Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft
File:                     9bMQ6dROhHDWzYAJWQZssA8pHvo.mft (raw, json)
Hash identifier:          SkCX2Ofh8nc5cXP1WuNslEoQCAjDOcN+0PVIOT4BNtI=
Subject key identifier:   27:74:7C:41:5E:F8:E5:90:57:35:7C:A9:33:49:26:0B:12:28:D1:30
Authority key identifier: F5:B3:10:E9:D4:4E:84:70:D6:CD:80:09:59:06:6C:B0:0F:29:1E:FA
Certificate issuer:       /CN=f5b310e9d44e8470d6cd800959066cb00f291efa
Certificate serial:       019510C7B2BDCF41CCE011D8EE09E1841390
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft
Manifest number:          0EBA
Signing time:             Sun 16 Feb 2025 22:01:17 +0000
Manifest this update:     Sun 16 Feb 2025 22:01:17 +0000
Manifest next update:     Mon 17 Feb 2025 22:01:17 +0000
Files and hashes:         1: 9bMQ6dROhHDWzYAJWQZssA8pHvo.crl (hash: NbQjYi28XeB46lZeHUeN4yHMQKM5XAM6Zx528I0/FNY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:b2:bd:cf:41:cc:e0:11:d8:ee:09:e1:84:13:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5b310e9d44e8470d6cd800959066cb00f291efa
        Validity
            Not Before: Feb 16 22:01:17 2025 GMT
            Not After : Feb 17 22:01:17 2025 GMT
        Subject: CN=27747c415ef8e59057357ca93349260b1228d130
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:b1:98:38:6a:65:ae:0d:6e:d8:7a:1a:6d:29:
                    09:5d:29:8e:36:b6:0f:77:7f:2e:5a:70:3c:7b:4c:
                    ac:e7:bb:07:ee:71:e7:82:0e:d7:0f:33:ea:0e:29:
                    c8:6d:2e:dd:f7:bc:50:f0:b4:28:1b:a7:9d:b1:5b:
                    5a:c4:09:ee:b7:e5:95:77:bf:6e:e9:e4:bb:89:22:
                    4c:41:7d:3b:a5:f4:21:42:75:3e:2a:3e:62:cf:38:
                    37:26:28:dd:1f:30:23:b5:ef:1a:0f:66:24:7d:12:
                    6a:68:8b:9c:6d:3b:be:40:6b:1b:1c:53:d6:7b:13:
                    27:e1:a0:14:c2:a0:bc:b9:a4:66:a0:b3:a5:4e:76:
                    d1:ad:d3:5d:55:37:8a:ea:03:2e:76:2b:12:cd:dc:
                    01:05:12:54:b4:fb:22:c6:78:19:6e:05:5b:42:a9:
                    73:29:1a:6d:fa:4f:e5:1c:7f:3a:5d:4f:dd:48:a9:
                    c3:07:d4:16:73:0c:c7:01:fd:ed:45:39:83:a2:89:
                    ed:96:fd:b0:35:5a:a6:d5:60:7f:97:d4:82:de:08:
                    a2:b5:c9:73:f4:d7:76:f1:2c:bb:0c:63:1e:be:ae:
                    ef:45:20:0d:3b:52:2c:f6:a7:c5:c8:ac:b2:39:d8:
                    54:09:ce:8f:d7:d3:c3:08:00:dc:cb:19:1e:fd:db:
                    8c:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:74:7C:41:5E:F8:E5:90:57:35:7C:A9:33:49:26:0B:12:28:D1:30
            X509v3 Authority Key Identifier:
                keyid:F5:B3:10:E9:D4:4E:84:70:D6:CD:80:09:59:06:6C:B0:0F:29:1E:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:ae:b9:eb:93:10:49:65:64:d7:60:76:83:87:a1:84:18:ce:
         45:77:21:cc:65:2c:c3:1f:e5:d4:67:73:46:e6:c1:b3:6b:52:
         e5:8b:74:82:69:b3:0c:f5:3f:b2:15:35:70:c0:91:3c:82:30:
         5c:17:ef:ec:bc:ad:24:e4:3a:49:74:dc:ab:5b:fc:2e:d3:75:
         5c:e1:1f:7d:dc:72:d3:82:a7:96:19:33:11:45:a2:1f:06:e7:
         57:63:f4:d0:8f:a1:80:74:7f:e6:b5:42:ba:3b:6c:21:b5:3a:
         fe:eb:00:70:96:f2:4f:ee:f3:6e:b4:9c:9a:96:46:ec:6e:dc:
         c8:38:0a:ab:e3:40:9f:4c:2b:6d:ce:4c:93:33:ed:4a:db:dd:
         4a:07:5a:ae:65:8b:31:04:27:dd:af:83:fa:01:a3:27:32:e8:
         45:0b:42:6e:ec:a6:9c:28:6a:5f:46:1b:8e:af:47:95:0f:fb:
         62:17:7a:3a:89:47:27:4d:10:2d:b1:c0:a8:ce:44:c3:26:38:
         4a:d5:3b:4d:bf:0e:c8:59:be:67:22:15:d8:f1:6a:10:0c:7c:
         97:75:72:cf:69:ad:f4:dd:c0:87:04:9e:2b:f4:b6:40:32:5f:
         7c:72:97:80:b7:b0:04:c3:e5:e9:d8:f2:3d:95:f8:37:26:0f:
         46:55:cf:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQx7K9z0HM4BHY7gnhhBOQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YjMxMGU5ZDQ0ZTg0NzBkNmNkODAwOTU5MDY2Y2IwMGYy
OTFlZmEwHhcNMjUwMjE2MjIwMTE3WhcNMjUwMjE3MjIwMTE3WjAzMTEwLwYDVQQD
EygyNzc0N2M0MTVlZjhlNTkwNTczNTdjYTkzMzQ5MjYwYjEyMjhkMTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLGYOGplrg1u2HoabSkJXSmONrYP
d38uWnA8e0ys57sH7nHngg7XDzPqDinIbS7d97xQ8LQoG6edsVtaxAnut+WVd79u
6eS7iSJMQX07pfQhQnU+Kj5izzg3JijdHzAjte8aD2YkfRJqaIucbTu+QGsbHFPW
exMn4aAUwqC8uaRmoLOlTnbRrdNdVTeK6gMudisSzdwBBRJUtPsixngZbgVbQqlz
KRpt+k/lHH86XU/dSKnDB9QWcwzHAf3tRTmDoontlv2wNVqm1WB/l9SC3giitclz
9Nd28Sy7DGMevq7vRSANO1Is9qfFyKyyOdhUCc6P19PDCADcyxke/duMAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCd0fEFe+OWQVzV8qTNJJgsSKNEwMB8GA1UdIwQY
MBaAFPWzEOnUToRw1s2ACVkGbLAPKR76MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9mNDhkZTEtOWYzMy00ZjBhLTg2NzYt
ZTgzNmViM2QyZjFmLzEvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9mNDhkZTEtOWYzMy00ZjBhLTg2NzYtZTgzNmViM2QyZjFm
LzEvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE66565MQ
SWVk12B2g4ehhBjORXchzGUswx/l1GdzRubBs2tS5Yt0gmmzDPU/shU1cMCRPIIw
XBfv7LytJOQ6SXTcq1v8LtN1XOEffdxy04KnlhkzEUWiHwbnV2P00I+hgHR/5rVC
ujtsIbU6/usAcJbyT+7zbrScmpZG7G7cyDgKq+NAn0wrbc5MkzPtStvdSgdarmWL
MQQn3a+D+gGjJzLoRQtCbuymnChqX0Ybjq9HlQ/7Yhd6OolHJ00QLbHAqM5EwyY4
StU7Tb8OyFm+ZyIV2PFqEAx8l3Vyz2mt9N3AhwSeK/S2QDJffHKXgLewBMPl6djy
PZX4NyYPRlXPpQ==
-----END CERTIFICATE-----