Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/4ef629-12e2-4d99-9b4a-336623afe898/1/lM53iNLj_vf8ANXOEz19bcAPhik.mft
File:                     lM53iNLj_vf8ANXOEz19bcAPhik.mft (raw, json)
Hash identifier:          6+7cMw5V269tHEoBdpIYWaCO7YjGm/3D/dHRvQ64wEM=
Subject key identifier:   D9:1A:BB:24:71:71:FA:0E:2B:49:20:88:7A:D8:F2:0B:43:13:2F:9E
Authority key identifier: 94:CE:77:88:D2:E3:FE:F7:FC:00:D5:CE:13:3D:7D:6D:C0:0F:86:29
Certificate issuer:       /CN=94ce7788d2e3fef7fc00d5ce133d7d6dc00f8629
Certificate serial:       0196D13E663E73FCFBB78FF920CA84B32FE5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lM53iNLj_vf8ANXOEz19bcAPhik.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/96/4ef629-12e2-4d99-9b4a-336623afe898/1/lM53iNLj_vf8ANXOEz19bcAPhik.mft
Manifest number:          0CB4
Signing time:             Thu 15 May 2025 00:00:49 +0000
Manifest this update:     Thu 15 May 2025 00:00:49 +0000
Manifest next update:     Fri 16 May 2025 00:00:49 +0000
Files and hashes:         1: lM53iNLj_vf8ANXOEz19bcAPhik.crl (hash: hbgYYJEpqtlHu031N2xGcq0AVRRi53ExODUXdh5zHBQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/96/4ef629-12e2-4d99-9b4a-336623afe898/1/lM53iNLj_vf8ANXOEz19bcAPhik.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/96/4ef629-12e2-4d99-9b4a-336623afe898/1/lM53iNLj_vf8ANXOEz19bcAPhik.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lM53iNLj_vf8ANXOEz19bcAPhik.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 15 May 2025 17:32:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:d1:3e:66:3e:73:fc:fb:b7:8f:f9:20:ca:84:b3:2f:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94ce7788d2e3fef7fc00d5ce133d7d6dc00f8629
        Validity
            Not Before: May 15 00:00:49 2025 GMT
            Not After : May 16 00:00:49 2025 GMT
        Subject: CN=d91abb247171fa0e2b4920887ad8f20b43132f9e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:14:e5:89:d0:7d:39:0a:50:b8:46:71:ae:0c:
                    01:b9:b6:49:cd:fb:f3:b8:34:54:95:99:6f:a0:79:
                    bd:ea:b1:65:08:b3:f7:7e:d0:af:88:08:dc:76:f4:
                    2e:67:aa:6e:9f:a8:9b:70:10:5a:09:b5:71:5f:a9:
                    84:c4:b1:4c:5f:b3:fe:30:9e:e9:aa:10:9d:16:b5:
                    84:a1:dd:b5:be:e1:9a:93:e5:08:9e:4e:e7:15:b7:
                    17:93:7f:ca:1e:10:78:54:89:99:f2:60:ea:ab:e0:
                    79:a6:24:f9:70:fb:0c:27:23:04:07:28:05:78:5f:
                    10:10:b4:24:b7:bb:02:9a:0a:50:78:d8:2a:a9:ae:
                    69:a8:8c:bf:19:c9:b7:2f:38:92:9f:d3:bc:14:86:
                    6a:da:2b:d1:56:62:36:94:1f:02:46:7f:71:a0:80:
                    49:a1:7a:f6:a4:af:34:18:db:e7:d6:23:cc:2e:f2:
                    a5:92:de:7a:66:40:4e:50:e9:e5:2a:d1:3f:d7:59:
                    d2:cf:b2:dc:b8:d5:85:80:00:2f:09:de:5c:81:2c:
                    52:de:54:e3:e9:81:0a:85:74:bb:42:14:26:f6:04:
                    f5:e9:1b:67:c6:7e:90:31:8f:9b:ac:8e:8e:83:49:
                    1a:bc:d4:26:48:55:c0:27:87:0c:41:22:ec:fb:29:
                    dd:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:1A:BB:24:71:71:FA:0E:2B:49:20:88:7A:D8:F2:0B:43:13:2F:9E
            X509v3 Authority Key Identifier:
                keyid:94:CE:77:88:D2:E3:FE:F7:FC:00:D5:CE:13:3D:7D:6D:C0:0F:86:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lM53iNLj_vf8ANXOEz19bcAPhik.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/4ef629-12e2-4d99-9b4a-336623afe898/1/lM53iNLj_vf8ANXOEz19bcAPhik.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/96/4ef629-12e2-4d99-9b4a-336623afe898/1/lM53iNLj_vf8ANXOEz19bcAPhik.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:d9:f2:11:58:04:47:3c:8a:eb:98:c2:37:82:ed:8e:bc:eb:
         45:87:30:91:37:c6:77:13:4a:4a:1b:22:bc:40:0e:33:51:5c:
         d3:02:17:79:da:58:4d:36:a9:b3:bf:60:0a:62:5f:e1:16:5e:
         04:a6:0d:90:a9:8d:80:49:5a:73:ac:d0:51:6f:c6:bd:ea:cd:
         00:27:ab:bd:9e:98:09:e8:41:10:47:56:35:e1:81:8c:95:76:
         84:a1:d1:3f:f5:2e:6e:26:d8:aa:70:60:7c:bb:1e:fe:4c:8b:
         40:74:3d:33:91:80:a9:ff:ea:17:fa:1a:df:2f:db:63:c8:90:
         9f:ce:6a:53:32:07:f5:b8:f0:59:a7:fb:91:7e:8b:0b:01:0f:
         16:a6:28:df:7a:a9:f6:ee:ba:78:37:a7:8c:68:ef:7f:37:a0:
         17:48:de:53:f4:cb:4f:f4:3f:b8:34:40:85:18:3f:d3:50:72:
         51:12:68:a3:e3:41:9d:b1:80:57:24:ab:01:25:e3:99:27:07:
         7f:37:fc:5d:24:c6:f7:f0:fa:9a:08:29:5b:4e:2f:75:25:2b:
         ec:03:0a:c1:93:3f:66:39:92:55:95:87:21:5b:b5:35:10:40:
         e7:c5:f0:79:f5:51:33:91:5e:29:8f:a5:81:d7:8b:36:2f:64:
         11:b6:cd:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbRPmY+c/z7t4/5IMqEsy/lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0Y2U3Nzg4ZDJlM2ZlZjdmYzAwZDVjZTEzM2Q3ZDZkYzAw
Zjg2MjkwHhcNMjUwNTE1MDAwMDQ5WhcNMjUwNTE2MDAwMDQ5WjAzMTEwLwYDVQQD
EyhkOTFhYmIyNDcxNzFmYTBlMmI0OTIwODg3YWQ4ZjIwYjQzMTMyZjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRTlidB9OQpQuEZxrgwBubZJzfvz
uDRUlZlvoHm96rFlCLP3ftCviAjcdvQuZ6pun6ibcBBaCbVxX6mExLFMX7P+MJ7p
qhCdFrWEod21vuGak+UInk7nFbcXk3/KHhB4VImZ8mDqq+B5piT5cPsMJyMEBygF
eF8QELQkt7sCmgpQeNgqqa5pqIy/Gcm3LziSn9O8FIZq2ivRVmI2lB8CRn9xoIBJ
oXr2pK80GNvn1iPMLvKlkt56ZkBOUOnlKtE/11nSz7LcuNWFgAAvCd5cgSxS3lTj
6YEKhXS7QhQm9gT16Rtnxn6QMY+brI6Og0kavNQmSFXAJ4cMQSLs+yndOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNkauyRxcfoOK0kgiHrY8gtDEy+eMB8GA1UdIwQY
MBaAFJTOd4jS4/73/ADVzhM9fW3AD4YpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE01M2lOTGpfdmY4QU5YT0V6MTliY0FQaGlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni80ZWY2MjktMTJlMi00ZDk5LTliNGEt
MzM2NjIzYWZlODk4LzEvbE01M2lOTGpfdmY4QU5YT0V6MTliY0FQaGlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni80ZWY2MjktMTJlMi00ZDk5LTliNGEtMzM2NjIzYWZlODk4
LzEvbE01M2lOTGpfdmY4QU5YT0V6MTliY0FQaGlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAdnyEVgE
RzyK65jCN4LtjrzrRYcwkTfGdxNKShsivEAOM1Fc0wIXedpYTTaps79gCmJf4RZe
BKYNkKmNgElac6zQUW/GverNACervZ6YCehBEEdWNeGBjJV2hKHRP/UubibYqnBg
fLse/kyLQHQ9M5GAqf/qF/oa3y/bY8iQn85qUzIH9bjwWaf7kX6LCwEPFqYo33qp
9u66eDenjGjvfzegF0jeU/TLT/Q/uDRAhRg/01ByURJoo+NBnbGAVySrASXjmScH
fzf8XSTG9/D6mggpW04vdSUr7AMKwZM/ZjmSVZWHIVu1NRBA58XwefVRM5FeKY+l
gdeLNi9kEbbNuQ==
-----END CERTIFICATE-----