Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/d31eab-31e1-4964-962e-e15bc9650aab/1/8UVKs8Pgm2VctHJVOf9uaZMcRrA.mft
File:                     8UVKs8Pgm2VctHJVOf9uaZMcRrA.mft (raw, json)
Hash identifier:          44OzuY+yh9ClGXcAtJLiIWw2fKVUbAxGF9i4JAcXEXE=
Subject key identifier:   70:B5:FA:FC:D3:8C:56:12:C3:32:D5:63:B0:C7:A9:CA:BC:80:87:B7
Authority key identifier: F1:45:4A:B3:C3:E0:9B:65:5C:B4:72:55:39:FF:6E:69:93:1C:46:B0
Certificate issuer:       /CN=f1454ab3c3e09b655cb4725539ff6e69931c46b0
Certificate serial:       01951210DD45993C2BDB9FFC6F1763B91158
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8UVKs8Pgm2VctHJVOf9uaZMcRrA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/d31eab-31e1-4964-962e-e15bc9650aab/1/8UVKs8Pgm2VctHJVOf9uaZMcRrA.mft
Manifest number:          1454
Signing time:             Mon 17 Feb 2025 04:00:49 +0000
Manifest this update:     Mon 17 Feb 2025 04:00:49 +0000
Manifest next update:     Tue 18 Feb 2025 04:00:49 +0000
Files and hashes:         1: 8UVKs8Pgm2VctHJVOf9uaZMcRrA.crl (hash: FUZFBd5I6+t+qOI2AYklqXGJKyC37gX1QOgvAb3mM80=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/d31eab-31e1-4964-962e-e15bc9650aab/1/8UVKs8Pgm2VctHJVOf9uaZMcRrA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/d31eab-31e1-4964-962e-e15bc9650aab/1/8UVKs8Pgm2VctHJVOf9uaZMcRrA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8UVKs8Pgm2VctHJVOf9uaZMcRrA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:12:10:dd:45:99:3c:2b:db:9f:fc:6f:17:63:b9:11:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f1454ab3c3e09b655cb4725539ff6e69931c46b0
        Validity
            Not Before: Feb 17 04:00:49 2025 GMT
            Not After : Feb 18 04:00:49 2025 GMT
        Subject: CN=70b5fafcd38c5612c332d563b0c7a9cabc8087b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:b7:95:ae:94:f3:97:ba:8f:17:cd:9b:6d:81:
                    e2:54:b1:d2:d2:41:1c:42:89:85:2a:ea:a5:a4:25:
                    11:f8:39:c1:a2:8a:55:96:74:77:9f:95:6f:07:64:
                    6b:5f:e3:64:33:6d:ae:d0:48:84:03:7c:4d:db:25:
                    e0:cf:12:c2:8f:85:97:8e:e3:e5:85:79:72:de:4d:
                    b3:72:e8:cd:61:10:44:66:81:b9:a2:01:45:34:11:
                    50:c8:5a:18:0f:74:3f:bb:aa:75:16:cf:4d:e0:f2:
                    0f:c6:e3:fa:7c:73:7a:e9:cd:c4:34:b7:07:81:be:
                    f8:48:9c:bb:26:d4:4a:dd:cb:39:fc:3c:ae:22:cc:
                    51:50:95:9e:f1:b1:b8:c9:ab:ee:61:50:93:38:b0:
                    77:90:48:e5:1b:f8:47:d5:a8:f1:38:5d:61:b7:de:
                    af:c4:e4:30:c1:c3:5b:8c:4c:c9:62:5b:3d:47:9f:
                    89:e7:ff:9f:2f:e6:07:3e:13:e1:27:89:44:3d:b9:
                    6f:30:8a:b6:28:8e:87:c5:a1:7e:b9:87:d0:c0:65:
                    39:7e:85:f1:95:c1:c0:b1:ff:db:c7:b8:ea:4d:5d:
                    75:41:ea:c3:8a:c5:4d:9b:77:3a:20:58:80:19:8b:
                    ae:03:b6:2b:44:7d:bd:27:ee:af:e5:ec:c6:a6:4c:
                    32:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:B5:FA:FC:D3:8C:56:12:C3:32:D5:63:B0:C7:A9:CA:BC:80:87:B7
            X509v3 Authority Key Identifier:
                keyid:F1:45:4A:B3:C3:E0:9B:65:5C:B4:72:55:39:FF:6E:69:93:1C:46:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8UVKs8Pgm2VctHJVOf9uaZMcRrA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d31eab-31e1-4964-962e-e15bc9650aab/1/8UVKs8Pgm2VctHJVOf9uaZMcRrA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d31eab-31e1-4964-962e-e15bc9650aab/1/8UVKs8Pgm2VctHJVOf9uaZMcRrA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:73:de:29:65:2f:de:57:91:b6:a6:e6:2e:fe:5f:c5:6f:8f:
         65:11:53:46:5f:34:76:73:71:9e:b7:c3:df:f1:71:07:63:2b:
         98:d5:08:a2:34:fa:57:df:48:1f:9b:1a:2f:f5:d9:99:fc:f2:
         73:b7:2c:fe:b7:df:77:1a:2d:13:17:07:b6:82:a0:50:31:49:
         94:b5:f2:b4:1d:10:09:a7:83:b1:cc:df:fe:99:dc:1b:fa:8c:
         9a:60:ea:98:62:a8:b3:33:fc:1a:ad:61:99:b9:7c:2b:68:4f:
         dc:cf:80:23:39:f0:74:36:8c:e5:93:24:3c:46:7c:5c:45:2b:
         a9:c3:17:2c:27:28:6d:68:44:8a:42:59:e2:ae:a8:62:ac:3e:
         ad:70:a0:e8:86:b4:ac:a8:6b:11:05:86:df:af:7e:81:ce:a0:
         67:e9:33:48:64:aa:80:2f:ad:c8:19:4d:9b:a7:98:88:b7:26:
         fc:57:e8:5c:0c:5b:1e:aa:67:f9:ae:60:a9:8a:c2:cd:70:c4:
         f5:08:9f:91:ab:d4:a7:eb:af:4f:58:90:c3:c1:5d:df:52:fc:
         1f:ee:d9:75:a8:8a:f5:3f:e9:b7:05:78:86:52:84:28:0f:b6:
         cc:16:94:7c:b7:4e:18:3e:19:a3:4e:49:34:1f:46:96:69:fc:
         8c:6a:63:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSEN1FmTwr25/8bxdjuRFYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNDU0YWIzYzNlMDliNjU1Y2I0NzI1NTM5ZmY2ZTY5OTMx
YzQ2YjAwHhcNMjUwMjE3MDQwMDQ5WhcNMjUwMjE4MDQwMDQ5WjAzMTEwLwYDVQQD
Eyg3MGI1ZmFmY2QzOGM1NjEyYzMzMmQ1NjNiMGM3YTljYWJjODA4N2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1LeVrpTzl7qPF82bbYHiVLHS0kEc
QomFKuqlpCUR+DnBoopVlnR3n5VvB2RrX+NkM22u0EiEA3xN2yXgzxLCj4WXjuPl
hXly3k2zcujNYRBEZoG5ogFFNBFQyFoYD3Q/u6p1Fs9N4PIPxuP6fHN66c3ENLcH
gb74SJy7JtRK3cs5/DyuIsxRUJWe8bG4yavuYVCTOLB3kEjlG/hH1ajxOF1ht96v
xOQwwcNbjEzJYls9R5+J5/+fL+YHPhPhJ4lEPblvMIq2KI6HxaF+uYfQwGU5foXx
lcHAsf/bx7jqTV11QerDisVNm3c6IFiAGYuuA7YrRH29J+6v5ezGpkwyewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHC1+vzTjFYSwzLVY7DHqcq8gIe3MB8GA1UdIwQY
MBaAFPFFSrPD4JtlXLRyVTn/bmmTHEawMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVWS3M4UGdtMlZjdEhKVk9mOXVhWk1jUnJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kMzFlYWItMzFlMS00OTY0LTk2MmUt
ZTE1YmM5NjUwYWFiLzEvOFVWS3M4UGdtMlZjdEhKVk9mOXVhWk1jUnJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9kMzFlYWItMzFlMS00OTY0LTk2MmUtZTE1YmM5NjUwYWFi
LzEvOFVWS3M4UGdtMlZjdEhKVk9mOXVhWk1jUnJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY3PeKWUv
3leRtqbmLv5fxW+PZRFTRl80dnNxnrfD3/FxB2MrmNUIojT6V99IH5saL/XZmfzy
c7cs/rffdxotExcHtoKgUDFJlLXytB0QCaeDsczf/pncG/qMmmDqmGKoszP8Gq1h
mbl8K2hP3M+AIznwdDaM5ZMkPEZ8XEUrqcMXLCcobWhEikJZ4q6oYqw+rXCg6Ia0
rKhrEQWG369+gc6gZ+kzSGSqgC+tyBlNm6eYiLcm/FfoXAxbHqpn+a5gqYrCzXDE
9QifkavUp+uvT1iQw8Fd31L8H+7ZdaiK9T/ptwV4hlKEKA+2zBaUfLdOGD4Zo05J
NB9Glmn8jGpjcw==
-----END CERTIFICATE-----