Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/b47217-3d58-4109-9a18-347b3052b3cc/1/lopFBwJlXLHBL1GJM9k877nt4j4.mft
File:                     lopFBwJlXLHBL1GJM9k877nt4j4.mft (raw, json)
Hash identifier:          xwMaFM33EZzZHyxcJ/7D7hjmPxsTZyaFI69kihK3+44=
Subject key identifier:   6F:AD:E0:9E:FF:A8:63:27:56:C1:B4:E0:3A:FD:76:4B:00:DF:B3:B5
Authority key identifier: 96:8A:45:07:02:65:5C:B1:C1:2F:51:89:33:D9:3C:EF:B9:ED:E2:3E
Certificate issuer:       /CN=968a450702655cb1c12f518933d93cefb9ede23e
Certificate serial:       019654CA0743162BBBCDC0F152B0D976260F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lopFBwJlXLHBL1GJM9k877nt4j4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/b47217-3d58-4109-9a18-347b3052b3cc/1/lopFBwJlXLHBL1GJM9k877nt4j4.mft
Manifest number:          01D0
Signing time:             Sun 20 Apr 2025 20:00:48 +0000
Manifest this update:     Sun 20 Apr 2025 20:00:48 +0000
Manifest next update:     Mon 21 Apr 2025 20:00:48 +0000
Files and hashes:         1: lopFBwJlXLHBL1GJM9k877nt4j4.crl (hash: qvNTKr35Df+oexiUWrcv279ngiuE2mlCHDMX+u3qWIQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/be/b47217-3d58-4109-9a18-347b3052b3cc/1/lopFBwJlXLHBL1GJM9k877nt4j4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/be/b47217-3d58-4109-9a18-347b3052b3cc/1/lopFBwJlXLHBL1GJM9k877nt4j4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lopFBwJlXLHBL1GJM9k877nt4j4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 20:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:54:ca:07:43:16:2b:bb:cd:c0:f1:52:b0:d9:76:26:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=968a450702655cb1c12f518933d93cefb9ede23e
        Validity
            Not Before: Apr 20 20:00:48 2025 GMT
            Not After : Apr 21 20:00:48 2025 GMT
        Subject: CN=6fade09effa8632756c1b4e03afd764b00dfb3b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:da:12:65:c9:86:8a:1e:78:a0:52:eb:8a:c2:
                    4a:32:4c:ae:12:96:83:5b:e2:23:f3:9c:b7:f7:14:
                    b9:2f:6a:ce:1c:f2:d2:7a:22:06:08:72:91:f1:e3:
                    dd:f7:5d:f1:d7:9c:db:1b:88:ea:a6:f0:53:99:af:
                    30:df:e8:17:2e:f4:99:40:7a:60:01:b0:e1:a2:99:
                    cb:76:1b:54:27:60:44:b5:59:c1:33:d3:7f:3d:63:
                    c5:23:a6:61:83:a9:b1:bc:53:dd:b8:55:10:f0:64:
                    db:94:25:34:5e:0f:e8:93:1c:d5:d7:ca:08:eb:2b:
                    a5:0e:cd:26:ad:2e:6b:99:5f:7d:6b:af:98:6a:44:
                    a6:4d:87:91:1e:01:1d:05:a3:f2:f0:67:51:49:25:
                    8c:4e:f4:41:38:b2:79:f8:7d:dd:c4:eb:40:5b:7f:
                    fa:db:81:d0:f3:54:ea:1f:3a:d4:74:09:b8:ec:37:
                    f3:7a:6a:77:07:7b:48:22:5a:39:4b:6a:e1:63:f2:
                    bc:c5:70:8d:4f:ce:84:86:83:58:24:91:62:f1:a3:
                    28:54:82:c5:61:f9:05:d1:49:8e:9d:8d:fc:0f:c4:
                    1f:01:88:a8:f8:51:04:4d:a0:ae:e9:0d:50:16:61:
                    54:49:2c:ba:52:37:35:70:62:0d:49:14:a1:3b:bf:
                    2b:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:AD:E0:9E:FF:A8:63:27:56:C1:B4:E0:3A:FD:76:4B:00:DF:B3:B5
            X509v3 Authority Key Identifier:
                keyid:96:8A:45:07:02:65:5C:B1:C1:2F:51:89:33:D9:3C:EF:B9:ED:E2:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lopFBwJlXLHBL1GJM9k877nt4j4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b47217-3d58-4109-9a18-347b3052b3cc/1/lopFBwJlXLHBL1GJM9k877nt4j4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b47217-3d58-4109-9a18-347b3052b3cc/1/lopFBwJlXLHBL1GJM9k877nt4j4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:56:c9:07:7a:29:50:e5:b8:84:41:ed:78:9e:d3:06:a3:54:
         12:1b:32:2d:12:5a:12:e0:14:12:a6:47:c8:9a:24:0e:af:55:
         8e:4d:c1:cb:aa:71:3c:69:78:68:e2:61:29:60:21:9e:d9:00:
         3b:96:57:05:58:c3:00:19:ca:74:74:98:4a:03:55:7a:b7:c7:
         8f:25:b0:bd:c5:17:f7:8d:a8:d9:b9:26:fd:a7:19:88:34:23:
         84:18:84:5a:be:63:8f:bf:9c:1e:a8:8c:a8:9f:e5:fc:70:ec:
         e4:30:f4:a2:7f:7a:37:06:0f:ae:da:bb:01:e8:0c:55:02:8a:
         c5:07:fb:12:a7:c5:93:e7:fa:a4:0a:a5:17:77:24:c4:d5:17:
         d8:15:61:65:27:3a:81:86:8c:64:de:a3:eb:6e:e6:7d:dd:21:
         07:02:91:c1:56:45:7a:20:3e:28:41:74:fa:85:35:73:b2:3a:
         91:18:75:e9:f6:62:34:90:51:53:43:c9:74:92:22:f6:8b:63:
         38:41:70:a1:5e:32:a4:b4:c6:02:02:b2:f9:50:1a:68:a9:fd:
         9b:08:c8:c4:f9:c2:48:38:e0:a7:3f:fe:39:da:58:85:5d:91:
         7a:7d:c0:7b:0a:7b:5f:17:a4:8c:86:8d:78:60:38:e9:1c:37:
         f8:2b:95:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUygdDFiu7zcDxUrDZdiYPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2OGE0NTA3MDI2NTVjYjFjMTJmNTE4OTMzZDkzY2VmYjll
ZGUyM2UwHhcNMjUwNDIwMjAwMDQ4WhcNMjUwNDIxMjAwMDQ4WjAzMTEwLwYDVQQD
Eyg2ZmFkZTA5ZWZmYTg2MzI3NTZjMWI0ZTAzYWZkNzY0YjAwZGZiM2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA09oSZcmGih54oFLrisJKMkyuEpaD
W+Ij85y39xS5L2rOHPLSeiIGCHKR8ePd913x15zbG4jqpvBTma8w3+gXLvSZQHpg
AbDhopnLdhtUJ2BEtVnBM9N/PWPFI6Zhg6mxvFPduFUQ8GTblCU0Xg/okxzV18oI
6yulDs0mrS5rmV99a6+YakSmTYeRHgEdBaPy8GdRSSWMTvRBOLJ5+H3dxOtAW3/6
24HQ81TqHzrUdAm47Dfzemp3B3tIIlo5S2rhY/K8xXCNT86EhoNYJJFi8aMoVILF
YfkF0UmOnY38D8QfAYio+FEETaCu6Q1QFmFUSSy6Ujc1cGINSRShO78r8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG+t4J7/qGMnVsG04Dr9dksA37O1MB8GA1UdIwQY
MBaAFJaKRQcCZVyxwS9RiTPZPO+57eI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbG9wRkJ3SmxYTEhCTDFHSk05azg3N250NGo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9iNDcyMTctM2Q1OC00MTA5LTlhMTgt
MzQ3YjMwNTJiM2NjLzEvbG9wRkJ3SmxYTEhCTDFHSk05azg3N250NGo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9iNDcyMTctM2Q1OC00MTA5LTlhMTgtMzQ3YjMwNTJiM2Nj
LzEvbG9wRkJ3SmxYTEhCTDFHSk05azg3N250NGo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIVbJB3op
UOW4hEHteJ7TBqNUEhsyLRJaEuAUEqZHyJokDq9Vjk3By6pxPGl4aOJhKWAhntkA
O5ZXBVjDABnKdHSYSgNVerfHjyWwvcUX942o2bkm/acZiDQjhBiEWr5jj7+cHqiM
qJ/l/HDs5DD0on96NwYPrtq7AegMVQKKxQf7EqfFk+f6pAqlF3ckxNUX2BVhZSc6
gYaMZN6j627mfd0hBwKRwVZFeiA+KEF0+oU1c7I6kRh16fZiNJBRU0PJdJIi9otj
OEFwoV4ypLTGAgKy+VAaaKn9mwjIxPnCSDjgpz/+OdpYhV2Ren3Aewp7XxekjIaN
eGA46Rw3+CuVyw==
-----END CERTIFICATE-----