Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
File:                     y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft (raw, json)
Hash identifier:          AHQkBohv1DVgXiqOyx/xUO2/Q/oVnbqsBp5Wl2kxFYo=
Subject key identifier:   DD:FC:38:5B:B7:4D:90:84:34:1B:AD:66:4C:2D:DF:D2:CE:5D:D4:D5
Authority key identifier: CB:C2:EB:DA:3A:B0:85:10:EB:E9:A1:0E:60:BE:23:16:02:28:A9:42
Certificate issuer:       /CN=cbc2ebda3ab08510ebe9a10e60be23160228a942
Certificate serial:       0194C387E2F99AFCA9304F50F30EAA3E38AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
Manifest number:          142A
Signing time:             Sat 01 Feb 2025 22:00:50 +0000
Manifest this update:     Sat 01 Feb 2025 22:00:50 +0000
Manifest next update:     Sun 02 Feb 2025 22:00:50 +0000
Files and hashes:         1: y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl (hash: 0GdLl69EfTgr1cYprq2f4TaVlQJLlPQsY4KmVtimoH4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:87:e2:f9:9a:fc:a9:30:4f:50:f3:0e:aa:3e:38:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbc2ebda3ab08510ebe9a10e60be23160228a942
        Validity
            Not Before: Feb  1 22:00:50 2025 GMT
            Not After : Feb  2 22:00:50 2025 GMT
        Subject: CN=ddfc385bb74d9084341bad664c2ddfd2ce5dd4d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:27:bf:de:73:2b:9b:50:a7:04:58:8d:4e:1f:
                    a8:99:61:b3:4b:64:05:04:49:42:c2:b2:cc:e1:f7:
                    77:ed:f4:b0:09:6d:6a:6d:e1:08:d7:ff:f9:94:0b:
                    85:58:18:79:ac:ab:5e:bb:46:44:8d:ed:b0:6b:5a:
                    22:64:ec:96:0c:64:81:fe:c2:f1:f6:b2:e3:7b:1e:
                    87:19:b7:14:15:95:e0:3f:2a:c0:8a:a3:92:6a:1c:
                    5e:dd:e7:29:91:ec:40:f3:03:5d:0e:1d:71:29:d8:
                    01:5e:0d:03:45:2e:06:4f:84:e5:96:1f:93:04:73:
                    e3:6f:31:9a:dd:27:8f:1e:0c:85:c2:65:c4:01:ef:
                    42:21:ff:7f:87:f2:12:8c:c9:fc:25:34:f5:77:15:
                    f4:38:69:33:48:4b:fd:89:47:d9:3f:31:aa:ba:6b:
                    35:cc:d0:8d:f6:8b:d5:ac:e7:ba:84:0c:e1:f5:31:
                    c1:94:a8:bd:b0:59:d7:0c:48:06:36:99:7d:11:88:
                    67:18:f8:0d:fc:8d:43:1f:35:dd:b4:d5:b1:6f:6b:
                    49:38:71:a8:ba:20:d7:ca:df:6c:66:b0:84:c8:ec:
                    9b:7b:2f:f8:ac:a0:2e:4d:db:5c:a7:45:9a:41:7f:
                    01:1e:cc:29:57:83:1f:ff:95:41:9a:66:ea:62:dc:
                    d4:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:FC:38:5B:B7:4D:90:84:34:1B:AD:66:4C:2D:DF:D2:CE:5D:D4:D5
            X509v3 Authority Key Identifier:
                keyid:CB:C2:EB:DA:3A:B0:85:10:EB:E9:A1:0E:60:BE:23:16:02:28:A9:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:cc:a9:6d:80:6b:55:7d:9c:16:02:b9:de:fe:28:a9:d7:9f:
         8c:02:c3:43:b1:55:59:84:cb:7d:e5:92:e4:de:83:cb:84:ca:
         e8:69:13:af:22:11:4c:ae:4d:9d:2d:a1:41:e6:a4:94:4a:9a:
         17:b5:d2:45:4c:7b:9b:22:1d:f0:38:07:c3:01:a2:81:ad:47:
         ab:12:ad:64:10:d2:e0:19:ab:40:a2:53:ba:bd:b3:fa:0f:a5:
         13:a1:55:5a:90:a8:a3:82:11:9d:da:ab:60:e8:7e:c4:79:59:
         1f:47:2d:37:f2:b2:4e:9b:fd:94:c4:30:d8:7d:9a:54:c5:a8:
         05:78:d1:21:f3:7b:dd:74:65:9e:51:33:27:44:28:86:79:f3:
         11:91:3b:b3:4f:c1:4b:d7:f0:41:95:2a:ea:cb:a3:00:5a:e3:
         ef:e7:26:49:40:7f:d6:40:9d:47:c3:77:75:e6:3f:46:b6:e2:
         cb:ca:92:b9:84:18:f0:ae:10:ff:0f:0b:e6:fd:d7:e9:b8:3a:
         b3:d4:78:68:0b:80:ac:a3:05:c0:0c:69:5b:f6:1f:ca:d0:6c:
         1c:c1:d3:64:47:b4:e6:68:d8:69:8b:0c:db:4b:10:16:55:c9:
         d7:26:33:35:83:bd:3e:d9:c4:b4:2d:45:4e:cd:5c:ce:a0:a5:
         ad:92:11:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh+L5mvypME9Q8w6qPjisMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYzJlYmRhM2FiMDg1MTBlYmU5YTEwZTYwYmUyMzE2MDIy
OGE5NDIwHhcNMjUwMjAxMjIwMDUwWhcNMjUwMjAyMjIwMDUwWjAzMTEwLwYDVQQD
EyhkZGZjMzg1YmI3NGQ5MDg0MzQxYmFkNjY0YzJkZGZkMmNlNWRkNGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnye/3nMrm1CnBFiNTh+omWGzS2QF
BElCwrLM4fd37fSwCW1qbeEI1//5lAuFWBh5rKteu0ZEje2wa1oiZOyWDGSB/sLx
9rLjex6HGbcUFZXgPyrAiqOSahxe3ecpkexA8wNdDh1xKdgBXg0DRS4GT4Tllh+T
BHPjbzGa3SePHgyFwmXEAe9CIf9/h/ISjMn8JTT1dxX0OGkzSEv9iUfZPzGqums1
zNCN9ovVrOe6hAzh9THBlKi9sFnXDEgGNpl9EYhnGPgN/I1DHzXdtNWxb2tJOHGo
uiDXyt9sZrCEyOybey/4rKAuTdtcp0WaQX8BHswpV4Mf/5VBmmbqYtzUGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN38OFu3TZCENButZkwt39LOXdTVMB8GA1UdIwQY
MBaAFMvC69o6sIUQ6+mhDmC+IxYCKKlCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy84MTRkZDAtMDllMS00MjczLTg3M2Et
NzQ2MzgxNWEzZjRlLzEveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy84MTRkZDAtMDllMS00MjczLTg3M2EtNzQ2MzgxNWEzZjRl
LzEveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAisypbYBr
VX2cFgK53v4oqdefjALDQ7FVWYTLfeWS5N6Dy4TK6GkTryIRTK5NnS2hQeaklEqa
F7XSRUx7myId8DgHwwGiga1HqxKtZBDS4BmrQKJTur2z+g+lE6FVWpCoo4IRndqr
YOh+xHlZH0ctN/KyTpv9lMQw2H2aVMWoBXjRIfN73XRlnlEzJ0QohnnzEZE7s0/B
S9fwQZUq6sujAFrj7+cmSUB/1kCdR8N3deY/Rrbiy8qSuYQY8K4Q/w8L5v3X6bg6
s9R4aAuArKMFwAxpW/YfytBsHMHTZEe05mjYaYsM20sQFlXJ1yYzNYO9PtnEtC1F
Ts1czqClrZIRMA==
-----END CERTIFICATE-----