Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/3b5877-aa65-49fc-859d-905dbab8bd57/1/ET9u8WzirCilmQYD0folvUl1lN0.mft
File:                     ET9u8WzirCilmQYD0folvUl1lN0.mft (raw, json)
Hash identifier:          tRnqg42Cg6zX+rrQpjt0YLhiRFb+jzN8EYwxRSOc59k=
Subject key identifier:   45:75:54:47:94:17:8D:C7:5B:FA:DE:AA:C0:CC:78:9A:3A:50:E4:81
Authority key identifier: 11:3F:6E:F1:6C:E2:AC:28:A5:99:06:03:D1:FA:25:BD:49:75:94:DD
Certificate issuer:       /CN=113f6ef16ce2ac28a5990603d1fa25bd497594dd
Certificate serial:       019511A2B6FC4333DCC371B86F01F3AE35D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ET9u8WzirCilmQYD0folvUl1lN0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/3b5877-aa65-49fc-859d-905dbab8bd57/1/ET9u8WzirCilmQYD0folvUl1lN0.mft
Manifest number:          030A
Signing time:             Mon 17 Feb 2025 02:00:31 +0000
Manifest this update:     Mon 17 Feb 2025 02:00:31 +0000
Manifest next update:     Tue 18 Feb 2025 02:00:31 +0000
Files and hashes:         1: ET9u8WzirCilmQYD0folvUl1lN0.crl (hash: 0oaPMW5cK6XCcYJgmVt2bZtnppx3Bz0l/0FRKEVipOo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/3b5877-aa65-49fc-859d-905dbab8bd57/1/ET9u8WzirCilmQYD0folvUl1lN0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/3b5877-aa65-49fc-859d-905dbab8bd57/1/ET9u8WzirCilmQYD0folvUl1lN0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ET9u8WzirCilmQYD0folvUl1lN0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:a2:b6:fc:43:33:dc:c3:71:b8:6f:01:f3:ae:35:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=113f6ef16ce2ac28a5990603d1fa25bd497594dd
        Validity
            Not Before: Feb 17 02:00:31 2025 GMT
            Not After : Feb 18 02:00:31 2025 GMT
        Subject: CN=4575544794178dc75bfadeaac0cc789a3a50e481
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:7e:c0:64:d8:c0:bd:c0:75:e6:86:00:a5:4a:
                    21:49:16:0c:7a:95:bf:1c:f2:dc:b8:ec:27:95:2b:
                    e6:c4:3f:cb:f3:5b:b2:41:ae:2c:15:8f:1c:51:48:
                    87:dc:5d:4b:20:fb:5a:fe:56:12:2d:73:63:2d:fd:
                    97:51:f6:71:71:b3:39:a9:f1:f4:e6:5e:4b:2d:e1:
                    ed:e8:03:8f:df:fb:a4:00:66:de:5f:89:1a:32:f9:
                    98:91:0d:35:fd:54:69:62:97:7b:40:c8:7a:3b:25:
                    9a:09:31:47:0c:94:d8:93:d0:97:1a:55:36:99:cc:
                    d3:5b:d5:20:b9:7f:7f:bb:df:f3:ab:b4:70:6a:6b:
                    b9:81:73:bc:59:48:21:0e:b9:86:5f:4a:a2:bd:6f:
                    19:01:62:2a:c6:d3:0a:c4:af:56:33:69:35:c7:7f:
                    f8:b1:3e:71:ef:4a:0e:ba:0d:74:f8:d0:3a:73:5c:
                    15:2c:99:e4:98:59:84:ad:97:82:b3:dd:c6:d7:7e:
                    a3:23:1f:50:f0:d8:20:8e:dd:5d:28:85:45:a9:b9:
                    c8:38:b4:c1:2d:4a:e8:0f:40:c0:5b:11:6f:49:8e:
                    cb:38:4e:68:29:34:e4:51:3c:63:bd:f1:2c:bf:72:
                    b1:f1:ba:f1:f2:fb:fe:19:ea:2a:97:cf:59:26:98:
                    19:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:75:54:47:94:17:8D:C7:5B:FA:DE:AA:C0:CC:78:9A:3A:50:E4:81
            X509v3 Authority Key Identifier:
                keyid:11:3F:6E:F1:6C:E2:AC:28:A5:99:06:03:D1:FA:25:BD:49:75:94:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ET9u8WzirCilmQYD0folvUl1lN0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3b5877-aa65-49fc-859d-905dbab8bd57/1/ET9u8WzirCilmQYD0folvUl1lN0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3b5877-aa65-49fc-859d-905dbab8bd57/1/ET9u8WzirCilmQYD0folvUl1lN0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:1a:12:40:7d:8d:4c:4c:cb:2c:75:34:b1:17:b7:3a:ee:70:
         ee:cc:3c:e8:2a:41:fb:7a:0d:3d:46:4a:ae:ce:b2:4c:8a:e6:
         2d:87:7c:41:59:34:a0:cc:67:c3:a3:f4:b6:2e:8d:12:25:f8:
         65:83:81:bf:de:1d:8e:c5:46:c0:e3:b9:08:2f:42:92:40:e3:
         ab:f3:e6:89:ab:82:d0:b2:ef:54:8c:b3:9e:77:8f:f2:89:f3:
         76:54:80:26:6e:fa:5f:e1:ac:29:f3:b7:81:cd:1f:9d:ca:33:
         52:31:59:70:0a:0f:37:dd:a2:22:a6:04:47:a1:65:cb:ff:33:
         bc:e2:93:d2:32:de:53:c4:60:a2:15:99:5d:df:1c:08:d5:56:
         31:94:a0:e1:aa:44:74:87:90:13:31:6e:c5:58:41:1d:fa:c0:
         88:6f:9d:f9:6b:a8:78:1b:ee:1d:e1:08:17:c0:ed:4c:af:5b:
         ba:20:35:ba:14:20:cb:1b:de:52:d2:f1:27:f8:c7:fc:25:41:
         23:93:ff:6b:ec:26:c2:da:7f:6e:6e:2c:c8:1f:91:e5:81:c1:
         95:a8:d2:1b:89:03:4b:4c:22:2b:ac:84:a2:68:c8:2e:4b:db:
         14:9e:69:e8:b5:a4:2a:27:5a:d8:c8:e4:66:b7:14:0d:c6:df:
         72:50:33:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURorb8QzPcw3G4bwHzrjXWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExM2Y2ZWYxNmNlMmFjMjhhNTk5MDYwM2QxZmEyNWJkNDk3
NTk0ZGQwHhcNMjUwMjE3MDIwMDMxWhcNMjUwMjE4MDIwMDMxWjAzMTEwLwYDVQQD
Eyg0NTc1NTQ0Nzk0MTc4ZGM3NWJmYWRlYWFjMGNjNzg5YTNhNTBlNDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArX7AZNjAvcB15oYApUohSRYMepW/
HPLcuOwnlSvmxD/L81uyQa4sFY8cUUiH3F1LIPta/lYSLXNjLf2XUfZxcbM5qfH0
5l5LLeHt6AOP3/ukAGbeX4kaMvmYkQ01/VRpYpd7QMh6OyWaCTFHDJTYk9CXGlU2
mczTW9UguX9/u9/zq7Rwamu5gXO8WUghDrmGX0qivW8ZAWIqxtMKxK9WM2k1x3/4
sT5x70oOug10+NA6c1wVLJnkmFmErZeCs93G136jIx9Q8Nggjt1dKIVFqbnIOLTB
LUroD0DAWxFvSY7LOE5oKTTkUTxjvfEsv3Kx8brx8vv+Geoql89ZJpgZOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEV1VEeUF43HW/reqsDMeJo6UOSBMB8GA1UdIwQY
MBaAFBE/bvFs4qwopZkGA9H6Jb1JdZTdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVQ5dThXemlyQ2lsbVFZRDBmb2x2VWwxbE4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8zYjU4NzctYWE2NS00OWZjLTg1OWQt
OTA1ZGJhYjhiZDU3LzEvRVQ5dThXemlyQ2lsbVFZRDBmb2x2VWwxbE4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8zYjU4NzctYWE2NS00OWZjLTg1OWQtOTA1ZGJhYjhiZDU3
LzEvRVQ5dThXemlyQ2lsbVFZRDBmb2x2VWwxbE4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFBoSQH2N
TEzLLHU0sRe3Ou5w7sw86CpB+3oNPUZKrs6yTIrmLYd8QVk0oMxnw6P0ti6NEiX4
ZYOBv94djsVGwOO5CC9CkkDjq/PmiauC0LLvVIyznneP8onzdlSAJm76X+GsKfO3
gc0fncozUjFZcAoPN92iIqYER6Fly/8zvOKT0jLeU8RgohWZXd8cCNVWMZSg4apE
dIeQEzFuxVhBHfrAiG+d+WuoeBvuHeEIF8DtTK9buiA1uhQgyxveUtLxJ/jH/CVB
I5P/a+wmwtp/bm4syB+R5YHBlajSG4kDS0wiK6yEomjILkvbFJ5p6LWkKida2Mjk
ZrcUDcbfclAz5g==
-----END CERTIFICATE-----