Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft
File:                     LsJnz2xrO4jpahG_KemnOlWMXkA.mft (raw, json)
Hash identifier:          c3/r+6Fq8vt6583B7DHytygaP+SwOkUZnJSyXitjxT4=
Subject key identifier:   16:6D:A4:F2:BC:1E:76:3C:68:8B:E1:95:33:B3:0E:25:89:E8:51:6E
Authority key identifier: 2E:C2:67:CF:6C:6B:3B:88:E9:6A:11:BF:29:E9:A7:3A:55:8C:5E:40
Certificate issuer:       /CN=2ec267cf6c6b3b88e96a11bf29e9a73a558c5e40
Certificate serial:       0196BFA593DCDB62D43C10FE881178DDD3FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LsJnz2xrO4jpahG_KemnOlWMXkA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft
Manifest number:          14C4
Signing time:             Sun 11 May 2025 14:00:21 +0000
Manifest this update:     Sun 11 May 2025 14:00:21 +0000
Manifest next update:     Mon 12 May 2025 14:00:21 +0000
Files and hashes:         1: LsJnz2xrO4jpahG_KemnOlWMXkA.crl (hash: oSAfDjsSPrJCoQnoT1vsmIHk+mVi0lpMdzlKQf0edAI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LsJnz2xrO4jpahG_KemnOlWMXkA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 14:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bf:a5:93:dc:db:62:d4:3c:10:fe:88:11:78:dd:d3:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ec267cf6c6b3b88e96a11bf29e9a73a558c5e40
        Validity
            Not Before: May 11 14:00:21 2025 GMT
            Not After : May 12 14:00:21 2025 GMT
        Subject: CN=166da4f2bc1e763c688be19533b30e2589e8516e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:32:e8:2a:44:2b:a5:4c:32:fb:fc:aa:08:7a:
                    8f:fe:3a:62:cc:b3:61:a3:a7:87:db:62:a1:1d:0e:
                    58:a6:9b:3a:12:f9:c4:90:21:9a:ff:33:53:e0:89:
                    8d:02:3f:95:d3:d4:20:19:a5:59:0d:2c:b5:dd:94:
                    f4:79:ba:26:f3:86:e5:5a:99:8b:3f:e4:e1:46:08:
                    a5:c2:2b:63:c7:e3:b1:41:79:0d:e7:59:5d:89:99:
                    fb:ce:51:8f:d2:91:a9:13:6f:07:13:12:c0:b3:2c:
                    d5:93:45:e3:4f:ed:7f:9d:47:fe:8f:7d:fb:14:5e:
                    3a:ce:bf:fa:c0:99:be:dd:2c:c6:c6:b3:de:c8:af:
                    bc:c7:33:a6:df:ce:1c:71:b4:9d:39:8a:94:c3:a4:
                    ce:f5:cb:0d:0f:e1:23:b4:bf:42:45:04:bf:3d:75:
                    72:ab:79:d4:21:ab:8f:f2:f5:1c:1a:1d:2d:67:dd:
                    95:ed:56:c5:42:87:03:41:5b:66:12:7d:e0:86:0d:
                    fe:39:75:7d:80:a1:df:86:fb:a9:c7:a5:4c:fa:07:
                    60:9a:6e:8c:e9:e4:e8:0b:d1:8f:7b:a1:aa:13:3b:
                    05:e2:bb:36:61:41:00:dc:6c:ef:d7:89:85:eb:ad:
                    96:75:ac:17:78:1a:ca:d0:86:1f:73:06:3f:d8:22:
                    9e:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:6D:A4:F2:BC:1E:76:3C:68:8B:E1:95:33:B3:0E:25:89:E8:51:6E
            X509v3 Authority Key Identifier:
                keyid:2E:C2:67:CF:6C:6B:3B:88:E9:6A:11:BF:29:E9:A7:3A:55:8C:5E:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LsJnz2xrO4jpahG_KemnOlWMXkA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:ee:2e:de:1f:c1:d0:6e:82:42:b8:cd:3a:f6:a9:d5:08:6d:
         72:f0:2f:54:89:4b:23:77:8d:75:48:c9:97:e8:01:aa:11:43:
         c2:bf:52:41:d3:bb:ef:19:80:b9:18:6b:2c:12:87:fa:f1:56:
         c5:8a:fd:2b:76:a6:f2:71:20:87:84:b4:cc:e7:03:48:38:1f:
         fc:56:36:05:04:fa:a1:68:aa:3b:8d:79:b1:77:41:b7:2c:6c:
         45:76:4c:a8:c1:5e:38:26:99:f2:f4:cd:fc:af:74:9d:7a:45:
         22:7e:08:60:de:17:b5:a7:95:39:d6:13:e8:c7:81:87:e9:34:
         f2:7f:7f:a5:82:50:03:7f:a7:34:60:0b:0e:92:19:af:5a:0e:
         9f:82:8b:29:7b:c7:55:f9:21:4e:dd:56:22:ec:67:00:51:63:
         64:bc:68:e1:9b:bb:fa:30:48:80:db:af:40:af:d4:fa:ef:35:
         ef:71:a1:33:39:7e:d7:77:35:53:c3:b9:1f:73:c5:3d:5c:50:
         84:8a:bd:f4:1d:d9:5b:92:06:2f:b3:30:ff:da:c3:f5:86:1f:
         d2:a4:78:1f:60:cf:47:df:bb:62:57:bd:16:46:97:fe:1b:95:
         38:a9:00:ef:53:ea:cd:75:d2:ba:d1:9f:0f:cf:60:1c:fc:be:
         5c:bb:7c:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa/pZPc22LUPBD+iBF43dP9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlYzI2N2NmNmM2YjNiODhlOTZhMTFiZjI5ZTlhNzNhNTU4
YzVlNDAwHhcNMjUwNTExMTQwMDIxWhcNMjUwNTEyMTQwMDIxWjAzMTEwLwYDVQQD
EygxNjZkYTRmMmJjMWU3NjNjNjg4YmUxOTUzM2IzMGUyNTg5ZTg1MTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDLoKkQrpUwy+/yqCHqP/jpizLNh
o6eH22KhHQ5Ypps6EvnEkCGa/zNT4ImNAj+V09QgGaVZDSy13ZT0ebom84blWpmL
P+ThRgilwitjx+OxQXkN51ldiZn7zlGP0pGpE28HExLAsyzVk0XjT+1/nUf+j337
FF46zr/6wJm+3SzGxrPeyK+8xzOm384ccbSdOYqUw6TO9csND+EjtL9CRQS/PXVy
q3nUIauP8vUcGh0tZ92V7VbFQocDQVtmEn3ghg3+OXV9gKHfhvupx6VM+gdgmm6M
6eToC9GPe6GqEzsF4rs2YUEA3Gzv14mF662WdawXeBrK0IYfcwY/2CKejQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBZtpPK8HnY8aIvhlTOzDiWJ6FFuMB8GA1UdIwQY
MBaAFC7CZ89sazuI6WoRvynppzpVjF5AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHNKbnoyeHJPNGpwYWhHX0tlbW5PbFdNWGtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9jZWEwMWItZWU5NC00YTAyLThkNjIt
MGRjMDFmYzg4MTQxLzEvTHNKbnoyeHJPNGpwYWhHX0tlbW5PbFdNWGtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9jZWEwMWItZWU5NC00YTAyLThkNjItMGRjMDFmYzg4MTQx
LzEvTHNKbnoyeHJPNGpwYWhHX0tlbW5PbFdNWGtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlu4u3h/B
0G6CQrjNOvap1QhtcvAvVIlLI3eNdUjJl+gBqhFDwr9SQdO77xmAuRhrLBKH+vFW
xYr9K3am8nEgh4S0zOcDSDgf/FY2BQT6oWiqO415sXdBtyxsRXZMqMFeOCaZ8vTN
/K90nXpFIn4IYN4XtaeVOdYT6MeBh+k08n9/pYJQA3+nNGALDpIZr1oOn4KLKXvH
VfkhTt1WIuxnAFFjZLxo4Zu7+jBIgNuvQK/U+u8173GhMzl+13c1U8O5H3PFPVxQ
hIq99B3ZW5IGL7Mw/9rD9YYf0qR4H2DPR9+7Yle9FkaX/huVOKkA71PqzXXSutGf
D89gHPy+XLt8dQ==
-----END CERTIFICATE-----