Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/98818d-f8b3-4645-86a8-302d92224cb2/1/rsXHq1tyGB5OQhEyIhXpd2tJAPk.mft
File:                     rsXHq1tyGB5OQhEyIhXpd2tJAPk.mft (raw, json)
Hash identifier:          tEA7sTFd6FeEtLsufPR8XxCRuDXrkDhVLvEFdt//yUk=
Subject key identifier:   F1:5D:7D:2B:B4:41:F4:8E:FE:0E:20:31:4D:15:86:96:68:85:CD:62
Authority key identifier: AE:C5:C7:AB:5B:72:18:1E:4E:42:11:32:22:15:E9:77:6B:49:00:F9
Certificate issuer:       /CN=aec5c7ab5b72181e4e4211322215e9776b4900f9
Certificate serial:       0194C3888B37C1202B21646BAD1ED421328A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rsXHq1tyGB5OQhEyIhXpd2tJAPk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/98818d-f8b3-4645-86a8-302d92224cb2/1/rsXHq1tyGB5OQhEyIhXpd2tJAPk.mft
Manifest number:          092B
Signing time:             Sat 01 Feb 2025 22:01:33 +0000
Manifest this update:     Sat 01 Feb 2025 22:01:33 +0000
Manifest next update:     Sun 02 Feb 2025 22:01:33 +0000
Files and hashes:         1: rsXHq1tyGB5OQhEyIhXpd2tJAPk.crl (hash: hXni09boR6WW4fVnHxvW5cSNHGvpuSkhBGM0dZ1EFSk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/98818d-f8b3-4645-86a8-302d92224cb2/1/rsXHq1tyGB5OQhEyIhXpd2tJAPk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/98818d-f8b3-4645-86a8-302d92224cb2/1/rsXHq1tyGB5OQhEyIhXpd2tJAPk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rsXHq1tyGB5OQhEyIhXpd2tJAPk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:01:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:88:8b:37:c1:20:2b:21:64:6b:ad:1e:d4:21:32:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aec5c7ab5b72181e4e4211322215e9776b4900f9
        Validity
            Not Before: Feb  1 22:01:33 2025 GMT
            Not After : Feb  2 22:01:33 2025 GMT
        Subject: CN=f15d7d2bb441f48efe0e20314d1586966885cd62
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:97:fc:6b:c9:8d:ec:3c:96:71:6f:d5:57:dd:
                    17:af:d1:27:3e:ee:c6:69:97:25:c6:cd:e2:1f:0f:
                    14:ee:5f:6c:8c:e2:76:11:bd:99:a4:d1:c8:77:b0:
                    1d:d3:c3:52:ea:e7:c3:6e:37:41:34:1e:b4:13:ae:
                    60:f1:27:2a:3e:62:68:c1:58:fa:90:54:12:62:8e:
                    ed:f4:e0:1c:f2:16:08:2e:4e:fe:3b:b6:e7:70:f8:
                    7b:e4:c3:34:d1:70:9f:c9:6f:56:dd:06:40:e4:3d:
                    2f:9f:61:c8:f3:9b:a7:8e:02:cd:2b:67:dd:3a:d2:
                    87:0a:62:54:33:85:48:94:2b:9b:24:88:67:3f:68:
                    1e:0d:9a:eb:c9:27:c5:d9:82:53:25:f1:21:90:5e:
                    22:df:c7:5a:7d:e6:36:ae:7f:c7:ce:09:23:02:fb:
                    2f:29:14:c9:19:1c:79:05:0e:6c:f9:14:87:2a:3c:
                    a4:c5:a2:72:13:3c:8c:04:70:42:49:25:db:93:9c:
                    61:fc:b3:32:9c:c1:01:d8:69:73:cb:cf:ad:b5:86:
                    16:4e:87:31:f6:63:e9:9c:96:c9:70:8c:30:d5:51:
                    59:4a:fb:76:a4:fe:a0:b6:ed:03:24:94:2b:79:e9:
                    c3:25:1c:36:4d:f9:90:49:37:f2:4b:25:fe:05:68:
                    9a:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:5D:7D:2B:B4:41:F4:8E:FE:0E:20:31:4D:15:86:96:68:85:CD:62
            X509v3 Authority Key Identifier:
                keyid:AE:C5:C7:AB:5B:72:18:1E:4E:42:11:32:22:15:E9:77:6B:49:00:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rsXHq1tyGB5OQhEyIhXpd2tJAPk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/98818d-f8b3-4645-86a8-302d92224cb2/1/rsXHq1tyGB5OQhEyIhXpd2tJAPk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/98818d-f8b3-4645-86a8-302d92224cb2/1/rsXHq1tyGB5OQhEyIhXpd2tJAPk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:a8:b8:dd:60:ca:02:3b:c9:48:00:4a:ff:fc:a6:fc:8b:f4:
         34:1a:25:88:e2:c8:66:fe:a9:0c:fc:af:2c:48:88:84:45:d0:
         d8:1f:df:54:06:41:a0:aa:25:b4:28:12:bc:81:d2:df:84:a6:
         a7:c6:30:d6:6a:02:44:d5:13:62:2d:5a:ef:40:92:83:49:8b:
         15:87:d3:3a:d5:5a:1b:1d:41:0a:8f:75:53:22:d9:f7:ce:c5:
         73:4b:37:6b:b7:de:69:78:fa:d3:09:bc:d6:bf:a4:3a:e3:54:
         f4:14:31:32:e7:84:86:fc:de:07:8f:9c:d4:0d:4c:88:44:c3:
         3a:48:29:49:33:52:54:1e:8f:f8:25:ed:82:e3:64:d5:fd:be:
         c8:7d:9e:5a:5e:0e:3e:41:b5:0a:82:be:07:3a:e0:5c:3f:9d:
         a8:62:fd:2a:f5:e5:80:ef:5b:79:d8:30:9e:9b:d2:4f:33:65:
         0e:61:f5:ef:88:44:e8:83:e2:32:9e:98:d9:d4:dd:9f:e4:81:
         a6:1f:82:87:a7:5a:21:8f:1f:72:ca:57:6c:49:78:f5:55:24:
         76:2b:6a:95:e3:e8:f9:6d:8c:02:3b:9d:76:fa:fe:37:c1:b1:
         e3:f1:ca:b5:d7:ba:5a:b5:39:8c:18:90:fe:4d:f6:97:12:01:
         bc:84:11:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDiIs3wSArIWRrrR7UITKKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYzVjN2FiNWI3MjE4MWU0ZTQyMTEzMjIyMTVlOTc3NmI0
OTAwZjkwHhcNMjUwMjAxMjIwMTMzWhcNMjUwMjAyMjIwMTMzWjAzMTEwLwYDVQQD
EyhmMTVkN2QyYmI0NDFmNDhlZmUwZTIwMzE0ZDE1ODY5NjY4ODVjZDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZf8a8mN7DyWcW/VV90Xr9EnPu7G
aZclxs3iHw8U7l9sjOJ2Eb2ZpNHId7Ad08NS6ufDbjdBNB60E65g8ScqPmJowVj6
kFQSYo7t9OAc8hYILk7+O7bncPh75MM00XCfyW9W3QZA5D0vn2HI85unjgLNK2fd
OtKHCmJUM4VIlCubJIhnP2geDZrrySfF2YJTJfEhkF4i38dafeY2rn/HzgkjAvsv
KRTJGRx5BQ5s+RSHKjykxaJyEzyMBHBCSSXbk5xh/LMynMEB2Glzy8+ttYYWTocx
9mPpnJbJcIww1VFZSvt2pP6gtu0DJJQreenDJRw2TfmQSTfySyX+BWiaxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPFdfSu0QfSO/g4gMU0VhpZohc1iMB8GA1UdIwQY
MBaAFK7Fx6tbchgeTkIRMiIV6XdrSQD5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnNYSHExdHlHQjVPUWhFeUloWHBkMnRKQVBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85ODgxOGQtZjhiMy00NjQ1LTg2YTgt
MzAyZDkyMjI0Y2IyLzEvcnNYSHExdHlHQjVPUWhFeUloWHBkMnRKQVBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85ODgxOGQtZjhiMy00NjQ1LTg2YTgtMzAyZDkyMjI0Y2Iy
LzEvcnNYSHExdHlHQjVPUWhFeUloWHBkMnRKQVBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqai43WDK
AjvJSABK//ym/Iv0NBoliOLIZv6pDPyvLEiIhEXQ2B/fVAZBoKoltCgSvIHS34Sm
p8Yw1moCRNUTYi1a70CSg0mLFYfTOtVaGx1BCo91UyLZ987Fc0s3a7feaXj60wm8
1r+kOuNU9BQxMueEhvzeB4+c1A1MiETDOkgpSTNSVB6P+CXtguNk1f2+yH2eWl4O
PkG1CoK+BzrgXD+dqGL9KvXlgO9bedgwnpvSTzNlDmH174hE6IPiMp6Y2dTdn+SB
ph+Ch6daIY8fcspXbEl49VUkditqlePo+W2MAjuddvr+N8Gx4/HKtde6WrU5jBiQ
/k32lxIBvIQRmw==
-----END CERTIFICATE-----