Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
File:                     H9nOye0f1PQcCx4w77lshhVTvjY.mft (raw, json)
Hash identifier:          UGcZb5M0VaXnaOcfv/R1+KN0i39qECZ76EF4SYa/TjE=
Subject key identifier:   2F:CB:C8:47:2A:76:AF:9B:C0:87:43:77:BE:3A:2A:63:67:E4:16:1A
Authority key identifier: 1F:D9:CE:C9:ED:1F:D4:F4:1C:0B:1E:30:EF:B9:6C:86:15:53:BE:36
Certificate issuer:       /CN=1fd9cec9ed1fd4f41c0b1e30efb96c861553be36
Certificate serial:       0194C38881551B146E02D741F852FDC6A0AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
Manifest number:          0F
Signing time:             Sat 01 Feb 2025 22:01:30 +0000
Manifest this update:     Sat 01 Feb 2025 22:01:30 +0000
Manifest next update:     Sun 02 Feb 2025 22:01:30 +0000
Files and hashes:         1: H9nOye0f1PQcCx4w77lshhVTvjY.crl (hash: LQHQ9Owfv5ZDsdO8VJkHEaypIG3B7Tf9nf10SqjQr4Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:01:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:88:81:55:1b:14:6e:02:d7:41:f8:52:fd:c6:a0:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1fd9cec9ed1fd4f41c0b1e30efb96c861553be36
        Validity
            Not Before: Feb  1 22:01:30 2025 GMT
            Not After : Feb  2 22:01:30 2025 GMT
        Subject: CN=2fcbc8472a76af9bc0874377be3a2a6367e4161a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:d8:6f:9b:c9:cd:9a:eb:47:1b:d5:8b:24:1c:
                    4d:78:5f:f9:c9:2f:35:f9:36:e1:ab:18:fd:f7:8a:
                    79:4f:8f:31:2d:bc:52:e0:7a:22:16:dc:f6:b4:78:
                    f0:7d:78:ff:b5:26:14:3b:05:33:f2:96:b0:02:6d:
                    db:f9:e7:68:d7:ff:43:1d:0a:c6:84:5d:b3:c6:09:
                    14:66:99:66:73:c2:f4:6f:82:8d:31:de:73:7b:ae:
                    09:7d:f1:aa:69:7e:01:7f:8d:d8:09:5c:14:52:fb:
                    f6:d4:7a:46:47:63:d4:ec:3f:71:ad:f6:47:08:5a:
                    24:cb:95:dd:36:f3:90:97:a2:b9:f1:19:ef:b3:8f:
                    fa:55:d9:d9:36:3b:7b:a8:b2:3e:a1:a6:9d:0b:87:
                    22:f5:e7:04:14:80:95:dc:b1:cf:a6:4f:0a:49:23:
                    47:a5:ea:fa:07:9f:06:ee:12:81:99:26:68:c4:99:
                    a0:05:d9:42:c8:af:4f:a1:4b:9b:ed:cb:90:07:20:
                    37:59:7d:a1:26:da:d2:f5:85:04:61:6a:15:68:5b:
                    b4:ad:de:ef:7c:15:fc:88:c7:0f:61:b0:5f:2d:7b:
                    7e:01:67:39:88:10:4c:0a:1d:b7:0f:62:58:c6:df:
                    d1:9f:65:be:0f:50:30:5f:55:47:94:49:8a:de:c2:
                    1b:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:CB:C8:47:2A:76:AF:9B:C0:87:43:77:BE:3A:2A:63:67:E4:16:1A
            X509v3 Authority Key Identifier:
                keyid:1F:D9:CE:C9:ED:1F:D4:F4:1C:0B:1E:30:EF:B9:6C:86:15:53:BE:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:09:2c:17:f9:5f:a3:5f:1d:ac:3b:b4:9f:d8:d3:f9:22:9b:
         d3:4a:27:87:99:0b:15:49:bb:bd:ac:c8:8f:ad:97:80:2a:5d:
         0d:85:22:b2:a6:3b:d7:2a:23:be:d7:5e:43:6c:23:82:25:b0:
         6d:7c:8c:80:66:f7:b1:05:b8:8e:77:dc:61:d4:2e:c9:69:e7:
         6b:07:78:48:99:bf:6d:cf:77:51:8b:65:f3:58:02:5e:81:9c:
         1b:7c:73:8c:da:7f:6d:24:d5:f3:4e:63:2f:bc:67:60:85:6e:
         e6:c0:03:3f:dc:ee:cc:78:da:c1:bb:b8:9b:a2:e9:ca:21:10:
         5a:26:b6:62:dc:df:46:a9:62:43:89:d6:31:41:4f:46:39:3b:
         df:36:a7:54:b3:d7:d1:f4:57:8b:51:db:7d:ab:fc:05:f7:ce:
         c2:5d:8d:66:1a:c8:d4:81:b6:16:dc:69:bd:a9:c0:b6:9d:af:
         78:0b:0a:e4:6b:17:a5:7f:87:aa:a3:50:45:2f:36:8d:5d:6e:
         ff:7f:d9:d5:31:84:dd:ab:d5:78:96:cc:79:11:f7:62:33:02:
         d0:09:e0:85:8a:2f:96:75:3e:53:57:17:79:b6:21:a5:ac:a6:
         1c:e6:a0:de:fb:37:1b:85:ae:22:69:09:59:83:31:75:6c:c3:
         2e:a3:0a:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDiIFVGxRuAtdB+FL9xqCvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZDljZWM5ZWQxZmQ0ZjQxYzBiMWUzMGVmYjk2Yzg2MTU1
M2JlMzYwHhcNMjUwMjAxMjIwMTMwWhcNMjUwMjAyMjIwMTMwWjAzMTEwLwYDVQQD
EygyZmNiYzg0NzJhNzZhZjliYzA4NzQzNzdiZTNhMmE2MzY3ZTQxNjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydhvm8nNmutHG9WLJBxNeF/5yS81
+Tbhqxj994p5T48xLbxS4HoiFtz2tHjwfXj/tSYUOwUz8pawAm3b+edo1/9DHQrG
hF2zxgkUZplmc8L0b4KNMd5ze64JffGqaX4Bf43YCVwUUvv21HpGR2PU7D9xrfZH
CFoky5XdNvOQl6K58Rnvs4/6VdnZNjt7qLI+oaadC4ci9ecEFICV3LHPpk8KSSNH
per6B58G7hKBmSZoxJmgBdlCyK9PoUub7cuQByA3WX2hJtrS9YUEYWoVaFu0rd7v
fBX8iMcPYbBfLXt+AWc5iBBMCh23D2JYxt/Rn2W+D1AwX1VHlEmK3sIb1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC/LyEcqdq+bwIdDd746KmNn5BYaMB8GA1UdIwQY
MBaAFB/ZzsntH9T0HAseMO+5bIYVU742MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lODFjMWEtMGM4Ny00ODI1LWJjY2Mt
MzZiN2IxZGUwNDVkLzEvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lODFjMWEtMGM4Ny00ODI1LWJjY2MtMzZiN2IxZGUwNDVk
LzEvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeQksF/lf
o18drDu0n9jT+SKb00onh5kLFUm7vazIj62XgCpdDYUisqY71yojvtdeQ2wjgiWw
bXyMgGb3sQW4jnfcYdQuyWnnawd4SJm/bc93UYtl81gCXoGcG3xzjNp/bSTV805j
L7xnYIVu5sADP9zuzHjawbu4m6LpyiEQWia2YtzfRqliQ4nWMUFPRjk73zanVLPX
0fRXi1Hbfav8BffOwl2NZhrI1IG2FtxpvanAtp2veAsK5GsXpX+HqqNQRS82jV1u
/3/Z1TGE3avVeJbMeRH3YjMC0AnghYovlnU+U1cXebYhpaymHOag3vs3G4WuImkJ
WYMxdWzDLqMKOA==
-----END CERTIFICATE-----