Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft
File:                     LF3rfkKW4vu0wB_AZKH2gYlreXk.mft (raw, json)
Hash identifier:          Pa9beNa3XKcwjAk/iKqsJaLYlEe6WY0kDQIJj6LryAM=
Subject key identifier:   9D:22:CA:F3:65:F2:80:6F:F9:5E:7C:02:26:BB:16:64:C5:BC:D8:9A
Authority key identifier: 2C:5D:EB:7E:42:96:E2:FB:B4:C0:1F:C0:64:A1:F6:81:89:6B:79:79
Certificate issuer:       /CN=2c5deb7e4296e2fbb4c01fc064a1f681896b7979
Certificate serial:       0196C64C6CF31F82F4CE4FD0791A73EC634F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LF3rfkKW4vu0wB_AZKH2gYlreXk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft
Manifest number:          0510
Signing time:             Mon 12 May 2025 21:00:19 +0000
Manifest this update:     Mon 12 May 2025 21:00:19 +0000
Manifest next update:     Tue 13 May 2025 21:00:19 +0000
Files and hashes:         1: LF3rfkKW4vu0wB_AZKH2gYlreXk.crl (hash: OJtuvAbGE+Jowbi4yUd0x3oNq5nWOVPlNRFXvO8JrpQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LF3rfkKW4vu0wB_AZKH2gYlreXk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 20:47:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c6:4c:6c:f3:1f:82:f4:ce:4f:d0:79:1a:73:ec:63:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2c5deb7e4296e2fbb4c01fc064a1f681896b7979
        Validity
            Not Before: May 12 21:00:19 2025 GMT
            Not After : May 13 21:00:19 2025 GMT
        Subject: CN=9d22caf365f2806ff95e7c0226bb1664c5bcd89a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:5b:9a:f1:a4:16:13:40:2e:8a:50:e0:1f:83:
                    ad:b6:79:8f:bc:a2:10:32:54:09:20:a9:e7:ac:18:
                    66:f9:46:71:10:82:71:34:87:b4:68:a8:53:9a:87:
                    bd:be:e9:61:e2:da:e5:2a:69:94:df:b7:ea:e5:b4:
                    90:00:ae:15:b0:5b:97:11:79:3e:03:9a:00:b2:6f:
                    a5:e5:0f:95:22:69:27:34:c1:61:8f:a1:9e:82:63:
                    8f:d2:9d:96:36:39:ff:ea:ee:a4:5d:e8:99:8f:c6:
                    94:ee:81:4c:fb:3c:3a:6b:a0:a7:0f:4e:ba:08:bf:
                    d9:e0:c6:b2:8b:39:09:fe:7f:be:08:6e:c6:cc:a7:
                    a5:37:65:fb:3b:e9:8d:80:4c:54:31:36:58:bf:80:
                    b9:12:07:f6:b1:c0:98:e6:82:5b:85:d1:78:c5:80:
                    10:a4:27:5a:f2:88:4c:97:d5:7c:7e:5c:e1:21:76:
                    36:73:b6:3e:c2:f5:14:19:30:09:39:05:61:c6:dc:
                    8c:51:42:89:85:05:f2:93:9f:07:2b:68:40:6b:f3:
                    ce:02:02:e6:0d:a6:8e:58:73:c9:e2:4a:e4:d7:88:
                    a0:f5:0e:81:40:34:32:62:2c:c2:25:2a:3a:b6:9e:
                    91:90:2c:f9:ca:4f:b9:85:bc:f6:9b:83:65:e7:80:
                    1d:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:22:CA:F3:65:F2:80:6F:F9:5E:7C:02:26:BB:16:64:C5:BC:D8:9A
            X509v3 Authority Key Identifier:
                keyid:2C:5D:EB:7E:42:96:E2:FB:B4:C0:1F:C0:64:A1:F6:81:89:6B:79:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LF3rfkKW4vu0wB_AZKH2gYlreXk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:77:da:43:f8:d7:eb:c9:1b:fc:38:f4:15:d9:28:88:43:94:
         b1:87:48:a4:20:af:52:f6:82:52:ad:4d:88:d8:74:08:4e:13:
         67:79:f7:ec:20:7e:2e:af:2f:d2:cc:53:d2:5e:35:00:eb:66:
         a8:71:6b:60:b5:f0:c8:a0:72:45:ed:a8:67:88:ab:43:44:6a:
         59:53:0a:3a:9c:36:3c:79:f9:99:e0:03:df:e1:10:cb:61:b7:
         82:11:12:47:05:43:13:62:96:f9:20:52:b6:cf:99:8d:e4:bc:
         74:62:2a:da:83:45:ee:44:1f:e6:02:c3:92:7c:12:ae:01:01:
         9f:c6:51:46:93:d3:15:2b:7f:bf:e8:ae:b1:b7:2e:ef:16:5a:
         75:35:e5:91:ce:67:64:aa:7a:73:d0:04:af:3f:2f:5f:94:ff:
         7d:7e:f0:b0:57:33:65:66:9a:77:77:90:5a:68:a7:55:bc:51:
         00:4f:5f:db:78:78:6b:ae:7b:9e:2f:87:c2:51:64:9f:6b:44:
         9c:68:1e:fc:dd:18:7c:be:69:66:0a:78:90:3d:29:19:f4:23:
         d4:1e:a6:b7:07:c1:1a:73:24:f7:e3:18:e2:33:c9:0c:f5:51:
         e8:86:14:ed:68:89:6b:ef:a7:2c:88:17:95:13:6f:08:d2:3d:
         2b:2c:73:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbGTGzzH4L0zk/QeRpz7GNPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjNWRlYjdlNDI5NmUyZmJiNGMwMWZjMDY0YTFmNjgxODk2
Yjc5NzkwHhcNMjUwNTEyMjEwMDE5WhcNMjUwNTEzMjEwMDE5WjAzMTEwLwYDVQQD
Eyg5ZDIyY2FmMzY1ZjI4MDZmZjk1ZTdjMDIyNmJiMTY2NGM1YmNkODlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Vua8aQWE0AuilDgH4OttnmPvKIQ
MlQJIKnnrBhm+UZxEIJxNIe0aKhTmoe9vulh4trlKmmU37fq5bSQAK4VsFuXEXk+
A5oAsm+l5Q+VImknNMFhj6GegmOP0p2WNjn/6u6kXeiZj8aU7oFM+zw6a6CnD066
CL/Z4MayizkJ/n++CG7GzKelN2X7O+mNgExUMTZYv4C5Egf2scCY5oJbhdF4xYAQ
pCda8ohMl9V8flzhIXY2c7Y+wvUUGTAJOQVhxtyMUUKJhQXyk58HK2hAa/POAgLm
DaaOWHPJ4krk14ig9Q6BQDQyYizCJSo6tp6RkCz5yk+5hbz2m4Nl54AdJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ0iyvNl8oBv+V58Aia7FmTFvNiaMB8GA1UdIwQY
MBaAFCxd635CluL7tMAfwGSh9oGJa3l5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEYzcmZrS1c0dnUwd0JfQVpLSDJnWWxyZVhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85OTMyM2UtMDFmNi00OTU5LTk4MTYt
YTg2YWM1NjFhYjU2LzEvTEYzcmZrS1c0dnUwd0JfQVpLSDJnWWxyZVhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS85OTMyM2UtMDFmNi00OTU5LTk4MTYtYTg2YWM1NjFhYjU2
LzEvTEYzcmZrS1c0dnUwd0JfQVpLSDJnWWxyZVhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOXfaQ/jX
68kb/Dj0FdkoiEOUsYdIpCCvUvaCUq1NiNh0CE4TZ3n37CB+Lq8v0sxT0l41AOtm
qHFrYLXwyKByRe2oZ4irQ0RqWVMKOpw2PHn5meAD3+EQy2G3ghESRwVDE2KW+SBS
ts+ZjeS8dGIq2oNF7kQf5gLDknwSrgEBn8ZRRpPTFSt/v+iusbcu7xZadTXlkc5n
ZKp6c9AErz8vX5T/fX7wsFczZWaad3eQWminVbxRAE9f23h4a657ni+HwlFkn2tE
nGge/N0YfL5pZgp4kD0pGfQj1B6mtwfBGnMk9+MY4jPJDPVR6IYU7WiJa++nLIgX
lRNvCNI9KyxzmA==
-----END CERTIFICATE-----