Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.mft
File:                     lKTi_J7qzc9bD1CrkyhM07CUIXE.mft (raw, json)
Hash identifier:          rEt4pTkWZ3SLcUG7aXr4Z4W1l9lJx/x48e3i5ebNUmQ=
Subject key identifier:   74:A0:CC:B0:79:6E:66:53:DD:C3:5A:88:9B:BC:B5:62:FB:04:BD:4C
Authority key identifier: 94:A4:E2:FC:9E:EA:CD:CF:5B:0F:50:AB:93:28:4C:D3:B0:94:21:71
Certificate issuer:       /CN=94a4e2fc9eeacdcf5b0f50ab93284cd3b0942171
Certificate serial:       0196B58FAFD43D928EB3C082BFEABCFD471A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lKTi_J7qzc9bD1CrkyhM07CUIXE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.mft
Manifest number:          0CEF
Signing time:             Fri 09 May 2025 15:00:14 +0000
Manifest this update:     Fri 09 May 2025 15:00:14 +0000
Manifest next update:     Sat 10 May 2025 15:00:14 +0000
Files and hashes:         1: lKTi_J7qzc9bD1CrkyhM07CUIXE.crl (hash: FlYvlt38gi3rfTnu/Yz903uuDiGiKt6/3zv1SFqYW0Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lKTi_J7qzc9bD1CrkyhM07CUIXE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 10 May 2025 15:00:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b5:8f:af:d4:3d:92:8e:b3:c0:82:bf:ea:bc:fd:47:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94a4e2fc9eeacdcf5b0f50ab93284cd3b0942171
        Validity
            Not Before: May  9 15:00:14 2025 GMT
            Not After : May 10 15:00:14 2025 GMT
        Subject: CN=74a0ccb0796e6653ddc35a889bbcb562fb04bd4c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:f5:56:6c:a6:0c:05:33:67:12:91:c4:bc:5d:
                    0f:78:4d:44:be:4e:cc:03:3f:77:10:55:09:bc:ff:
                    e1:50:55:8a:14:cf:12:bb:8c:03:a0:d7:9c:73:8a:
                    ec:5c:16:57:24:d4:41:d1:49:c9:ec:f5:cb:be:92:
                    33:d4:8c:29:68:db:83:8a:cd:1e:b2:08:30:4c:7e:
                    e2:31:87:e2:b8:a1:35:69:8c:52:fe:24:e5:66:0c:
                    7b:8e:4e:e6:67:e6:85:f1:2c:19:c2:b0:c8:e1:38:
                    8a:10:c4:62:63:8d:ed:c0:4c:d8:dd:69:cb:59:4f:
                    5a:5f:31:0b:2c:b5:f3:0b:f6:55:c9:6d:28:1e:0c:
                    29:6f:aa:51:8f:0d:35:41:01:01:a9:d6:07:92:d0:
                    8a:d3:13:28:74:48:e6:c4:b9:c5:24:48:66:ae:e2:
                    ff:4b:8d:0f:3a:f2:a1:d1:11:98:eb:c5:71:49:e5:
                    d2:ac:fc:ee:3e:0a:96:1d:b6:76:7d:7f:c8:77:0a:
                    10:d2:56:7a:c2:ad:fe:69:dd:6c:58:77:cb:81:94:
                    09:0c:c8:f8:81:f7:29:33:a6:f5:f8:76:38:cb:74:
                    46:15:d4:b4:cc:fd:67:ed:b0:e0:03:6a:10:5b:45:
                    95:8a:85:6f:50:45:15:65:dc:e0:16:6e:c9:56:fc:
                    52:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:A0:CC:B0:79:6E:66:53:DD:C3:5A:88:9B:BC:B5:62:FB:04:BD:4C
            X509v3 Authority Key Identifier:
                keyid:94:A4:E2:FC:9E:EA:CD:CF:5B:0F:50:AB:93:28:4C:D3:B0:94:21:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lKTi_J7qzc9bD1CrkyhM07CUIXE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:58:48:f0:b8:4c:73:bf:6d:40:38:3b:b0:aa:0a:00:36:9a:
         93:9c:e4:e2:2c:cd:97:5e:9f:eb:a2:fd:b6:8e:c4:ec:70:5d:
         8b:f3:3a:fa:b0:ab:fa:e2:2b:ec:85:db:fc:2c:2f:aa:43:b2:
         10:b5:96:6f:07:d5:01:eb:29:72:31:06:dc:88:37:f0:d4:3a:
         24:18:70:b9:87:c3:0c:1a:2c:d4:9b:5e:eb:46:3d:3d:61:92:
         df:5a:ec:bf:8b:28:78:68:93:7f:8e:6f:31:cb:eb:18:0c:cf:
         05:cc:84:04:05:e6:df:39:c3:0b:53:18:71:87:b1:8f:af:5b:
         6b:b1:28:6a:71:ad:40:f6:a0:48:fe:9b:e9:a1:72:18:06:3b:
         73:6e:31:df:b7:db:e5:16:d9:9b:8e:ef:2f:90:1c:09:3e:b2:
         e7:a6:4c:c6:40:fc:68:f5:0e:4d:48:a1:51:74:39:fa:fc:8f:
         78:ef:2f:09:9a:64:5b:da:f8:6a:fc:b3:4a:72:5d:da:d6:b2:
         ce:e5:fc:f4:72:d1:de:8d:b6:8a:19:3c:f3:c8:8e:cd:2e:56:
         82:69:74:b6:bb:35:86:3c:e3:f7:2e:12:00:db:41:f1:d2:15:
         36:65:fe:8a:c3:94:79:db:e3:b6:6e:36:71:98:fb:c6:cf:ab:
         06:49:ad:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa1j6/UPZKOs8CCv+q8/UcaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0YTRlMmZjOWVlYWNkY2Y1YjBmNTBhYjkzMjg0Y2QzYjA5
NDIxNzEwHhcNMjUwNTA5MTUwMDE0WhcNMjUwNTEwMTUwMDE0WjAzMTEwLwYDVQQD
Eyg3NGEwY2NiMDc5NmU2NjUzZGRjMzVhODg5YmJjYjU2MmZiMDRiZDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfVWbKYMBTNnEpHEvF0PeE1Evk7M
Az93EFUJvP/hUFWKFM8Su4wDoNecc4rsXBZXJNRB0UnJ7PXLvpIz1IwpaNuDis0e
sggwTH7iMYfiuKE1aYxS/iTlZgx7jk7mZ+aF8SwZwrDI4TiKEMRiY43twEzY3WnL
WU9aXzELLLXzC/ZVyW0oHgwpb6pRjw01QQEBqdYHktCK0xModEjmxLnFJEhmruL/
S40POvKh0RGY68VxSeXSrPzuPgqWHbZ2fX/IdwoQ0lZ6wq3+ad1sWHfLgZQJDMj4
gfcpM6b1+HY4y3RGFdS0zP1n7bDgA2oQW0WVioVvUEUVZdzgFm7JVvxSoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHSgzLB5bmZT3cNaiJu8tWL7BL1MMB8GA1UdIwQY
MBaAFJSk4vye6s3PWw9Qq5MoTNOwlCFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEtUaV9KN3F6YzliRDFDcmt5aE0wN0NVSVhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZmY3YTctMjdjYi00MDcyLWIzM2It
MDI0OGQ2YWZkNjNmLzEvbEtUaV9KN3F6YzliRDFDcmt5aE0wN0NVSVhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zZmY3YTctMjdjYi00MDcyLWIzM2ItMDI0OGQ2YWZkNjNm
LzEvbEtUaV9KN3F6YzliRDFDcmt5aE0wN0NVSVhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgFhI8LhM
c79tQDg7sKoKADaak5zk4izNl16f66L9to7E7HBdi/M6+rCr+uIr7IXb/CwvqkOy
ELWWbwfVAespcjEG3Ig38NQ6JBhwuYfDDBos1Jte60Y9PWGS31rsv4soeGiTf45v
McvrGAzPBcyEBAXm3znDC1MYcYexj69ba7EoanGtQPagSP6b6aFyGAY7c24x37fb
5RbZm47vL5AcCT6y56ZMxkD8aPUOTUihUXQ5+vyPeO8vCZpkW9r4avyzSnJd2tay
zuX89HLR3o22ihk888iOzS5Wgml0trs1hjzj9y4SANtB8dIVNmX+isOUedvjtm42
cZj7xs+rBkmt4A==
-----END CERTIFICATE-----