Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/52c916-fd6f-41c0-8f3a-58559a94c426/1/8KSyRplUYkr0JKVO8WdhwhWLJIM.mft
File:                     8KSyRplUYkr0JKVO8WdhwhWLJIM.mft (raw, json)
Hash identifier:          DNYM9n60V34rfyVJc4zwEZN6dYlkO3vp70G6AG5V12k=
Subject key identifier:   4D:D6:8B:1D:B0:EC:FB:FF:08:67:C3:58:BF:80:5D:E9:C2:B4:C5:75
Authority key identifier: F0:A4:B2:46:99:54:62:4A:F4:24:A5:4E:F1:67:61:C2:15:8B:24:83
Certificate issuer:       /CN=f0a4b2469954624af424a54ef16761c2158b2483
Certificate serial:       019511A30A55C99F02650C0A5BDFCF63DB79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8KSyRplUYkr0JKVO8WdhwhWLJIM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/52c916-fd6f-41c0-8f3a-58559a94c426/1/8KSyRplUYkr0JKVO8WdhwhWLJIM.mft
Manifest number:          13B3
Signing time:             Mon 17 Feb 2025 02:00:52 +0000
Manifest this update:     Mon 17 Feb 2025 02:00:52 +0000
Manifest next update:     Tue 18 Feb 2025 02:00:52 +0000
Files and hashes:         1: 8KSyRplUYkr0JKVO8WdhwhWLJIM.crl (hash: t2Z1I2P7AGt2+4aqDxPYgHEsuuw8awjxu6rJvH9OaYY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1c/52c916-fd6f-41c0-8f3a-58559a94c426/1/8KSyRplUYkr0JKVO8WdhwhWLJIM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1c/52c916-fd6f-41c0-8f3a-58559a94c426/1/8KSyRplUYkr0JKVO8WdhwhWLJIM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8KSyRplUYkr0JKVO8WdhwhWLJIM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:a3:0a:55:c9:9f:02:65:0c:0a:5b:df:cf:63:db:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f0a4b2469954624af424a54ef16761c2158b2483
        Validity
            Not Before: Feb 17 02:00:52 2025 GMT
            Not After : Feb 18 02:00:52 2025 GMT
        Subject: CN=4dd68b1db0ecfbff0867c358bf805de9c2b4c575
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:61:3a:d6:70:6e:d7:1c:3c:31:2d:6f:4e:7d:
                    38:d9:24:c8:0a:b4:12:ad:d5:08:d6:ad:4f:4d:00:
                    f9:b1:22:80:5a:f2:1c:cd:0c:2f:ed:6c:7f:9c:f2:
                    07:48:f5:96:2f:a0:14:45:47:92:fe:fb:26:5c:f8:
                    b9:0b:09:10:5f:85:27:9f:9a:ff:61:03:ef:fb:f4:
                    1e:3a:28:99:41:b5:f6:9f:0c:bd:e6:09:24:ba:3d:
                    58:83:ba:d5:85:d6:b7:2c:6d:11:c0:8f:e6:09:33:
                    18:41:8b:4a:df:60:64:9d:1c:27:3a:f0:ba:93:a1:
                    f0:c9:39:4d:51:a0:9c:8f:2b:9f:96:66:9d:9d:59:
                    7e:9c:7a:9e:b8:fa:2e:e3:9e:ea:79:4d:d6:1e:7d:
                    46:a6:91:15:e5:b7:29:d9:d6:f9:37:d0:4c:7b:00:
                    7c:ad:ed:e2:1a:31:48:1b:79:83:46:9a:86:13:b9:
                    1e:44:30:33:44:fc:b4:f8:f7:e7:d1:a3:65:f8:de:
                    b0:9c:f6:1d:25:47:83:0d:96:0a:93:55:c7:4b:54:
                    3f:55:20:5e:df:f6:8d:54:0e:2f:03:7e:a1:c4:41:
                    48:9a:d9:08:a0:35:6e:91:c6:92:fe:84:ac:82:2b:
                    62:9c:ea:74:5a:0d:de:7a:c8:e0:de:0f:a6:9a:0a:
                    e8:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:D6:8B:1D:B0:EC:FB:FF:08:67:C3:58:BF:80:5D:E9:C2:B4:C5:75
            X509v3 Authority Key Identifier:
                keyid:F0:A4:B2:46:99:54:62:4A:F4:24:A5:4E:F1:67:61:C2:15:8B:24:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8KSyRplUYkr0JKVO8WdhwhWLJIM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/52c916-fd6f-41c0-8f3a-58559a94c426/1/8KSyRplUYkr0JKVO8WdhwhWLJIM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/52c916-fd6f-41c0-8f3a-58559a94c426/1/8KSyRplUYkr0JKVO8WdhwhWLJIM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:fc:fb:47:bf:c9:79:b2:6f:ba:1b:9c:cd:8f:7e:99:41:b6:
         f8:3f:7c:9a:3d:83:4b:b6:a3:5c:0b:6b:48:c8:a8:51:7d:69:
         02:64:b5:4f:89:34:65:2e:52:36:18:92:d8:ba:26:fb:6e:63:
         16:80:cd:e7:7c:b0:3a:14:dc:b9:ac:82:7d:6d:bb:e0:06:17:
         c8:28:31:4b:26:ed:50:9d:5e:15:4c:5a:25:c5:41:cd:ce:ae:
         18:d5:a3:e0:ff:ce:ea:40:40:59:b1:d5:7b:fe:5a:04:e6:dd:
         51:f6:47:5d:21:9c:dd:16:01:83:7a:ec:70:94:ad:f4:32:f6:
         32:00:f1:b4:91:ea:51:0a:ac:cc:0a:a6:2a:d8:c0:c2:58:84:
         80:c6:ed:8d:2a:4c:a8:86:c7:63:48:33:ad:b4:80:08:05:e5:
         d0:36:4c:19:fe:14:95:ab:5d:21:82:da:b6:c7:32:b9:9b:7c:
         fd:ba:98:c1:2e:08:43:f0:8f:5a:a4:de:91:1d:f4:5f:69:03:
         10:d3:12:de:f1:d1:3b:38:32:f6:dd:0e:dd:c2:2c:ab:ef:7b:
         5e:ce:8d:12:d8:9f:c1:c3:05:dd:3a:66:a5:31:33:99:17:4f:
         b5:23:57:d1:ce:5b:42:d4:cd:47:05:33:2d:bb:87:e0:a7:c3:
         8c:e5:fe:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURowpVyZ8CZQwKW9/PY9t5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYTRiMjQ2OTk1NDYyNGFmNDI0YTU0ZWYxNjc2MWMyMTU4
YjI0ODMwHhcNMjUwMjE3MDIwMDUyWhcNMjUwMjE4MDIwMDUyWjAzMTEwLwYDVQQD
Eyg0ZGQ2OGIxZGIwZWNmYmZmMDg2N2MzNThiZjgwNWRlOWMyYjRjNTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWE61nBu1xw8MS1vTn042STICrQS
rdUI1q1PTQD5sSKAWvIczQwv7Wx/nPIHSPWWL6AURUeS/vsmXPi5CwkQX4Unn5r/
YQPv+/QeOiiZQbX2nwy95gkkuj1Yg7rVhda3LG0RwI/mCTMYQYtK32BknRwnOvC6
k6HwyTlNUaCcjyuflmadnVl+nHqeuPou457qeU3WHn1GppEV5bcp2db5N9BMewB8
re3iGjFIG3mDRpqGE7keRDAzRPy0+Pfn0aNl+N6wnPYdJUeDDZYKk1XHS1Q/VSBe
3/aNVA4vA36hxEFImtkIoDVukcaS/oSsgitinOp0Wg3eesjg3g+mmgroYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE3Wix2w7Pv/CGfDWL+AXenCtMV1MB8GA1UdIwQY
MBaAFPCkskaZVGJK9CSlTvFnYcIViySDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEtTeVJwbFVZa3IwSktWTzhXZGh3aFdMSklNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy81MmM5MTYtZmQ2Zi00MWMwLThmM2Et
NTg1NTlhOTRjNDI2LzEvOEtTeVJwbFVZa3IwSktWTzhXZGh3aFdMSklNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy81MmM5MTYtZmQ2Zi00MWMwLThmM2EtNTg1NTlhOTRjNDI2
LzEvOEtTeVJwbFVZa3IwSktWTzhXZGh3aFdMSklNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh/z7R7/J
ebJvuhuczY9+mUG2+D98mj2DS7ajXAtrSMioUX1pAmS1T4k0ZS5SNhiS2Lom+25j
FoDN53ywOhTcuayCfW274AYXyCgxSybtUJ1eFUxaJcVBzc6uGNWj4P/O6kBAWbHV
e/5aBObdUfZHXSGc3RYBg3rscJSt9DL2MgDxtJHqUQqszAqmKtjAwliEgMbtjSpM
qIbHY0gzrbSACAXl0DZMGf4UlatdIYLatscyuZt8/bqYwS4IQ/CPWqTekR30X2kD
ENMS3vHROzgy9t0O3cIsq+97Xs6NEtifwcMF3TpmpTEzmRdPtSNX0c5bQtTNRwUz
LbuH4KfDjOX+8g==
-----END CERTIFICATE-----