Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft
File:                     LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft (raw, json)
Hash identifier:          3X24xIArouDXqhvm5c4X3zNIduHBGZO5fVtCHPv8qeg=
Subject key identifier:   FD:F7:87:42:CC:3D:18:DB:DD:8C:06:81:37:9C:77:9E:93:83:8A:58
Authority key identifier: 2E:31:63:12:AD:2B:21:AA:9A:04:81:1F:62:AD:03:6B:F6:88:85:D9
Certificate issuer:       /CN=2e316312ad2b21aa9a04811f62ad036bf68885d9
Certificate serial:       0196515B98801111C6A9D6EBD72A828E3040
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LjFjEq0rIaqaBIEfYq0Da_aIhdk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft
Manifest number:          0975
Signing time:             Sun 20 Apr 2025 04:01:19 +0000
Manifest this update:     Sun 20 Apr 2025 04:01:19 +0000
Manifest next update:     Mon 21 Apr 2025 04:01:19 +0000
Files and hashes:         1: LjFjEq0rIaqaBIEfYq0Da_aIhdk.crl (hash: VMeb9lYKhYJMGwFntw+/QS5w3nxncaLJEgigQRg4uyc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LjFjEq0rIaqaBIEfYq0Da_aIhdk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 04:01:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:51:5b:98:80:11:11:c6:a9:d6:eb:d7:2a:82:8e:30:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e316312ad2b21aa9a04811f62ad036bf68885d9
        Validity
            Not Before: Apr 20 04:01:19 2025 GMT
            Not After : Apr 21 04:01:19 2025 GMT
        Subject: CN=fdf78742cc3d18dbdd8c0681379c779e93838a58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:13:72:f3:ee:ec:c8:b0:fa:f2:ef:76:bd:ff:
                    fd:bd:6e:bb:6e:21:11:69:a8:95:df:9b:9e:a4:16:
                    45:45:a9:01:58:29:dc:ab:1b:e3:0c:ef:4c:76:05:
                    76:b4:e7:2c:6d:78:9d:04:fb:1c:69:8a:fe:eb:5f:
                    7c:91:10:d5:d8:a7:aa:3a:30:87:95:5b:73:84:94:
                    d6:93:4f:22:a3:9d:43:ea:9d:70:b9:34:e5:dc:23:
                    aa:b1:42:35:e7:1f:4f:7a:09:8c:04:ca:91:d2:a5:
                    18:7f:32:10:1b:70:ce:0c:58:53:78:d9:50:60:a0:
                    90:77:d8:ee:3a:fd:f1:15:08:2e:0b:56:15:b1:08:
                    f6:ea:62:2e:e3:6e:da:9a:41:74:5f:5a:56:d3:ef:
                    4c:9c:b1:14:b6:c7:a8:12:f1:43:7c:62:9f:2e:ed:
                    be:7d:23:00:52:a0:64:3f:8b:94:2c:ec:ae:14:70:
                    af:2b:5f:21:49:80:c1:53:9e:ca:cb:0a:52:cf:8e:
                    eb:1e:f5:b8:f3:c8:07:01:a6:bd:b2:9d:6c:a1:cc:
                    82:a9:64:b9:0e:3c:72:03:d1:ee:7b:11:b6:e2:98:
                    d5:fa:85:a4:21:67:00:7d:99:bf:84:f5:d4:c6:10:
                    7b:dc:f8:ba:86:8f:66:40:a3:10:df:bd:1b:54:2a:
                    ee:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:F7:87:42:CC:3D:18:DB:DD:8C:06:81:37:9C:77:9E:93:83:8A:58
            X509v3 Authority Key Identifier:
                keyid:2E:31:63:12:AD:2B:21:AA:9A:04:81:1F:62:AD:03:6B:F6:88:85:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LjFjEq0rIaqaBIEfYq0Da_aIhdk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:59:16:51:c4:e9:96:b1:46:c8:37:fa:76:68:0c:75:c2:70:
         cd:dd:3d:3a:67:6b:18:6b:a7:ff:0a:85:ea:2c:6b:ae:81:b9:
         7b:5f:a5:4f:86:0a:e6:69:9d:8e:09:d7:7c:0e:b5:cf:08:eb:
         cf:12:84:21:c1:79:6b:1e:0e:f5:d6:1c:78:d4:b4:96:bd:c4:
         b6:30:46:22:ee:f9:1a:97:b7:f7:6c:e8:58:6f:7c:7f:20:59:
         77:0a:96:03:21:ec:1e:24:c0:92:ea:9c:5b:b5:c5:26:70:ab:
         2e:ce:35:7a:f4:13:38:0b:21:a1:bd:d6:de:b6:86:3e:ff:1f:
         6c:f6:48:61:9f:e9:94:fc:2b:f7:87:96:48:57:52:00:c2:84:
         db:15:db:11:47:bd:bf:14:27:d0:96:54:97:c6:0d:20:d7:54:
         83:50:10:0f:b9:d9:55:96:b9:e9:58:04:5a:23:9b:44:74:fb:
         ca:ef:40:0e:a5:a3:31:89:ca:f3:b2:27:76:f5:a0:07:c3:b7:
         82:83:45:18:e3:20:91:1a:ff:f1:37:44:41:6e:96:12:6c:99:
         cb:09:45:c3:40:3b:aa:8c:d1:02:97:f6:ed:74:cd:a0:b8:31:
         87:6a:cc:4b:73:8c:5b:fb:32:ae:82:98:89:d4:83:06:fa:d1:
         a1:16:f2:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZRW5iAERHGqdbr1yqCjjBAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMzE2MzEyYWQyYjIxYWE5YTA0ODExZjYyYWQwMzZiZjY4
ODg1ZDkwHhcNMjUwNDIwMDQwMTE5WhcNMjUwNDIxMDQwMTE5WjAzMTEwLwYDVQQD
EyhmZGY3ODc0MmNjM2QxOGRiZGQ4YzA2ODEzNzljNzc5ZTkzODM4YTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhNy8+7syLD68u92vf/9vW67biER
aaiV35uepBZFRakBWCncqxvjDO9MdgV2tOcsbXidBPscaYr+6198kRDV2KeqOjCH
lVtzhJTWk08io51D6p1wuTTl3COqsUI15x9PegmMBMqR0qUYfzIQG3DODFhTeNlQ
YKCQd9juOv3xFQguC1YVsQj26mIu427amkF0X1pW0+9MnLEUtseoEvFDfGKfLu2+
fSMAUqBkP4uULOyuFHCvK18hSYDBU57KywpSz47rHvW488gHAaa9sp1socyCqWS5
DjxyA9HuexG24pjV+oWkIWcAfZm/hPXUxhB73Pi6ho9mQKMQ370bVCru8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP33h0LMPRjb3YwGgTecd56Tg4pYMB8GA1UdIwQY
MBaAFC4xYxKtKyGqmgSBH2KtA2v2iIXZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGpGakVxMHJJYXFhQklFZllxMERhX2FJaGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC83YjlkMmMtN2Q0OS00YTE5LWE1NWQt
M2I0NzY2NmQxMzY1LzEvTGpGakVxMHJJYXFhQklFZllxMERhX2FJaGRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC83YjlkMmMtN2Q0OS00YTE5LWE1NWQtM2I0NzY2NmQxMzY1
LzEvTGpGakVxMHJJYXFhQklFZllxMERhX2FJaGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS1kWUcTp
lrFGyDf6dmgMdcJwzd09OmdrGGun/wqF6ixrroG5e1+lT4YK5mmdjgnXfA61zwjr
zxKEIcF5ax4O9dYceNS0lr3EtjBGIu75Gpe392zoWG98fyBZdwqWAyHsHiTAkuqc
W7XFJnCrLs41evQTOAshob3W3raGPv8fbPZIYZ/plPwr94eWSFdSAMKE2xXbEUe9
vxQn0JZUl8YNINdUg1AQD7nZVZa56VgEWiObRHT7yu9ADqWjMYnK87IndvWgB8O3
goNFGOMgkRr/8TdEQW6WEmyZywlFw0A7qozRApf27XTNoLgxh2rMS3OMW/syroKY
idSDBvrRoRbyIA==
-----END CERTIFICATE-----