Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft
File:                     LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft (raw, json)
Hash identifier:          iKUHKE19MO7Yk/AcpX36I3n9KQmq83w/T4vnRgTH+yQ=
Subject key identifier:   F0:C7:1D:43:45:05:96:CE:20:B2:79:EE:E3:86:64:53:B9:36:05:BD
Authority key identifier: 2E:31:63:12:AD:2B:21:AA:9A:04:81:1F:62:AD:03:6B:F6:88:85:D9
Certificate issuer:       /CN=2e316312ad2b21aa9a04811f62ad036bf68885d9
Certificate serial:       0194C38792646978CF36D721B8E6AE999154
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LjFjEq0rIaqaBIEfYq0Da_aIhdk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft
Manifest number:          08A7
Signing time:             Sat 01 Feb 2025 22:00:29 +0000
Manifest this update:     Sat 01 Feb 2025 22:00:29 +0000
Manifest next update:     Sun 02 Feb 2025 22:00:29 +0000
Files and hashes:         1: LjFjEq0rIaqaBIEfYq0Da_aIhdk.crl (hash: WouS4LlNuTfk6qxhH5EUMoX1Otsp1gOIhTxOdVGqytQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LjFjEq0rIaqaBIEfYq0Da_aIhdk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:87:92:64:69:78:cf:36:d7:21:b8:e6:ae:99:91:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e316312ad2b21aa9a04811f62ad036bf68885d9
        Validity
            Not Before: Feb  1 22:00:29 2025 GMT
            Not After : Feb  2 22:00:29 2025 GMT
        Subject: CN=f0c71d43450596ce20b279eee3866453b93605bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:76:6a:31:c3:3c:31:78:6f:28:92:0d:e9:3a:
                    3f:3b:f4:6f:b5:cf:90:45:a6:49:fd:4b:a6:8e:6a:
                    7d:fa:84:a3:6e:ce:9a:e9:ba:25:1e:cb:10:ce:c8:
                    be:87:73:ce:66:80:e3:25:14:fc:a0:e4:3c:1d:93:
                    68:84:00:ba:15:41:4b:b6:b7:c5:ac:55:d3:cd:a7:
                    53:37:31:90:dc:5a:ec:41:af:19:a0:cd:e9:73:50:
                    00:d7:85:e5:27:b2:5c:e4:75:46:c1:6f:a9:bc:b4:
                    2c:fa:11:c5:a1:ed:59:dd:9f:51:c1:06:8d:21:1b:
                    6a:b4:95:1e:bd:c3:a2:43:0b:f0:c4:a4:ff:8f:67:
                    e3:fc:4d:5b:5a:1c:6e:a9:b4:05:5e:0c:44:f8:04:
                    61:96:00:a4:1b:4a:eb:21:cc:0d:34:33:4e:2b:5a:
                    93:23:29:74:06:0e:f1:47:6d:05:46:1c:25:5e:64:
                    ab:4d:c5:f2:a3:ff:67:20:4f:86:e8:ab:fb:85:e2:
                    82:6f:4d:e0:57:d3:06:fa:52:5b:2a:6c:a1:05:a1:
                    b4:1f:d7:b3:ce:25:b8:92:29:d9:42:8a:ad:8f:f3:
                    b2:6a:b5:9a:5b:69:ad:c2:ed:f0:35:d3:91:fb:75:
                    25:e1:1d:2a:91:36:76:2c:b6:f1:05:9e:34:c8:26:
                    97:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:C7:1D:43:45:05:96:CE:20:B2:79:EE:E3:86:64:53:B9:36:05:BD
            X509v3 Authority Key Identifier:
                keyid:2E:31:63:12:AD:2B:21:AA:9A:04:81:1F:62:AD:03:6B:F6:88:85:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LjFjEq0rIaqaBIEfYq0Da_aIhdk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:21:d2:72:09:6d:1f:ba:36:ea:46:94:c7:43:4d:fa:d9:8f:
         de:89:6b:85:fa:31:1f:3e:c0:be:93:54:2d:cb:60:aa:15:1b:
         d4:1b:05:b9:a4:29:9a:13:99:7b:ca:9a:9e:42:7c:09:09:2f:
         7b:95:b2:f4:af:47:90:d4:22:cf:9c:7b:ce:3b:cc:ae:d8:26:
         a7:7e:2a:01:b0:c1:71:65:09:d0:7f:00:7b:b5:3c:1a:0c:82:
         70:d1:1b:1e:a0:ca:e9:57:8d:19:62:ae:0d:c4:f5:60:5f:69:
         d3:0f:e0:61:14:46:78:39:75:9d:e3:7e:a6:e7:17:29:7c:a6:
         cd:56:85:5a:07:ba:93:07:f5:2c:9a:ef:db:fc:ab:50:4b:12:
         fa:67:b2:91:19:ab:a1:a1:86:be:9a:50:c7:75:a1:d4:74:fc:
         a5:6a:06:9b:1f:b2:37:30:05:13:c4:36:a5:cc:07:5a:64:61:
         a6:c5:58:dc:83:68:24:51:36:7f:7d:c8:81:79:15:db:f8:e3:
         fc:02:c4:bb:6c:44:bf:38:b9:5c:2a:f9:52:b2:59:43:ab:35:
         a5:e4:c1:3f:94:e8:73:5b:6d:7f:a0:e3:71:f8:c8:03:5e:d3:
         b8:6c:52:ec:12:85:c4:cd:f2:f8:1f:c5:b0:f1:68:ba:80:a4:
         0b:6c:04:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh5JkaXjPNtchuOaumZFUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMzE2MzEyYWQyYjIxYWE5YTA0ODExZjYyYWQwMzZiZjY4
ODg1ZDkwHhcNMjUwMjAxMjIwMDI5WhcNMjUwMjAyMjIwMDI5WjAzMTEwLwYDVQQD
EyhmMGM3MWQ0MzQ1MDU5NmNlMjBiMjc5ZWVlMzg2NjQ1M2I5MzYwNWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHZqMcM8MXhvKJIN6To/O/Rvtc+Q
RaZJ/Uumjmp9+oSjbs6a6bolHssQzsi+h3POZoDjJRT8oOQ8HZNohAC6FUFLtrfF
rFXTzadTNzGQ3FrsQa8ZoM3pc1AA14XlJ7Jc5HVGwW+pvLQs+hHFoe1Z3Z9RwQaN
IRtqtJUevcOiQwvwxKT/j2fj/E1bWhxuqbQFXgxE+ARhlgCkG0rrIcwNNDNOK1qT
Iyl0Bg7xR20FRhwlXmSrTcXyo/9nIE+G6Kv7heKCb03gV9MG+lJbKmyhBaG0H9ez
ziW4kinZQoqtj/OyarWaW2mtwu3wNdOR+3Ul4R0qkTZ2LLbxBZ40yCaXkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPDHHUNFBZbOILJ57uOGZFO5NgW9MB8GA1UdIwQY
MBaAFC4xYxKtKyGqmgSBH2KtA2v2iIXZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGpGakVxMHJJYXFhQklFZllxMERhX2FJaGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC83YjlkMmMtN2Q0OS00YTE5LWE1NWQt
M2I0NzY2NmQxMzY1LzEvTGpGakVxMHJJYXFhQklFZllxMERhX2FJaGRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC83YjlkMmMtN2Q0OS00YTE5LWE1NWQtM2I0NzY2NmQxMzY1
LzEvTGpGakVxMHJJYXFhQklFZllxMERhX2FJaGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIiHScglt
H7o26kaUx0NN+tmP3olrhfoxHz7AvpNULctgqhUb1BsFuaQpmhOZe8qankJ8CQkv
e5Wy9K9HkNQiz5x7zjvMrtgmp34qAbDBcWUJ0H8Ae7U8GgyCcNEbHqDK6VeNGWKu
DcT1YF9p0w/gYRRGeDl1neN+pucXKXymzVaFWge6kwf1LJrv2/yrUEsS+meykRmr
oaGGvppQx3Wh1HT8pWoGmx+yNzAFE8Q2pcwHWmRhpsVY3INoJFE2f33IgXkV2/jj
/ALEu2xEvzi5XCr5UrJZQ6s1peTBP5Toc1ttf6DjcfjIA17TuGxS7BKFxM3y+B/F
sPFouoCkC2wEfA==
-----END CERTIFICATE-----