Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/d67a58-380f-427a-849a-f9940fa1e108/1/VElaL0HNEFrvBvKHCnYzmAHtuQ0.mft
File:                     VElaL0HNEFrvBvKHCnYzmAHtuQ0.mft (raw, json)
Hash identifier:          ey39TppvqoHYSSgS2QS7tD2EGq4wo4/0GLMGtlTAyEE=
Subject key identifier:   DD:26:90:52:07:9A:B9:BC:72:86:D4:36:3A:90:3B:4E:21:E0:03:5F
Authority key identifier: 54:49:5A:2F:41:CD:10:5A:EF:06:F2:87:0A:76:33:98:01:ED:B9:0D
Certificate issuer:       /CN=54495a2f41cd105aef06f2870a76339801edb90d
Certificate serial:       0194C3F631D9A929C74BF8844A7225CD4870
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VElaL0HNEFrvBvKHCnYzmAHtuQ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/d67a58-380f-427a-849a-f9940fa1e108/1/VElaL0HNEFrvBvKHCnYzmAHtuQ0.mft
Manifest number:          1D
Signing time:             Sun 02 Feb 2025 00:01:19 +0000
Manifest this update:     Sun 02 Feb 2025 00:01:19 +0000
Manifest next update:     Mon 03 Feb 2025 00:01:19 +0000
Files and hashes:         1: VElaL0HNEFrvBvKHCnYzmAHtuQ0.crl (hash: vuFr3UFCvDhY4vcq0akMblOwCHgPoIOrwIVIQutKTkc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/d67a58-380f-427a-849a-f9940fa1e108/1/VElaL0HNEFrvBvKHCnYzmAHtuQ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/d67a58-380f-427a-849a-f9940fa1e108/1/VElaL0HNEFrvBvKHCnYzmAHtuQ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VElaL0HNEFrvBvKHCnYzmAHtuQ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:f6:31:d9:a9:29:c7:4b:f8:84:4a:72:25:cd:48:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=54495a2f41cd105aef06f2870a76339801edb90d
        Validity
            Not Before: Feb  2 00:01:19 2025 GMT
            Not After : Feb  3 00:01:19 2025 GMT
        Subject: CN=dd269052079ab9bc7286d4363a903b4e21e0035f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:8d:79:5d:62:4d:18:d7:fb:3c:7d:7d:be:83:
                    56:be:d5:72:59:e4:e9:97:6d:c8:a1:e0:67:3c:21:
                    9a:b6:6a:0e:9a:49:a6:41:5e:7b:f5:74:59:9a:5f:
                    09:c1:e7:a3:89:09:87:36:ff:5c:7e:1e:b2:32:1f:
                    97:e1:20:94:de:b2:ed:f6:0d:d5:fc:18:82:b2:b8:
                    aa:50:ed:41:a6:bd:1a:bf:9b:59:96:53:47:44:c3:
                    b4:ae:24:1e:5a:61:06:63:02:34:01:03:40:8e:ef:
                    b7:9a:f4:e3:65:fd:94:08:3e:15:a1:29:d3:90:6a:
                    6a:f8:96:34:9f:fe:c0:a1:54:48:df:0a:8f:46:45:
                    b3:e2:7b:c5:38:c3:10:b8:08:38:e7:67:42:33:75:
                    2d:fa:b7:7b:3f:1c:52:68:7a:02:b7:6a:94:7e:e0:
                    17:84:a6:d5:93:9d:30:86:4a:38:57:32:64:23:e0:
                    25:a4:28:32:ba:00:24:52:4f:cd:49:bc:e5:85:f3:
                    68:24:70:d9:98:91:63:2b:75:1b:e1:ef:61:a8:da:
                    61:c7:69:40:0e:60:85:76:10:9d:b6:8c:b7:6f:f7:
                    36:e1:07:07:d9:0b:5f:46:ab:05:02:97:b9:4d:33:
                    f8:09:c9:4f:b2:10:b2:96:cb:77:ec:99:ee:1e:9e:
                    74:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:26:90:52:07:9A:B9:BC:72:86:D4:36:3A:90:3B:4E:21:E0:03:5F
            X509v3 Authority Key Identifier:
                keyid:54:49:5A:2F:41:CD:10:5A:EF:06:F2:87:0A:76:33:98:01:ED:B9:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VElaL0HNEFrvBvKHCnYzmAHtuQ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d67a58-380f-427a-849a-f9940fa1e108/1/VElaL0HNEFrvBvKHCnYzmAHtuQ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d67a58-380f-427a-849a-f9940fa1e108/1/VElaL0HNEFrvBvKHCnYzmAHtuQ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:88:3c:bd:cc:7c:aa:a3:2d:c5:fb:ed:2c:02:06:4f:6a:b5:
         41:ce:ea:70:85:a0:16:e4:96:3a:2d:2c:62:12:e9:88:df:56:
         8c:04:72:bc:33:60:9b:7c:22:3a:f0:0e:d5:4a:ed:8f:f1:a6:
         41:dc:d5:1c:2d:26:10:8a:40:fb:94:b4:12:91:49:03:2d:c6:
         48:85:2d:ee:25:50:0f:a8:38:8e:80:d7:b3:65:06:fb:7c:57:
         5e:cc:b6:99:df:cf:65:a1:a4:8b:08:da:22:c4:27:86:ac:41:
         1f:2e:52:a8:68:92:86:63:36:10:10:83:c3:0e:6d:04:43:94:
         2c:a2:e7:7f:c1:52:a5:58:bc:14:1d:e6:61:0c:5c:2f:2d:cf:
         57:b4:31:73:d6:84:e4:03:e5:cc:e6:7f:fb:d7:c9:84:23:1f:
         45:05:6e:b6:41:7a:92:49:c7:ce:55:b2:47:ff:9f:4d:57:f8:
         50:9d:e9:04:bb:3c:fb:29:59:b3:ee:26:29:54:6d:35:6a:5f:
         6d:7f:f5:22:7b:35:fc:d5:87:ea:ce:5d:a8:d6:ae:28:7f:94:
         c3:d0:60:c4:7a:06:92:03:09:72:56:dc:7a:14:7f:a9:48:fa:
         65:c6:d8:a2:7c:b0:19:9e:24:8b:c1:4f:e8:16:09:6c:33:4c:
         7e:a7:b3:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTD9jHZqSnHS/iESnIlzUhwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NDk1YTJmNDFjZDEwNWFlZjA2ZjI4NzBhNzYzMzk4MDFl
ZGI5MGQwHhcNMjUwMjAyMDAwMTE5WhcNMjUwMjAzMDAwMTE5WjAzMTEwLwYDVQQD
EyhkZDI2OTA1MjA3OWFiOWJjNzI4NmQ0MzYzYTkwM2I0ZTIxZTAwMzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7I15XWJNGNf7PH19voNWvtVyWeTp
l23IoeBnPCGatmoOmkmmQV579XRZml8JweejiQmHNv9cfh6yMh+X4SCU3rLt9g3V
/BiCsriqUO1Bpr0av5tZllNHRMO0riQeWmEGYwI0AQNAju+3mvTjZf2UCD4VoSnT
kGpq+JY0n/7AoVRI3wqPRkWz4nvFOMMQuAg452dCM3Ut+rd7PxxSaHoCt2qUfuAX
hKbVk50whko4VzJkI+AlpCgyugAkUk/NSbzlhfNoJHDZmJFjK3Ub4e9hqNphx2lA
DmCFdhCdtoy3b/c24QcH2QtfRqsFApe5TTP4CclPshCylst37JnuHp50+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN0mkFIHmrm8cobUNjqQO04h4ANfMB8GA1UdIwQY
MBaAFFRJWi9BzRBa7wbyhwp2M5gB7bkNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkVsYUwwSE5FRnJ2QnZLSENuWXptQUh0dVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9kNjdhNTgtMzgwZi00MjdhLTg0OWEt
Zjk5NDBmYTFlMTA4LzEvVkVsYUwwSE5FRnJ2QnZLSENuWXptQUh0dVEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9kNjdhNTgtMzgwZi00MjdhLTg0OWEtZjk5NDBmYTFlMTA4
LzEvVkVsYUwwSE5FRnJ2QnZLSENuWXptQUh0dVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMIg8vcx8
qqMtxfvtLAIGT2q1Qc7qcIWgFuSWOi0sYhLpiN9WjARyvDNgm3wiOvAO1Urtj/Gm
QdzVHC0mEIpA+5S0EpFJAy3GSIUt7iVQD6g4joDXs2UG+3xXXsy2md/PZaGkiwja
IsQnhqxBHy5SqGiShmM2EBCDww5tBEOULKLnf8FSpVi8FB3mYQxcLy3PV7Qxc9aE
5APlzOZ/+9fJhCMfRQVutkF6kknHzlWyR/+fTVf4UJ3pBLs8+ylZs+4mKVRtNWpf
bX/1Ins1/NWH6s5dqNauKH+Uw9BgxHoGkgMJclbcehR/qUj6ZcbYonywGZ4ki8FP
6BYJbDNMfqezEQ==
-----END CERTIFICATE-----