Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft
File:                     GAIUWTANFfrFUHBc9uJYmZ09hro.mft (raw, json)
Hash identifier:          p+2UgYqr7CCjicV7Hb5AIsi/VkJIHHnJxOI0XBWHIAE=
Subject key identifier:   09:1A:54:E6:C3:0D:9F:36:45:2A:C9:13:13:8F:9B:EB:03:24:72:40
Authority key identifier: 18:02:14:59:30:0D:15:FA:C5:50:70:5C:F6:E2:58:99:9D:3D:86:BA
Certificate issuer:       /CN=18021459300d15fac550705cf6e258999d3d86ba
Certificate serial:       019512106482B163BFB6875C87452762E5B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GAIUWTANFfrFUHBc9uJYmZ09hro.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft
Manifest number:          0939
Signing time:             Mon 17 Feb 2025 04:00:18 +0000
Manifest this update:     Mon 17 Feb 2025 04:00:18 +0000
Manifest next update:     Tue 18 Feb 2025 04:00:18 +0000
Files and hashes:         1: GAIUWTANFfrFUHBc9uJYmZ09hro.crl (hash: pmEaBnZMK2/0kF7KypiDwdVbycGkJ+LkVPGxh50rC9c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GAIUWTANFfrFUHBc9uJYmZ09hro.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:12:10:64:82:b1:63:bf:b6:87:5c:87:45:27:62:e5:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18021459300d15fac550705cf6e258999d3d86ba
        Validity
            Not Before: Feb 17 04:00:18 2025 GMT
            Not After : Feb 18 04:00:18 2025 GMT
        Subject: CN=091a54e6c30d9f36452ac913138f9beb03247240
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:85:66:4e:f4:64:bb:c4:93:43:17:17:91:62:
                    28:2e:7e:40:de:5c:62:38:1f:cb:10:62:80:af:0f:
                    05:fa:d0:46:9c:ba:ea:48:fe:31:5a:94:67:e2:29:
                    80:3a:68:af:2b:9b:c7:f8:4c:66:1b:37:68:cb:6a:
                    6d:1d:da:eb:00:b9:cf:30:bc:3b:22:34:09:95:c1:
                    e4:53:e9:19:d1:02:95:eb:0a:82:cd:10:af:2c:96:
                    b5:3d:d9:ae:46:c6:ac:74:6c:d3:0e:91:46:ae:ab:
                    f6:8c:63:13:75:d5:d3:0a:f8:b2:7b:15:17:2e:3d:
                    4a:c6:9b:67:12:20:92:01:af:73:20:91:a3:3a:05:
                    76:f9:0e:7a:b5:0d:cb:35:49:77:3c:e5:5c:9b:bc:
                    87:1d:b2:38:d0:94:d5:04:c8:ce:36:20:08:17:53:
                    1e:81:65:01:b4:c4:21:ff:43:75:70:43:07:c6:af:
                    19:0e:d2:25:ef:b6:ee:62:83:a1:9a:fb:60:0c:4b:
                    c9:fb:6b:9e:f2:ba:46:a9:fc:d8:2d:28:44:6a:59:
                    88:9d:38:0a:7a:b0:9f:74:2f:62:1d:53:b2:99:66:
                    78:a6:fd:b9:ce:12:b8:83:5c:1c:19:cc:14:f7:f7:
                    bf:34:31:f7:29:ea:dc:f7:63:a6:32:f9:dd:5e:bf:
                    de:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:1A:54:E6:C3:0D:9F:36:45:2A:C9:13:13:8F:9B:EB:03:24:72:40
            X509v3 Authority Key Identifier:
                keyid:18:02:14:59:30:0D:15:FA:C5:50:70:5C:F6:E2:58:99:9D:3D:86:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GAIUWTANFfrFUHBc9uJYmZ09hro.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:90:94:d9:7b:07:ac:c4:3d:1c:55:3f:54:e5:13:d3:07:af:
         98:6f:a5:48:7b:7d:93:64:83:04:e5:56:b3:67:94:2f:a1:69:
         98:b7:bc:fa:6c:5c:4a:5f:6b:d5:d8:85:0a:a2:c3:77:72:ea:
         42:ce:ff:87:7f:e5:74:db:f3:f5:69:14:13:49:12:76:9f:66:
         5b:6a:5f:99:cb:f0:f9:57:8d:17:88:4d:41:d0:7d:b8:9f:2f:
         34:54:f4:c9:92:56:c1:c3:65:8b:27:d2:cd:d4:2c:e2:39:95:
         9b:65:b3:35:5a:3c:52:81:96:6f:bf:d2:2d:87:74:b1:c1:d5:
         19:b8:66:69:7d:b8:ef:a5:50:be:89:d6:22:b1:5a:f5:2a:63:
         4c:6f:aa:8b:50:5b:68:14:54:46:b8:f7:49:39:bc:18:32:64:
         ae:fb:41:bb:dc:fc:60:4b:fc:2d:47:45:10:4e:3d:eb:ed:1c:
         c2:3e:fe:0e:a1:62:f2:99:f0:ea:c3:ca:f5:66:5e:71:d7:30:
         d9:2d:6d:c9:88:5a:54:ae:31:d3:68:ab:d2:68:c6:b9:b0:97:
         ce:65:29:3c:2a:7b:94:8d:11:ed:2a:84:92:d6:8c:f7:a7:dc:
         b1:76:60:91:57:0d:fe:22:88:33:75:c3:51:a1:12:8d:74:ca:
         8a:83:d2:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSEGSCsWO/todch0UnYuW4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MDIxNDU5MzAwZDE1ZmFjNTUwNzA1Y2Y2ZTI1ODk5OWQz
ZDg2YmEwHhcNMjUwMjE3MDQwMDE4WhcNMjUwMjE4MDQwMDE4WjAzMTEwLwYDVQQD
EygwOTFhNTRlNmMzMGQ5ZjM2NDUyYWM5MTMxMzhmOWJlYjAzMjQ3MjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA44VmTvRku8STQxcXkWIoLn5A3lxi
OB/LEGKArw8F+tBGnLrqSP4xWpRn4imAOmivK5vH+ExmGzdoy2ptHdrrALnPMLw7
IjQJlcHkU+kZ0QKV6wqCzRCvLJa1PdmuRsasdGzTDpFGrqv2jGMTddXTCviyexUX
Lj1KxptnEiCSAa9zIJGjOgV2+Q56tQ3LNUl3POVcm7yHHbI40JTVBMjONiAIF1Me
gWUBtMQh/0N1cEMHxq8ZDtIl77buYoOhmvtgDEvJ+2ue8rpGqfzYLShEalmInTgK
erCfdC9iHVOymWZ4pv25zhK4g1wcGcwU9/e/NDH3Kerc92OmMvndXr/emwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAkaVObDDZ82RSrJExOPm+sDJHJAMB8GA1UdIwQY
MBaAFBgCFFkwDRX6xVBwXPbiWJmdPYa6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0FJVVdUQU5GZnJGVUhCYzl1SlltWjA5aHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZDMzMjctNzA4NC00Y2VkLTk5Njct
OTIyNGNlMmU5NjVhLzEvR0FJVVdUQU5GZnJGVUhCYzl1SlltWjA5aHJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83ZDMzMjctNzA4NC00Y2VkLTk5NjctOTIyNGNlMmU5NjVh
LzEvR0FJVVdUQU5GZnJGVUhCYzl1SlltWjA5aHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg5CU2XsH
rMQ9HFU/VOUT0wevmG+lSHt9k2SDBOVWs2eUL6FpmLe8+mxcSl9r1diFCqLDd3Lq
Qs7/h3/ldNvz9WkUE0kSdp9mW2pfmcvw+VeNF4hNQdB9uJ8vNFT0yZJWwcNliyfS
zdQs4jmVm2WzNVo8UoGWb7/SLYd0scHVGbhmaX2476VQvonWIrFa9SpjTG+qi1Bb
aBRURrj3STm8GDJkrvtBu9z8YEv8LUdFEE496+0cwj7+DqFi8pnw6sPK9WZecdcw
2S1tyYhaVK4x02ir0mjGubCXzmUpPCp7lI0R7SqEktaM96fcsXZgkVcN/iKIM3XD
UaESjXTKioPSXg==
-----END CERTIFICATE-----