Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.mft
File:                     f35evW-kacXjcL_BBsTUqtHh25Q.mft (raw, json)
Hash identifier:          w/l/+CH9M/df8AR7euis49MHbBPeyah08hXeaWs9w3c=
Subject key identifier:   04:3A:5B:F1:73:2C:5A:84:18:D3:E7:D7:23:D7:3B:BF:6E:98:11:36
Authority key identifier: 7F:7E:5E:BD:6F:A4:69:C5:E3:70:BF:C1:06:C4:D4:AA:D1:E1:DB:94
Certificate issuer:       /CN=7f7e5ebd6fa469c5e370bfc106c4d4aad1e1db94
Certificate serial:       019511355DFCDFCC5A66ED575EAC9D9277AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/f35evW-kacXjcL_BBsTUqtHh25Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.mft
Manifest number:          0CBE
Signing time:             Mon 17 Feb 2025 00:01:04 +0000
Manifest this update:     Mon 17 Feb 2025 00:01:04 +0000
Manifest next update:     Tue 18 Feb 2025 00:01:04 +0000
Files and hashes:         1: f35evW-kacXjcL_BBsTUqtHh25Q.crl (hash: XpbToPj+4Hnx4gYHLLTE1vUZpsePkGmyho4MRiLwguw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/f35evW-kacXjcL_BBsTUqtHh25Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:35:5d:fc:df:cc:5a:66:ed:57:5e:ac:9d:92:77:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7f7e5ebd6fa469c5e370bfc106c4d4aad1e1db94
        Validity
            Not Before: Feb 17 00:01:04 2025 GMT
            Not After : Feb 18 00:01:04 2025 GMT
        Subject: CN=043a5bf1732c5a8418d3e7d723d73bbf6e981136
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:62:40:e7:58:99:1a:52:27:2e:2d:ca:6b:52:
                    03:d8:2b:b2:a3:c0:4f:52:71:3c:03:ba:e7:bd:c2:
                    42:6b:4d:20:23:2b:ac:eb:b2:93:65:cc:ec:ff:d1:
                    36:25:fc:17:65:ac:60:47:9d:05:e7:f7:b6:20:c2:
                    c0:20:5a:a7:bd:7c:e7:32:9e:b5:6b:38:ff:44:b9:
                    e5:65:0c:a1:1f:bc:57:cc:09:b1:6c:71:ed:84:35:
                    74:e6:5b:5f:e4:50:21:b3:1b:65:0b:1b:c5:28:fa:
                    85:f0:02:3d:1f:34:f9:ae:6d:0e:81:84:ee:74:22:
                    ff:06:42:36:b5:f0:b7:98:45:3c:7c:9b:c2:d0:65:
                    7c:c4:cd:00:98:a7:43:fa:91:1f:3c:56:95:56:35:
                    74:f1:80:7a:0c:50:b2:59:68:0a:df:7a:e3:9e:97:
                    7c:8e:71:28:96:5f:32:a9:e2:52:c3:51:19:7b:b9:
                    94:94:83:c7:be:5c:9e:37:d9:49:86:58:53:fc:b9:
                    cc:09:88:1a:fe:84:27:e8:3c:1e:6b:32:ef:dc:c5:
                    8d:77:1c:34:e7:59:87:9b:69:f6:00:91:ab:0a:0c:
                    76:79:9a:38:6e:78:47:c0:6c:b6:4a:2b:f4:db:11:
                    a3:3e:bd:62:50:64:db:ce:d5:a8:d2:4d:e8:2c:fc:
                    8f:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:3A:5B:F1:73:2C:5A:84:18:D3:E7:D7:23:D7:3B:BF:6E:98:11:36
            X509v3 Authority Key Identifier:
                keyid:7F:7E:5E:BD:6F:A4:69:C5:E3:70:BF:C1:06:C4:D4:AA:D1:E1:DB:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f35evW-kacXjcL_BBsTUqtHh25Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:8a:d7:35:17:c7:74:e4:09:f1:8c:f1:07:98:0f:dd:5a:0d:
         21:5f:3b:c6:28:ba:6e:b7:a5:ac:ec:36:41:33:c1:9c:c9:fa:
         07:86:15:65:0c:b6:d2:f9:9f:c2:ed:b9:09:5e:b3:27:48:74:
         96:22:14:a6:12:7a:4d:af:a6:fe:2b:60:ad:e0:2d:4c:00:1a:
         98:b1:20:98:fc:25:16:03:00:54:51:3f:d2:46:3a:5c:f1:34:
         3d:9e:57:f2:c3:3e:e2:40:aa:6a:b1:b5:0b:c7:21:3b:62:22:
         f7:7b:e9:27:a1:cf:e5:1f:d0:ad:41:a5:01:e1:6a:b7:b1:5c:
         5d:6b:d8:71:2e:17:86:44:b4:05:cd:3d:0b:02:f9:a9:c6:b7:
         32:c8:59:af:2e:6f:05:e3:4e:a3:63:89:20:10:92:4d:a8:38:
         2a:f0:f9:54:cc:fa:3d:44:38:f1:a3:12:2a:5f:bf:e1:3e:fc:
         ce:ae:05:d9:c9:e4:26:59:e9:d2:2c:0e:6c:c6:ff:87:63:23:
         0d:e5:e0:38:3d:ad:03:8f:9b:aa:ba:cf:1b:f2:61:f6:9b:fb:
         d3:ec:62:01:d9:25:06:41:be:63:0b:3f:e0:de:1c:2d:32:92:
         cb:a0:78:12:52:de:78:c6:6a:9a:fa:91:9f:a6:33:45:23:0e:
         f3:d5:3a:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURNV3838xaZu1XXqydknerMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmN2U1ZWJkNmZhNDY5YzVlMzcwYmZjMTA2YzRkNGFhZDFl
MWRiOTQwHhcNMjUwMjE3MDAwMTA0WhcNMjUwMjE4MDAwMTA0WjAzMTEwLwYDVQQD
EygwNDNhNWJmMTczMmM1YTg0MThkM2U3ZDcyM2Q3M2JiZjZlOTgxMTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmJA51iZGlInLi3Ka1ID2Cuyo8BP
UnE8A7rnvcJCa00gIyus67KTZczs/9E2JfwXZaxgR50F5/e2IMLAIFqnvXznMp61
azj/RLnlZQyhH7xXzAmxbHHthDV05ltf5FAhsxtlCxvFKPqF8AI9HzT5rm0OgYTu
dCL/BkI2tfC3mEU8fJvC0GV8xM0AmKdD+pEfPFaVVjV08YB6DFCyWWgK33rjnpd8
jnEoll8yqeJSw1EZe7mUlIPHvlyeN9lJhlhT/LnMCYga/oQn6DweazLv3MWNdxw0
51mHm2n2AJGrCgx2eZo4bnhHwGy2Siv02xGjPr1iUGTbztWo0k3oLPyPLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAQ6W/FzLFqEGNPn1yPXO79umBE2MB8GA1UdIwQY
MBaAFH9+Xr1vpGnF43C/wQbE1KrR4duUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjM1ZXZXLWthY1hqY0xfQkJzVFVxdEhoMjVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9jM2U4ZWQtNTk3YS00ODVhLTk0YTMt
OTgyY2ZiMzU5YWVlLzEvZjM1ZXZXLWthY1hqY0xfQkJzVFVxdEhoMjVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9jM2U4ZWQtNTk3YS00ODVhLTk0YTMtOTgyY2ZiMzU5YWVl
LzEvZjM1ZXZXLWthY1hqY0xfQkJzVFVxdEhoMjVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkIrXNRfH
dOQJ8YzxB5gP3VoNIV87xii6brelrOw2QTPBnMn6B4YVZQy20vmfwu25CV6zJ0h0
liIUphJ6Ta+m/itgreAtTAAamLEgmPwlFgMAVFE/0kY6XPE0PZ5X8sM+4kCqarG1
C8chO2Ii93vpJ6HP5R/QrUGlAeFqt7FcXWvYcS4XhkS0Bc09CwL5qca3MshZry5v
BeNOo2OJIBCSTag4KvD5VMz6PUQ48aMSKl+/4T78zq4F2cnkJlnp0iwObMb/h2Mj
DeXgOD2tA4+bqrrPG/Jh9pv70+xiAdklBkG+Yws/4N4cLTKSy6B4ElLeeMZqmvqR
n6YzRSMO89U6tg==
-----END CERTIFICATE-----