Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/edc41e-352e-412b-9ae6-a0951ef7dfcd/1/lkptHqRrxAuqMavE9ByQZn7-Nu0.mft
File:                     lkptHqRrxAuqMavE9ByQZn7-Nu0.mft (raw, json)
Hash identifier:          Ltgr+xhVGCQEMiloMbeT1XNw6ngUHaZ0gEkYPNNBToI=
Subject key identifier:   BC:40:AF:F2:96:FF:71:BB:F8:24:7D:E0:E7:00:0C:E4:FA:90:69:32
Authority key identifier: 96:4A:6D:1E:A4:6B:C4:0B:AA:31:AB:C4:F4:1C:90:66:7E:FE:36:ED
Certificate issuer:       /CN=964a6d1ea46bc40baa31abc4f41c90667efe36ed
Certificate serial:       0196B1EAB869395F6B9289363939474623EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lkptHqRrxAuqMavE9ByQZn7-Nu0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/edc41e-352e-412b-9ae6-a0951ef7dfcd/1/lkptHqRrxAuqMavE9ByQZn7-Nu0.mft
Manifest number:          05FA
Signing time:             Thu 08 May 2025 22:01:11 +0000
Manifest this update:     Thu 08 May 2025 22:01:11 +0000
Manifest next update:     Fri 09 May 2025 22:01:11 +0000
Files and hashes:         1: lkptHqRrxAuqMavE9ByQZn7-Nu0.crl (hash: AUhystEYec6i1flz605W8KXIgk3NsvQbkBdzKUSQbKI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/edc41e-352e-412b-9ae6-a0951ef7dfcd/1/lkptHqRrxAuqMavE9ByQZn7-Nu0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/edc41e-352e-412b-9ae6-a0951ef7dfcd/1/lkptHqRrxAuqMavE9ByQZn7-Nu0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lkptHqRrxAuqMavE9ByQZn7-Nu0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 09 May 2025 22:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b1:ea:b8:69:39:5f:6b:92:89:36:39:39:47:46:23:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=964a6d1ea46bc40baa31abc4f41c90667efe36ed
        Validity
            Not Before: May  8 22:01:11 2025 GMT
            Not After : May  9 22:01:11 2025 GMT
        Subject: CN=bc40aff296ff71bbf8247de0e7000ce4fa906932
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:0f:dc:fe:aa:f4:18:d1:a9:64:1e:c8:d2:43:
                    46:44:c4:80:9c:cd:44:25:04:f6:f3:a5:f8:45:65:
                    04:10:46:31:83:48:c9:c3:e4:2d:e2:98:23:f4:ce:
                    5b:bf:2d:a0:f7:7a:48:37:ef:6f:ee:4c:61:e7:e7:
                    9d:64:3e:40:11:57:09:5b:a2:c3:9c:ad:f6:a9:68:
                    ce:2b:e2:04:51:66:66:5c:6c:49:bd:b7:57:4a:d4:
                    29:12:e8:a3:6f:2a:b1:8c:b2:fb:6b:7f:52:21:ef:
                    64:fd:a3:5c:27:0c:59:e0:13:d3:c5:5b:9f:4f:3d:
                    93:0c:8b:18:aa:04:5d:56:53:b7:71:b0:fc:92:49:
                    60:16:49:0c:24:3c:6e:ab:74:04:d8:37:df:fd:04:
                    61:69:34:45:1e:25:30:c1:58:78:5a:e7:1a:b9:60:
                    34:a5:13:d9:1e:9b:0a:ee:23:28:8e:5a:d7:49:e1:
                    27:3e:c7:1f:45:40:f6:62:ca:fd:21:d2:78:d2:b4:
                    6f:c1:5e:f9:94:88:33:1e:bd:c4:8f:37:df:cc:78:
                    b8:0b:cb:0c:e3:00:d9:84:a8:07:af:93:37:7a:00:
                    c2:0e:64:2e:5c:22:fa:c7:e3:4a:bf:00:cb:82:c7:
                    3e:d2:34:7c:54:f7:e1:8a:77:ca:3f:96:48:8f:b3:
                    99:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:40:AF:F2:96:FF:71:BB:F8:24:7D:E0:E7:00:0C:E4:FA:90:69:32
            X509v3 Authority Key Identifier:
                keyid:96:4A:6D:1E:A4:6B:C4:0B:AA:31:AB:C4:F4:1C:90:66:7E:FE:36:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lkptHqRrxAuqMavE9ByQZn7-Nu0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/edc41e-352e-412b-9ae6-a0951ef7dfcd/1/lkptHqRrxAuqMavE9ByQZn7-Nu0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/edc41e-352e-412b-9ae6-a0951ef7dfcd/1/lkptHqRrxAuqMavE9ByQZn7-Nu0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:d8:7f:b2:1e:3c:0c:d5:9f:d6:a7:4c:3b:46:bc:be:49:d4:
         c1:73:e1:63:7e:03:a2:19:19:63:42:51:41:dc:ad:e5:c4:e3:
         2b:e3:c1:3c:a4:b8:59:c9:41:48:4a:36:46:80:a8:ed:7b:86:
         3f:ce:4c:b4:f2:2f:50:67:a6:c5:f1:94:83:b2:7e:01:06:d2:
         e5:78:8a:37:db:4e:29:c7:f1:c2:67:ae:12:ba:27:fa:f7:04:
         34:9a:44:03:53:44:c6:27:23:5d:10:02:fc:ef:6c:03:73:67:
         b6:14:4e:98:04:6e:8d:75:77:00:96:09:bb:7e:bb:4c:84:03:
         d3:5e:67:ad:59:da:f8:74:ac:50:6a:2f:d9:3b:04:e6:8b:0f:
         33:52:8f:91:10:ed:35:58:b5:86:9b:8f:da:60:e4:23:d7:17:
         47:93:55:db:cc:99:be:f0:e1:5f:fe:ef:d5:db:8e:e9:ae:56:
         ff:14:40:8b:6e:a6:0d:2d:55:9f:b5:13:30:03:da:d8:e7:16:
         d5:23:b2:c2:e0:88:5e:07:95:9e:23:78:c8:b7:04:9c:b3:78:
         9f:38:32:77:c9:46:c1:70:7c:6e:d0:68:66:c4:ba:68:a3:bd:
         e2:f2:d3:58:dd:49:93:8f:ee:e5:97:a0:34:f0:c0:1b:c4:66:
         3c:b3:46:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZax6rhpOV9rkok2OTlHRiPvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2NGE2ZDFlYTQ2YmM0MGJhYTMxYWJjNGY0MWM5MDY2N2Vm
ZTM2ZWQwHhcNMjUwNTA4MjIwMTExWhcNMjUwNTA5MjIwMTExWjAzMTEwLwYDVQQD
EyhiYzQwYWZmMjk2ZmY3MWJiZjgyNDdkZTBlNzAwMGNlNGZhOTA2OTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArw/c/qr0GNGpZB7I0kNGRMSAnM1E
JQT286X4RWUEEEYxg0jJw+Qt4pgj9M5bvy2g93pIN+9v7kxh5+edZD5AEVcJW6LD
nK32qWjOK+IEUWZmXGxJvbdXStQpEuijbyqxjLL7a39SIe9k/aNcJwxZ4BPTxVuf
Tz2TDIsYqgRdVlO3cbD8kklgFkkMJDxuq3QE2Dff/QRhaTRFHiUwwVh4WucauWA0
pRPZHpsK7iMojlrXSeEnPscfRUD2Ysr9IdJ40rRvwV75lIgzHr3EjzffzHi4C8sM
4wDZhKgHr5M3egDCDmQuXCL6x+NKvwDLgsc+0jR8VPfhinfKP5ZIj7OZdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLxAr/KW/3G7+CR94OcADOT6kGkyMB8GA1UdIwQY
MBaAFJZKbR6ka8QLqjGrxPQckGZ+/jbtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGtwdEhxUnJ4QXVxTWF2RTlCeVFabjctTnUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lZGM0MWUtMzUyZS00MTJiLTlhZTYt
YTA5NTFlZjdkZmNkLzEvbGtwdEhxUnJ4QXVxTWF2RTlCeVFabjctTnUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lZGM0MWUtMzUyZS00MTJiLTlhZTYtYTA5NTFlZjdkZmNk
LzEvbGtwdEhxUnJ4QXVxTWF2RTlCeVFabjctTnUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY9h/sh48
DNWf1qdMO0a8vknUwXPhY34DohkZY0JRQdyt5cTjK+PBPKS4WclBSEo2RoCo7XuG
P85MtPIvUGemxfGUg7J+AQbS5XiKN9tOKcfxwmeuEron+vcENJpEA1NExicjXRAC
/O9sA3NnthROmARujXV3AJYJu367TIQD015nrVna+HSsUGov2TsE5osPM1KPkRDt
NVi1hpuP2mDkI9cXR5NV28yZvvDhX/7v1duO6a5W/xRAi26mDS1Vn7UTMAPa2OcW
1SOywuCIXgeVniN4yLcEnLN4nzgyd8lGwXB8btBoZsS6aKO94vLTWN1Jk4/u5Zeg
NPDAG8RmPLNG+w==
-----END CERTIFICATE-----