Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.mft
File:                     KTvDpXSXMxBPe5zAUS2t4TbXCtA.mft (raw, json)
Hash identifier:          qAiWmM8kNtM0LYpnRjd7Zj4fvqKevSUvKTu5/DKsgEM=
Subject key identifier:   E5:3B:89:20:41:83:69:38:6E:B5:06:D8:04:C9:08:03:12:76:27:F7
Authority key identifier: 29:3B:C3:A5:74:97:33:10:4F:7B:9C:C0:51:2D:AD:E1:36:D7:0A:D0
Certificate issuer:       /CN=293bc3a5749733104f7b9cc0512dade136d70ad0
Certificate serial:       0194C3882F4600CEA23594C40DC9BBDEF1D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KTvDpXSXMxBPe5zAUS2t4TbXCtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.mft
Manifest number:          142B
Signing time:             Sat 01 Feb 2025 22:01:09 +0000
Manifest this update:     Sat 01 Feb 2025 22:01:09 +0000
Manifest next update:     Sun 02 Feb 2025 22:01:09 +0000
Files and hashes:         1: KTvDpXSXMxBPe5zAUS2t4TbXCtA.crl (hash: /D6jSKhvzVEo97KMVPJ3dwcu/dq1Xbt14Ucdz9DXGdQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KTvDpXSXMxBPe5zAUS2t4TbXCtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:88:2f:46:00:ce:a2:35:94:c4:0d:c9:bb:de:f1:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=293bc3a5749733104f7b9cc0512dade136d70ad0
        Validity
            Not Before: Feb  1 22:01:09 2025 GMT
            Not After : Feb  2 22:01:09 2025 GMT
        Subject: CN=e53b8920418369386eb506d804c90803127627f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:06:00:1b:d7:97:5a:46:c7:08:38:4c:c2:52:
                    1b:84:e3:7a:96:0c:b2:84:68:b4:43:6b:38:95:f9:
                    af:ea:5d:79:99:39:19:ea:c0:1d:00:e4:65:e9:a3:
                    9f:75:84:1b:06:9f:e0:28:af:73:61:d1:6c:16:a5:
                    a6:b8:5b:25:81:3b:02:8c:05:70:5a:b8:f1:74:8b:
                    66:48:e7:90:c7:a8:cd:ad:6f:74:4e:53:d9:d2:00:
                    d8:72:45:1e:6c:69:b5:7d:74:8f:00:ae:db:37:69:
                    c8:b5:8c:b8:8d:c3:98:6d:1b:b6:54:a7:f2:42:c5:
                    bd:e9:9f:c0:a7:ef:22:7f:33:3f:65:4d:c3:d4:28:
                    e4:30:62:1c:88:08:7e:02:03:82:fc:a2:41:9f:06:
                    73:52:ae:98:4a:78:34:fe:a5:84:63:e9:c0:39:7a:
                    16:08:c0:fc:58:76:97:36:ab:07:d9:bd:0b:2c:49:
                    d8:c1:6b:99:e5:73:f5:06:0e:15:35:83:52:84:9a:
                    f4:0d:88:45:75:33:9d:97:e1:f9:32:48:36:23:4d:
                    1f:58:8e:fb:2a:88:e2:88:20:24:a8:1b:e5:80:d5:
                    b7:a2:f1:e4:fe:df:a6:68:63:ba:ba:dc:05:a7:f4:
                    71:cb:09:c8:bc:fe:e3:e3:85:3f:8c:5a:4c:3c:4e:
                    5a:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:3B:89:20:41:83:69:38:6E:B5:06:D8:04:C9:08:03:12:76:27:F7
            X509v3 Authority Key Identifier:
                keyid:29:3B:C3:A5:74:97:33:10:4F:7B:9C:C0:51:2D:AD:E1:36:D7:0A:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KTvDpXSXMxBPe5zAUS2t4TbXCtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:32:09:df:fd:cd:bc:9a:fa:3d:eb:be:84:9d:bd:6e:71:7b:
         e5:be:bb:2d:43:ba:47:4c:c7:2d:7d:e5:a6:1b:36:32:69:b3:
         c6:e3:b3:7e:1a:c7:3a:87:c2:94:d8:20:9a:18:da:9f:0b:1f:
         46:60:f3:81:28:e0:a7:a4:8f:87:fa:3c:01:80:c0:e5:ab:ba:
         3d:0f:86:03:1c:c5:bb:23:30:46:b2:ce:a6:c1:08:dd:88:36:
         bf:be:e8:4d:fc:ba:be:1c:6d:f7:42:21:0e:62:95:42:85:19:
         ed:61:5d:b0:74:aa:61:dc:5a:29:6d:5f:be:a4:01:60:69:49:
         b3:78:cc:24:f5:54:f3:d0:ad:51:1e:81:36:e3:6b:ba:4b:e0:
         8f:5c:84:f1:3c:0b:17:01:81:74:8a:45:ef:e6:be:a0:56:d8:
         2f:87:7a:96:a3:8c:45:7f:b7:91:48:1d:b7:79:38:f4:cd:1f:
         cb:16:b4:f5:45:0a:68:2b:34:33:b5:7a:c3:15:06:3c:e5:12:
         49:0b:06:2c:97:ad:93:76:32:ab:60:15:aa:fb:af:38:6a:0f:
         11:ac:42:94:36:6a:f4:a4:f0:02:98:95:15:e9:3f:54:65:e5:
         7d:d7:bd:00:1d:35:e5:a3:e8:9c:b0:ba:ca:68:ce:2d:b5:76:
         a9:2f:59:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDiC9GAM6iNZTEDcm73vHWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5M2JjM2E1NzQ5NzMzMTA0ZjdiOWNjMDUxMmRhZGUxMzZk
NzBhZDAwHhcNMjUwMjAxMjIwMTA5WhcNMjUwMjAyMjIwMTA5WjAzMTEwLwYDVQQD
EyhlNTNiODkyMDQxODM2OTM4NmViNTA2ZDgwNGM5MDgwMzEyNzYyN2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAYAG9eXWkbHCDhMwlIbhON6lgyy
hGi0Q2s4lfmv6l15mTkZ6sAdAORl6aOfdYQbBp/gKK9zYdFsFqWmuFslgTsCjAVw
WrjxdItmSOeQx6jNrW90TlPZ0gDYckUebGm1fXSPAK7bN2nItYy4jcOYbRu2VKfy
QsW96Z/Ap+8ifzM/ZU3D1CjkMGIciAh+AgOC/KJBnwZzUq6YSng0/qWEY+nAOXoW
CMD8WHaXNqsH2b0LLEnYwWuZ5XP1Bg4VNYNShJr0DYhFdTOdl+H5Mkg2I00fWI77
KojiiCAkqBvlgNW3ovHk/t+maGO6utwFp/RxywnIvP7j44U/jFpMPE5acQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOU7iSBBg2k4brUG2ATJCAMSdif3MB8GA1UdIwQY
MBaAFCk7w6V0lzMQT3ucwFEtreE21wrQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1R2RHBYU1hNeEJQZTV6QVVTMnQ0VGJYQ3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9iYjdmOWUtMTVjMC00ZDU1LTgyMmIt
NjA5YTFlODYyN2ZkLzEvS1R2RHBYU1hNeEJQZTV6QVVTMnQ0VGJYQ3RBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9iYjdmOWUtMTVjMC00ZDU1LTgyMmItNjA5YTFlODYyN2Zk
LzEvS1R2RHBYU1hNeEJQZTV6QVVTMnQ0VGJYQ3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPjIJ3/3N
vJr6Peu+hJ29bnF75b67LUO6R0zHLX3lphs2MmmzxuOzfhrHOofClNggmhjanwsf
RmDzgSjgp6SPh/o8AYDA5au6PQ+GAxzFuyMwRrLOpsEI3Yg2v77oTfy6vhxt90Ih
DmKVQoUZ7WFdsHSqYdxaKW1fvqQBYGlJs3jMJPVU89CtUR6BNuNrukvgj1yE8TwL
FwGBdIpF7+a+oFbYL4d6lqOMRX+3kUgdt3k49M0fyxa09UUKaCs0M7V6wxUGPOUS
SQsGLJetk3Yyq2AVqvuvOGoPEaxClDZq9KTwApiVFek/VGXlfde9AB015aPonLC6
ymjOLbV2qS9Zow==
-----END CERTIFICATE-----