Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.mft
File:                     ltTArxW-ONL8XjD-NFdHXTS3g5o.mft (raw, json)
Hash identifier:          CMG6Lo39dzBam1DVP0PPkaq1Zidf53TBs+guypHdl/E=
Subject key identifier:   DB:70:55:D3:B3:89:26:33:AB:26:51:1E:F6:54:E2:3B:7A:90:96:21
Authority key identifier: 96:D4:C0:AF:15:BE:38:D2:FC:5E:30:FE:34:57:47:5D:34:B7:83:9A
Certificate issuer:       /CN=96d4c0af15be38d2fc5e30fe3457475d34b7839a
Certificate serial:       0196895C013C809AB329089440A5BCA47471
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ltTArxW-ONL8XjD-NFdHXTS3g5o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.mft
Manifest number:          1189
Signing time:             Thu 01 May 2025 01:00:30 +0000
Manifest this update:     Thu 01 May 2025 01:00:30 +0000
Manifest next update:     Fri 02 May 2025 01:00:30 +0000
Files and hashes:         1: ltTArxW-ONL8XjD-NFdHXTS3g5o.crl (hash: 8U6WvwVkmG00LnXOlNfFz+gzOUQOKnIRTaUlJobg+eY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ltTArxW-ONL8XjD-NFdHXTS3g5o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 21:27:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:89:5c:01:3c:80:9a:b3:29:08:94:40:a5:bc:a4:74:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=96d4c0af15be38d2fc5e30fe3457475d34b7839a
        Validity
            Not Before: May  1 01:00:30 2025 GMT
            Not After : May  2 01:00:30 2025 GMT
        Subject: CN=db7055d3b3892633ab26511ef654e23b7a909621
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:6b:f2:c6:db:0f:6f:43:be:5b:c9:c2:93:ff:
                    f7:2e:67:ba:1b:03:92:22:28:9c:e7:77:75:db:c9:
                    c7:3a:23:bb:ca:8d:02:af:76:d3:2e:42:1c:c2:19:
                    76:ff:9b:ed:21:19:63:4e:d4:84:46:b9:81:8a:2b:
                    dc:f8:af:ae:53:5e:bc:48:e2:8e:a4:ce:49:8a:eb:
                    c1:8e:bd:93:82:b5:92:34:6e:ce:a0:68:fe:0f:ab:
                    2f:c9:c5:c6:97:a6:8b:b7:08:1e:75:22:f1:89:9a:
                    ce:3c:27:37:a0:92:ff:db:81:62:e4:0c:bd:3b:28:
                    2f:a3:1e:99:76:b7:fe:7c:fb:4d:e5:f7:f9:03:f2:
                    e7:a0:40:d7:12:9f:69:d3:4e:75:ac:0e:c7:b2:45:
                    a0:52:c4:6c:4b:3b:42:13:4e:3d:d3:06:d3:74:9e:
                    a3:57:b7:10:a2:fa:7c:ce:89:9c:eb:db:08:52:3a:
                    21:ff:0b:cd:ff:35:78:bc:18:2d:7b:31:74:1c:48:
                    fc:6b:ad:18:ce:31:14:8f:69:3b:26:6e:9b:48:f0:
                    6e:ef:17:ee:33:7f:0a:11:ea:a7:a5:d0:96:04:ff:
                    62:cf:c4:96:bb:b5:54:f7:2a:81:93:b4:df:d5:4d:
                    60:20:76:2c:b8:40:d0:37:e0:e8:38:23:43:91:d6:
                    b4:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:70:55:D3:B3:89:26:33:AB:26:51:1E:F6:54:E2:3B:7A:90:96:21
            X509v3 Authority Key Identifier:
                keyid:96:D4:C0:AF:15:BE:38:D2:FC:5E:30:FE:34:57:47:5D:34:B7:83:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ltTArxW-ONL8XjD-NFdHXTS3g5o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:5d:5b:72:00:08:31:aa:e8:50:57:fb:4a:5c:83:60:b2:b7:
         da:42:95:5a:eb:c9:22:6e:0d:30:dc:8b:e0:c8:61:02:d1:c9:
         02:bf:52:5b:ba:47:f0:23:dc:44:35:2e:f8:7b:24:00:ec:ae:
         c4:f9:53:5f:ed:5d:34:3d:7b:f7:11:0a:51:8c:d9:82:c7:71:
         79:0e:61:b3:28:af:8a:e7:3b:3f:43:f2:7b:db:f7:6f:7a:b2:
         0f:7d:2b:c9:6e:92:8d:a0:52:7e:59:bf:33:d7:11:b7:b2:89:
         b3:f9:2f:b2:76:76:b5:ae:a1:2b:30:11:c4:c8:a6:5f:1b:b4:
         80:72:c4:42:0d:76:4a:c6:99:8e:73:69:da:b4:32:b9:1e:80:
         fa:0d:bf:ff:17:c6:fa:24:8a:40:b3:af:6c:47:35:49:e2:f7:
         bb:a4:f4:51:9c:c9:91:9b:a4:ad:88:71:1d:b6:70:9a:5a:70:
         6c:4e:22:90:36:6e:68:f3:7e:61:62:43:15:01:f8:08:00:cd:
         aa:2c:a6:51:e1:01:57:3e:10:04:72:99:72:f0:e4:aa:4a:99:
         a0:96:2a:0e:6d:92:5c:7a:ba:a8:07:1e:f4:18:6c:d4:59:e6:
         de:eb:46:94:4a:43:c4:92:25:4c:d1:8a:45:13:e1:55:d5:c3:
         15:92:00:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaJXAE8gJqzKQiUQKW8pHRxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2ZDRjMGFmMTViZTM4ZDJmYzVlMzBmZTM0NTc0NzVkMzRi
NzgzOWEwHhcNMjUwNTAxMDEwMDMwWhcNMjUwNTAyMDEwMDMwWjAzMTEwLwYDVQQD
EyhkYjcwNTVkM2IzODkyNjMzYWIyNjUxMWVmNjU0ZTIzYjdhOTA5NjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzGvyxtsPb0O+W8nCk//3Lme6GwOS
Iiic53d128nHOiO7yo0Cr3bTLkIcwhl2/5vtIRljTtSERrmBiivc+K+uU168SOKO
pM5JiuvBjr2TgrWSNG7OoGj+D6svycXGl6aLtwgedSLxiZrOPCc3oJL/24Fi5Ay9
Oygvox6Zdrf+fPtN5ff5A/LnoEDXEp9p0051rA7HskWgUsRsSztCE0490wbTdJ6j
V7cQovp8zomc69sIUjoh/wvN/zV4vBgtezF0HEj8a60YzjEUj2k7Jm6bSPBu7xfu
M38KEeqnpdCWBP9iz8SWu7VU9yqBk7Tf1U1gIHYsuEDQN+DoOCNDkda0twIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNtwVdOziSYzqyZRHvZU4jt6kJYhMB8GA1UdIwQY
MBaAFJbUwK8VvjjS/F4w/jRXR100t4OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHRUQXJ4Vy1PTkw4WGpELU5GZEhYVFMzZzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iMWIxMjgtNGYxMC00ODZlLWExZWUt
OTUyZjZmYzAyNjcyLzEvbHRUQXJ4Vy1PTkw4WGpELU5GZEhYVFMzZzVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iMWIxMjgtNGYxMC00ODZlLWExZWUtOTUyZjZmYzAyNjcy
LzEvbHRUQXJ4Vy1PTkw4WGpELU5GZEhYVFMzZzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm11bcgAI
MaroUFf7SlyDYLK32kKVWuvJIm4NMNyL4MhhAtHJAr9SW7pH8CPcRDUu+HskAOyu
xPlTX+1dND179xEKUYzZgsdxeQ5hsyiviuc7P0Pye9v3b3qyD30ryW6SjaBSflm/
M9cRt7KJs/kvsnZ2ta6hKzARxMimXxu0gHLEQg12SsaZjnNp2rQyuR6A+g2//xfG
+iSKQLOvbEc1SeL3u6T0UZzJkZukrYhxHbZwmlpwbE4ikDZuaPN+YWJDFQH4CADN
qiymUeEBVz4QBHKZcvDkqkqZoJYqDm2SXHq6qAce9Bhs1Fnm3utGlEpDxJIlTNGK
RRPhVdXDFZIAOQ==
-----END CERTIFICATE-----