Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/3bab57-db3b-4be8-b279-00f56f4721c2/1/aesKgBz9tLWANaXQdaKQSy6qX5E.mft
File:                     aesKgBz9tLWANaXQdaKQSy6qX5E.mft (raw, json)
Hash identifier:          ciY60Xmd/fZy2mmYTTy8GIe58M0zfSg4aPClAqdluVo=
Subject key identifier:   40:63:3D:F4:4B:BD:D1:E9:EB:29:0D:F2:E1:5C:1E:22:C0:B3:0D:C0
Authority key identifier: 69:EB:0A:80:1C:FD:B4:B5:80:35:A5:D0:75:A2:90:4B:2E:AA:5F:91
Certificate issuer:       /CN=69eb0a801cfdb4b58035a5d075a2904b2eaa5f91
Certificate serial:       019510C719249E33D62912069182EAF425ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aesKgBz9tLWANaXQdaKQSy6qX5E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/3bab57-db3b-4be8-b279-00f56f4721c2/1/aesKgBz9tLWANaXQdaKQSy6qX5E.mft
Manifest number:          1453
Signing time:             Sun 16 Feb 2025 22:00:38 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:38 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:38 +0000
Files and hashes:         1: aesKgBz9tLWANaXQdaKQSy6qX5E.crl (hash: mdbjNPRpUZq+XKM7TeWzr4QxspOrETTP/7zi32NnAoY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/3bab57-db3b-4be8-b279-00f56f4721c2/1/aesKgBz9tLWANaXQdaKQSy6qX5E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/3bab57-db3b-4be8-b279-00f56f4721c2/1/aesKgBz9tLWANaXQdaKQSy6qX5E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aesKgBz9tLWANaXQdaKQSy6qX5E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:19:24:9e:33:d6:29:12:06:91:82:ea:f4:25:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69eb0a801cfdb4b58035a5d075a2904b2eaa5f91
        Validity
            Not Before: Feb 16 22:00:38 2025 GMT
            Not After : Feb 17 22:00:38 2025 GMT
        Subject: CN=40633df44bbdd1e9eb290df2e15c1e22c0b30dc0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:7c:49:a8:df:ab:a1:88:86:0d:ef:e6:56:ce:
                    78:85:3b:42:67:ac:ec:8d:41:d7:e2:2c:1c:3c:6e:
                    b6:e9:66:77:d9:77:d9:1a:a3:84:a1:9f:d0:00:00:
                    64:e8:13:0d:d1:c0:37:44:9d:47:9e:8c:4b:87:b2:
                    f6:6c:21:29:d7:bb:14:01:0e:75:d4:64:0f:2b:25:
                    9e:a7:43:38:50:3b:bc:96:ae:c8:1a:2b:c4:c5:76:
                    fb:1b:44:07:8f:88:40:e6:d2:4f:73:9d:92:3b:59:
                    d2:68:36:80:ca:7a:7f:c8:9d:29:48:5a:4a:ce:10:
                    4e:3c:86:f2:fe:43:47:2b:d4:1f:1f:fd:7b:e8:87:
                    4b:f6:6a:7c:39:57:6e:14:57:82:e7:11:a3:62:e7:
                    47:3a:64:de:74:41:d2:a8:17:86:95:b0:a5:78:a7:
                    ef:be:36:2c:25:f5:c7:63:c4:48:b8:98:93:d4:06:
                    46:dd:e6:56:c0:49:7a:33:26:df:d1:3d:53:8a:79:
                    71:cd:9f:98:61:08:d6:6e:ac:c0:76:8f:cc:c0:4a:
                    81:77:12:2b:0d:db:18:d6:2d:32:53:82:76:6e:0a:
                    ed:af:da:64:75:be:9e:19:b2:5e:51:83:6d:d3:ac:
                    08:a8:3d:7e:b9:4a:78:8e:f7:ea:9a:89:99:52:db:
                    8d:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:63:3D:F4:4B:BD:D1:E9:EB:29:0D:F2:E1:5C:1E:22:C0:B3:0D:C0
            X509v3 Authority Key Identifier:
                keyid:69:EB:0A:80:1C:FD:B4:B5:80:35:A5:D0:75:A2:90:4B:2E:AA:5F:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aesKgBz9tLWANaXQdaKQSy6qX5E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/3bab57-db3b-4be8-b279-00f56f4721c2/1/aesKgBz9tLWANaXQdaKQSy6qX5E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/3bab57-db3b-4be8-b279-00f56f4721c2/1/aesKgBz9tLWANaXQdaKQSy6qX5E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         de:22:fa:bd:b7:96:a0:f2:51:84:68:ea:94:12:91:da:37:dc:
         44:1e:92:00:64:3b:8c:bf:ff:95:21:02:50:a7:b8:68:8f:7c:
         c0:b9:c1:6a:fb:05:4d:1f:2f:b8:e2:87:fa:ee:98:cc:de:4a:
         cd:97:a2:c9:bb:f3:83:0a:c3:09:a6:16:c0:5b:9c:c8:36:2f:
         b5:1f:a2:c6:b6:6e:97:69:91:72:65:c4:7f:fd:35:f3:d6:e5:
         85:92:f7:7b:c0:84:e4:77:b3:97:d2:91:f0:f4:dc:25:5d:da:
         96:f8:a9:b9:02:56:8c:fd:ba:ff:75:ee:be:3f:95:bc:c0:b9:
         f8:9e:8a:67:ca:20:9d:a0:f8:3e:55:4f:75:27:6b:84:c7:ee:
         6c:24:cc:a5:c4:35:00:75:2f:17:d3:e1:a0:74:c2:80:65:f8:
         8a:a8:d1:d2:4e:6f:a5:2a:97:f9:c7:7f:01:f0:03:e4:f9:89:
         53:9a:96:b9:4a:c2:c1:e8:9e:7d:51:68:35:b2:c7:2a:e4:6e:
         60:1b:a7:93:8c:74:15:5f:49:53:b2:27:37:7e:36:c2:7b:18:
         9e:05:51:ee:0a:cc:47:62:7b:d2:00:16:5e:e1:34:dc:5e:42:
         e5:4f:0e:b6:54:3a:16:f0:a4:94:5d:75:36:bf:6e:84:39:59:
         5e:02:81:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxxkknjPWKRIGkYLq9CXtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZWIwYTgwMWNmZGI0YjU4MDM1YTVkMDc1YTI5MDRiMmVh
YTVmOTEwHhcNMjUwMjE2MjIwMDM4WhcNMjUwMjE3MjIwMDM4WjAzMTEwLwYDVQQD
Eyg0MDYzM2RmNDRiYmRkMWU5ZWIyOTBkZjJlMTVjMWUyMmMwYjMwZGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnxJqN+roYiGDe/mVs54hTtCZ6zs
jUHX4iwcPG626WZ32XfZGqOEoZ/QAABk6BMN0cA3RJ1HnoxLh7L2bCEp17sUAQ51
1GQPKyWep0M4UDu8lq7IGivExXb7G0QHj4hA5tJPc52SO1nSaDaAynp/yJ0pSFpK
zhBOPIby/kNHK9QfH/176IdL9mp8OVduFFeC5xGjYudHOmTedEHSqBeGlbCleKfv
vjYsJfXHY8RIuJiT1AZG3eZWwEl6Mybf0T1TinlxzZ+YYQjWbqzAdo/MwEqBdxIr
DdsY1i0yU4J2bgrtr9pkdb6eGbJeUYNt06wIqD1+uUp4jvfqmomZUtuNMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEBjPfRLvdHp6ykN8uFcHiLAsw3AMB8GA1UdIwQY
MBaAFGnrCoAc/bS1gDWl0HWikEsuql+RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWVzS2dCejl0TFdBTmFYUWRhS1FTeTZxWDVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8zYmFiNTctZGIzYi00YmU4LWIyNzkt
MDBmNTZmNDcyMWMyLzEvYWVzS2dCejl0TFdBTmFYUWRhS1FTeTZxWDVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8zYmFiNTctZGIzYi00YmU4LWIyNzktMDBmNTZmNDcyMWMy
LzEvYWVzS2dCejl0TFdBTmFYUWRhS1FTeTZxWDVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA3iL6vbeW
oPJRhGjqlBKR2jfcRB6SAGQ7jL//lSECUKe4aI98wLnBavsFTR8vuOKH+u6YzN5K
zZeiybvzgwrDCaYWwFucyDYvtR+ixrZul2mRcmXEf/0189blhZL3e8CE5Hezl9KR
8PTcJV3alvipuQJWjP26/3Xuvj+VvMC5+J6KZ8ognaD4PlVPdSdrhMfubCTMpcQ1
AHUvF9PhoHTCgGX4iqjR0k5vpSqX+cd/AfAD5PmJU5qWuUrCweiefVFoNbLHKuRu
YBunk4x0FV9JU7InN342wnsYngVR7grMR2J70gAWXuE03F5C5U8OtlQ6FvCklF11
Nr9uhDlZXgKBGA==
-----END CERTIFICATE-----