Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/ea1072-f326-4e51-adf1-ba9b0fa1b7a2/1/QnbajwSHyFCAm0qYcoysIXKycD0.mft
File:                     QnbajwSHyFCAm0qYcoysIXKycD0.mft (raw, json)
Hash identifier:          RPpq/LQsDscsKrzVoF6uOXpwT/bMriE2wy/Cr10fH6w=
Subject key identifier:   96:27:BE:B9:68:42:05:8F:67:15:90:DC:3C:EE:7B:7E:24:C5:25:DA
Authority key identifier: 42:76:DA:8F:04:87:C8:50:80:9B:4A:98:72:8C:AC:21:72:B2:70:3D
Certificate issuer:       /CN=4276da8f0487c850809b4a98728cac2172b2703d
Certificate serial:       019510C7184914D00A1B58D86DD81B968B03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QnbajwSHyFCAm0qYcoysIXKycD0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/ea1072-f326-4e51-adf1-ba9b0fa1b7a2/1/QnbajwSHyFCAm0qYcoysIXKycD0.mft
Manifest number:          1454
Signing time:             Sun 16 Feb 2025 22:00:38 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:38 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:38 +0000
Files and hashes:         1: QnbajwSHyFCAm0qYcoysIXKycD0.crl (hash: xncd0t3ust6ljksnMob4FqgDuP8bWHDU76JudKIvVTc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/ea1072-f326-4e51-adf1-ba9b0fa1b7a2/1/QnbajwSHyFCAm0qYcoysIXKycD0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/ea1072-f326-4e51-adf1-ba9b0fa1b7a2/1/QnbajwSHyFCAm0qYcoysIXKycD0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QnbajwSHyFCAm0qYcoysIXKycD0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:18:49:14:d0:0a:1b:58:d8:6d:d8:1b:96:8b:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4276da8f0487c850809b4a98728cac2172b2703d
        Validity
            Not Before: Feb 16 22:00:38 2025 GMT
            Not After : Feb 17 22:00:38 2025 GMT
        Subject: CN=9627beb96842058f671590dc3cee7b7e24c525da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:5f:25:77:e3:6d:de:35:2b:05:2f:6c:d3:73:
                    5f:1c:12:23:f7:ab:e6:ce:62:15:e0:99:97:2f:e0:
                    8a:6a:65:3b:eb:be:0b:51:1d:cb:86:35:e8:73:9b:
                    4c:1c:bb:6f:94:b6:a2:60:f9:ef:39:b5:81:fc:0f:
                    89:65:45:a0:69:b0:1c:ac:c3:d3:bd:a2:89:1a:75:
                    a5:7c:c6:c4:26:7d:0e:2c:a7:91:0c:37:5b:9c:94:
                    b3:40:f6:fd:66:56:96:77:6b:91:23:1b:6f:32:d8:
                    30:46:29:d9:cb:80:ea:ee:69:ef:34:f4:c4:37:bb:
                    5f:3a:17:a2:67:d2:ad:93:f2:4b:cc:ed:4f:ca:5d:
                    0d:ae:80:fd:91:56:0e:23:be:3e:66:d3:62:aa:8c:
                    32:03:9e:74:a8:be:ab:aa:59:0b:e6:83:31:4c:19:
                    d2:35:ea:2a:bf:02:b4:8f:01:c8:1e:4e:5e:d2:95:
                    27:79:75:cb:44:b3:bd:c3:0b:41:39:2f:82:08:3a:
                    1a:2b:a5:06:21:3a:33:12:47:01:d6:17:87:7a:57:
                    fc:31:2a:50:c2:66:9a:e7:d4:19:f3:15:b3:4b:8b:
                    cf:e7:74:30:74:47:43:23:dc:29:35:e9:de:db:42:
                    08:e2:22:8b:83:11:1b:cb:a4:f5:dd:74:d4:5f:76:
                    0c:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:27:BE:B9:68:42:05:8F:67:15:90:DC:3C:EE:7B:7E:24:C5:25:DA
            X509v3 Authority Key Identifier:
                keyid:42:76:DA:8F:04:87:C8:50:80:9B:4A:98:72:8C:AC:21:72:B2:70:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QnbajwSHyFCAm0qYcoysIXKycD0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ea1072-f326-4e51-adf1-ba9b0fa1b7a2/1/QnbajwSHyFCAm0qYcoysIXKycD0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ea1072-f326-4e51-adf1-ba9b0fa1b7a2/1/QnbajwSHyFCAm0qYcoysIXKycD0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:77:bf:b8:bb:55:05:de:cc:73:43:d1:04:1e:da:a4:ce:21:
         f4:3a:ab:d9:e4:5b:bb:61:65:7c:05:9f:e8:0e:9c:ee:3a:98:
         c8:29:22:81:ef:fb:10:3e:e3:9f:e2:72:6e:32:e3:52:32:f7:
         70:60:c6:4c:43:60:1b:a9:b6:2f:d7:df:3f:f4:d0:5d:ac:8f:
         68:62:63:f3:f3:26:57:9d:dd:2c:a3:b6:96:de:37:73:6f:62:
         cf:f9:59:2b:3c:ed:f3:97:e4:bc:57:6d:f3:67:ff:bd:a3:34:
         5b:4b:f2:41:e2:6c:84:ea:51:e9:cd:b7:33:f5:da:53:f3:43:
         4d:27:24:79:fc:de:b9:bb:01:77:fb:f7:20:46:86:10:7f:3f:
         c3:6d:70:e7:61:a8:01:89:d2:6c:be:fd:61:24:3c:4b:8d:bb:
         65:19:22:20:d3:bb:a1:fe:93:aa:4d:3b:b2:86:0f:ff:2a:8f:
         2a:a1:83:3a:0c:e1:17:c7:b6:24:9d:19:11:b6:51:9c:d1:1a:
         36:ef:eb:00:e4:92:29:96:2b:64:3f:04:71:e3:c6:b8:3f:0c:
         b0:23:21:c4:7c:79:bc:0c:cc:ab:7a:83:e6:f7:c7:7e:20:a6:
         db:ac:98:8e:ea:11:fb:a6:c3:39:d9:89:48:a6:9d:67:e7:21:
         2d:75:9f:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxxhJFNAKG1jYbdgblosDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNzZkYThmMDQ4N2M4NTA4MDliNGE5ODcyOGNhYzIxNzJi
MjcwM2QwHhcNMjUwMjE2MjIwMDM4WhcNMjUwMjE3MjIwMDM4WjAzMTEwLwYDVQQD
Eyg5NjI3YmViOTY4NDIwNThmNjcxNTkwZGMzY2VlN2I3ZTI0YzUyNWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArF8ld+Nt3jUrBS9s03NfHBIj96vm
zmIV4JmXL+CKamU7674LUR3LhjXoc5tMHLtvlLaiYPnvObWB/A+JZUWgabAcrMPT
vaKJGnWlfMbEJn0OLKeRDDdbnJSzQPb9ZlaWd2uRIxtvMtgwRinZy4Dq7mnvNPTE
N7tfOheiZ9Ktk/JLzO1Pyl0NroD9kVYOI74+ZtNiqowyA550qL6rqlkL5oMxTBnS
NeoqvwK0jwHIHk5e0pUneXXLRLO9wwtBOS+CCDoaK6UGITozEkcB1heHelf8MSpQ
wmaa59QZ8xWzS4vP53QwdEdDI9wpNene20II4iKLgxEby6T13XTUX3YMzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJYnvrloQgWPZxWQ3Dzue34kxSXaMB8GA1UdIwQY
MBaAFEJ22o8Eh8hQgJtKmHKMrCFysnA9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW5iYWp3U0h5RkNBbTBxWWNveXNJWEt5Y0QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9lYTEwNzItZjMyNi00ZTUxLWFkZjEt
YmE5YjBmYTFiN2EyLzEvUW5iYWp3U0h5RkNBbTBxWWNveXNJWEt5Y0QwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9lYTEwNzItZjMyNi00ZTUxLWFkZjEtYmE5YjBmYTFiN2Ey
LzEvUW5iYWp3U0h5RkNBbTBxWWNveXNJWEt5Y0QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYHe/uLtV
Bd7Mc0PRBB7apM4h9Dqr2eRbu2FlfAWf6A6c7jqYyCkige/7ED7jn+JybjLjUjL3
cGDGTENgG6m2L9ffP/TQXayPaGJj8/MmV53dLKO2lt43c29iz/lZKzzt85fkvFdt
82f/vaM0W0vyQeJshOpR6c23M/XaU/NDTSckefzeubsBd/v3IEaGEH8/w21w52Go
AYnSbL79YSQ8S427ZRkiINO7of6Tqk07soYP/yqPKqGDOgzhF8e2JJ0ZEbZRnNEa
Nu/rAOSSKZYrZD8EcePGuD8MsCMhxHx5vAzMq3qD5vfHfiCm26yYjuoR+6bDOdmJ
SKadZ+chLXWfrw==
-----END CERTIFICATE-----