Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft
File:                     lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft (raw, json)
Hash identifier:          sN+TsVtay1SlHQIZxn7rRQuKBithGqiUncfBVl8EuiQ=
Subject key identifier:   92:46:6E:46:5F:1A:05:EF:9B:38:EB:3B:8D:1A:E9:06:DF:A6:48:22
Authority key identifier: 95:4C:F7:21:C0:8C:8E:9B:C5:24:2D:56:19:66:77:21:73:50:45:5C
Certificate issuer:       /CN=954cf721c08c8e9bc5242d56196677217350455c
Certificate serial:       01967FB41D00051D06DBF4C10DD5818EC161
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft
Manifest number:          0533
Signing time:             Tue 29 Apr 2025 04:00:32 +0000
Manifest this update:     Tue 29 Apr 2025 04:00:32 +0000
Manifest next update:     Wed 30 Apr 2025 04:00:32 +0000
Files and hashes:         1: lUz3IcCMjpvFJC1WGWZ3IXNQRVw.crl (hash: 21KFe5ukt4pH74FSxLrOfAkoG/nnFGxJN7Mtz8V6MaA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7f:b4:1d:00:05:1d:06:db:f4:c1:0d:d5:81:8e:c1:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=954cf721c08c8e9bc5242d56196677217350455c
        Validity
            Not Before: Apr 29 04:00:32 2025 GMT
            Not After : Apr 30 04:00:32 2025 GMT
        Subject: CN=92466e465f1a05ef9b38eb3b8d1ae906dfa64822
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:b4:43:00:28:ba:79:07:9b:02:52:c7:68:be:
                    f7:eb:d9:53:4a:a5:9e:31:04:a7:2b:6f:32:5b:e7:
                    73:3d:78:fd:1a:8d:b2:1b:81:bd:11:19:95:dc:ed:
                    fe:ee:ff:44:1d:4a:ab:10:c3:7a:07:ec:21:9e:a3:
                    d2:bc:04:5e:b7:c4:04:a7:11:15:fb:22:81:58:4b:
                    2f:a4:2d:39:48:24:76:23:c5:e9:a1:00:80:3b:b2:
                    88:bc:45:f0:63:50:55:0b:ef:e2:9b:6a:ec:61:e9:
                    e1:5e:e2:52:c4:1a:fd:69:bd:1d:70:00:37:85:a6:
                    5c:9c:5b:7c:e0:c1:ef:b2:2c:16:09:c3:13:d6:21:
                    29:bd:84:35:37:45:0a:1c:dd:dc:fa:1c:02:ce:43:
                    dd:6c:9f:1a:5d:d6:ff:1c:63:0a:59:87:4b:59:85:
                    e4:c2:4d:ee:ff:8e:90:81:82:b7:f5:b6:88:bd:21:
                    41:84:3a:65:f6:02:1b:51:6a:10:73:22:5c:5c:8c:
                    06:7f:33:63:44:1f:50:93:65:4d:3e:fa:8c:be:4b:
                    30:3c:bc:78:13:d3:b2:38:f4:c3:4b:ab:30:d0:55:
                    46:72:f0:f4:07:29:3b:3c:f6:6c:9f:f6:8a:dc:8e:
                    40:90:6a:fc:e9:ce:8f:6e:48:10:95:3e:91:9e:44:
                    60:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:46:6E:46:5F:1A:05:EF:9B:38:EB:3B:8D:1A:E9:06:DF:A6:48:22
            X509v3 Authority Key Identifier:
                keyid:95:4C:F7:21:C0:8C:8E:9B:C5:24:2D:56:19:66:77:21:73:50:45:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b3:9b:31:d3:1d:3f:5d:30:b7:07:2f:2a:03:4c:37:1b:d6:0e:
         d5:01:2e:30:f5:09:ce:73:0f:d1:ea:5e:92:2d:ab:6e:6b:6d:
         a7:49:a6:28:07:22:ea:41:e6:9a:eb:19:0a:12:3a:0a:59:55:
         78:58:ce:a0:06:0d:19:07:29:84:cb:a2:78:2b:83:0e:6b:51:
         e5:9e:c5:98:e2:c3:62:f3:1b:9c:14:39:5f:7c:de:6f:c4:71:
         44:88:22:84:a8:bd:64:3e:de:a4:30:68:bf:8e:2d:d1:66:b4:
         dc:89:ea:71:53:d5:f5:bb:29:86:1f:f4:de:9f:93:33:d8:c9:
         cc:a0:40:c5:3c:c6:8d:7a:7d:f9:44:13:1d:61:84:90:4f:6f:
         8a:41:8f:ec:3c:94:aa:e4:df:2e:93:14:4e:fe:f0:91:5c:9c:
         ab:b2:69:c8:12:c6:59:1f:6a:87:ba:64:59:ee:31:20:5b:02:
         67:83:03:a1:42:fc:3b:92:9e:8b:31:35:0c:08:ce:70:c6:43:
         95:70:b7:58:eb:38:c9:a4:ae:c2:c7:2e:6e:fc:f5:07:e5:18:
         35:47:07:14:6c:49:8c:1e:24:b4:72:ab:3a:d3:bc:f0:ec:8b:
         95:e6:77:77:92:ce:72:04:a7:f4:43:1a:f5:7c:a1:b0:fd:b2:
         c9:a3:08:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ/tB0ABR0G2/TBDdWBjsFhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NGNmNzIxYzA4YzhlOWJjNTI0MmQ1NjE5NjY3NzIxNzM1
MDQ1NWMwHhcNMjUwNDI5MDQwMDMyWhcNMjUwNDMwMDQwMDMyWjAzMTEwLwYDVQQD
Eyg5MjQ2NmU0NjVmMWEwNWVmOWIzOGViM2I4ZDFhZTkwNmRmYTY0ODIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3bRDACi6eQebAlLHaL7369lTSqWe
MQSnK28yW+dzPXj9Go2yG4G9ERmV3O3+7v9EHUqrEMN6B+whnqPSvARet8QEpxEV
+yKBWEsvpC05SCR2I8XpoQCAO7KIvEXwY1BVC+/im2rsYenhXuJSxBr9ab0dcAA3
haZcnFt84MHvsiwWCcMT1iEpvYQ1N0UKHN3c+hwCzkPdbJ8aXdb/HGMKWYdLWYXk
wk3u/46QgYK39baIvSFBhDpl9gIbUWoQcyJcXIwGfzNjRB9Qk2VNPvqMvkswPLx4
E9OyOPTDS6sw0FVGcvD0Byk7PPZsn/aK3I5AkGr86c6PbkgQlT6RnkRgLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJJGbkZfGgXvmzjrO40a6QbfpkgiMB8GA1UdIwQY
MBaAFJVM9yHAjI6bxSQtVhlmdyFzUEVcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFV6M0ljQ01qcHZGSkMxV0dXWjNJWE5RUlZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8yODIzZGQtMjVhMS00NGEwLWJmYzEt
Y2JiZDA4YWQzZWMyLzEvbFV6M0ljQ01qcHZGSkMxV0dXWjNJWE5RUlZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8yODIzZGQtMjVhMS00NGEwLWJmYzEtY2JiZDA4YWQzZWMy
LzEvbFV6M0ljQ01qcHZGSkMxV0dXWjNJWE5RUlZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs5sx0x0/
XTC3By8qA0w3G9YO1QEuMPUJznMP0epeki2rbmttp0mmKAci6kHmmusZChI6CllV
eFjOoAYNGQcphMuieCuDDmtR5Z7FmOLDYvMbnBQ5X3zeb8RxRIgihKi9ZD7epDBo
v44t0Wa03InqcVPV9bsphh/03p+TM9jJzKBAxTzGjXp9+UQTHWGEkE9vikGP7DyU
quTfLpMUTv7wkVycq7JpyBLGWR9qh7pkWe4xIFsCZ4MDoUL8O5KeizE1DAjOcMZD
lXC3WOs4yaSuwscubvz1B+UYNUcHFGxJjB4ktHKrOtO88OyLleZ3d5LOcgSn9EMa
9XyhsP2yyaMIQw==
-----END CERTIFICATE-----