Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/0add7c-a28c-4ae8-8885-01ce06d315cd/1/LKzIXJmo4dt9HFImfC3b08OeGLI.mft
File:                     LKzIXJmo4dt9HFImfC3b08OeGLI.mft (raw, json)
Hash identifier:          3nCVeriJAgbHIX6QK/RJ1Kc7RO3uigh6jdfwLmYEY+A=
Subject key identifier:   72:D6:B6:8A:71:8E:47:9D:0A:2D:15:A8:CE:83:4F:D4:9F:78:35:A5
Authority key identifier: 2C:AC:C8:5C:99:A8:E1:DB:7D:1C:52:26:7C:2D:DB:D3:C3:9E:18:B2
Certificate issuer:       /CN=2cacc85c99a8e1db7d1c52267c2ddbd3c39e18b2
Certificate serial:       0195903CBC5FCC0DD77265C28E3400C47A75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LKzIXJmo4dt9HFImfC3b08OeGLI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/0add7c-a28c-4ae8-8885-01ce06d315cd/1/LKzIXJmo4dt9HFImfC3b08OeGLI.mft
Manifest number:          0BAF
Signing time:             Thu 13 Mar 2025 16:00:54 +0000
Manifest this update:     Thu 13 Mar 2025 16:00:54 +0000
Manifest next update:     Fri 14 Mar 2025 16:00:54 +0000
Files and hashes:         1: LKzIXJmo4dt9HFImfC3b08OeGLI.crl (hash: dkybs+sOhO1GZd8yRfQ2VsgQrkvZ03gF+Hz140Yj/+o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c8/0add7c-a28c-4ae8-8885-01ce06d315cd/1/LKzIXJmo4dt9HFImfC3b08OeGLI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c8/0add7c-a28c-4ae8-8885-01ce06d315cd/1/LKzIXJmo4dt9HFImfC3b08OeGLI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LKzIXJmo4dt9HFImfC3b08OeGLI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 14 Mar 2025 09:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:90:3c:bc:5f:cc:0d:d7:72:65:c2:8e:34:00:c4:7a:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2cacc85c99a8e1db7d1c52267c2ddbd3c39e18b2
        Validity
            Not Before: Mar 13 16:00:54 2025 GMT
            Not After : Mar 14 16:00:54 2025 GMT
        Subject: CN=72d6b68a718e479d0a2d15a8ce834fd49f7835a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:1b:cc:2c:bb:d5:78:69:c2:c5:e1:fa:a9:16:
                    43:67:5e:e9:e1:f5:d6:48:04:7b:d6:7d:f9:91:0a:
                    31:53:6c:a9:93:03:9b:ab:f6:35:0c:f8:37:0c:37:
                    cd:dd:30:8c:70:8d:c9:d1:91:c8:3c:88:95:3d:3d:
                    a5:b3:e2:d1:56:53:5d:98:97:44:83:56:b0:50:1b:
                    96:75:e3:aa:c1:90:22:38:0b:c4:7d:47:ce:2d:ba:
                    81:d2:e5:5f:8c:6f:66:02:e4:c1:09:e9:bc:23:75:
                    b3:0f:d8:a5:a0:e0:a2:e9:a5:ed:52:f8:5a:d7:59:
                    2c:8f:06:c8:95:c7:e2:6b:87:eb:8b:ed:2a:30:b7:
                    aa:cd:f8:15:49:34:50:af:b7:46:d2:e9:8c:e2:25:
                    65:ad:05:00:b6:41:21:f4:29:79:40:7d:03:99:75:
                    03:df:43:9a:c6:91:f8:2f:7a:63:76:83:a4:aa:dd:
                    b3:4d:e7:1c:ce:90:06:4b:5a:68:fa:b6:30:f3:83:
                    db:05:43:af:51:d0:f9:bd:d3:fd:f5:e1:1e:ca:42:
                    b1:3f:d9:d3:a2:09:cc:e6:9d:81:fe:8b:6d:5d:44:
                    91:95:1c:e1:41:28:d9:26:c1:c8:b5:3f:49:67:44:
                    bb:c5:22:25:79:31:fb:ad:d8:96:c1:da:4b:b3:6f:
                    2e:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:D6:B6:8A:71:8E:47:9D:0A:2D:15:A8:CE:83:4F:D4:9F:78:35:A5
            X509v3 Authority Key Identifier:
                keyid:2C:AC:C8:5C:99:A8:E1:DB:7D:1C:52:26:7C:2D:DB:D3:C3:9E:18:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LKzIXJmo4dt9HFImfC3b08OeGLI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/0add7c-a28c-4ae8-8885-01ce06d315cd/1/LKzIXJmo4dt9HFImfC3b08OeGLI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/0add7c-a28c-4ae8-8885-01ce06d315cd/1/LKzIXJmo4dt9HFImfC3b08OeGLI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:69:ba:65:ae:57:32:ed:c5:69:0a:ac:7f:21:e2:a4:64:a3:
         b9:29:48:ef:02:53:49:1c:2f:a6:0b:b6:78:bf:16:6d:57:e5:
         52:47:38:91:e0:b5:0a:0f:50:bf:eb:0c:37:3e:a3:53:39:a7:
         81:b6:6b:63:a6:d7:83:2e:e9:73:99:45:92:67:7f:01:1d:c6:
         79:41:0d:97:9d:80:ef:e6:d8:0f:19:e0:a0:38:79:79:4d:e6:
         84:23:20:c1:3b:e0:ce:b8:9f:56:0f:8b:6f:96:af:3f:53:f9:
         f2:27:5c:ad:02:8c:f4:b9:ef:18:e4:9f:ac:7a:3f:b4:37:f7:
         3f:ee:5e:1d:de:b1:a9:bf:9d:8c:d9:a1:28:6d:d1:2a:4a:e5:
         12:d6:4e:3e:59:b5:9d:f2:39:4d:f8:14:ca:7f:3e:45:88:5d:
         42:8a:3c:f1:5c:00:43:6b:3c:85:5f:a7:f9:ab:35:aa:53:68:
         f1:8b:53:4f:55:39:32:7f:8e:c2:4c:33:18:3a:1e:43:36:09:
         13:7c:85:b6:c5:67:8e:00:9b:cf:8d:8a:b4:45:4f:da:a2:36:
         e0:7c:5a:e2:5e:61:3f:2a:98:08:63:2d:83:3c:df:2e:04:d9:
         a6:0a:26:92:52:e8:f4:dc:bd:cc:95:ca:64:ec:36:13:fd:cd:
         90:92:56:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWQPLxfzA3XcmXCjjQAxHp1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjYWNjODVjOTlhOGUxZGI3ZDFjNTIyNjdjMmRkYmQzYzM5
ZTE4YjIwHhcNMjUwMzEzMTYwMDU0WhcNMjUwMzE0MTYwMDU0WjAzMTEwLwYDVQQD
Eyg3MmQ2YjY4YTcxOGU0NzlkMGEyZDE1YThjZTgzNGZkNDlmNzgzNWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxvMLLvVeGnCxeH6qRZDZ17p4fXW
SAR71n35kQoxU2ypkwObq/Y1DPg3DDfN3TCMcI3J0ZHIPIiVPT2ls+LRVlNdmJdE
g1awUBuWdeOqwZAiOAvEfUfOLbqB0uVfjG9mAuTBCem8I3WzD9iloOCi6aXtUvha
11ksjwbIlcfia4fri+0qMLeqzfgVSTRQr7dG0umM4iVlrQUAtkEh9Cl5QH0DmXUD
30OaxpH4L3pjdoOkqt2zTecczpAGS1po+rYw84PbBUOvUdD5vdP99eEeykKxP9nT
ognM5p2B/ottXUSRlRzhQSjZJsHItT9JZ0S7xSIleTH7rdiWwdpLs28ujwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHLWtopxjkedCi0VqM6DT9SfeDWlMB8GA1UdIwQY
MBaAFCysyFyZqOHbfRxSJnwt29PDnhiyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEt6SVhKbW80ZHQ5SEZJbWZDM2IwOE9lR0xJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8wYWRkN2MtYTI4Yy00YWU4LTg4ODUt
MDFjZTA2ZDMxNWNkLzEvTEt6SVhKbW80ZHQ5SEZJbWZDM2IwOE9lR0xJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8wYWRkN2MtYTI4Yy00YWU4LTg4ODUtMDFjZTA2ZDMxNWNk
LzEvTEt6SVhKbW80ZHQ5SEZJbWZDM2IwOE9lR0xJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqmm6Za5X
Mu3FaQqsfyHipGSjuSlI7wJTSRwvpgu2eL8WbVflUkc4keC1Cg9Qv+sMNz6jUzmn
gbZrY6bXgy7pc5lFkmd/AR3GeUENl52A7+bYDxngoDh5eU3mhCMgwTvgzrifVg+L
b5avP1P58idcrQKM9LnvGOSfrHo/tDf3P+5eHd6xqb+djNmhKG3RKkrlEtZOPlm1
nfI5TfgUyn8+RYhdQoo88VwAQ2s8hV+n+as1qlNo8YtTT1U5Mn+OwkwzGDoeQzYJ
E3yFtsVnjgCbz42KtEVP2qI24Hxa4l5hPyqYCGMtgzzfLgTZpgomklLo9Ny9zJXK
ZOw2E/3NkJJWTQ==
-----END CERTIFICATE-----