Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft
File:                     Q5OKPegDvWyR8UrZZ71BQbigKK8.mft (raw, json)
Hash identifier:          gyQElgUc+bEzdaKiZiqE0PLy5L7jDdiN1r9pEupaEGc=
Subject key identifier:   46:1D:4B:64:6F:D0:74:28:FE:4C:37:82:C2:AB:44:D3:B3:DF:9D:7F
Authority key identifier: 43:93:8A:3D:E8:03:BD:6C:91:F1:4A:D9:67:BD:41:41:B8:A0:28:AF
Certificate issuer:       /CN=43938a3de803bd6c91f14ad967bd4141b8a028af
Certificate serial:       0194C4637480D8A8BDD51F34E086D29369C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q5OKPegDvWyR8UrZZ71BQbigKK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft
Manifest number:          114F
Signing time:             Sun 02 Feb 2025 02:00:39 +0000
Manifest this update:     Sun 02 Feb 2025 02:00:39 +0000
Manifest next update:     Mon 03 Feb 2025 02:00:39 +0000
Files and hashes:         1: Q5OKPegDvWyR8UrZZ71BQbigKK8.crl (hash: GsIqfXH01Fq29zK2DJKGl5WAz6THqFD5dJT4hdowJkw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q5OKPegDvWyR8UrZZ71BQbigKK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:63:74:80:d8:a8:bd:d5:1f:34:e0:86:d2:93:69:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43938a3de803bd6c91f14ad967bd4141b8a028af
        Validity
            Not Before: Feb  2 02:00:39 2025 GMT
            Not After : Feb  3 02:00:39 2025 GMT
        Subject: CN=461d4b646fd07428fe4c3782c2ab44d3b3df9d7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:d3:72:ae:19:ce:68:16:05:70:47:11:fd:51:
                    da:5e:b6:7c:e7:46:47:ce:a4:84:d7:01:66:d5:61:
                    5e:2c:3e:ec:7d:88:4b:9a:52:b6:72:85:b3:73:69:
                    32:1b:a2:ab:c8:9e:23:26:b7:61:5e:36:a5:67:8a:
                    98:a1:c8:4d:00:0a:2b:ab:4c:d7:b4:f0:ba:06:d8:
                    3e:65:2e:2d:1d:5a:f9:46:40:e8:8b:84:2c:12:eb:
                    d5:4b:b3:3c:05:83:a0:d3:ce:2f:63:7f:47:6e:d3:
                    11:f9:c2:6e:f9:31:fa:24:d4:6b:21:25:ae:54:ce:
                    0d:d8:16:e8:be:49:1e:34:a9:a2:31:39:e3:af:d0:
                    b3:e1:de:3d:90:b5:51:06:5e:72:75:10:2d:6c:05:
                    fb:2c:a8:f4:f1:2c:5a:42:e2:a8:62:02:97:3e:25:
                    2c:d7:d9:25:9b:cf:9f:d6:bf:cc:57:e1:c3:65:9c:
                    15:09:1c:d3:c3:68:ce:3b:e6:4f:47:3e:a9:f8:89:
                    cc:2a:b9:2f:4c:90:59:a7:09:c1:73:4a:09:92:bb:
                    d5:fa:bd:32:8a:a9:82:6c:96:b6:22:99:ef:0b:c6:
                    ce:ef:d8:88:ac:af:53:a9:b0:eb:6a:d9:b4:35:55:
                    d4:d7:87:40:2e:c7:87:0e:22:b0:66:7b:1a:3f:77:
                    b4:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:1D:4B:64:6F:D0:74:28:FE:4C:37:82:C2:AB:44:D3:B3:DF:9D:7F
            X509v3 Authority Key Identifier:
                keyid:43:93:8A:3D:E8:03:BD:6C:91:F1:4A:D9:67:BD:41:41:B8:A0:28:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5OKPegDvWyR8UrZZ71BQbigKK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:c9:16:59:70:f0:0f:df:79:f0:00:e9:90:9d:eb:07:84:01:
         43:7a:9a:3d:7b:c8:30:9c:ac:63:97:60:33:cb:8b:2a:98:3a:
         c6:06:5f:8d:ee:d0:86:0a:99:34:d8:9a:be:d0:73:e3:ce:a9:
         2a:f4:3a:12:62:7f:96:66:e6:28:09:2a:c1:93:0a:c7:fe:86:
         4e:fc:8b:2b:37:08:59:62:6a:14:23:11:7f:f9:be:c2:32:1f:
         98:71:df:76:0f:31:c4:6f:c1:a6:91:94:27:84:dd:29:a8:55:
         0e:3b:bd:8a:61:89:ba:ec:ad:ab:bb:c2:73:83:07:20:86:e8:
         fd:a7:6b:ac:66:d5:53:0d:94:8d:a5:2f:d2:e2:1b:a9:26:72:
         d0:ae:75:3f:2f:04:92:fe:c7:ce:4a:3a:54:05:62:a3:36:29:
         ac:e9:0b:ff:f4:1f:2c:cb:75:55:f6:6b:bd:af:0c:19:1c:3b:
         4b:e6:32:4a:fd:2e:d6:be:9f:cd:c0:5e:76:81:98:f4:34:2d:
         2f:1d:ab:3b:31:f9:c7:3e:fd:b8:75:6d:49:2b:bc:16:56:19:
         7d:6d:f1:fc:a2:62:5f:7c:72:8d:9d:a3:0e:71:29:02:5e:1c:
         c8:d6:29:c1:7b:e9:4d:fe:ca:3c:0b:4f:ac:f3:29:20:30:8b:
         b2:26:2c:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTEY3SA2Ki91R804IbSk2nIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzOTM4YTNkZTgwM2JkNmM5MWYxNGFkOTY3YmQ0MTQxYjhh
MDI4YWYwHhcNMjUwMjAyMDIwMDM5WhcNMjUwMjAzMDIwMDM5WjAzMTEwLwYDVQQD
Eyg0NjFkNGI2NDZmZDA3NDI4ZmU0YzM3ODJjMmFiNDRkM2IzZGY5ZDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutNyrhnOaBYFcEcR/VHaXrZ850ZH
zqSE1wFm1WFeLD7sfYhLmlK2coWzc2kyG6KryJ4jJrdhXjalZ4qYochNAAorq0zX
tPC6Btg+ZS4tHVr5RkDoi4QsEuvVS7M8BYOg084vY39HbtMR+cJu+TH6JNRrISWu
VM4N2BbovkkeNKmiMTnjr9Cz4d49kLVRBl5ydRAtbAX7LKj08SxaQuKoYgKXPiUs
19klm8+f1r/MV+HDZZwVCRzTw2jOO+ZPRz6p+InMKrkvTJBZpwnBc0oJkrvV+r0y
iqmCbJa2IpnvC8bO79iIrK9TqbDratm0NVXU14dALseHDiKwZnsaP3e0rwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEYdS2Rv0HQo/kw3gsKrRNOz351/MB8GA1UdIwQY
MBaAFEOTij3oA71skfFK2We9QUG4oCivMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTVPS1BlZ0R2V3lSOFVyWlo3MUJRYmlnS0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9lY2RhMjQtZDdjMy00NDZhLWFmMzYt
ZmU1NjM0YzE3Y2M5LzEvUTVPS1BlZ0R2V3lSOFVyWlo3MUJRYmlnS0s4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9lY2RhMjQtZDdjMy00NDZhLWFmMzYtZmU1NjM0YzE3Y2M5
LzEvUTVPS1BlZ0R2V3lSOFVyWlo3MUJRYmlnS0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkMkWWXDw
D9958ADpkJ3rB4QBQ3qaPXvIMJysY5dgM8uLKpg6xgZfje7QhgqZNNiavtBz486p
KvQ6EmJ/lmbmKAkqwZMKx/6GTvyLKzcIWWJqFCMRf/m+wjIfmHHfdg8xxG/BppGU
J4TdKahVDju9imGJuuytq7vCc4MHIIbo/adrrGbVUw2UjaUv0uIbqSZy0K51Py8E
kv7Hzko6VAViozYprOkL//QfLMt1VfZrva8MGRw7S+YySv0u1r6fzcBedoGY9DQt
Lx2rOzH5xz79uHVtSSu8FlYZfW3x/KJiX3xyjZ2jDnEpAl4cyNYpwXvpTf7KPAtP
rPMpIDCLsiYsIg==
-----END CERTIFICATE-----