Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.mft
File:                     dOQ_nlrj9ur7UGiuiPGMKeRDWQc.mft (raw, json)
Hash identifier:          qZ56C1/xmadXi2KCvOW+nrIY/KDKd9qr7ilDt1vAUjI=
Subject key identifier:   C6:94:13:E7:08:9B:09:04:35:9D:CB:82:D0:E6:CE:01:23:38:3D:04
Authority key identifier: 74:E4:3F:9E:5A:E3:F6:EA:FB:50:68:AE:88:F1:8C:29:E4:43:59:07
Certificate issuer:       /CN=74e43f9e5ae3f6eafb5068ae88f18c29e4435907
Certificate serial:       019510C76182C2905CBB637967E28E19773F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.mft
Manifest number:          1452
Signing time:             Sun 16 Feb 2025 22:00:56 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:56 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:56 +0000
Files and hashes:         1: dOQ_nlrj9ur7UGiuiPGMKeRDWQc.crl (hash: cjiZq7TKcXX7YWAT2xhmL4cEymFJqwPiYy6BA6vF4Oo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:61:82:c2:90:5c:bb:63:79:67:e2:8e:19:77:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74e43f9e5ae3f6eafb5068ae88f18c29e4435907
        Validity
            Not Before: Feb 16 22:00:56 2025 GMT
            Not After : Feb 17 22:00:56 2025 GMT
        Subject: CN=c69413e7089b0904359dcb82d0e6ce0123383d04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:29:7d:55:5a:ea:d5:95:59:ee:3c:4a:b9:19:
                    f1:97:98:58:5e:ad:32:0f:41:c5:0e:75:bc:d4:a9:
                    3f:d5:a8:ba:46:8a:c3:8a:09:66:c2:3e:88:75:4d:
                    5d:8c:8e:85:97:05:2a:37:1c:d4:51:d4:7e:b6:cc:
                    16:13:eb:16:d7:23:f1:65:25:f2:9f:47:3c:dc:db:
                    57:26:3e:90:00:55:0d:04:41:79:8e:1f:4f:2f:0e:
                    9e:15:39:d6:52:c8:a2:8f:74:d5:47:d8:05:ab:e1:
                    22:33:9e:c0:d4:36:cc:62:f8:36:90:7e:e7:8f:e6:
                    20:29:cf:32:e5:b3:56:ee:fe:30:7c:1e:fc:b3:7d:
                    23:8c:42:ef:c9:b4:96:c8:75:f6:47:c4:1f:fb:ca:
                    6e:66:87:53:da:01:a7:39:c9:16:56:48:15:3c:f8:
                    56:f6:06:f0:47:08:c0:12:2d:3d:d8:c4:6a:3e:e2:
                    c1:60:a9:93:d2:b4:f4:5f:f5:a9:4e:94:3d:5a:7b:
                    56:18:b7:c7:14:24:6f:79:dc:64:86:f7:7e:9b:e8:
                    55:45:cf:e9:ea:59:d7:a6:ab:47:f1:40:56:b5:36:
                    19:9f:7b:bb:13:61:54:2a:4e:74:fc:3f:ae:5b:9a:
                    0e:ca:8d:24:3c:5e:72:13:07:02:cf:55:2d:19:ee:
                    1f:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:94:13:E7:08:9B:09:04:35:9D:CB:82:D0:E6:CE:01:23:38:3D:04
            X509v3 Authority Key Identifier:
                keyid:74:E4:3F:9E:5A:E3:F6:EA:FB:50:68:AE:88:F1:8C:29:E4:43:59:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:7f:2e:da:a4:a1:aa:cd:9d:e9:48:e6:18:98:69:30:14:67:
         94:d4:1d:bc:42:e8:32:b3:b6:0f:91:7f:9a:2e:1f:94:ad:83:
         76:e5:e4:58:23:7f:fa:2a:3b:a7:f1:d8:b6:3e:cb:5d:48:3a:
         b6:41:6a:09:b1:cc:04:a3:8c:a6:f1:5f:b2:47:ed:2c:c0:2c:
         77:74:e0:65:37:6c:9c:34:57:85:fc:ea:b0:ee:8d:16:11:5f:
         de:ba:67:b1:18:db:b1:6c:47:8b:a1:7d:4b:b9:d7:fe:72:9b:
         08:da:b6:f3:48:4e:02:59:c2:43:c2:19:ce:e3:2e:44:5a:06:
         6e:49:39:c7:b1:d8:31:5b:00:42:1c:1e:ba:3f:86:62:0c:37:
         18:3e:c3:cf:a9:a3:41:52:dc:95:0b:15:36:5a:cc:3d:a7:05:
         7d:34:71:a9:ba:a2:7c:5b:32:45:84:56:fa:97:57:86:5f:ed:
         e2:37:ed:68:80:b0:5f:a6:a1:40:04:c1:e9:5f:b2:76:68:17:
         cc:77:1e:09:62:0d:df:15:c8:ba:8e:58:65:da:09:13:ab:f7:
         55:77:51:ee:e4:a0:6e:f5:3f:a2:41:53:0e:d5:12:e0:f3:c7:
         3f:6e:0d:2a:8d:75:18:f0:25:08:77:fa:85:aa:b6:e4:f1:21:
         ef:0f:1a:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQx2GCwpBcu2N5Z+KOGXc/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZTQzZjllNWFlM2Y2ZWFmYjUwNjhhZTg4ZjE4YzI5ZTQ0
MzU5MDcwHhcNMjUwMjE2MjIwMDU2WhcNMjUwMjE3MjIwMDU2WjAzMTEwLwYDVQQD
EyhjNjk0MTNlNzA4OWIwOTA0MzU5ZGNiODJkMGU2Y2UwMTIzMzgzZDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCl9VVrq1ZVZ7jxKuRnxl5hYXq0y
D0HFDnW81Kk/1ai6RorDiglmwj6IdU1djI6FlwUqNxzUUdR+tswWE+sW1yPxZSXy
n0c83NtXJj6QAFUNBEF5jh9PLw6eFTnWUsiij3TVR9gFq+EiM57A1DbMYvg2kH7n
j+YgKc8y5bNW7v4wfB78s30jjELvybSWyHX2R8Qf+8puZodT2gGnOckWVkgVPPhW
9gbwRwjAEi092MRqPuLBYKmT0rT0X/WpTpQ9WntWGLfHFCRvedxkhvd+m+hVRc/p
6lnXpqtH8UBWtTYZn3u7E2FUKk50/D+uW5oOyo0kPF5yEwcCz1UtGe4fwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMaUE+cImwkENZ3LgtDmzgEjOD0EMB8GA1UdIwQY
MBaAFHTkP55a4/bq+1BorojxjCnkQ1kHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE9RX25scmo5dXI3VUdpdWlQR01LZVJEV1FjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kYTMzYWUtMTZjYy00YzlhLWJmOWMt
NzE3OTk4YWEzY2ZmLzEvZE9RX25scmo5dXI3VUdpdWlQR01LZVJEV1FjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9kYTMzYWUtMTZjYy00YzlhLWJmOWMtNzE3OTk4YWEzY2Zm
LzEvZE9RX25scmo5dXI3VUdpdWlQR01LZVJEV1FjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgn8u2qSh
qs2d6UjmGJhpMBRnlNQdvELoMrO2D5F/mi4flK2DduXkWCN/+io7p/HYtj7LXUg6
tkFqCbHMBKOMpvFfskftLMAsd3TgZTdsnDRXhfzqsO6NFhFf3rpnsRjbsWxHi6F9
S7nX/nKbCNq280hOAlnCQ8IZzuMuRFoGbkk5x7HYMVsAQhweuj+GYgw3GD7Dz6mj
QVLclQsVNlrMPacFfTRxqbqifFsyRYRW+pdXhl/t4jftaICwX6ahQATB6V+ydmgX
zHceCWIN3xXIuo5YZdoJE6v3VXdR7uSgbvU/okFTDtUS4PPHP24NKo11GPAlCHf6
haq25PEh7w8aKg==
-----END CERTIFICATE-----