Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.mft
File:                     aKdHLVMoQJWQWt4gPK-RHNGsF3E.mft (raw, json)
Hash identifier:          kQXMVnFGlctpE6rXgzKezSnNZv0CQ+TF9vQVWenLLgU=
Subject key identifier:   5C:51:AC:E8:DC:35:73:18:0A:CD:DB:06:95:33:92:73:D4:4B:2F:0B
Authority key identifier: 68:A7:47:2D:53:28:40:95:90:5A:DE:20:3C:AF:91:1C:D1:AC:17:71
Certificate issuer:       /CN=68a7472d53284095905ade203caf911cd1ac1771
Certificate serial:       0195116C11055A2E8FD19A3046A6AAC24271
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aKdHLVMoQJWQWt4gPK-RHNGsF3E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.mft
Manifest number:          FC
Signing time:             Mon 17 Feb 2025 01:00:49 +0000
Manifest this update:     Mon 17 Feb 2025 01:00:49 +0000
Manifest next update:     Tue 18 Feb 2025 01:00:49 +0000
Files and hashes:         1: aKdHLVMoQJWQWt4gPK-RHNGsF3E.crl (hash: u36YwWvtHYmhM0qYP2aEV62Vk4zFtt5crhQYy9FLi64=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aKdHLVMoQJWQWt4gPK-RHNGsF3E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:6c:11:05:5a:2e:8f:d1:9a:30:46:a6:aa:c2:42:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68a7472d53284095905ade203caf911cd1ac1771
        Validity
            Not Before: Feb 17 01:00:49 2025 GMT
            Not After : Feb 18 01:00:49 2025 GMT
        Subject: CN=5c51ace8dc3573180acddb0695339273d44b2f0b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:ef:7d:31:d0:4b:02:fe:b0:10:c3:a2:e9:e2:
                    ce:e2:a2:76:4d:74:de:f3:fe:03:67:6a:cf:ca:83:
                    86:1e:04:68:5f:f3:82:81:b1:45:34:da:b6:4b:46:
                    1b:6f:80:6e:29:6e:67:1d:5d:c9:88:b6:78:91:3e:
                    c0:98:bb:90:2f:21:78:cc:20:a3:57:6e:f0:6d:f0:
                    d4:f0:f7:6c:65:e7:50:63:39:89:d2:1c:95:10:c3:
                    de:35:ad:e9:61:50:43:24:c6:05:66:f8:52:66:dd:
                    5b:68:11:3d:ed:e2:09:99:85:1e:b4:67:58:ac:93:
                    91:00:26:fa:e3:4a:bf:d1:52:77:82:e8:5f:45:66:
                    46:fc:f9:3e:96:da:d8:9f:41:32:32:75:32:c4:21:
                    62:a7:94:03:fb:bf:a3:53:6f:f2:70:3b:95:3d:5c:
                    d7:4e:af:fb:13:df:ad:78:55:50:3a:6d:5a:4c:45:
                    a4:d2:14:6c:18:54:a3:3b:63:8b:9a:78:66:66:52:
                    75:3f:c0:02:88:c0:6c:40:da:81:85:45:67:f0:53:
                    a5:36:94:27:4c:ff:32:59:58:b4:15:e2:06:cd:fc:
                    d5:94:30:00:80:c3:40:e8:4a:ae:81:df:aa:26:d8:
                    b4:bc:ae:08:ee:08:ec:97:4e:1c:a1:85:10:6f:af:
                    c9:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:51:AC:E8:DC:35:73:18:0A:CD:DB:06:95:33:92:73:D4:4B:2F:0B
            X509v3 Authority Key Identifier:
                keyid:68:A7:47:2D:53:28:40:95:90:5A:DE:20:3C:AF:91:1C:D1:AC:17:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKdHLVMoQJWQWt4gPK-RHNGsF3E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:b6:58:7d:d5:94:df:f2:aa:76:d9:1c:4d:f3:de:28:18:fa:
         79:22:8f:b4:97:df:d5:6e:76:3f:2a:18:6a:70:ff:96:af:36:
         6d:1f:b2:e3:f8:ef:90:1e:bc:be:e2:6e:e8:83:71:5a:78:f3:
         7d:02:51:08:1e:4e:49:dd:8b:fd:8b:1c:da:43:3e:88:ff:82:
         e4:66:f8:d1:39:93:47:89:36:36:28:47:6c:2b:dd:42:08:29:
         fc:1f:10:cd:dc:fd:db:c4:c1:1a:4c:f1:33:ca:15:c8:c8:07:
         41:c8:f9:a0:c4:5d:e1:cf:61:ba:25:8b:e1:3c:dd:af:5f:6e:
         c9:f1:cd:91:b0:23:bd:c7:2e:3a:91:64:bf:a1:6a:d6:cf:e5:
         cb:b5:a5:be:2a:bf:a9:ef:70:ad:c7:89:78:b0:6f:d8:81:d7:
         d0:89:d2:68:79:58:ad:7b:f7:d3:4a:f4:de:03:b6:3a:76:e9:
         52:dd:48:a5:23:57:f9:2e:82:2e:6e:07:00:22:b7:a4:2d:39:
         6e:a2:c2:5a:ff:82:17:bf:94:98:d5:88:41:88:fe:1d:d8:42:
         41:ac:04:e1:cf:be:ba:96:79:99:b1:55:25:8c:73:ec:c0:a4:
         bc:61:6f:96:91:c3:17:9a:d9:34:b0:e4:05:9a:eb:38:22:e6:
         50:36:07:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURbBEFWi6P0ZowRqaqwkJxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YTc0NzJkNTMyODQwOTU5MDVhZGUyMDNjYWY5MTFjZDFh
YzE3NzEwHhcNMjUwMjE3MDEwMDQ5WhcNMjUwMjE4MDEwMDQ5WjAzMTEwLwYDVQQD
Eyg1YzUxYWNlOGRjMzU3MzE4MGFjZGRiMDY5NTMzOTI3M2Q0NGIyZjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAme99MdBLAv6wEMOi6eLO4qJ2TXTe
8/4DZ2rPyoOGHgRoX/OCgbFFNNq2S0Ybb4BuKW5nHV3JiLZ4kT7AmLuQLyF4zCCj
V27wbfDU8PdsZedQYzmJ0hyVEMPeNa3pYVBDJMYFZvhSZt1baBE97eIJmYUetGdY
rJORACb640q/0VJ3guhfRWZG/Pk+ltrYn0EyMnUyxCFip5QD+7+jU2/ycDuVPVzX
Tq/7E9+teFVQOm1aTEWk0hRsGFSjO2OLmnhmZlJ1P8ACiMBsQNqBhUVn8FOlNpQn
TP8yWVi0FeIGzfzVlDAAgMNA6Equgd+qJti0vK4I7gjsl04coYUQb6/JAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFxRrOjcNXMYCs3bBpUzknPUSy8LMB8GA1UdIwQY
MBaAFGinRy1TKECVkFreIDyvkRzRrBdxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtkSExWTW9RSldRV3Q0Z1BLLVJITkdzRjNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8zNTk1M2UtYWRjNy00MTdjLTkwMTEt
MzhjYWQzNTlhNTQwLzEvYUtkSExWTW9RSldRV3Q0Z1BLLVJITkdzRjNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8zNTk1M2UtYWRjNy00MTdjLTkwMTEtMzhjYWQzNTlhNTQw
LzEvYUtkSExWTW9RSldRV3Q0Z1BLLVJITkdzRjNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiLZYfdWU
3/KqdtkcTfPeKBj6eSKPtJff1W52PyoYanD/lq82bR+y4/jvkB68vuJu6INxWnjz
fQJRCB5OSd2L/Ysc2kM+iP+C5Gb40TmTR4k2NihHbCvdQggp/B8Qzdz928TBGkzx
M8oVyMgHQcj5oMRd4c9huiWL4Tzdr19uyfHNkbAjvccuOpFkv6Fq1s/ly7Wlviq/
qe9wrceJeLBv2IHX0InSaHlYrXv300r03gO2OnbpUt1IpSNX+S6CLm4HACK3pC05
bqLCWv+CF7+UmNWIQYj+HdhCQawE4c++upZ5mbFVJYxz7MCkvGFvlpHDF5rZNLDk
BZrrOCLmUDYHLA==
-----END CERTIFICATE-----