Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft
File:                     otGlH74MLlJmesWiVSySo3nOre4.mft (raw, json)
Hash identifier:          ugjcONlk6D9PIxFS7UX61VVaZbvLYuljUYv1NkclIPU=
Subject key identifier:   74:6E:D1:AE:A4:FB:74:40:8F:A2:D2:35:C6:1B:26:0B:EF:5D:7A:2D
Authority key identifier: A2:D1:A5:1F:BE:0C:2E:52:66:7A:C5:A2:55:2C:92:A3:79:CE:AD:EE
Certificate issuer:       /CN=a2d1a51fbe0c2e52667ac5a2552c92a379ceadee
Certificate serial:       0194C50837AAAB30C63C528433391B4BC6FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/otGlH74MLlJmesWiVSySo3nOre4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft
Manifest number:          08
Signing time:             Sun 02 Feb 2025 05:00:37 +0000
Manifest this update:     Sun 02 Feb 2025 05:00:37 +0000
Manifest next update:     Mon 03 Feb 2025 05:00:37 +0000
Files and hashes:         1: otGlH74MLlJmesWiVSySo3nOre4.crl (hash: ZgkTvWiprZJ2OdporpgGorxZ81fX9fWQy9QEXvGkxDk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/otGlH74MLlJmesWiVSySo3nOre4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c5:08:37:aa:ab:30:c6:3c:52:84:33:39:1b:4b:c6:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2d1a51fbe0c2e52667ac5a2552c92a379ceadee
        Validity
            Not Before: Feb  2 05:00:37 2025 GMT
            Not After : Feb  3 05:00:37 2025 GMT
        Subject: CN=746ed1aea4fb74408fa2d235c61b260bef5d7a2d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:30:ef:5e:28:fe:0d:00:2d:d9:ea:e6:f3:ce:
                    96:80:b4:6c:0f:a8:3f:29:67:bb:29:65:15:8d:c4:
                    3a:22:34:00:cb:6a:9e:75:0c:0e:5d:3a:10:50:0b:
                    09:22:51:2f:18:52:b2:7f:a9:5b:76:02:49:81:7a:
                    51:fa:75:35:a7:4a:08:fe:a0:b7:05:df:d7:50:d5:
                    e7:fd:82:b3:57:3b:2f:56:58:1d:77:7b:ee:cf:f8:
                    2d:00:5c:36:ea:04:ef:1b:1d:8f:68:4d:ce:11:b9:
                    e4:92:cc:fe:b2:25:1e:00:8c:27:9e:e9:eb:0d:15:
                    2c:a8:22:61:b3:1f:a9:93:0c:52:0b:90:e9:5c:a0:
                    7b:17:45:5f:b7:d8:10:52:d7:65:01:d2:86:15:7f:
                    1b:71:14:4a:c4:4f:b8:31:b5:7b:bf:f7:f5:14:14:
                    a3:99:93:0d:2b:26:e6:af:4b:10:14:57:3f:d1:da:
                    2e:88:75:da:f8:ae:29:c4:84:cc:29:a4:cb:07:a8:
                    ef:b3:ca:fa:c2:e7:4f:0c:2b:c0:56:09:4a:b9:4b:
                    6e:20:1a:22:db:49:42:6b:5b:06:53:04:cd:f9:95:
                    92:4c:01:af:99:a1:1f:95:43:37:6f:a7:81:6a:26:
                    39:9b:ff:86:7a:5b:65:12:7c:17:b2:c3:f3:bb:cd:
                    9b:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:6E:D1:AE:A4:FB:74:40:8F:A2:D2:35:C6:1B:26:0B:EF:5D:7A:2D
            X509v3 Authority Key Identifier:
                keyid:A2:D1:A5:1F:BE:0C:2E:52:66:7A:C5:A2:55:2C:92:A3:79:CE:AD:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/otGlH74MLlJmesWiVSySo3nOre4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:81:18:7b:32:07:11:1a:0c:15:9e:42:1e:62:97:9c:65:e2:
         e1:5b:d0:ae:7b:62:d5:43:03:04:9d:e7:99:a7:7a:83:fe:69:
         12:a6:cc:de:d1:93:2d:38:b0:42:70:aa:a7:68:60:f1:62:12:
         ed:d5:12:3f:b5:65:fa:52:f9:ed:4b:c9:87:2c:f9:90:fb:5b:
         52:d9:74:bc:18:6c:47:7e:3d:17:91:9a:a8:1f:24:fd:7f:d5:
         45:8c:51:0c:6d:fd:96:6c:e8:c8:6d:b5:f8:35:b8:1d:27:4b:
         81:3f:1b:10:bb:4f:4f:74:dc:f0:17:f8:0b:ad:96:88:33:20:
         c8:38:98:5e:be:25:7e:40:2e:08:c7:0a:48:db:8e:37:c8:42:
         95:20:d7:fb:bc:63:5f:46:f4:7f:49:64:65:6c:d2:5e:2b:ec:
         de:4d:7a:6a:ae:59:5f:ac:29:0e:5a:9d:eb:e1:4b:5d:e0:63:
         47:8e:d0:1d:05:ee:50:fa:19:83:cf:6e:a3:b4:7e:56:c2:c2:
         f5:72:54:29:cc:cf:02:59:d4:8e:0a:fa:96:e5:72:38:eb:28:
         27:b4:c1:80:31:91:6e:aa:b0:d2:6b:09:e5:d9:56:2a:12:57:
         bf:1f:bf:84:47:a4:b0:30:91:bd:f1:8c:61:38:49:2f:23:90:
         5f:3a:1e:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTFCDeqqzDGPFKEMzkbS8b6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZDFhNTFmYmUwYzJlNTI2NjdhYzVhMjU1MmM5MmEzNzlj
ZWFkZWUwHhcNMjUwMjAyMDUwMDM3WhcNMjUwMjAzMDUwMDM3WjAzMTEwLwYDVQQD
Eyg3NDZlZDFhZWE0ZmI3NDQwOGZhMmQyMzVjNjFiMjYwYmVmNWQ3YTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5zDvXij+DQAt2erm886WgLRsD6g/
KWe7KWUVjcQ6IjQAy2qedQwOXToQUAsJIlEvGFKyf6lbdgJJgXpR+nU1p0oI/qC3
Bd/XUNXn/YKzVzsvVlgdd3vuz/gtAFw26gTvGx2PaE3OEbnkksz+siUeAIwnnunr
DRUsqCJhsx+pkwxSC5DpXKB7F0Vft9gQUtdlAdKGFX8bcRRKxE+4MbV7v/f1FBSj
mZMNKybmr0sQFFc/0douiHXa+K4pxITMKaTLB6jvs8r6wudPDCvAVglKuUtuIBoi
20lCa1sGUwTN+ZWSTAGvmaEflUM3b6eBaiY5m/+GeltlEnwXssPzu82bXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHRu0a6k+3RAj6LSNcYbJgvvXXotMB8GA1UdIwQY
MBaAFKLRpR++DC5SZnrFolUskqN5zq3uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3RHbEg3NE1MbEptZXNXaVZTeVNvM25PcmU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jMzRlMDQtZjdhYy00MWViLWE1NjEt
ZGRlODMxNTFiYTc2LzEvb3RHbEg3NE1MbEptZXNXaVZTeVNvM25PcmU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jMzRlMDQtZjdhYy00MWViLWE1NjEtZGRlODMxNTFiYTc2
LzEvb3RHbEg3NE1MbEptZXNXaVZTeVNvM25PcmU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG4EYezIH
ERoMFZ5CHmKXnGXi4VvQrnti1UMDBJ3nmad6g/5pEqbM3tGTLTiwQnCqp2hg8WIS
7dUSP7Vl+lL57UvJhyz5kPtbUtl0vBhsR349F5GaqB8k/X/VRYxRDG39lmzoyG21
+DW4HSdLgT8bELtPT3Tc8Bf4C62WiDMgyDiYXr4lfkAuCMcKSNuON8hClSDX+7xj
X0b0f0lkZWzSXivs3k16aq5ZX6wpDlqd6+FLXeBjR47QHQXuUPoZg89uo7R+VsLC
9XJUKczPAlnUjgr6luVyOOsoJ7TBgDGRbqqw0msJ5dlWKhJXvx+/hEeksDCRvfGM
YThJLyOQXzoeVw==
-----END CERTIFICATE-----