Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft
File:                     AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft (raw, json)
Hash identifier:          f0oJKp0/KY6hIkmcbOLy23V+0YkVjPMAB1TyEH2yjnI=
Subject key identifier:   E2:35:52:F6:78:3D:84:7B:02:90:B0:06:87:F9:6F:44:22:C9:E6:6C
Authority key identifier: 02:51:F6:AB:E0:BB:26:BF:E4:85:9E:54:DE:E0:FD:C9:A5:B7:8A:05
Certificate issuer:       /CN=0251f6abe0bb26bfe4859e54dee0fdc9a5b78a05
Certificate serial:       019510C70B9C1509E8EC15A7A3ECF77B6C83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AlH2q-C7Jr_khZ5U3uD9yaW3igU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft
Manifest number:          1452
Signing time:             Sun 16 Feb 2025 22:00:34 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:34 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:34 +0000
Files and hashes:         1: AlH2q-C7Jr_khZ5U3uD9yaW3igU.crl (hash: Me2UtAJDf7P4j2JzTFUmt1fx/SHsTE6727vwhHJqakQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AlH2q-C7Jr_khZ5U3uD9yaW3igU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:0b:9c:15:09:e8:ec:15:a7:a3:ec:f7:7b:6c:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0251f6abe0bb26bfe4859e54dee0fdc9a5b78a05
        Validity
            Not Before: Feb 16 22:00:34 2025 GMT
            Not After : Feb 17 22:00:34 2025 GMT
        Subject: CN=e23552f6783d847b0290b00687f96f4422c9e66c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:98:44:77:d1:46:81:51:18:12:56:4f:ee:13:
                    f6:35:4b:22:87:05:9d:5c:50:b1:a7:1a:64:55:43:
                    2f:3d:21:76:dd:f9:d3:18:6f:22:e3:6e:07:5b:a5:
                    4e:65:e1:34:98:4f:87:1b:b4:34:88:3a:7a:dc:cd:
                    02:2f:52:52:f9:01:3c:f2:37:82:17:22:d8:a9:9a:
                    20:0f:9d:10:b8:c4:21:de:30:07:92:8f:a4:f2:59:
                    27:39:89:09:53:50:5b:b7:fd:8c:d2:c4:28:7b:b5:
                    f0:bc:fa:3f:26:f2:a9:19:ca:28:23:b5:aa:75:1e:
                    c4:fa:d1:b1:db:18:35:0d:a7:8e:d7:92:aa:fa:88:
                    43:7f:d5:ab:89:be:f6:b2:dd:d7:bd:d3:ac:2e:16:
                    20:6a:2b:3f:a1:c3:aa:11:70:8d:bf:8e:49:35:3c:
                    1f:29:84:c3:fa:a8:57:2e:c3:d7:68:cd:c6:5a:15:
                    b7:d1:8e:49:16:ee:48:58:74:ad:6e:b8:c5:af:6b:
                    45:94:e5:87:6c:6e:1b:e7:d9:a7:f4:5e:af:81:3d:
                    12:15:f2:43:ab:8d:eb:6a:a0:79:f9:9e:82:4c:9a:
                    7c:65:5d:6f:2e:6c:46:5a:bd:43:ab:c3:dd:bd:75:
                    f9:22:18:77:3d:4b:9d:ca:85:04:f9:1b:c3:21:3a:
                    16:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:35:52:F6:78:3D:84:7B:02:90:B0:06:87:F9:6F:44:22:C9:E6:6C
            X509v3 Authority Key Identifier:
                keyid:02:51:F6:AB:E0:BB:26:BF:E4:85:9E:54:DE:E0:FD:C9:A5:B7:8A:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AlH2q-C7Jr_khZ5U3uD9yaW3igU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:6c:97:c4:ee:71:33:6c:45:29:2f:25:30:e8:da:d3:37:e5:
         7c:7b:c5:04:10:6f:21:d1:d4:e8:6f:cb:1b:ce:44:9b:56:6d:
         37:8c:4d:5e:3f:93:b1:21:5e:ba:67:c1:f8:e9:87:1d:05:ed:
         92:08:3a:27:b5:e6:ad:8f:34:ff:bb:4f:2e:a8:00:c9:1e:32:
         24:79:a8:2a:54:c2:8c:92:a3:a8:c5:83:c1:20:8f:a2:c4:b3:
         ee:3f:46:37:08:f1:b1:f2:19:9b:00:da:72:b0:f7:64:3d:ba:
         fd:d5:6c:b6:1b:f8:60:93:d1:5b:fc:b4:04:c1:d5:5d:7f:0a:
         62:5c:06:e4:88:b7:a4:b6:25:23:7f:c4:3b:39:f8:5c:d8:2b:
         1b:e4:49:44:88:48:63:7b:6b:6d:71:50:9c:fa:77:7c:51:26:
         24:cc:d9:3e:21:c4:30:03:63:fa:b0:a7:29:4c:5e:bd:eb:b4:
         f1:ea:c3:d3:43:85:3f:0a:88:ab:90:a8:e0:f0:19:8a:f9:38:
         46:bd:5c:78:c4:36:6c:5b:07:c6:97:67:c4:46:63:20:d1:7e:
         04:2a:73:ca:bb:f0:69:d3:3f:d5:ae:63:9a:ec:ad:79:1e:7f:
         82:88:69:99:e6:42:43:ab:8d:d4:e6:19:42:e8:74:3a:a6:56:
         2f:46:62:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxwucFQno7BWno+z3e2yDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNTFmNmFiZTBiYjI2YmZlNDg1OWU1NGRlZTBmZGM5YTVi
NzhhMDUwHhcNMjUwMjE2MjIwMDM0WhcNMjUwMjE3MjIwMDM0WjAzMTEwLwYDVQQD
EyhlMjM1NTJmNjc4M2Q4NDdiMDI5MGIwMDY4N2Y5NmY0NDIyYzllNjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2phEd9FGgVEYElZP7hP2NUsihwWd
XFCxpxpkVUMvPSF23fnTGG8i424HW6VOZeE0mE+HG7Q0iDp63M0CL1JS+QE88jeC
FyLYqZogD50QuMQh3jAHko+k8lknOYkJU1Bbt/2M0sQoe7XwvPo/JvKpGcooI7Wq
dR7E+tGx2xg1DaeO15Kq+ohDf9Wrib72st3XvdOsLhYgais/ocOqEXCNv45JNTwf
KYTD+qhXLsPXaM3GWhW30Y5JFu5IWHStbrjFr2tFlOWHbG4b59mn9F6vgT0SFfJD
q43raqB5+Z6CTJp8ZV1vLmxGWr1Dq8PdvXX5Ihh3PUudyoUE+RvDIToWFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOI1UvZ4PYR7ApCwBof5b0QiyeZsMB8GA1UdIwQY
MBaAFAJR9qvguya/5IWeVN7g/cmlt4oFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWxIMnEtQzdKcl9raFo1VTN1RDl5YVczaWdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8yZmFiZjUtZTNlZC00ZDlhLTljZDgt
MmY0ZWI5YzA2MDM1LzEvQWxIMnEtQzdKcl9raFo1VTN1RDl5YVczaWdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8yZmFiZjUtZTNlZC00ZDlhLTljZDgtMmY0ZWI5YzA2MDM1
LzEvQWxIMnEtQzdKcl9raFo1VTN1RDl5YVczaWdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiWyXxO5x
M2xFKS8lMOja0zflfHvFBBBvIdHU6G/LG85Em1ZtN4xNXj+TsSFeumfB+OmHHQXt
kgg6J7XmrY80/7tPLqgAyR4yJHmoKlTCjJKjqMWDwSCPosSz7j9GNwjxsfIZmwDa
crD3ZD26/dVsthv4YJPRW/y0BMHVXX8KYlwG5Ii3pLYlI3/EOzn4XNgrG+RJRIhI
Y3trbXFQnPp3fFEmJMzZPiHEMANj+rCnKUxeveu08erD00OFPwqIq5Co4PAZivk4
Rr1ceMQ2bFsHxpdnxEZjINF+BCpzyrvwadM/1a5jmuyteR5/gohpmeZCQ6uN1OYZ
Quh0OqZWL0ZiZw==
-----END CERTIFICATE-----