Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/e1f171-a889-4395-9cfc-0805419d721a/1/lnRtO9Pi3eYWQCDesLXYkixkdm0.mft
File:                     lnRtO9Pi3eYWQCDesLXYkixkdm0.mft (raw, json)
Hash identifier:          CxYR0Iacg1CjaX2IgUedhpXAbnPQowF/cCJd+0jlDEM=
Subject key identifier:   DF:C1:6C:9A:3A:BE:D9:20:83:DD:2C:F2:78:68:F1:EA:F9:26:D0:23
Authority key identifier: 96:74:6D:3B:D3:E2:DD:E6:16:40:20:DE:B0:B5:D8:92:2C:64:76:6D
Certificate issuer:       /CN=96746d3bd3e2dde6164020deb0b5d8922c64766d
Certificate serial:       019674C2577235B1B17AC269F6493DCE3CE0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lnRtO9Pi3eYWQCDesLXYkixkdm0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/e1f171-a889-4395-9cfc-0805419d721a/1/lnRtO9Pi3eYWQCDesLXYkixkdm0.mft
Manifest number:          01C4
Signing time:             Sun 27 Apr 2025 01:00:15 +0000
Manifest this update:     Sun 27 Apr 2025 01:00:15 +0000
Manifest next update:     Mon 28 Apr 2025 01:00:15 +0000
Files and hashes:         1: lnRtO9Pi3eYWQCDesLXYkixkdm0.crl (hash: MUhG8yx4mGfO1mC82W9xrwSw1k+OSz55T4dJWGrLKtU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/e1f171-a889-4395-9cfc-0805419d721a/1/lnRtO9Pi3eYWQCDesLXYkixkdm0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/e1f171-a889-4395-9cfc-0805419d721a/1/lnRtO9Pi3eYWQCDesLXYkixkdm0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lnRtO9Pi3eYWQCDesLXYkixkdm0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 01:00:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:74:c2:57:72:35:b1:b1:7a:c2:69:f6:49:3d:ce:3c:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=96746d3bd3e2dde6164020deb0b5d8922c64766d
        Validity
            Not Before: Apr 27 01:00:15 2025 GMT
            Not After : Apr 28 01:00:15 2025 GMT
        Subject: CN=dfc16c9a3abed92083dd2cf27868f1eaf926d023
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:73:d7:9f:ae:63:61:33:7e:14:e6:5e:23:76:
                    7d:b2:6c:cb:0f:c1:fb:54:3a:4d:f4:e2:49:5f:b2:
                    11:98:81:58:54:7a:96:ad:35:a9:a6:da:22:83:9a:
                    7d:77:ab:10:31:b9:79:4e:9f:0d:42:d4:62:e6:0a:
                    90:65:7e:76:f9:8f:77:68:42:14:55:fb:df:5b:66:
                    45:7e:4a:f7:55:87:b6:be:b0:c9:d9:56:c8:19:7e:
                    c3:bc:01:01:8f:8f:9b:ff:da:e4:12:74:5e:d9:24:
                    39:95:b5:eb:7e:77:52:6d:76:2c:00:38:15:e1:33:
                    06:f5:5e:28:a4:79:de:c3:30:dc:29:ea:c2:7d:de:
                    2e:b0:56:ff:5b:2e:d5:a6:cd:00:8d:f5:eb:4e:cc:
                    dd:9e:62:e0:69:84:f5:65:03:d2:48:23:70:0f:35:
                    07:9c:4f:4c:df:f9:98:cb:e9:7f:7b:ca:18:55:32:
                    7e:55:4d:5e:44:94:dd:9b:21:01:8c:1c:3a:19:70:
                    f3:24:1f:7c:b4:2d:ce:01:95:a2:7d:22:93:d4:90:
                    9d:ff:ef:4b:f8:b3:9c:8c:1e:37:f3:ba:48:5d:ce:
                    3f:93:eb:67:6f:ba:d8:4a:ea:40:f0:98:37:e5:40:
                    41:69:16:7c:f4:85:4c:ab:8f:a5:dc:98:fd:6d:66:
                    57:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:C1:6C:9A:3A:BE:D9:20:83:DD:2C:F2:78:68:F1:EA:F9:26:D0:23
            X509v3 Authority Key Identifier:
                keyid:96:74:6D:3B:D3:E2:DD:E6:16:40:20:DE:B0:B5:D8:92:2C:64:76:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lnRtO9Pi3eYWQCDesLXYkixkdm0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/e1f171-a889-4395-9cfc-0805419d721a/1/lnRtO9Pi3eYWQCDesLXYkixkdm0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/e1f171-a889-4395-9cfc-0805419d721a/1/lnRtO9Pi3eYWQCDesLXYkixkdm0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:df:d5:05:e9:c1:50:d6:31:f0:de:0d:11:ed:53:eb:d4:47:
         8e:07:31:3a:ab:e5:a8:77:dc:40:ab:00:6b:5b:54:40:c8:2f:
         fe:1a:d5:4c:11:93:03:46:c6:db:a5:e6:b1:99:80:02:5a:ce:
         49:e9:d2:57:16:fe:2e:19:01:55:04:74:ab:89:12:24:0c:01:
         98:c4:24:5f:eb:54:f8:0f:02:6a:2b:5b:4a:09:5c:2e:82:0f:
         a7:8a:56:2d:53:e7:f8:c5:89:68:87:9b:ac:ca:33:6f:3b:38:
         9f:c2:f7:00:e4:be:66:f2:67:93:c0:1c:54:34:64:21:a8:43:
         3d:f2:e5:55:96:01:1b:cf:d8:6d:6f:71:6d:d4:ca:33:25:18:
         29:02:4e:16:74:09:9c:ba:11:aa:19:12:67:f2:6a:07:92:d4:
         90:73:b2:58:90:04:88:66:b9:57:23:c3:dc:f2:6a:26:bc:37:
         36:84:cf:e3:0a:52:5d:7f:f0:5b:73:04:8b:74:c5:9b:ca:d9:
         e4:79:82:d4:33:22:c9:19:8c:6c:35:9b:33:43:9b:20:bd:45:
         cc:1b:2a:51:d5:f4:a4:9f:d4:df:37:76:11:05:79:8e:05:84:
         61:f4:b1:0d:95:c9:53:2f:d8:31:85:e6:0a:1c:5c:2d:d0:e0:
         17:f6:e9:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ0wldyNbGxesJp9kk9zjzgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2NzQ2ZDNiZDNlMmRkZTYxNjQwMjBkZWIwYjVkODkyMmM2
NDc2NmQwHhcNMjUwNDI3MDEwMDE1WhcNMjUwNDI4MDEwMDE1WjAzMTEwLwYDVQQD
EyhkZmMxNmM5YTNhYmVkOTIwODNkZDJjZjI3ODY4ZjFlYWY5MjZkMDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6HPXn65jYTN+FOZeI3Z9smzLD8H7
VDpN9OJJX7IRmIFYVHqWrTWpptoig5p9d6sQMbl5Tp8NQtRi5gqQZX52+Y93aEIU
VfvfW2ZFfkr3VYe2vrDJ2VbIGX7DvAEBj4+b/9rkEnRe2SQ5lbXrfndSbXYsADgV
4TMG9V4opHnewzDcKerCfd4usFb/Wy7Vps0AjfXrTszdnmLgaYT1ZQPSSCNwDzUH
nE9M3/mYy+l/e8oYVTJ+VU1eRJTdmyEBjBw6GXDzJB98tC3OAZWifSKT1JCd/+9L
+LOcjB4387pIXc4/k+tnb7rYSupA8Jg35UBBaRZ89IVMq4+l3Jj9bWZXBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN/BbJo6vtkgg90s8nho8er5JtAjMB8GA1UdIwQY
MBaAFJZ0bTvT4t3mFkAg3rC12JIsZHZtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbG5SdE85UGkzZVlXUUNEZXNMWFlraXhrZG0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9lMWYxNzEtYTg4OS00Mzk1LTljZmMt
MDgwNTQxOWQ3MjFhLzEvbG5SdE85UGkzZVlXUUNEZXNMWFlraXhrZG0wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9lMWYxNzEtYTg4OS00Mzk1LTljZmMtMDgwNTQxOWQ3MjFh
LzEvbG5SdE85UGkzZVlXUUNEZXNMWFlraXhrZG0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkd/VBenB
UNYx8N4NEe1T69RHjgcxOqvlqHfcQKsAa1tUQMgv/hrVTBGTA0bG26XmsZmAAlrO
SenSVxb+LhkBVQR0q4kSJAwBmMQkX+tU+A8CaitbSglcLoIPp4pWLVPn+MWJaIeb
rMozbzs4n8L3AOS+ZvJnk8AcVDRkIahDPfLlVZYBG8/YbW9xbdTKMyUYKQJOFnQJ
nLoRqhkSZ/JqB5LUkHOyWJAEiGa5VyPD3PJqJrw3NoTP4wpSXX/wW3MEi3TFm8rZ
5HmC1DMiyRmMbDWbM0ObIL1FzBsqUdX0pJ/U3zd2EQV5jgWEYfSxDZXJUy/YMYXm
ChxcLdDgF/bpAQ==
-----END CERTIFICATE-----