Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft
File:                     PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft (raw, json)
Hash identifier:          dC+k3PJG5SQMci9pOkomaK765+JLEjsNs3hWkWdMUUU=
Subject key identifier:   01:21:9B:C5:8C:D7:4B:44:79:A6:FF:52:4F:1E:FA:AD:E5:E6:5C:4B
Authority key identifier: 3C:0F:ED:6E:0D:14:2A:2F:09:C0:40:C9:9A:F1:C9:35:60:20:92:91
Certificate issuer:       /CN=3c0fed6e0d142a2f09c040c99af1c93560209291
Certificate serial:       0195116C2382B105704ABC43B99ACE83BD13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft
Manifest number:          0ED9
Signing time:             Mon 17 Feb 2025 01:00:54 +0000
Manifest this update:     Mon 17 Feb 2025 01:00:54 +0000
Manifest next update:     Tue 18 Feb 2025 01:00:54 +0000
Files and hashes:         1: PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl (hash: 7VIf/ImHDULlXqrRxtO/3nJ6N1pBYEuQmWdLv1HInaY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:6c:23:82:b1:05:70:4a:bc:43:b9:9a:ce:83:bd:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c0fed6e0d142a2f09c040c99af1c93560209291
        Validity
            Not Before: Feb 17 01:00:54 2025 GMT
            Not After : Feb 18 01:00:54 2025 GMT
        Subject: CN=01219bc58cd74b4479a6ff524f1efaade5e65c4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:e7:48:97:83:9a:92:44:44:dc:61:b2:72:e2:
                    8a:b0:19:32:4b:2c:53:c1:90:3e:16:9a:b9:6f:d6:
                    ca:d1:7d:7d:d1:73:aa:74:f8:0f:51:66:ad:fd:5a:
                    fb:f0:78:17:11:ed:5c:27:1e:36:05:62:fc:51:12:
                    78:ea:6b:bf:dc:c6:3f:d9:18:35:6e:33:bc:16:44:
                    83:98:ba:30:ed:4a:7a:19:49:99:17:70:00:6d:79:
                    8c:e7:1b:fb:1c:e8:25:37:34:d4:f9:9d:22:9d:41:
                    cb:3b:d4:55:a1:59:2f:20:fe:5e:6e:fa:9f:37:08:
                    94:8b:b2:27:c5:1d:e0:14:a0:ac:81:a7:cf:23:bc:
                    b6:3e:d6:74:d2:3d:5f:7c:9f:3f:f6:bb:5a:ab:d0:
                    34:83:6c:81:69:54:8a:86:5e:47:e0:c7:6a:9b:99:
                    36:b6:c4:25:a1:31:36:72:68:fc:e1:bd:32:f5:35:
                    73:fd:22:e0:22:a2:ca:ac:54:89:8e:3f:96:47:29:
                    82:cc:b4:0c:48:21:fd:89:0e:fe:b4:d1:a5:6f:66:
                    15:41:62:64:27:3f:45:66:87:51:da:42:8b:af:b4:
                    36:5f:e6:8c:94:95:e0:ed:83:3a:7f:75:98:dd:47:
                    62:cd:7a:5b:e9:a7:f6:43:ef:c2:e1:63:9d:df:a1:
                    7a:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:21:9B:C5:8C:D7:4B:44:79:A6:FF:52:4F:1E:FA:AD:E5:E6:5C:4B
            X509v3 Authority Key Identifier:
                keyid:3C:0F:ED:6E:0D:14:2A:2F:09:C0:40:C9:9A:F1:C9:35:60:20:92:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:76:28:af:81:a5:3d:53:11:fc:47:a2:d1:2b:14:3b:63:a2:
         cd:5d:2d:07:a9:69:9a:05:7b:57:8f:a1:c8:5e:3d:3c:a4:ef:
         b4:ea:3f:06:1a:1d:dd:22:80:30:f0:cf:95:4c:db:58:c4:ba:
         63:b8:69:c7:c6:e7:55:fb:44:0e:cc:1d:fc:c9:58:55:38:84:
         fc:f6:46:72:54:b4:2e:ae:a9:a5:e0:be:44:2e:5c:48:0e:ca:
         4b:e9:19:04:9a:b3:37:76:d3:f4:d5:5f:31:7d:49:f4:7c:56:
         32:e9:f0:05:47:44:52:ce:a2:bf:9d:f4:68:1c:00:47:06:32:
         03:f7:1e:f6:43:79:34:3a:dd:a2:e9:40:1a:02:91:31:c5:3b:
         ab:a6:75:6d:a5:56:e7:d6:24:0d:52:cd:56:0b:b4:69:ba:aa:
         2c:e9:16:6b:62:0a:2f:ae:74:2a:83:50:21:44:e4:21:b6:68:
         1a:8b:9d:c5:5e:f7:c7:60:81:4b:01:5a:20:19:54:c3:0b:5a:
         c7:d6:b2:fb:9b:52:e1:4e:11:85:06:f4:a1:00:35:51:2d:4b:
         c4:ce:e9:19:fa:7d:b4:8a:1f:a4:17:1d:42:9a:cd:50:1e:a6:
         b7:ba:0e:c5:7e:f6:29:a8:28:2d:e1:da:87:ad:9d:9d:72:dc:
         41:fa:16:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURbCOCsQVwSrxDuZrOg70TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMGZlZDZlMGQxNDJhMmYwOWMwNDBjOTlhZjFjOTM1NjAy
MDkyOTEwHhcNMjUwMjE3MDEwMDU0WhcNMjUwMjE4MDEwMDU0WjAzMTEwLwYDVQQD
EygwMTIxOWJjNThjZDc0YjQ0NzlhNmZmNTI0ZjFlZmFhZGU1ZTY1YzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxudIl4OakkRE3GGycuKKsBkySyxT
wZA+Fpq5b9bK0X190XOqdPgPUWat/Vr78HgXEe1cJx42BWL8URJ46mu/3MY/2Rg1
bjO8FkSDmLow7Up6GUmZF3AAbXmM5xv7HOglNzTU+Z0inUHLO9RVoVkvIP5ebvqf
NwiUi7InxR3gFKCsgafPI7y2PtZ00j1ffJ8/9rtaq9A0g2yBaVSKhl5H4Mdqm5k2
tsQloTE2cmj84b0y9TVz/SLgIqLKrFSJjj+WRymCzLQMSCH9iQ7+tNGlb2YVQWJk
Jz9FZodR2kKLr7Q2X+aMlJXg7YM6f3WY3UdizXpb6af2Q+/C4WOd36F6UwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAEhm8WM10tEeab/Uk8e+q3l5lxLMB8GA1UdIwQY
MBaAFDwP7W4NFCovCcBAyZrxyTVgIJKRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8xOGE1YzItMjVmNC00NWZjLWJiNDEt
OWFmZGMzNDVlM2QzLzEvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8xOGE1YzItMjVmNC00NWZjLWJiNDEtOWFmZGMzNDVlM2Qz
LzEvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI3Yor4Gl
PVMR/Eei0SsUO2OizV0tB6lpmgV7V4+hyF49PKTvtOo/Bhod3SKAMPDPlUzbWMS6
Y7hpx8bnVftEDswd/MlYVTiE/PZGclS0Lq6ppeC+RC5cSA7KS+kZBJqzN3bT9NVf
MX1J9HxWMunwBUdEUs6iv530aBwARwYyA/ce9kN5NDrdoulAGgKRMcU7q6Z1baVW
59YkDVLNVgu0abqqLOkWa2IKL650KoNQIUTkIbZoGoudxV73x2CBSwFaIBlUwwta
x9ay+5tS4U4RhQb0oQA1US1LxM7pGfp9tIofpBcdQprNUB6mt7oOxX72KagoLeHa
h62dnXLcQfoWNA==
-----END CERTIFICATE-----