Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
File:                     H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft (raw, json)
Hash identifier:          3DqNtnnv9kGnlVXAiN3U7z2E+aXomDuASLyuxzsYiDM=
Subject key identifier:   79:D2:C9:54:43:95:98:75:79:90:71:60:45:03:5B:28:E8:50:BE:99
Authority key identifier: 1F:B4:B2:3A:44:DF:C5:AE:56:9E:74:CF:BB:0F:03:E9:27:B5:61:E2
Certificate issuer:       /CN=1fb4b23a44dfc5ae569e74cfbb0f03e927b561e2
Certificate serial:       019510C6FE2467BA50A41CECC342397494E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
Manifest number:          0BCB
Signing time:             Sun 16 Feb 2025 22:00:31 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:31 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:31 +0000
Files and hashes:         1: H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl (hash: LxmokAV6SmgBdSjvHc8GuxNEI99I5j7KIVYOep0icho=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c6:fe:24:67:ba:50:a4:1c:ec:c3:42:39:74:94:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1fb4b23a44dfc5ae569e74cfbb0f03e927b561e2
        Validity
            Not Before: Feb 16 22:00:31 2025 GMT
            Not After : Feb 17 22:00:31 2025 GMT
        Subject: CN=79d2c954439598757990716045035b28e850be99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:5d:c7:d2:ca:fa:a5:c1:5a:99:8c:8a:79:b3:
                    2c:29:8e:64:09:e3:09:53:43:be:1a:af:2f:d1:48:
                    0f:b9:93:dd:82:2f:5c:ed:42:c1:8d:8a:2e:95:a4:
                    62:39:12:d0:8e:5f:63:13:bb:9c:d2:78:2e:d9:5c:
                    ac:75:12:47:46:71:0c:82:ac:20:7e:ab:62:da:ff:
                    85:2f:f0:af:fe:bc:25:ed:0a:da:2c:59:bf:e4:9a:
                    0e:e9:39:a7:5e:af:59:c3:7b:d6:62:b0:d8:e2:0c:
                    f4:42:d5:17:d3:88:e8:48:4a:e9:98:71:45:d8:dc:
                    b5:fd:e0:d4:86:cc:2b:7f:bd:fb:ee:06:99:f2:6e:
                    43:01:04:dd:f2:76:23:fe:92:04:96:b2:83:da:02:
                    db:5c:b1:d0:78:8e:79:d2:75:f8:6d:d3:07:2f:e7:
                    a6:cc:18:42:02:08:89:fe:9e:f7:5c:f1:46:19:01:
                    92:78:20:ee:08:b2:8d:26:9a:66:bf:32:fa:f3:53:
                    3a:78:01:35:ea:7a:ee:4d:c2:96:af:e4:dc:42:33:
                    8d:2b:ad:94:b0:be:92:26:ca:d1:5b:3d:b7:bd:d3:
                    26:6e:1a:1a:c1:56:ae:50:4d:72:a6:0f:38:eb:1f:
                    f2:d1:c6:48:51:eb:82:11:77:05:88:ac:7d:83:c8:
                    c0:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:D2:C9:54:43:95:98:75:79:90:71:60:45:03:5B:28:E8:50:BE:99
            X509v3 Authority Key Identifier:
                keyid:1F:B4:B2:3A:44:DF:C5:AE:56:9E:74:CF:BB:0F:03:E9:27:B5:61:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:ac:82:c1:1c:7d:a9:7e:31:50:78:a6:9d:e9:fc:0d:51:b0:
         a3:c4:c0:83:e9:f7:1f:4b:d5:5b:a4:1a:45:7f:0a:96:a2:4d:
         5c:ee:5f:b1:54:11:f0:c3:18:1a:96:dc:aa:fc:a7:b1:7b:f3:
         61:4c:16:bb:e5:51:b0:2e:38:be:94:e8:4b:58:2c:37:81:7c:
         86:a0:51:09:00:b4:72:ab:b6:88:28:ab:b3:57:a6:91:a4:99:
         b1:31:99:5b:f6:2b:8d:1a:62:5f:98:60:c0:0d:b3:68:bd:35:
         81:f0:8c:c6:a1:b4:66:68:ff:a3:b8:ae:96:70:ef:6e:98:08:
         73:ed:c0:02:92:7a:df:f3:ea:ae:76:9b:74:e2:bc:1e:fc:7b:
         a8:7a:49:fd:03:1d:95:15:c5:c5:8c:94:9d:e2:33:bc:f1:e4:
         ea:52:e7:f3:bd:b6:1f:28:57:ef:31:90:9f:ff:69:3f:7d:a3:
         13:5d:df:12:a8:5a:13:cc:97:09:36:b5:c5:5d:53:68:f6:da:
         da:89:93:d6:97:79:dc:df:dd:0d:36:ac:db:a7:1d:e5:95:3e:
         a9:ed:c6:9e:fd:de:63:2e:3e:8f:b8:23:90:ca:2a:0b:e6:85:
         a0:a3:33:42:ad:64:fa:ea:45:50:d9:c1:79:6e:d4:0c:d2:f0:
         05:fd:84:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxv4kZ7pQpBzsw0I5dJTlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmYjRiMjNhNDRkZmM1YWU1NjllNzRjZmJiMGYwM2U5Mjdi
NTYxZTIwHhcNMjUwMjE2MjIwMDMxWhcNMjUwMjE3MjIwMDMxWjAzMTEwLwYDVQQD
Eyg3OWQyYzk1NDQzOTU5ODc1Nzk5MDcxNjA0NTAzNWIyOGU4NTBiZTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp13H0sr6pcFamYyKebMsKY5kCeMJ
U0O+Gq8v0UgPuZPdgi9c7ULBjYoulaRiORLQjl9jE7uc0ngu2VysdRJHRnEMgqwg
fqti2v+FL/Cv/rwl7QraLFm/5JoO6TmnXq9Zw3vWYrDY4gz0QtUX04joSErpmHFF
2Ny1/eDUhswrf7377gaZ8m5DAQTd8nYj/pIElrKD2gLbXLHQeI550nX4bdMHL+em
zBhCAgiJ/p73XPFGGQGSeCDuCLKNJppmvzL681M6eAE16nruTcKWr+TcQjONK62U
sL6SJsrRWz23vdMmbhoawVauUE1ypg846x/y0cZIUeuCEXcFiKx9g8jApQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHnSyVRDlZh1eZBxYEUDWyjoUL6ZMB8GA1UdIwQY
MBaAFB+0sjpE38WuVp50z7sPA+kntWHiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zYmRlN2UtNjE5YS00ODRmLTlkNmEt
NDlhMjU0MmY2MzllLzEvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zYmRlN2UtNjE5YS00ODRmLTlkNmEtNDlhMjU0MmY2Mzll
LzEvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHayCwRx9
qX4xUHimnen8DVGwo8TAg+n3H0vVW6QaRX8KlqJNXO5fsVQR8MMYGpbcqvynsXvz
YUwWu+VRsC44vpToS1gsN4F8hqBRCQC0cqu2iCirs1emkaSZsTGZW/YrjRpiX5hg
wA2zaL01gfCMxqG0Zmj/o7iulnDvbpgIc+3AApJ63/PqrnabdOK8Hvx7qHpJ/QMd
lRXFxYyUneIzvPHk6lLn8722HyhX7zGQn/9pP32jE13fEqhaE8yXCTa1xV1TaPba
2omT1pd53N/dDTas26cd5ZU+qe3Gnv3eYy4+j7gjkMoqC+aFoKMzQq1k+upFUNnB
eW7UDNLwBf2EhA==
-----END CERTIFICATE-----