Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft
File:                     lPO2Epw0Od376Q21BkyAZt6GSnI.mft (raw, json)
Hash identifier:          X2rSlfZ6Wug23AoISusVwt9nP92ggIApN5zq2JslJiE=
Subject key identifier:   5C:DB:61:D8:C8:0F:06:DA:99:20:3E:D3:F0:24:DA:E4:7B:D3:33:F7
Authority key identifier: 94:F3:B6:12:9C:34:39:DD:FB:E9:0D:B5:06:4C:80:66:DE:86:4A:72
Certificate issuer:       /CN=94f3b6129c3439ddfbe90db5064c8066de864a72
Certificate serial:       0195116BCDE4A26609898E398186BA5C2931
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft
Manifest number:          036A
Signing time:             Mon 17 Feb 2025 01:00:32 +0000
Manifest this update:     Mon 17 Feb 2025 01:00:32 +0000
Manifest next update:     Tue 18 Feb 2025 01:00:32 +0000
Files and hashes:         1: lPO2Epw0Od376Q21BkyAZt6GSnI.crl (hash: MOUgjaPBx8bqcM/txDW4bSxYMPeo5+PlQtNcUFfTYUg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:6b:cd:e4:a2:66:09:89:8e:39:81:86:ba:5c:29:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94f3b6129c3439ddfbe90db5064c8066de864a72
        Validity
            Not Before: Feb 17 01:00:32 2025 GMT
            Not After : Feb 18 01:00:32 2025 GMT
        Subject: CN=5cdb61d8c80f06da99203ed3f024dae47bd333f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:01:04:b4:a2:73:90:d9:67:65:3f:ea:3c:4e:
                    24:cf:82:89:af:98:c2:09:9d:4e:0c:0e:23:27:44:
                    6c:99:a2:2b:77:78:44:c8:31:cc:31:9b:ac:85:0d:
                    45:61:08:44:84:6f:12:11:af:42:15:b4:e7:0b:39:
                    9c:19:05:83:5a:ad:e9:29:c9:81:f7:1c:19:91:ae:
                    e9:57:b3:6c:82:db:44:8d:0a:47:96:76:91:ba:6c:
                    c1:00:b1:59:a5:ae:fd:00:52:38:9e:c6:84:ce:df:
                    92:73:f3:d2:da:48:5e:63:5b:77:e6:f5:c6:af:10:
                    e6:2a:2f:44:1c:4a:db:b9:40:b1:f9:42:f9:18:2a:
                    4e:7f:87:9f:5f:8f:a2:c5:cf:83:b4:73:d1:82:e2:
                    32:da:62:69:c2:e7:c0:dd:ae:83:34:79:e3:d0:81:
                    b0:3a:7f:11:6c:85:aa:38:02:c4:d8:6a:97:dc:81:
                    3c:25:07:89:63:67:de:a5:04:25:1f:a8:80:ed:e6:
                    81:27:a4:91:2c:b0:33:d7:d6:4a:27:20:02:cf:ee:
                    0d:cf:35:8c:44:85:31:a9:81:80:7f:04:0f:67:0d:
                    e3:e5:27:0e:e0:03:09:8e:2d:7f:6e:bf:52:6a:ce:
                    a6:9a:2b:a3:73:7b:9d:12:77:42:cb:0e:13:f0:f3:
                    99:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:DB:61:D8:C8:0F:06:DA:99:20:3E:D3:F0:24:DA:E4:7B:D3:33:F7
            X509v3 Authority Key Identifier:
                keyid:94:F3:B6:12:9C:34:39:DD:FB:E9:0D:B5:06:4C:80:66:DE:86:4A:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:1c:8a:14:d8:b6:4f:15:6b:cd:46:c3:21:b7:3c:c9:fe:12:
         1f:77:71:9d:bc:17:98:af:7d:82:6f:72:e4:f7:09:04:68:a7:
         d3:30:5a:d5:c2:68:99:37:54:75:2b:88:69:5c:79:0b:79:26:
         34:03:92:84:97:c1:c3:7e:a6:9e:ab:17:43:b0:08:5e:0f:ad:
         62:02:a9:fd:e8:89:a4:68:c2:96:3f:b8:30:93:bb:7d:dc:2a:
         07:10:3d:dc:02:42:e7:22:31:db:91:43:80:b5:e2:9c:10:ed:
         0f:1f:c5:f5:4e:4e:6c:5f:3a:c0:8e:cb:4e:e6:9d:20:23:12:
         00:55:46:58:ec:aa:f2:d4:20:c6:5a:e0:00:8b:8a:c0:6f:ff:
         69:27:eb:00:39:eb:b9:35:15:dd:81:82:f3:c9:74:d9:57:70:
         07:fc:24:5b:2c:2f:64:a4:32:f5:86:ec:33:8b:60:59:f5:9e:
         61:54:60:65:20:9d:01:c9:46:ca:f1:22:37:1e:67:43:62:18:
         69:5c:c9:52:b6:0b:d3:ba:8b:67:74:f9:07:d4:b3:a2:6f:a6:
         ec:6d:40:69:d8:c9:d9:ed:b2:ae:d1:28:07:e0:83:87:3f:09:
         47:59:4c:b2:c1:32:28:26:1b:dc:5f:c3:52:d1:41:f4:77:08:
         6b:44:84:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURa83komYJiY45gYa6XCkxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZjNiNjEyOWMzNDM5ZGRmYmU5MGRiNTA2NGM4MDY2ZGU4
NjRhNzIwHhcNMjUwMjE3MDEwMDMyWhcNMjUwMjE4MDEwMDMyWjAzMTEwLwYDVQQD
Eyg1Y2RiNjFkOGM4MGYwNmRhOTkyMDNlZDNmMDI0ZGFlNDdiZDMzM2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2AEEtKJzkNlnZT/qPE4kz4KJr5jC
CZ1ODA4jJ0RsmaIrd3hEyDHMMZushQ1FYQhEhG8SEa9CFbTnCzmcGQWDWq3pKcmB
9xwZka7pV7NsgttEjQpHlnaRumzBALFZpa79AFI4nsaEzt+Sc/PS2kheY1t35vXG
rxDmKi9EHErbuUCx+UL5GCpOf4efX4+ixc+DtHPRguIy2mJpwufA3a6DNHnj0IGw
On8RbIWqOALE2GqX3IE8JQeJY2fepQQlH6iA7eaBJ6SRLLAz19ZKJyACz+4NzzWM
RIUxqYGAfwQPZw3j5ScO4AMJji1/br9Sas6mmiujc3udEndCyw4T8POZCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFzbYdjIDwbamSA+0/Ak2uR70zP3MB8GA1UdIwQY
MBaAFJTzthKcNDnd++kNtQZMgGbehkpyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9kNDM1NzItYWQ5MS00NGFkLWFmYTEt
YjMzODJlNGFhN2MzLzEvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9kNDM1NzItYWQ5MS00NGFkLWFmYTEtYjMzODJlNGFhN2Mz
LzEvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANByKFNi2
TxVrzUbDIbc8yf4SH3dxnbwXmK99gm9y5PcJBGin0zBa1cJomTdUdSuIaVx5C3km
NAOShJfBw36mnqsXQ7AIXg+tYgKp/eiJpGjClj+4MJO7fdwqBxA93AJC5yIx25FD
gLXinBDtDx/F9U5ObF86wI7LTuadICMSAFVGWOyq8tQgxlrgAIuKwG//aSfrADnr
uTUV3YGC88l02VdwB/wkWywvZKQy9YbsM4tgWfWeYVRgZSCdAclGyvEiNx5nQ2IY
aVzJUrYL07qLZ3T5B9Szom+m7G1AadjJ2e2yrtEoB+CDhz8JR1lMssEyKCYb3F/D
UtFB9HcIa0SEtA==
-----END CERTIFICATE-----