Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/7929f4-ec35-4d9c-92a8-0eb45ef62d8d/1/LxW3OnwtEx7BTr2QcXGLVMP7ppI.mft
File:                     LxW3OnwtEx7BTr2QcXGLVMP7ppI.mft (raw, json)
Hash identifier:          dPjsfiu0DZDW5Ng8txopXGPt5jmVs5Q0pqcLbl/fduw=
Subject key identifier:   FC:AD:AC:6D:1F:A5:3B:F6:9E:3E:7A:7E:6B:41:86:7D:A9:56:56:57
Authority key identifier: 2F:15:B7:3A:7C:2D:13:1E:C1:4E:BD:90:71:71:8B:54:C3:FB:A6:92
Certificate issuer:       /CN=2f15b73a7c2d131ec14ebd9071718b54c3fba692
Certificate serial:       01967DC6520EAD67ED723577E3464ED00D2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LxW3OnwtEx7BTr2QcXGLVMP7ppI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/7929f4-ec35-4d9c-92a8-0eb45ef62d8d/1/LxW3OnwtEx7BTr2QcXGLVMP7ppI.mft
Manifest number:          0227
Signing time:             Mon 28 Apr 2025 19:01:11 +0000
Manifest this update:     Mon 28 Apr 2025 19:01:11 +0000
Manifest next update:     Tue 29 Apr 2025 19:01:11 +0000
Files and hashes:         1: LxW3OnwtEx7BTr2QcXGLVMP7ppI.crl (hash: VpPl/WVXWHckZgSLJyBXF36VUrfw5rEG9Nwi0H5oA/s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/7929f4-ec35-4d9c-92a8-0eb45ef62d8d/1/LxW3OnwtEx7BTr2QcXGLVMP7ppI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/7929f4-ec35-4d9c-92a8-0eb45ef62d8d/1/LxW3OnwtEx7BTr2QcXGLVMP7ppI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LxW3OnwtEx7BTr2QcXGLVMP7ppI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 15:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7d:c6:52:0e:ad:67:ed:72:35:77:e3:46:4e:d0:0d:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f15b73a7c2d131ec14ebd9071718b54c3fba692
        Validity
            Not Before: Apr 28 19:01:11 2025 GMT
            Not After : Apr 29 19:01:11 2025 GMT
        Subject: CN=fcadac6d1fa53bf69e3e7a7e6b41867da9565657
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:75:b5:f8:96:b1:31:27:88:6e:86:27:1d:08:
                    41:9b:bd:0e:c0:d7:08:97:d8:b2:9d:9a:cd:fb:a7:
                    68:d7:43:08:71:e6:93:92:62:02:4f:48:e8:8c:97:
                    b3:02:c9:bb:e5:7c:5a:4f:35:1a:30:61:ea:06:21:
                    1f:90:ec:73:26:eb:8f:1a:69:07:a7:e7:75:e7:a7:
                    18:fe:70:6f:1b:90:4b:dc:9e:ca:43:76:4d:24:16:
                    66:bd:2a:35:ba:54:8f:39:ee:11:bb:61:a7:34:55:
                    0b:23:9f:8e:bc:5e:52:f6:bc:bf:d3:70:eb:27:e5:
                    3b:1e:e1:a3:d9:1d:3d:71:23:ac:dd:19:c6:a8:ab:
                    e1:bd:d1:a8:2f:af:71:20:48:f1:60:df:6b:5e:d6:
                    82:ee:0f:36:c5:d7:96:d0:6a:76:59:84:6c:53:7f:
                    d0:27:a0:7d:ed:7e:bb:aa:b6:27:63:88:f5:4e:24:
                    fd:9b:f8:8f:3c:c5:bd:db:7e:40:a9:64:10:3c:f9:
                    82:e9:21:40:02:00:9f:af:20:b1:17:46:39:dd:21:
                    a4:80:e0:01:e5:80:e0:c9:fa:a6:15:50:d5:cf:61:
                    8a:40:f4:d4:f0:25:08:21:35:57:4e:b8:3c:d4:d2:
                    6c:1f:09:b7:e9:12:13:03:f9:d9:c4:22:03:be:0f:
                    61:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:AD:AC:6D:1F:A5:3B:F6:9E:3E:7A:7E:6B:41:86:7D:A9:56:56:57
            X509v3 Authority Key Identifier:
                keyid:2F:15:B7:3A:7C:2D:13:1E:C1:4E:BD:90:71:71:8B:54:C3:FB:A6:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LxW3OnwtEx7BTr2QcXGLVMP7ppI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/7929f4-ec35-4d9c-92a8-0eb45ef62d8d/1/LxW3OnwtEx7BTr2QcXGLVMP7ppI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/7929f4-ec35-4d9c-92a8-0eb45ef62d8d/1/LxW3OnwtEx7BTr2QcXGLVMP7ppI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:b7:09:ee:0a:a7:6a:63:97:44:24:90:45:b1:1d:07:ce:8e:
         fa:a5:d6:27:7a:3b:e9:d0:a2:de:05:34:92:94:16:77:fd:d7:
         79:f2:38:19:06:fd:7a:d9:e2:0f:80:de:54:c3:e3:5c:08:1f:
         f8:3b:a4:51:c1:65:84:8b:32:56:8f:7e:dc:e2:c2:c8:9b:90:
         8c:93:bf:21:4a:fc:8c:d8:84:6d:31:57:7d:70:35:76:87:7a:
         22:00:b6:df:23:28:61:2a:e4:03:4f:09:71:7c:a9:86:e5:d7:
         3c:c7:02:45:ba:b6:33:37:be:1e:e8:97:1e:04:ae:55:4b:b3:
         6f:b8:5a:da:98:27:96:05:08:ac:26:b8:a1:b7:a2:1c:bd:4b:
         a4:b1:a1:4b:1a:ac:a4:06:16:b8:cf:45:43:b6:0f:4c:27:e1:
         01:5a:80:31:b6:92:d1:f3:c5:88:c5:fc:29:af:6b:06:5f:37:
         83:89:9e:29:5a:2d:c0:09:35:f7:02:39:a4:43:a9:13:07:e6:
         32:12:35:54:41:67:d1:de:c2:64:5d:62:23:b2:93:f5:5f:29:
         49:a3:41:d9:d7:4f:5f:3b:f7:ef:b3:42:9c:81:49:de:97:71:
         3c:82:cc:a8:7e:b4:93:c7:ac:be:c5:7c:e3:04:9f:e7:69:19:
         ac:d7:50:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ9xlIOrWftcjV340ZO0A0vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMTViNzNhN2MyZDEzMWVjMTRlYmQ5MDcxNzE4YjU0YzNm
YmE2OTIwHhcNMjUwNDI4MTkwMTExWhcNMjUwNDI5MTkwMTExWjAzMTEwLwYDVQQD
EyhmY2FkYWM2ZDFmYTUzYmY2OWUzZTdhN2U2YjQxODY3ZGE5NTY1NjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0XW1+JaxMSeIboYnHQhBm70OwNcI
l9iynZrN+6do10MIceaTkmICT0jojJezAsm75XxaTzUaMGHqBiEfkOxzJuuPGmkH
p+d156cY/nBvG5BL3J7KQ3ZNJBZmvSo1ulSPOe4Ru2GnNFULI5+OvF5S9ry/03Dr
J+U7HuGj2R09cSOs3RnGqKvhvdGoL69xIEjxYN9rXtaC7g82xdeW0Gp2WYRsU3/Q
J6B97X67qrYnY4j1TiT9m/iPPMW9235AqWQQPPmC6SFAAgCfryCxF0Y53SGkgOAB
5YDgyfqmFVDVz2GKQPTU8CUIITVXTrg81NJsHwm36RITA/nZxCIDvg9hXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPytrG0fpTv2nj56fmtBhn2pVlZXMB8GA1UdIwQY
MBaAFC8Vtzp8LRMewU69kHFxi1TD+6aSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHhXM09ud3RFeDdCVHIyUWNYR0xWTVA3cHBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83OTI5ZjQtZWMzNS00ZDljLTkyYTgt
MGViNDVlZjYyZDhkLzEvTHhXM09ud3RFeDdCVHIyUWNYR0xWTVA3cHBJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83OTI5ZjQtZWMzNS00ZDljLTkyYTgtMGViNDVlZjYyZDhk
LzEvTHhXM09ud3RFeDdCVHIyUWNYR0xWTVA3cHBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuLcJ7gqn
amOXRCSQRbEdB86O+qXWJ3o76dCi3gU0kpQWd/3XefI4GQb9etniD4DeVMPjXAgf
+DukUcFlhIsyVo9+3OLCyJuQjJO/IUr8jNiEbTFXfXA1dod6IgC23yMoYSrkA08J
cXyphuXXPMcCRbq2Mze+HuiXHgSuVUuzb7ha2pgnlgUIrCa4obeiHL1LpLGhSxqs
pAYWuM9FQ7YPTCfhAVqAMbaS0fPFiMX8Ka9rBl83g4meKVotwAk19wI5pEOpEwfm
MhI1VEFn0d7CZF1iI7KT9V8pSaNB2ddPXzv377NCnIFJ3pdxPILMqH60k8esvsV8
4wSf52kZrNdQYA==
-----END CERTIFICATE-----