Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/b47217-3d58-4109-9a18-347b3052b3cc/1/lopFBwJlXLHBL1GJM9k877nt4j4.mft
File:                     lopFBwJlXLHBL1GJM9k877nt4j4.mft (raw, json)
Hash identifier:          aV/fzgtlHIvkBO6/WUjHHbPKf4iD/ht2x5RRTlJ8pQc=
Subject key identifier:   CE:0B:30:00:12:DF:8A:72:8C:0B:E2:3E:E6:DC:B2:8B:CD:E7:3F:1D
Authority key identifier: 96:8A:45:07:02:65:5C:B1:C1:2F:51:89:33:D9:3C:EF:B9:ED:E2:3E
Certificate issuer:       /CN=968a450702655cb1c12f518933d93cefb9ede23e
Certificate serial:       019512476870B353F96CE13654212B87E7AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lopFBwJlXLHBL1GJM9k877nt4j4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/b47217-3d58-4109-9a18-347b3052b3cc/1/lopFBwJlXLHBL1GJM9k877nt4j4.mft
Manifest number:          0129
Signing time:             Mon 17 Feb 2025 05:00:24 +0000
Manifest this update:     Mon 17 Feb 2025 05:00:24 +0000
Manifest next update:     Tue 18 Feb 2025 05:00:24 +0000
Files and hashes:         1: lopFBwJlXLHBL1GJM9k877nt4j4.crl (hash: J69gwSSRK3JXMBCsjHzq7Tq2RgURu/z4o9Kx5RnpxQ4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/be/b47217-3d58-4109-9a18-347b3052b3cc/1/lopFBwJlXLHBL1GJM9k877nt4j4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/be/b47217-3d58-4109-9a18-347b3052b3cc/1/lopFBwJlXLHBL1GJM9k877nt4j4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lopFBwJlXLHBL1GJM9k877nt4j4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:12:47:68:70:b3:53:f9:6c:e1:36:54:21:2b:87:e7:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=968a450702655cb1c12f518933d93cefb9ede23e
        Validity
            Not Before: Feb 17 05:00:24 2025 GMT
            Not After : Feb 18 05:00:24 2025 GMT
        Subject: CN=ce0b300012df8a728c0be23ee6dcb28bcde73f1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:4e:ac:e1:98:fd:8b:12:34:27:10:29:87:82:
                    65:84:df:aa:1e:6a:2d:4a:da:ef:98:ef:5a:2d:23:
                    b4:a9:0b:48:b9:04:37:e1:4c:7d:c2:a8:b3:ab:5d:
                    a2:20:09:cf:68:1f:50:b1:a9:7b:55:4c:3a:80:8f:
                    22:c0:42:da:ad:58:67:cb:ed:d5:87:c1:ee:da:32:
                    b4:85:e7:75:e8:21:d1:c7:eb:7f:9b:9e:84:d1:68:
                    dc:e4:2a:ef:31:1c:c8:1b:ca:b2:1e:df:97:51:f2:
                    7b:d3:f8:c0:18:b3:96:c0:42:80:ed:f7:51:3b:74:
                    02:b6:ab:b4:75:3f:ad:b7:91:c8:e3:f4:e9:05:03:
                    e0:8a:af:32:6a:86:13:39:b5:54:c2:6d:0b:9f:9b:
                    cc:bb:c3:41:d7:ea:0c:df:85:69:cb:b7:d1:66:18:
                    27:7a:42:01:73:48:ce:a2:6d:60:12:37:ea:90:0e:
                    56:e4:b2:53:80:42:88:5e:cd:c0:5f:83:ad:5b:f2:
                    48:79:d4:03:5c:66:1c:12:69:5d:f8:83:2b:89:58:
                    e5:4a:8e:50:ba:06:02:e3:6f:02:c5:6c:1e:10:e5:
                    73:67:d5:35:8c:08:fa:4b:ac:a2:15:66:ec:c2:98:
                    a4:a6:78:69:7d:79:1e:4e:b2:81:93:4b:2a:7d:c8:
                    a1:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:0B:30:00:12:DF:8A:72:8C:0B:E2:3E:E6:DC:B2:8B:CD:E7:3F:1D
            X509v3 Authority Key Identifier:
                keyid:96:8A:45:07:02:65:5C:B1:C1:2F:51:89:33:D9:3C:EF:B9:ED:E2:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lopFBwJlXLHBL1GJM9k877nt4j4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b47217-3d58-4109-9a18-347b3052b3cc/1/lopFBwJlXLHBL1GJM9k877nt4j4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b47217-3d58-4109-9a18-347b3052b3cc/1/lopFBwJlXLHBL1GJM9k877nt4j4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:44:38:b4:54:ef:82:3b:cf:52:19:08:b2:27:5c:16:a5:3e:
         66:b5:9a:63:66:bf:7a:63:34:76:b3:09:1a:bd:39:90:9d:80:
         9e:9b:e6:7b:54:5a:ba:0a:70:59:23:64:06:3a:71:24:2f:06:
         9f:d9:92:5a:a1:e1:45:64:74:63:23:15:71:e8:79:d0:8e:69:
         05:02:d4:e8:f1:e9:da:6e:ac:ae:14:ed:ff:49:25:75:55:45:
         a7:c6:35:65:6a:75:c8:6a:83:05:7a:24:cb:63:31:7b:57:54:
         65:8a:48:2b:df:b2:a5:05:7a:95:a2:c3:e8:7a:b1:c9:54:75:
         7c:d4:2b:3f:2f:8e:52:d8:25:bf:9b:7b:21:70:3e:fa:1c:fc:
         37:23:5f:8a:6d:57:c2:a7:ed:e9:ea:79:87:fa:ff:09:f5:28:
         ca:eb:f3:ce:0c:50:ec:48:9a:2d:60:9e:87:4a:65:96:7a:ff:
         3d:c3:10:bf:9e:ca:c5:b4:dc:b1:9b:18:b8:86:19:97:80:59:
         15:cf:92:3e:4e:8e:50:b1:0c:b7:6f:f0:c0:7e:ab:a3:f5:2e:
         3c:6b:48:98:e7:ab:04:af:06:94:f1:fc:f7:67:fe:65:95:83:
         de:8b:62:98:20:ab:a7:13:0f:dc:c7:13:d8:8e:bc:83:1c:09:
         8d:95:a1:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSR2hws1P5bOE2VCErh+eqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2OGE0NTA3MDI2NTVjYjFjMTJmNTE4OTMzZDkzY2VmYjll
ZGUyM2UwHhcNMjUwMjE3MDUwMDI0WhcNMjUwMjE4MDUwMDI0WjAzMTEwLwYDVQQD
EyhjZTBiMzAwMDEyZGY4YTcyOGMwYmUyM2VlNmRjYjI4YmNkZTczZjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv06s4Zj9ixI0JxAph4JlhN+qHmot
StrvmO9aLSO0qQtIuQQ34Ux9wqizq12iIAnPaB9Qsal7VUw6gI8iwELarVhny+3V
h8Hu2jK0hed16CHRx+t/m56E0Wjc5CrvMRzIG8qyHt+XUfJ70/jAGLOWwEKA7fdR
O3QCtqu0dT+tt5HI4/TpBQPgiq8yaoYTObVUwm0Ln5vMu8NB1+oM34Vpy7fRZhgn
ekIBc0jOom1gEjfqkA5W5LJTgEKIXs3AX4OtW/JIedQDXGYcEmld+IMriVjlSo5Q
ugYC428CxWweEOVzZ9U1jAj6S6yiFWbswpikpnhpfXkeTrKBk0sqfcihWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM4LMAAS34pyjAviPubcsovN5z8dMB8GA1UdIwQY
MBaAFJaKRQcCZVyxwS9RiTPZPO+57eI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbG9wRkJ3SmxYTEhCTDFHSk05azg3N250NGo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9iNDcyMTctM2Q1OC00MTA5LTlhMTgt
MzQ3YjMwNTJiM2NjLzEvbG9wRkJ3SmxYTEhCTDFHSk05azg3N250NGo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9iNDcyMTctM2Q1OC00MTA5LTlhMTgtMzQ3YjMwNTJiM2Nj
LzEvbG9wRkJ3SmxYTEhCTDFHSk05azg3N250NGo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAekQ4tFTv
gjvPUhkIsidcFqU+ZrWaY2a/emM0drMJGr05kJ2Anpvme1RaugpwWSNkBjpxJC8G
n9mSWqHhRWR0YyMVceh50I5pBQLU6PHp2m6srhTt/0kldVVFp8Y1ZWp1yGqDBXok
y2Mxe1dUZYpIK9+ypQV6laLD6HqxyVR1fNQrPy+OUtglv5t7IXA++hz8NyNfim1X
wqft6ep5h/r/CfUoyuvzzgxQ7EiaLWCeh0pllnr/PcMQv57KxbTcsZsYuIYZl4BZ
Fc+SPk6OULEMt2/wwH6ro/UuPGtImOerBK8GlPH892f+ZZWD3otimCCrpxMP3McT
2I68gxwJjZWhNQ==
-----END CERTIFICATE-----