Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/b3c41a-492c-45e4-89d6-dcc4c45bf162/1/lsgslDmkFHsuorWXz_xRALqNMnw.mft
File:                     lsgslDmkFHsuorWXz_xRALqNMnw.mft (raw, json)
Hash identifier:          6IPBjHmpM7CVbspcZtSP34dxqABdm0Qixf8DTrcuLIw=
Subject key identifier:   D8:0F:F8:A3:19:6D:5B:7E:74:F1:65:A2:1C:97:63:34:95:FC:4B:CA
Authority key identifier: 96:C8:2C:94:39:A4:14:7B:2E:A2:B5:97:CF:FC:51:00:BA:8D:32:7C
Certificate issuer:       /CN=96c82c9439a4147b2ea2b597cffc5100ba8d327c
Certificate serial:       0194C387587F1ADE181574F5C5CCBE364BA8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lsgslDmkFHsuorWXz_xRALqNMnw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/b3c41a-492c-45e4-89d6-dcc4c45bf162/1/lsgslDmkFHsuorWXz_xRALqNMnw.mft
Manifest number:          0FEE
Signing time:             Sat 01 Feb 2025 22:00:14 +0000
Manifest this update:     Sat 01 Feb 2025 22:00:14 +0000
Manifest next update:     Sun 02 Feb 2025 22:00:14 +0000
Files and hashes:         1: lsgslDmkFHsuorWXz_xRALqNMnw.crl (hash: fIspPWz390xSwEQ/jcsJEjs+Tr5QsaqvKZh69d8x3gM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b5/b3c41a-492c-45e4-89d6-dcc4c45bf162/1/lsgslDmkFHsuorWXz_xRALqNMnw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b5/b3c41a-492c-45e4-89d6-dcc4c45bf162/1/lsgslDmkFHsuorWXz_xRALqNMnw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lsgslDmkFHsuorWXz_xRALqNMnw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:00:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:87:58:7f:1a:de:18:15:74:f5:c5:cc:be:36:4b:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=96c82c9439a4147b2ea2b597cffc5100ba8d327c
        Validity
            Not Before: Feb  1 22:00:14 2025 GMT
            Not After : Feb  2 22:00:14 2025 GMT
        Subject: CN=d80ff8a3196d5b7e74f165a21c97633495fc4bca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:a8:dd:ae:fe:82:7b:ce:cd:a7:1f:e3:a9:ec:
                    7e:be:8f:9f:bd:9d:3a:5e:5f:b5:7f:b5:0b:17:1c:
                    84:a2:47:c6:c2:8d:aa:a3:19:f3:47:3e:3b:d0:03:
                    5d:80:43:7d:fb:f1:01:7a:8c:54:ee:f0:96:79:1f:
                    e3:f8:58:4b:14:b0:52:27:d9:19:5b:4f:39:aa:f4:
                    1b:05:f9:d0:c9:5c:78:5a:53:df:05:f7:6a:30:58:
                    d7:5a:7a:b5:6d:a1:11:23:71:ab:ea:d3:c3:70:4b:
                    d0:07:e1:4f:9f:5b:42:e2:68:fe:52:7c:82:b2:fb:
                    e1:eb:02:81:a4:76:8e:94:5d:91:96:ed:d4:c6:79:
                    10:ec:58:ef:ac:09:21:2b:f0:e6:c9:f8:da:bc:7c:
                    10:dc:ba:12:a8:cc:cd:32:3b:79:a3:2c:39:00:c2:
                    41:e9:dc:78:3d:2f:00:0f:3b:ab:06:d7:7d:58:a2:
                    06:5a:71:d7:d6:67:3c:6f:f4:46:31:cd:79:cc:7a:
                    fd:e6:c4:a4:a9:08:8e:44:46:0c:06:62:c8:dc:a8:
                    ce:df:9c:50:68:cd:3c:31:17:6b:c9:71:4e:a6:42:
                    78:5a:e2:af:f6:8c:4f:39:46:c8:66:11:eb:96:fc:
                    c1:d3:ea:0e:a5:a4:06:9c:13:b0:fe:07:34:0a:80:
                    59:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:0F:F8:A3:19:6D:5B:7E:74:F1:65:A2:1C:97:63:34:95:FC:4B:CA
            X509v3 Authority Key Identifier:
                keyid:96:C8:2C:94:39:A4:14:7B:2E:A2:B5:97:CF:FC:51:00:BA:8D:32:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lsgslDmkFHsuorWXz_xRALqNMnw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/b3c41a-492c-45e4-89d6-dcc4c45bf162/1/lsgslDmkFHsuorWXz_xRALqNMnw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/b3c41a-492c-45e4-89d6-dcc4c45bf162/1/lsgslDmkFHsuorWXz_xRALqNMnw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:b1:e1:4e:94:71:1e:eb:43:61:77:48:79:21:6d:0c:25:0d:
         7a:8c:63:fc:3e:e5:58:94:ef:31:bb:c7:6f:80:eb:4e:a5:3c:
         e9:49:d1:df:a0:84:22:b4:e9:c6:71:9e:eb:c7:db:0d:36:04:
         95:83:8a:d6:f8:96:bb:1d:68:3b:b4:26:df:e6:41:6b:0c:5e:
         9c:9d:57:d2:bc:82:57:2a:6e:95:e1:45:9d:2a:0b:0f:20:d9:
         27:8f:9a:9a:5b:1b:ab:88:92:49:42:f8:50:3b:49:5d:3d:45:
         53:39:69:11:9c:42:10:f9:7b:24:ab:9b:1b:3f:3b:65:42:c8:
         e2:f7:19:90:9f:64:52:6f:9e:50:e3:76:b2:9b:7c:98:c4:55:
         a3:0b:c6:d5:f6:89:53:90:6d:32:77:52:3f:14:dd:26:04:a0:
         d0:d3:a2:d9:ea:33:b6:4f:6f:1e:65:2b:aa:cc:27:ef:ea:58:
         4e:a7:54:83:91:f1:ca:3f:5d:2e:99:ce:5c:a3:6c:18:a0:1a:
         c9:7f:68:cb:ad:26:42:1e:57:9b:6d:87:aa:17:9b:94:a6:e4:
         47:ef:c1:c3:23:57:b4:4f:44:04:0d:da:c5:b3:b3:c7:43:c5:
         ef:b9:4f:55:0c:3c:46:f4:e4:3a:0e:dc:8e:1a:1b:2b:dc:a8:
         68:40:c2:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh1h/Gt4YFXT1xcy+NkuoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2YzgyYzk0MzlhNDE0N2IyZWEyYjU5N2NmZmM1MTAwYmE4
ZDMyN2MwHhcNMjUwMjAxMjIwMDE0WhcNMjUwMjAyMjIwMDE0WjAzMTEwLwYDVQQD
EyhkODBmZjhhMzE5NmQ1YjdlNzRmMTY1YTIxYzk3NjMzNDk1ZmM0YmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlajdrv6Ce87Npx/jqex+vo+fvZ06
Xl+1f7ULFxyEokfGwo2qoxnzRz470ANdgEN9+/EBeoxU7vCWeR/j+FhLFLBSJ9kZ
W085qvQbBfnQyVx4WlPfBfdqMFjXWnq1baERI3Gr6tPDcEvQB+FPn1tC4mj+UnyC
svvh6wKBpHaOlF2Rlu3UxnkQ7FjvrAkhK/DmyfjavHwQ3LoSqMzNMjt5oyw5AMJB
6dx4PS8ADzurBtd9WKIGWnHX1mc8b/RGMc15zHr95sSkqQiOREYMBmLI3KjO35xQ
aM08MRdryXFOpkJ4WuKv9oxPOUbIZhHrlvzB0+oOpaQGnBOw/gc0CoBZyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNgP+KMZbVt+dPFlohyXYzSV/EvKMB8GA1UdIwQY
MBaAFJbILJQ5pBR7LqK1l8/8UQC6jTJ8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHNnc2xEbWtGSHN1b3JXWHpfeFJBTHFOTW53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9iM2M0MWEtNDkyYy00NWU0LTg5ZDYt
ZGNjNGM0NWJmMTYyLzEvbHNnc2xEbWtGSHN1b3JXWHpfeFJBTHFOTW53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9iM2M0MWEtNDkyYy00NWU0LTg5ZDYtZGNjNGM0NWJmMTYy
LzEvbHNnc2xEbWtGSHN1b3JXWHpfeFJBTHFOTW53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj7HhTpRx
HutDYXdIeSFtDCUNeoxj/D7lWJTvMbvHb4DrTqU86UnR36CEIrTpxnGe68fbDTYE
lYOK1viWux1oO7Qm3+ZBawxenJ1X0ryCVypuleFFnSoLDyDZJ4+amlsbq4iSSUL4
UDtJXT1FUzlpEZxCEPl7JKubGz87ZULI4vcZkJ9kUm+eUON2spt8mMRVowvG1faJ
U5BtMndSPxTdJgSg0NOi2eoztk9vHmUrqswn7+pYTqdUg5Hxyj9dLpnOXKNsGKAa
yX9oy60mQh5Xm22HqheblKbkR+/BwyNXtE9EBA3axbOzx0PF77lPVQw8RvTkOg7c
jhobK9yoaEDCJQ==
-----END CERTIFICATE-----