Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/b35a7a-8ed4-4351-9b7a-ac83969421cc/1/cjKgT8GdkbUNVoNnkyNezjKsKDQ.mft
File:                     cjKgT8GdkbUNVoNnkyNezjKsKDQ.mft (raw, json)
Hash identifier:          fCuchlmJUn3dfhMoke4yRc0O5hP0Iq2oRDdaurBxe1A=
Subject key identifier:   24:EE:E2:4A:B1:02:42:D2:B9:9D:DA:39:32:F1:3C:DD:C7:FD:E6:CB
Authority key identifier: 72:32:A0:4F:C1:9D:91:B5:0D:56:83:67:93:23:5E:CE:32:AC:28:34
Certificate issuer:       /CN=7232a04fc19d91b50d56836793235ece32ac2834
Certificate serial:       019510C779495E11980FC00BBF9DBF146ECD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cjKgT8GdkbUNVoNnkyNezjKsKDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/b35a7a-8ed4-4351-9b7a-ac83969421cc/1/cjKgT8GdkbUNVoNnkyNezjKsKDQ.mft
Manifest number:          07C9
Signing time:             Sun 16 Feb 2025 22:01:02 +0000
Manifest this update:     Sun 16 Feb 2025 22:01:02 +0000
Manifest next update:     Mon 17 Feb 2025 22:01:02 +0000
Files and hashes:         1: cjKgT8GdkbUNVoNnkyNezjKsKDQ.crl (hash: h8phX7bmO3TRJaf/hYOIa2x1HCRV1LbF4Ey76IBQCsA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/b35a7a-8ed4-4351-9b7a-ac83969421cc/1/cjKgT8GdkbUNVoNnkyNezjKsKDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/b35a7a-8ed4-4351-9b7a-ac83969421cc/1/cjKgT8GdkbUNVoNnkyNezjKsKDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cjKgT8GdkbUNVoNnkyNezjKsKDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:79:49:5e:11:98:0f:c0:0b:bf:9d:bf:14:6e:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7232a04fc19d91b50d56836793235ece32ac2834
        Validity
            Not Before: Feb 16 22:01:02 2025 GMT
            Not After : Feb 17 22:01:02 2025 GMT
        Subject: CN=24eee24ab10242d2b99dda3932f13cddc7fde6cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:58:d0:df:22:83:5b:dd:a7:ad:de:a1:60:cb:
                    7b:f1:16:97:b6:9f:ec:31:06:49:6c:9b:d6:76:d2:
                    78:99:05:e1:4b:9f:c9:e2:a5:4d:a3:c1:00:0c:4b:
                    57:e1:60:45:c0:87:7e:16:fc:0d:3b:fe:ce:c6:8a:
                    f2:06:53:dc:21:8a:4a:8b:db:a0:82:b3:e1:f1:1b:
                    d1:1a:66:69:7c:7d:46:96:01:5c:93:d9:e3:4e:49:
                    ec:72:8a:51:1f:01:51:94:ca:b4:a9:8e:9c:45:13:
                    37:28:03:31:64:16:a0:e9:9b:6e:06:65:16:0f:34:
                    14:42:cd:9b:91:93:86:fa:91:ee:af:e0:1d:8d:53:
                    28:cd:d7:09:2b:c3:08:f5:07:d2:9d:db:28:70:07:
                    8a:75:1d:ac:43:3d:98:e3:7a:81:36:79:91:3c:40:
                    69:07:65:e9:ec:72:fd:d6:d1:3c:72:fe:e6:c3:c0:
                    55:86:3e:01:b9:61:e0:5f:99:bd:c7:95:a6:d2:6f:
                    e9:29:c6:d7:fc:56:ba:d1:e2:9e:47:6a:4a:c1:25:
                    03:45:03:b3:1c:33:6f:6a:b2:51:60:97:6a:44:3c:
                    2f:3b:37:fa:80:ce:80:16:b7:46:88:12:94:54:48:
                    32:cf:0f:14:db:d1:7d:38:04:2c:8e:e4:43:2d:fd:
                    a1:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:EE:E2:4A:B1:02:42:D2:B9:9D:DA:39:32:F1:3C:DD:C7:FD:E6:CB
            X509v3 Authority Key Identifier:
                keyid:72:32:A0:4F:C1:9D:91:B5:0D:56:83:67:93:23:5E:CE:32:AC:28:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cjKgT8GdkbUNVoNnkyNezjKsKDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/b35a7a-8ed4-4351-9b7a-ac83969421cc/1/cjKgT8GdkbUNVoNnkyNezjKsKDQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/b35a7a-8ed4-4351-9b7a-ac83969421cc/1/cjKgT8GdkbUNVoNnkyNezjKsKDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:ed:39:35:24:32:81:b6:7b:47:ba:15:31:6d:ff:87:60:70:
         8d:63:61:07:16:5d:52:37:f4:ec:ad:a2:6e:07:f1:93:41:82:
         2c:92:e3:6b:e8:30:b1:b1:5b:b2:11:20:a1:2a:8c:70:2e:57:
         55:70:da:b1:60:0e:45:80:4b:a9:0c:f4:38:cc:1c:af:86:bc:
         a8:9a:bc:df:d2:43:31:fe:f8:9a:e5:7a:ff:ad:d0:4b:b8:53:
         09:4c:a1:cb:42:a0:ad:66:65:ec:dd:6e:05:ca:fe:90:3c:9e:
         21:2c:5b:80:f4:c7:bc:18:1a:72:e9:f2:99:d3:9d:90:9a:cc:
         d6:81:3d:79:49:15:52:f7:ae:37:8c:36:f4:53:31:42:53:49:
         de:71:68:ac:b0:de:cc:46:bb:d4:09:74:ea:fd:b0:b3:a9:d9:
         37:ca:89:a1:24:59:81:50:61:a2:ff:e1:c0:83:bd:4f:1e:f6:
         95:8a:4c:01:8b:56:54:61:a4:a6:41:fe:e0:46:8b:1b:92:c3:
         b3:1d:13:f6:50:11:1f:5a:1b:71:cb:56:5a:06:08:a1:89:88:
         57:8f:42:78:a1:08:e5:eb:1b:2d:63:14:7c:83:76:66:15:b2:
         3e:85:2e:a6:3a:7d:7e:90:81:e1:7b:a5:a0:5a:85:be:c0:9c:
         fc:58:18:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQx3lJXhGYD8ALv52/FG7NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMzJhMDRmYzE5ZDkxYjUwZDU2ODM2NzkzMjM1ZWNlMzJh
YzI4MzQwHhcNMjUwMjE2MjIwMTAyWhcNMjUwMjE3MjIwMTAyWjAzMTEwLwYDVQQD
EygyNGVlZTI0YWIxMDI0MmQyYjk5ZGRhMzkzMmYxM2NkZGM3ZmRlNmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA61jQ3yKDW92nrd6hYMt78RaXtp/s
MQZJbJvWdtJ4mQXhS5/J4qVNo8EADEtX4WBFwId+FvwNO/7OxoryBlPcIYpKi9ug
grPh8RvRGmZpfH1GlgFck9njTknscopRHwFRlMq0qY6cRRM3KAMxZBag6ZtuBmUW
DzQUQs2bkZOG+pHur+AdjVMozdcJK8MI9QfSndsocAeKdR2sQz2Y43qBNnmRPEBp
B2Xp7HL91tE8cv7mw8BVhj4BuWHgX5m9x5Wm0m/pKcbX/Fa60eKeR2pKwSUDRQOz
HDNvarJRYJdqRDwvOzf6gM6AFrdGiBKUVEgyzw8U29F9OAQsjuRDLf2h1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCTu4kqxAkLSuZ3aOTLxPN3H/ebLMB8GA1UdIwQY
MBaAFHIyoE/BnZG1DVaDZ5MjXs4yrCg0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2pLZ1Q4R2RrYlVOVm9Obmt5TmV6aktzS0RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9iMzVhN2EtOGVkNC00MzUxLTliN2Et
YWM4Mzk2OTQyMWNjLzEvY2pLZ1Q4R2RrYlVOVm9Obmt5TmV6aktzS0RRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9iMzVhN2EtOGVkNC00MzUxLTliN2EtYWM4Mzk2OTQyMWNj
LzEvY2pLZ1Q4R2RrYlVOVm9Obmt5TmV6aktzS0RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVe05NSQy
gbZ7R7oVMW3/h2BwjWNhBxZdUjf07K2ibgfxk0GCLJLja+gwsbFbshEgoSqMcC5X
VXDasWAORYBLqQz0OMwcr4a8qJq839JDMf74muV6/63QS7hTCUyhy0KgrWZl7N1u
Bcr+kDyeISxbgPTHvBgacunymdOdkJrM1oE9eUkVUveuN4w29FMxQlNJ3nForLDe
zEa71Al06v2ws6nZN8qJoSRZgVBhov/hwIO9Tx72lYpMAYtWVGGkpkH+4EaLG5LD
sx0T9lARH1obcctWWgYIoYmIV49CeKEI5esbLWMUfIN2ZhWyPoUupjp9fpCB4Xul
oFqFvsCc/FgYOA==
-----END CERTIFICATE-----