg
ubvtjbmttksUO+UCyxa0kk7FgW2e2+rWAswAip/MtUUjOhkPC+cEqZwHjbVoCobW
9RqNEd/GkT8IOrrGt4lyRtWhaPJ7AqkSv7UUGCIuIB3x5nhECi9KN1dk7kojQAmJ
RYtjdeZEF7kgwQ==
-----END CERTIFICATE-----