Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/9d9112-f57e-49c7-a93b-d8549edf7cef/1/dLMSaPL_fozq3x3pX5fwsdKxX5Y.mft
File:                     dLMSaPL_fozq3x3pX5fwsdKxX5Y.mft (raw, json)
Hash identifier:          zdCLEFlchbeFSKcNBkwknpRy4rutyb76lCbSax/zyis=
Subject key identifier:   E8:ED:72:00:D8:8F:82:93:28:E9:07:B5:94:72:96:59:6D:24:6B:76
Authority key identifier: 74:B3:12:68:F2:FF:7E:8C:EA:DF:1D:E9:5F:97:F0:B1:D2:B1:5F:96
Certificate issuer:       /CN=74b31268f2ff7e8ceadf1de95f97f0b1d2b15f96
Certificate serial:       0196C0142B827DFB32F861F3F30FE2A313D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dLMSaPL_fozq3x3pX5fwsdKxX5Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/9d9112-f57e-49c7-a93b-d8549edf7cef/1/dLMSaPL_fozq3x3pX5fwsdKxX5Y.mft
Manifest number:          1007
Signing time:             Sun 11 May 2025 16:01:09 +0000
Manifest this update:     Sun 11 May 2025 16:01:09 +0000
Manifest next update:     Mon 12 May 2025 16:01:09 +0000
Files and hashes:         1: dLMSaPL_fozq3x3pX5fwsdKxX5Y.crl (hash: M8MxcsF5o5UkqPMRIx7hcaiIfwMXM23IoVYFxmQzayA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/9d9112-f57e-49c7-a93b-d8549edf7cef/1/dLMSaPL_fozq3x3pX5fwsdKxX5Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/9d9112-f57e-49c7-a93b-d8549edf7cef/1/dLMSaPL_fozq3x3pX5fwsdKxX5Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dLMSaPL_fozq3x3pX5fwsdKxX5Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c0:14:2b:82:7d:fb:32:f8:61:f3:f3:0f:e2:a3:13:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74b31268f2ff7e8ceadf1de95f97f0b1d2b15f96
        Validity
            Not Before: May 11 16:01:09 2025 GMT
            Not After : May 12 16:01:09 2025 GMT
        Subject: CN=e8ed7200d88f829328e907b5947296596d246b76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:7a:91:ba:09:11:59:86:7f:cd:fe:5c:5c:24:
                    a0:66:21:b8:0c:a4:b6:75:1f:7d:0e:12:9b:05:97:
                    05:67:3c:c6:6a:6b:67:b2:2a:76:88:7d:cf:73:9e:
                    d6:91:61:78:4a:61:99:b8:4e:ba:36:06:ca:d6:ae:
                    96:58:b7:e0:82:aa:84:58:89:d2:b5:2f:a1:89:34:
                    8c:54:b9:cd:1d:7f:24:25:86:ff:0c:1e:10:6c:8b:
                    47:82:dc:da:b3:d2:cd:36:d5:38:0c:ef:10:01:21:
                    60:87:e4:41:0e:b5:fb:c2:12:15:14:57:e3:56:15:
                    53:f8:65:7f:11:3a:ab:ac:57:8a:d8:5a:09:de:e4:
                    7a:ee:8f:4b:6c:ec:97:fb:37:dd:55:a1:c7:1c:4f:
                    98:1e:3f:cd:89:ab:94:de:12:cd:17:e6:94:d8:1a:
                    ff:33:9a:61:4d:c7:01:cb:5a:d4:7c:4c:20:b7:88:
                    8e:85:cf:06:64:48:60:6c:7b:0f:79:8b:fe:ec:11:
                    b4:ca:12:94:d5:d7:01:eb:34:33:0b:0b:56:10:bf:
                    63:d4:69:73:20:9a:41:40:bb:39:dd:d1:20:62:78:
                    6b:8f:42:bb:8d:55:7c:55:71:60:7e:9e:ba:14:17:
                    6e:1e:34:7c:9b:f4:19:60:78:b6:39:25:56:36:f3:
                    d2:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:ED:72:00:D8:8F:82:93:28:E9:07:B5:94:72:96:59:6D:24:6B:76
            X509v3 Authority Key Identifier:
                keyid:74:B3:12:68:F2:FF:7E:8C:EA:DF:1D:E9:5F:97:F0:B1:D2:B1:5F:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dLMSaPL_fozq3x3pX5fwsdKxX5Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/9d9112-f57e-49c7-a93b-d8549edf7cef/1/dLMSaPL_fozq3x3pX5fwsdKxX5Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/9d9112-f57e-49c7-a93b-d8549edf7cef/1/dLMSaPL_fozq3x3pX5fwsdKxX5Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:12:96:63:b0:95:df:4b:0e:66:32:e7:da:42:f9:a3:c8:84:
         af:f7:d4:14:fe:00:6c:3e:b2:c6:04:c8:8e:47:f6:e5:16:1c:
         4d:df:28:48:bc:54:ea:0b:55:1c:2a:f2:16:c6:05:b0:84:97:
         c6:1f:23:1d:e1:f6:e0:a6:bd:5e:05:54:5a:f7:1f:d9:45:80:
         4b:71:ec:ba:c4:ae:9c:bf:ba:b4:28:26:e0:75:a8:32:f9:a5:
         ae:ff:f7:09:c1:cc:cf:67:0f:b4:94:af:c2:54:a3:be:4e:b4:
         fe:b5:8c:36:6c:e5:1f:51:df:34:3b:0b:77:ce:f7:16:db:d1:
         ec:70:bf:f3:1f:12:82:91:3d:8e:a8:9c:03:1a:ee:76:2e:69:
         70:db:9a:51:bf:6a:22:be:78:62:d7:e9:c0:a8:9d:78:b3:d3:
         00:a9:c9:ea:e9:3b:83:ab:8d:91:c1:f8:b7:c0:0a:aa:b4:8d:
         a7:dc:e4:29:d0:6e:bb:93:2c:2c:ca:e0:0b:08:5a:8e:35:ed:
         ef:e7:73:03:15:73:bb:e0:d1:ba:a9:f1:c0:02:3a:d1:b7:92:
         6d:c2:de:28:fc:35:f0:bd:cc:3c:04:7a:26:b3:bd:d4:03:3b:
         31:01:c7:bd:4e:e0:38:76:d5:2b:7e:50:fe:6f:4f:e8:ad:8f:
         bc:84:d1:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbAFCuCffsy+GHz8w/ioxPWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YjMxMjY4ZjJmZjdlOGNlYWRmMWRlOTVmOTdmMGIxZDJi
MTVmOTYwHhcNMjUwNTExMTYwMTA5WhcNMjUwNTEyMTYwMTA5WjAzMTEwLwYDVQQD
EyhlOGVkNzIwMGQ4OGY4MjkzMjhlOTA3YjU5NDcyOTY1OTZkMjQ2Yjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXqRugkRWYZ/zf5cXCSgZiG4DKS2
dR99DhKbBZcFZzzGamtnsip2iH3Pc57WkWF4SmGZuE66NgbK1q6WWLfggqqEWInS
tS+hiTSMVLnNHX8kJYb/DB4QbItHgtzas9LNNtU4DO8QASFgh+RBDrX7whIVFFfj
VhVT+GV/ETqrrFeK2FoJ3uR67o9LbOyX+zfdVaHHHE+YHj/NiauU3hLNF+aU2Br/
M5phTccBy1rUfEwgt4iOhc8GZEhgbHsPeYv+7BG0yhKU1dcB6zQzCwtWEL9j1Glz
IJpBQLs53dEgYnhrj0K7jVV8VXFgfp66FBduHjR8m/QZYHi2OSVWNvPSsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOjtcgDYj4KTKOkHtZRyllltJGt2MB8GA1UdIwQY
MBaAFHSzEmjy/36M6t8d6V+X8LHSsV+WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZExNU2FQTF9mb3pxM3gzcFg1ZndzZEt4WDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS85ZDkxMTItZjU3ZS00OWM3LWE5M2It
ZDg1NDllZGY3Y2VmLzEvZExNU2FQTF9mb3pxM3gzcFg1ZndzZEt4WDVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS85ZDkxMTItZjU3ZS00OWM3LWE5M2ItZDg1NDllZGY3Y2Vm
LzEvZExNU2FQTF9mb3pxM3gzcFg1ZndzZEt4WDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAchKWY7CV
30sOZjLn2kL5o8iEr/fUFP4AbD6yxgTIjkf25RYcTd8oSLxU6gtVHCryFsYFsISX
xh8jHeH24Ka9XgVUWvcf2UWAS3HsusSunL+6tCgm4HWoMvmlrv/3CcHMz2cPtJSv
wlSjvk60/rWMNmzlH1HfNDsLd873FtvR7HC/8x8SgpE9jqicAxrudi5pcNuaUb9q
Ir54YtfpwKideLPTAKnJ6uk7g6uNkcH4t8AKqrSNp9zkKdBuu5MsLMrgCwhajjXt
7+dzAxVzu+DRuqnxwAI60beSbcLeKPw18L3MPAR6JrO91AM7MQHHvU7gOHbVK35Q
/m9P6K2PvITR6g==
-----END CERTIFICATE-----