Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft
File:                     lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft (raw, json)
Hash identifier:          oep5qaS3l/4eBEOI7zqAAY+25Su+eIbgFqtgqWaIJ78=
Subject key identifier:   4B:29:DF:74:DB:60:8B:A0:AC:2B:93:89:71:45:88:9E:FE:6B:8E:80
Authority key identifier: 94:75:ED:DC:A9:5B:73:66:53:A4:C9:F9:D9:15:40:D2:D3:EF:B5:3D
Certificate issuer:       /CN=9475eddca95b736653a4c9f9d91540d2d3efb53d
Certificate serial:       019677C3CEF4AB3AD51CEBA6C90A71D7D0E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft
Manifest number:          014D
Signing time:             Sun 27 Apr 2025 15:00:43 +0000
Manifest this update:     Sun 27 Apr 2025 15:00:43 +0000
Manifest next update:     Mon 28 Apr 2025 15:00:43 +0000
Files and hashes:         1: lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl (hash: k2oA9rkD4OXhcJv7Yi1c/f6OTA6hDiPsD5lBK5TAA7E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 14:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:c3:ce:f4:ab:3a:d5:1c:eb:a6:c9:0a:71:d7:d0:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9475eddca95b736653a4c9f9d91540d2d3efb53d
        Validity
            Not Before: Apr 27 15:00:43 2025 GMT
            Not After : Apr 28 15:00:43 2025 GMT
        Subject: CN=4b29df74db608ba0ac2b93897145889efe6b8e80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:b7:3f:7d:f0:4f:e5:9e:a1:73:4c:64:fc:e2:
                    44:b7:37:10:98:35:06:c0:3b:30:82:9c:74:72:12:
                    9f:98:7a:44:88:08:bc:fc:02:91:2e:de:7c:c9:3a:
                    1c:19:f1:e2:ff:c9:ef:a1:3a:35:f4:3b:b7:05:94:
                    8d:38:ed:df:9d:cd:15:17:ab:80:de:d9:2f:09:b7:
                    f0:70:16:e5:13:0d:8d:c3:ee:e1:c4:3c:66:bc:bb:
                    78:3d:6d:69:2b:eb:78:58:6c:13:51:34:e3:f2:52:
                    e5:92:ba:24:1f:c5:f7:d0:88:69:64:98:2a:bc:5c:
                    08:28:b6:a4:13:01:8b:6f:3a:c6:67:db:d9:20:3f:
                    34:e8:58:79:f3:4d:5b:4e:37:3b:b3:b0:6e:f6:13:
                    61:8c:14:20:b4:c4:ca:dd:ff:e8:f3:88:8c:2a:c1:
                    18:b7:84:79:93:56:2b:c2:6f:44:07:09:96:9e:ba:
                    1e:ee:4e:d3:71:45:6e:9b:6c:71:0a:ec:70:41:bf:
                    9a:4b:c3:c6:80:4d:6c:74:33:19:c5:b5:ff:c8:21:
                    af:38:5b:24:41:5b:90:5d:0c:ec:39:cb:a8:c6:8d:
                    90:5b:15:e7:80:df:18:09:be:57:ba:50:e3:cf:d9:
                    9c:0e:17:c0:e8:7f:ba:4b:0d:95:89:b4:84:70:e3:
                    a3:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:29:DF:74:DB:60:8B:A0:AC:2B:93:89:71:45:88:9E:FE:6B:8E:80
            X509v3 Authority Key Identifier:
                keyid:94:75:ED:DC:A9:5B:73:66:53:A4:C9:F9:D9:15:40:D2:D3:EF:B5:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:d3:a6:98:0d:7f:99:c3:1e:7c:87:59:c7:23:be:af:aa:c9:
         e7:c7:b9:0a:22:11:02:70:b1:4e:01:03:2b:1b:eb:6e:9c:84:
         89:87:7b:01:55:2d:38:74:4f:67:12:4b:1a:1d:03:96:60:bf:
         bc:36:8f:af:c5:0c:45:eb:08:83:80:71:56:98:77:d9:fd:4c:
         49:53:64:18:d7:43:06:82:f3:aa:1c:c4:8b:ab:77:2b:5c:e3:
         2e:d6:32:de:d8:2c:17:f0:82:c6:d1:2f:17:9a:05:eb:a7:50:
         1a:7a:5e:b4:05:87:55:3c:c2:d2:50:70:ce:39:c7:05:8d:79:
         35:8e:29:fb:2b:42:5d:6c:f0:6c:4f:52:80:68:d5:8a:69:77:
         36:01:8f:9d:6e:84:15:1e:11:62:b8:c0:d4:6b:55:7e:e0:74:
         04:f7:c1:f8:fa:af:5d:3c:12:2c:41:5d:ac:de:d1:fc:1f:2f:
         68:37:e0:de:e6:ce:9e:93:f9:13:21:a2:2b:30:3f:ec:0a:c2:
         93:9b:c1:ec:91:4c:91:3f:65:b8:a8:dc:e7:d9:79:1b:93:a1:
         1e:27:52:a6:9a:fb:a6:35:c9:2f:cc:30:68:78:86:99:4b:b5:
         c7:48:57:a8:8f:0f:59:26:30:0f:0b:d0:06:14:b8:c3:e8:a8:
         91:bd:d5:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3w870qzrVHOumyQpx19DiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NzVlZGRjYTk1YjczNjY1M2E0YzlmOWQ5MTU0MGQyZDNl
ZmI1M2QwHhcNMjUwNDI3MTUwMDQzWhcNMjUwNDI4MTUwMDQzWjAzMTEwLwYDVQQD
Eyg0YjI5ZGY3NGRiNjA4YmEwYWMyYjkzODk3MTQ1ODg5ZWZlNmI4ZTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorc/ffBP5Z6hc0xk/OJEtzcQmDUG
wDswgpx0chKfmHpEiAi8/AKRLt58yTocGfHi/8nvoTo19Du3BZSNOO3fnc0VF6uA
3tkvCbfwcBblEw2Nw+7hxDxmvLt4PW1pK+t4WGwTUTTj8lLlkrokH8X30IhpZJgq
vFwIKLakEwGLbzrGZ9vZID806Fh5801bTjc7s7Bu9hNhjBQgtMTK3f/o84iMKsEY
t4R5k1Yrwm9EBwmWnroe7k7TcUVum2xxCuxwQb+aS8PGgE1sdDMZxbX/yCGvOFsk
QVuQXQzsOcuoxo2QWxXngN8YCb5XulDjz9mcDhfA6H+6Sw2VibSEcOOjkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEsp33TbYIugrCuTiXFFiJ7+a46AMB8GA1UdIwQY
MBaAFJR17dypW3NmU6TJ+dkVQNLT77U9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yM2NhMjEtYmNlYi00MzNlLWI3ZDkt
N2IwMDM5ODRiODYzLzEvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yM2NhMjEtYmNlYi00MzNlLWI3ZDktN2IwMDM5ODRiODYz
LzEvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgdOmmA1/
mcMefIdZxyO+r6rJ58e5CiIRAnCxTgEDKxvrbpyEiYd7AVUtOHRPZxJLGh0DlmC/
vDaPr8UMResIg4BxVph32f1MSVNkGNdDBoLzqhzEi6t3K1zjLtYy3tgsF/CCxtEv
F5oF66dQGnpetAWHVTzC0lBwzjnHBY15NY4p+ytCXWzwbE9SgGjViml3NgGPnW6E
FR4RYrjA1GtVfuB0BPfB+PqvXTwSLEFdrN7R/B8vaDfg3ubOnpP5EyGiKzA/7ArC
k5vB7JFMkT9luKjc59l5G5OhHidSppr7pjXJL8wwaHiGmUu1x0hXqI8PWSYwDwvQ
BhS4w+iokb3Vlg==
-----END CERTIFICATE-----