Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9eb3eb-5109-4798-8828-3d549fbb837f/1/qUjQEe24zTPmZ2eIDKSrMGHZxSM.mft
File:                     qUjQEe24zTPmZ2eIDKSrMGHZxSM.mft (raw, json)
Hash identifier:          2/RtL7BfGgImKLJ2XDFBq4pPoiAnwIk89hU7j2Y23oY=
Subject key identifier:   CD:83:ED:B3:A2:E4:B2:A4:2E:90:CE:D8:45:06:65:68:A7:F9:5E:4A
Authority key identifier: A9:48:D0:11:ED:B8:CD:33:E6:67:67:88:0C:A4:AB:30:61:D9:C5:23
Certificate issuer:       /CN=a948d011edb8cd33e66767880ca4ab3061d9c523
Certificate serial:       0194C499EFCDE6930DEFA59A948CDB1D627A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qUjQEe24zTPmZ2eIDKSrMGHZxSM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/9eb3eb-5109-4798-8828-3d549fbb837f/1/qUjQEe24zTPmZ2eIDKSrMGHZxSM.mft
Manifest number:          0146
Signing time:             Sun 02 Feb 2025 03:00:10 +0000
Manifest this update:     Sun 02 Feb 2025 03:00:10 +0000
Manifest next update:     Mon 03 Feb 2025 03:00:10 +0000
Files and hashes:         1: qUjQEe24zTPmZ2eIDKSrMGHZxSM.crl (hash: /mz4GGSnxCaOLjW6IFjrwENQsuCUslhPEtGAN9CS/I8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/08/9eb3eb-5109-4798-8828-3d549fbb837f/1/qUjQEe24zTPmZ2eIDKSrMGHZxSM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/08/9eb3eb-5109-4798-8828-3d549fbb837f/1/qUjQEe24zTPmZ2eIDKSrMGHZxSM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qUjQEe24zTPmZ2eIDKSrMGHZxSM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:99:ef:cd:e6:93:0d:ef:a5:9a:94:8c:db:1d:62:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a948d011edb8cd33e66767880ca4ab3061d9c523
        Validity
            Not Before: Feb  2 03:00:10 2025 GMT
            Not After : Feb  3 03:00:10 2025 GMT
        Subject: CN=cd83edb3a2e4b2a42e90ced845066568a7f95e4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:3a:59:75:1c:39:18:88:7a:78:54:84:4a:8f:
                    df:ed:96:a7:18:54:33:48:26:ff:d9:eb:d0:db:25:
                    d9:71:d8:43:b5:95:aa:94:63:02:d6:ad:97:f9:74:
                    fc:00:64:82:9e:52:fc:57:50:ce:7d:5a:b0:fb:85:
                    e2:a8:01:02:94:d0:5d:7e:9a:5e:7a:db:ce:2d:ee:
                    fe:4f:9d:e4:fa:85:fb:12:f0:50:13:33:0e:0d:42:
                    c4:2d:00:f4:1d:28:82:2e:8b:4d:1e:02:32:d5:df:
                    d7:9d:f8:bd:4e:83:be:89:e7:5a:bc:fa:0c:1e:27:
                    50:5a:68:99:16:2e:87:84:47:ed:02:89:04:77:8d:
                    da:fa:e1:c7:96:e6:7c:b2:f2:05:2e:fd:26:be:57:
                    da:f3:ec:2c:56:64:f3:13:96:7d:cb:6a:9c:2c:98:
                    5b:b8:a2:eb:71:1a:42:d8:2b:8e:e9:ee:28:9f:36:
                    0c:bd:63:ba:6d:f4:94:77:4d:d0:bb:12:6d:74:37:
                    19:bc:38:36:97:ae:ac:8c:50:a5:63:be:39:bb:47:
                    de:a0:e9:f0:6f:b3:b6:eb:ad:38:39:74:29:83:86:
                    34:bd:cc:d2:bf:3a:df:01:48:94:4f:b4:eb:d3:0f:
                    c5:96:c3:32:46:05:00:3b:68:ba:b7:42:e5:83:8c:
                    75:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:83:ED:B3:A2:E4:B2:A4:2E:90:CE:D8:45:06:65:68:A7:F9:5E:4A
            X509v3 Authority Key Identifier:
                keyid:A9:48:D0:11:ED:B8:CD:33:E6:67:67:88:0C:A4:AB:30:61:D9:C5:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUjQEe24zTPmZ2eIDKSrMGHZxSM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9eb3eb-5109-4798-8828-3d549fbb837f/1/qUjQEe24zTPmZ2eIDKSrMGHZxSM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9eb3eb-5109-4798-8828-3d549fbb837f/1/qUjQEe24zTPmZ2eIDKSrMGHZxSM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:4a:67:51:5c:3d:f7:9c:a6:00:40:5b:f4:1f:8c:3d:17:1a:
         e1:ba:cb:48:23:a8:b2:37:f6:a0:c2:ba:e7:fe:28:c5:9b:fa:
         4f:fd:e4:a3:83:88:32:af:88:56:f2:bf:34:f0:58:21:a5:89:
         b6:3c:1e:a4:22:d3:cc:00:70:cf:0d:72:c1:39:40:d0:9b:0d:
         5d:90:fd:86:35:cb:16:d2:f5:af:f6:e6:cf:d5:29:18:9c:37:
         87:ae:f6:af:c6:8a:bd:2d:d8:0e:64:5c:ae:1a:e6:04:53:31:
         93:4a:92:3d:1f:96:1c:e3:fe:60:66:4b:2a:b9:9b:65:3f:a0:
         2e:f5:fe:d3:6e:02:b0:11:90:a1:d1:8c:ea:2a:ff:60:0e:f1:
         a4:55:f0:c7:d2:ce:93:5e:03:49:27:bd:32:01:1d:bb:78:f9:
         d4:16:f5:aa:c2:ae:90:d6:70:31:2f:72:44:a1:fd:14:53:30:
         b2:1c:25:5c:bb:5e:75:9c:e5:d8:fa:59:56:fe:f9:f7:f0:b4:
         e4:c3:1a:e3:f6:a9:8c:bc:e8:61:f5:f9:72:ff:ca:cc:35:d9:
         8f:5a:f0:cc:fa:1d:13:2e:4a:ff:31:5f:52:7b:e7:30:a4:99:
         52:01:81:9d:a9:52:49:ce:86:a4:20:9e:e1:97:14:75:41:19:
         75:9b:41:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTEme/N5pMN76WalIzbHWJ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5NDhkMDExZWRiOGNkMzNlNjY3Njc4ODBjYTRhYjMwNjFk
OWM1MjMwHhcNMjUwMjAyMDMwMDEwWhcNMjUwMjAzMDMwMDEwWjAzMTEwLwYDVQQD
EyhjZDgzZWRiM2EyZTRiMmE0MmU5MGNlZDg0NTA2NjU2OGE3Zjk1ZTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzpZdRw5GIh6eFSESo/f7ZanGFQz
SCb/2evQ2yXZcdhDtZWqlGMC1q2X+XT8AGSCnlL8V1DOfVqw+4XiqAEClNBdfppe
etvOLe7+T53k+oX7EvBQEzMODULELQD0HSiCLotNHgIy1d/Xnfi9ToO+iedavPoM
HidQWmiZFi6HhEftAokEd43a+uHHluZ8svIFLv0mvlfa8+wsVmTzE5Z9y2qcLJhb
uKLrcRpC2CuO6e4onzYMvWO6bfSUd03QuxJtdDcZvDg2l66sjFClY745u0feoOnw
b7O26604OXQpg4Y0vczSvzrfAUiUT7Tr0w/FlsMyRgUAO2i6t0Llg4x1lwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM2D7bOi5LKkLpDO2EUGZWin+V5KMB8GA1UdIwQY
MBaAFKlI0BHtuM0z5mdniAykqzBh2cUjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVVqUUVlMjR6VFBtWjJlSURLU3JNR0haeFNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85ZWIzZWItNTEwOS00Nzk4LTg4Mjgt
M2Q1NDlmYmI4MzdmLzEvcVVqUUVlMjR6VFBtWjJlSURLU3JNR0haeFNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85ZWIzZWItNTEwOS00Nzk4LTg4MjgtM2Q1NDlmYmI4Mzdm
LzEvcVVqUUVlMjR6VFBtWjJlSURLU3JNR0haeFNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJEpnUVw9
95ymAEBb9B+MPRca4brLSCOosjf2oMK65/4oxZv6T/3ko4OIMq+IVvK/NPBYIaWJ
tjwepCLTzABwzw1ywTlA0JsNXZD9hjXLFtL1r/bmz9UpGJw3h672r8aKvS3YDmRc
rhrmBFMxk0qSPR+WHOP+YGZLKrmbZT+gLvX+024CsBGQodGM6ir/YA7xpFXwx9LO
k14DSSe9MgEdu3j51Bb1qsKukNZwMS9yRKH9FFMwshwlXLtedZzl2PpZVv759/C0
5MMa4/apjLzoYfX5cv/KzDXZj1rwzPodEy5K/zFfUnvnMKSZUgGBnalSSc6GpCCe
4ZcUdUEZdZtB4g==
-----END CERTIFICATE-----