Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft
File:                     KmU0qslEKjlNE5oagwPcBJWcHaA.mft (raw, json)
Hash identifier:          B+f1Pf/k0pk5IKaYRsaVXx52jz14IvBL8daDl56cfPA=
Subject key identifier:   FF:84:4F:E2:BB:27:85:AF:F3:7D:14:03:AD:41:7C:28:AF:7C:3F:0C
Authority key identifier: 2A:65:34:AA:C9:44:2A:39:4D:13:9A:1A:83:03:DC:04:95:9C:1D:A0
Certificate issuer:       /CN=2a6534aac9442a394d139a1a8303dc04959c1da0
Certificate serial:       0194C3881FD7FAE9867283ED6673DED73F7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KmU0qslEKjlNE5oagwPcBJWcHaA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft
Manifest number:          0D42
Signing time:             Sat 01 Feb 2025 22:01:05 +0000
Manifest this update:     Sat 01 Feb 2025 22:01:05 +0000
Manifest next update:     Sun 02 Feb 2025 22:01:05 +0000
Files and hashes:         1: KmU0qslEKjlNE5oagwPcBJWcHaA.crl (hash: PIl35Ws/UiDTZiwdNaEnWiY+ywiCyr5psF1jLiLq+eM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KmU0qslEKjlNE5oagwPcBJWcHaA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:88:1f:d7:fa:e9:86:72:83:ed:66:73:de:d7:3f:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a6534aac9442a394d139a1a8303dc04959c1da0
        Validity
            Not Before: Feb  1 22:01:05 2025 GMT
            Not After : Feb  2 22:01:05 2025 GMT
        Subject: CN=ff844fe2bb2785aff37d1403ad417c28af7c3f0c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:6f:21:ab:5c:54:6e:64:2c:99:ee:e0:97:1c:
                    7b:8a:2f:18:71:2f:47:e6:e3:e7:ec:26:63:bc:98:
                    2c:a1:5b:85:42:95:99:b7:ac:c6:fd:9e:69:bd:03:
                    dd:17:57:a5:38:77:07:5e:09:64:5a:5b:44:d2:d7:
                    35:e9:5e:b6:51:b5:98:f1:91:bc:68:c6:55:89:ed:
                    0f:c8:5f:36:06:2a:0d:b9:e2:a6:a0:9d:d3:6a:9d:
                    ec:d3:59:8c:35:34:75:19:51:92:04:0a:cd:e1:04:
                    38:e1:6e:ea:2b:23:bc:da:d2:46:f8:ca:d8:f9:e3:
                    eb:8b:da:b7:11:83:bb:13:54:86:82:f4:22:7e:89:
                    7b:30:b0:48:ac:49:ed:08:0b:8e:01:f1:67:c6:2e:
                    73:c7:69:14:61:01:e4:93:eb:15:56:9c:3d:c9:2f:
                    8e:93:95:2b:06:79:4a:d8:70:da:67:64:ca:41:d7:
                    37:c4:33:22:46:99:2f:1e:f5:be:d0:f4:10:81:3e:
                    b3:bc:74:09:2f:11:e0:44:6b:e1:49:15:d9:82:60:
                    63:20:7c:a0:b5:9c:b8:29:93:a9:02:9b:3e:ad:45:
                    65:86:5a:e6:31:94:63:6a:79:8f:4e:d1:9e:b7:0c:
                    c8:ed:81:aa:b6:ca:8a:20:c2:c1:44:48:4f:e9:ba:
                    f9:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:84:4F:E2:BB:27:85:AF:F3:7D:14:03:AD:41:7C:28:AF:7C:3F:0C
            X509v3 Authority Key Identifier:
                keyid:2A:65:34:AA:C9:44:2A:39:4D:13:9A:1A:83:03:DC:04:95:9C:1D:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KmU0qslEKjlNE5oagwPcBJWcHaA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:a7:a9:c0:f0:e2:f3:4d:ca:5d:ac:6c:86:01:dc:c6:fc:c1:
         9c:31:b5:60:db:18:6b:aa:06:1a:16:c0:6e:69:b0:c9:10:e8:
         77:6e:8c:b7:69:9c:5e:20:ba:db:7d:1d:8e:c3:10:a0:1a:12:
         ce:2a:e3:e5:15:8f:37:02:5e:67:f4:ed:3c:b5:d6:56:03:3e:
         80:14:41:48:4a:8e:29:a6:f1:a0:4c:af:d5:3b:c8:c7:ae:32:
         f1:00:0a:d2:23:0e:54:d0:98:ef:f6:6a:06:97:12:78:e1:33:
         de:25:f1:f8:ea:f8:25:19:a1:39:c9:e9:cd:43:fa:34:4c:5f:
         79:43:df:f5:21:13:b8:8d:1a:f8:a0:a4:79:5e:de:40:7a:49:
         ed:09:e6:c7:08:52:43:a3:6b:c4:d8:02:0b:62:1c:96:11:2d:
         d2:17:77:8d:cf:95:13:42:39:05:a6:f4:00:95:66:80:5a:fe:
         9a:32:da:b5:c0:2c:36:ab:fb:94:67:2c:a4:9f:ee:4f:03:1f:
         db:0b:9d:65:7f:7d:4c:3e:c7:52:95:50:a7:27:5d:f2:a5:a2:
         7c:03:93:6b:a5:76:bf:06:78:94:8d:49:1b:c4:76:1d:c9:33:
         b5:3f:6f:ce:01:81:a8:72:97:04:40:d9:f2:2e:bf:0d:34:3d:
         34:51:2b:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDiB/X+umGcoPtZnPe1z98MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNjUzNGFhYzk0NDJhMzk0ZDEzOWExYTgzMDNkYzA0OTU5
YzFkYTAwHhcNMjUwMjAxMjIwMTA1WhcNMjUwMjAyMjIwMTA1WjAzMTEwLwYDVQQD
EyhmZjg0NGZlMmJiMjc4NWFmZjM3ZDE0MDNhZDQxN2MyOGFmN2MzZjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsG8hq1xUbmQsme7glxx7ii8YcS9H
5uPn7CZjvJgsoVuFQpWZt6zG/Z5pvQPdF1elOHcHXglkWltE0tc16V62UbWY8ZG8
aMZVie0PyF82BioNueKmoJ3Tap3s01mMNTR1GVGSBArN4QQ44W7qKyO82tJG+MrY
+ePri9q3EYO7E1SGgvQifol7MLBIrEntCAuOAfFnxi5zx2kUYQHkk+sVVpw9yS+O
k5UrBnlK2HDaZ2TKQdc3xDMiRpkvHvW+0PQQgT6zvHQJLxHgRGvhSRXZgmBjIHyg
tZy4KZOpAps+rUVlhlrmMZRjanmPTtGetwzI7YGqtsqKIMLBREhP6br5GQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP+ET+K7J4Wv830UA61BfCivfD8MMB8GA1UdIwQY
MBaAFCplNKrJRCo5TROaGoMD3ASVnB2gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS21VMHFzbEVLamxORTVvYWd3UGNCSldjSGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kMjM4OGYtZjhhOS00NDg1LTkzN2Yt
ODQwZmQ1MzUyZGMwLzEvS21VMHFzbEVLamxORTVvYWd3UGNCSldjSGFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kMjM4OGYtZjhhOS00NDg1LTkzN2YtODQwZmQ1MzUyZGMw
LzEvS21VMHFzbEVLamxORTVvYWd3UGNCSldjSGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjaepwPDi
803KXaxshgHcxvzBnDG1YNsYa6oGGhbAbmmwyRDod26Mt2mcXiC6230djsMQoBoS
zirj5RWPNwJeZ/TtPLXWVgM+gBRBSEqOKabxoEyv1TvIx64y8QAK0iMOVNCY7/Zq
BpcSeOEz3iXx+Or4JRmhOcnpzUP6NExfeUPf9SETuI0a+KCkeV7eQHpJ7QnmxwhS
Q6NrxNgCC2IclhEt0hd3jc+VE0I5Bab0AJVmgFr+mjLatcAsNqv7lGcspJ/uTwMf
2wudZX99TD7HUpVQpydd8qWifAOTa6V2vwZ4lI1JG8R2HckztT9vzgGBqHKXBEDZ
8i6/DTQ9NFEr8A==
-----END CERTIFICATE-----