Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft
File:                     lPO2Epw0Od376Q21BkyAZt6GSnI.mft (raw, json)
Hash identifier:          yFOAH3hrBasOSm+BsMVMkg9/T5C8bw7uVlralt+3i1U=
Subject key identifier:   0D:37:7A:38:9D:16:4A:C7:82:A6:9E:8B:F4:41:09:86:FC:FB:BC:6C
Authority key identifier: 94:F3:B6:12:9C:34:39:DD:FB:E9:0D:B5:06:4C:80:66:DE:86:4A:72
Certificate issuer:       /CN=94f3b6129c3439ddfbe90db5064c8066de864a72
Certificate serial:       019653EDFF454047058BA7F8F28BD838D9EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft
Manifest number:          0411
Signing time:             Sun 20 Apr 2025 16:00:28 +0000
Manifest this update:     Sun 20 Apr 2025 16:00:28 +0000
Manifest next update:     Mon 21 Apr 2025 16:00:28 +0000
Files and hashes:         1: lPO2Epw0Od376Q21BkyAZt6GSnI.crl (hash: 19nA6V8vI5srrmShBJGa42aM9iOjBvF47pb7C5/PzMM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:ed:ff:45:40:47:05:8b:a7:f8:f2:8b:d8:38:d9:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94f3b6129c3439ddfbe90db5064c8066de864a72
        Validity
            Not Before: Apr 20 16:00:28 2025 GMT
            Not After : Apr 21 16:00:28 2025 GMT
        Subject: CN=0d377a389d164ac782a69e8bf4410986fcfbbc6c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:05:13:0b:97:fc:ea:c7:34:a5:55:ff:fa:a5:
                    d6:a8:b0:0a:af:e7:c1:f5:1a:0d:0d:b4:ff:23:5a:
                    67:48:24:d1:f2:00:5c:c9:ae:f8:32:e7:27:7d:cd:
                    92:45:a3:e6:5e:c3:1f:40:21:1e:7c:e8:41:19:20:
                    1e:d7:16:62:a7:c8:20:93:1a:d6:b0:d8:d1:cf:d8:
                    b0:20:f6:95:27:05:c8:49:c3:57:1e:dc:ce:e2:bb:
                    40:af:11:e9:0e:2e:23:67:1a:4c:4d:43:ef:5a:2a:
                    b0:e8:d2:5f:14:40:29:50:e5:0b:3b:aa:f8:62:f7:
                    f6:a6:13:ca:10:ff:29:a0:4a:67:6a:00:af:41:4d:
                    4b:98:4d:47:e2:76:79:28:77:e6:20:66:25:70:ca:
                    cf:98:bd:b0:ae:3d:4b:d6:91:ff:de:23:f2:67:59:
                    b2:98:9b:67:0b:48:7a:58:33:af:e6:69:f7:1b:37:
                    3d:bc:9d:5c:db:c6:43:27:99:7c:22:fe:22:05:84:
                    f8:58:cf:46:61:40:69:25:d3:f9:9b:b1:0b:32:62:
                    bb:90:24:0c:88:2a:97:19:07:e2:57:3e:1a:86:cf:
                    c3:b5:88:08:3a:5e:6d:f2:35:4f:1a:ec:2f:18:e0:
                    cc:14:b6:45:5b:cd:5a:ce:ce:1e:78:d8:6f:d9:ca:
                    c5:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:37:7A:38:9D:16:4A:C7:82:A6:9E:8B:F4:41:09:86:FC:FB:BC:6C
            X509v3 Authority Key Identifier:
                keyid:94:F3:B6:12:9C:34:39:DD:FB:E9:0D:B5:06:4C:80:66:DE:86:4A:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c2:e5:6d:c1:f0:4a:66:59:06:cc:a7:3c:e9:2e:e0:7c:f5:70:
         c4:ec:61:fa:fb:fa:77:81:83:e8:bf:51:32:95:1a:6b:55:ed:
         c7:eb:48:d9:11:39:2b:6f:52:4a:06:24:71:61:0f:8a:eb:cb:
         f8:6c:43:03:65:38:47:3c:da:71:9d:ed:13:42:fb:16:2b:a0:
         54:0e:96:0a:9b:0b:cd:a3:46:82:fa:52:62:8b:e9:56:9b:6e:
         84:c4:38:2b:0c:91:f7:fe:6f:54:75:51:81:73:23:1a:9d:5c:
         53:25:39:21:d7:c8:a0:65:70:c4:4c:05:ec:f1:8b:ef:7e:80:
         e5:11:79:ad:b2:a7:ce:d7:55:34:80:32:c0:d0:a2:1a:ee:7a:
         2c:f4:66:42:18:b4:b7:04:b6:70:40:52:f5:a0:75:6a:49:e5:
         ee:3d:ee:e4:1e:a5:24:08:67:4b:e2:3f:41:f7:6c:68:67:b6:
         c8:07:d9:77:a3:a1:a1:fc:36:5f:c3:7a:a5:75:7a:02:8b:fc:
         4f:df:ff:25:0d:23:ca:18:35:e5:fa:6d:55:13:fe:55:a4:c4:
         c3:4d:4a:b5:d6:49:8d:ca:ea:8c:59:dc:8a:ac:c1:54:d5:28:
         45:84:dc:b0:6b:1b:61:31:3f:8b:3f:13:ce:cc:5c:57:8e:46:
         00:12:23:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZT7f9FQEcFi6f48ovYONnvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZjNiNjEyOWMzNDM5ZGRmYmU5MGRiNTA2NGM4MDY2ZGU4
NjRhNzIwHhcNMjUwNDIwMTYwMDI4WhcNMjUwNDIxMTYwMDI4WjAzMTEwLwYDVQQD
EygwZDM3N2EzODlkMTY0YWM3ODJhNjllOGJmNDQxMDk4NmZjZmJiYzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwUTC5f86sc0pVX/+qXWqLAKr+fB
9RoNDbT/I1pnSCTR8gBcya74Mucnfc2SRaPmXsMfQCEefOhBGSAe1xZip8ggkxrW
sNjRz9iwIPaVJwXIScNXHtzO4rtArxHpDi4jZxpMTUPvWiqw6NJfFEApUOULO6r4
Yvf2phPKEP8poEpnagCvQU1LmE1H4nZ5KHfmIGYlcMrPmL2wrj1L1pH/3iPyZ1my
mJtnC0h6WDOv5mn3Gzc9vJ1c28ZDJ5l8Iv4iBYT4WM9GYUBpJdP5m7ELMmK7kCQM
iCqXGQfiVz4ahs/DtYgIOl5t8jVPGuwvGODMFLZFW81azs4eeNhv2crFOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA03ejidFkrHgqaei/RBCYb8+7xsMB8GA1UdIwQY
MBaAFJTzthKcNDnd++kNtQZMgGbehkpyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9kNDM1NzItYWQ5MS00NGFkLWFmYTEt
YjMzODJlNGFhN2MzLzEvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9kNDM1NzItYWQ5MS00NGFkLWFmYTEtYjMzODJlNGFhN2Mz
LzEvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwuVtwfBK
ZlkGzKc86S7gfPVwxOxh+vv6d4GD6L9RMpUaa1Xtx+tI2RE5K29SSgYkcWEPiuvL
+GxDA2U4RzzacZ3tE0L7FiugVA6WCpsLzaNGgvpSYovpVptuhMQ4KwyR9/5vVHVR
gXMjGp1cUyU5IdfIoGVwxEwF7PGL736A5RF5rbKnztdVNIAywNCiGu56LPRmQhi0
twS2cEBS9aB1aknl7j3u5B6lJAhnS+I/QfdsaGe2yAfZd6Ohofw2X8N6pXV6Aov8
T9//JQ0jyhg15fptVRP+VaTEw01KtdZJjcrqjFnciqzBVNUoRYTcsGsbYTE/iz8T
zsxcV45GABIj9w==
-----END CERTIFICATE-----