Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.mft
File:                     _oN5mWfs0ExTYUie5M-gmM5DaHE.mft (raw, json)
Hash identifier:          34FV1X/tiOhbPAfoor6SrIvrVFTPWP7LMGr5rwugdzg=
Subject key identifier:   FA:D3:B1:F4:84:EC:11:7D:A1:BE:CC:61:78:AC:D6:27:56:14:52:B7
Authority key identifier: FE:83:79:99:67:EC:D0:4C:53:61:48:9E:E4:CF:A0:98:CE:43:68:71
Certificate issuer:       /CN=fe83799967ecd04c5361489ee4cfa098ce436871
Certificate serial:       019510C7B19B840CAB1EB82470BD378C6E8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_oN5mWfs0ExTYUie5M-gmM5DaHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.mft
Manifest number:          1452
Signing time:             Sun 16 Feb 2025 22:01:17 +0000
Manifest this update:     Sun 16 Feb 2025 22:01:17 +0000
Manifest next update:     Mon 17 Feb 2025 22:01:17 +0000
Files and hashes:         1: _oN5mWfs0ExTYUie5M-gmM5DaHE.crl (hash: /H589irj1WEg8PGMiwsEwj/5zaO1ffacfnDKi59Shy8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_oN5mWfs0ExTYUie5M-gmM5DaHE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:b1:9b:84:0c:ab:1e:b8:24:70:bd:37:8c:6e:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe83799967ecd04c5361489ee4cfa098ce436871
        Validity
            Not Before: Feb 16 22:01:17 2025 GMT
            Not After : Feb 17 22:01:17 2025 GMT
        Subject: CN=fad3b1f484ec117da1becc6178acd627561452b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:1a:ef:45:1c:a7:d5:e5:49:6a:8f:a1:84:2f:
                    14:9b:f2:4c:eb:bd:f2:cf:ff:23:56:d1:d9:be:61:
                    10:df:5c:df:28:e3:76:6d:96:23:49:14:cf:18:76:
                    21:bf:e6:26:60:c3:64:75:10:31:a3:d4:8f:e5:8f:
                    6d:35:05:72:77:70:60:75:33:c9:56:06:76:3e:0b:
                    59:44:0b:10:e1:8b:02:5c:cd:c1:d1:38:6d:24:98:
                    39:f8:4e:54:a0:cc:cf:c9:c8:d3:8c:49:af:70:9b:
                    f7:8b:a1:dd:97:f7:88:9c:f8:70:8d:a5:87:8e:1b:
                    73:d6:68:35:34:7a:8d:f0:9e:0f:3c:18:b0:a8:11:
                    fe:28:36:0c:79:47:e3:b0:bd:ba:ed:a1:fd:a0:07:
                    11:d6:98:f7:70:43:5a:38:ff:a1:8a:25:f3:e5:d7:
                    5b:a6:2d:76:2e:30:6e:ce:93:cf:ad:5a:8f:eb:8c:
                    6b:8c:4a:90:0a:b6:e9:35:8c:c1:2a:b5:12:96:b0:
                    cf:69:22:1b:61:ce:d5:02:6f:9c:8d:95:a1:3d:76:
                    f8:a6:cf:99:3d:5e:67:9b:c1:60:ee:d4:d5:af:29:
                    1c:d2:29:f4:50:3f:08:1f:2e:75:0d:68:e6:86:f2:
                    c7:ae:29:34:3e:d8:b8:43:00:1f:fa:f6:6f:a4:84:
                    04:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:D3:B1:F4:84:EC:11:7D:A1:BE:CC:61:78:AC:D6:27:56:14:52:B7
            X509v3 Authority Key Identifier:
                keyid:FE:83:79:99:67:EC:D0:4C:53:61:48:9E:E4:CF:A0:98:CE:43:68:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_oN5mWfs0ExTYUie5M-gmM5DaHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:79:8e:59:99:ea:4a:69:96:43:ec:2b:a9:15:7e:77:4d:6d:
         92:41:52:05:9c:b4:fc:0c:33:e8:01:7a:9f:77:fe:74:e4:55:
         77:ad:b9:ee:5e:78:8c:8c:76:4a:21:61:07:02:25:d0:57:ed:
         31:4b:12:df:8f:fb:29:2b:bf:9d:39:bb:bb:2e:7b:63:3b:c2:
         ef:4d:e8:e3:7d:0c:df:9c:cc:9d:77:75:22:21:f8:2e:20:37:
         37:03:1b:10:4c:ba:d3:98:07:0b:f3:60:7d:2b:99:9c:ac:66:
         b0:83:ee:05:c8:57:b5:13:a2:cb:df:04:66:c7:ce:f6:25:02:
         13:6d:b8:07:c1:56:fc:c5:76:5f:cc:7b:eb:02:c2:6b:64:06:
         2f:23:86:eb:ae:99:be:10:f0:a7:b5:b4:a8:0c:84:4e:ae:c8:
         f6:d2:a8:57:94:f4:6f:a2:af:32:31:cd:9a:2f:fd:33:7d:ed:
         92:11:cd:e7:9c:70:12:a9:bc:a0:5a:3d:83:3e:9e:28:ff:bc:
         71:e4:b4:64:fb:eb:0e:b5:03:85:16:75:84:10:ca:4e:6c:de:
         87:03:db:f0:23:09:46:76:53:3b:10:21:46:71:a1:f1:c9:06:
         c4:07:b0:c0:69:5a:ed:46:55:20:23:c6:e5:1a:3d:fd:77:c3:
         38:ee:6a:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQx7GbhAyrHrgkcL03jG6LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlODM3OTk5NjdlY2QwNGM1MzYxNDg5ZWU0Y2ZhMDk4Y2U0
MzY4NzEwHhcNMjUwMjE2MjIwMTE3WhcNMjUwMjE3MjIwMTE3WjAzMTEwLwYDVQQD
EyhmYWQzYjFmNDg0ZWMxMTdkYTFiZWNjNjE3OGFjZDYyNzU2MTQ1MmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhrvRRyn1eVJao+hhC8Um/JM673y
z/8jVtHZvmEQ31zfKON2bZYjSRTPGHYhv+YmYMNkdRAxo9SP5Y9tNQVyd3BgdTPJ
VgZ2PgtZRAsQ4YsCXM3B0ThtJJg5+E5UoMzPycjTjEmvcJv3i6Hdl/eInPhwjaWH
jhtz1mg1NHqN8J4PPBiwqBH+KDYMeUfjsL267aH9oAcR1pj3cENaOP+hiiXz5ddb
pi12LjBuzpPPrVqP64xrjEqQCrbpNYzBKrUSlrDPaSIbYc7VAm+cjZWhPXb4ps+Z
PV5nm8Fg7tTVrykc0in0UD8IHy51DWjmhvLHrik0Pti4QwAf+vZvpIQEHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPrTsfSE7BF9ob7MYXis1idWFFK3MB8GA1UdIwQY
MBaAFP6DeZln7NBMU2FInuTPoJjOQ2hxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX29ONW1XZnMwRXhUWVVpZTVNLWdtTTVEYUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC85YWYwMzMtMjM0ZC00NDA0LTgwOTYt
YzczYmVkY2RjYTZkLzEvX29ONW1XZnMwRXhUWVVpZTVNLWdtTTVEYUhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC85YWYwMzMtMjM0ZC00NDA0LTgwOTYtYzczYmVkY2RjYTZk
LzEvX29ONW1XZnMwRXhUWVVpZTVNLWdtTTVEYUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADHmOWZnq
SmmWQ+wrqRV+d01tkkFSBZy0/Awz6AF6n3f+dORVd6257l54jIx2SiFhBwIl0Fft
MUsS34/7KSu/nTm7uy57YzvC703o430M35zMnXd1IiH4LiA3NwMbEEy605gHC/Ng
fSuZnKxmsIPuBchXtROiy98EZsfO9iUCE224B8FW/MV2X8x76wLCa2QGLyOG666Z
vhDwp7W0qAyETq7I9tKoV5T0b6KvMjHNmi/9M33tkhHN55xwEqm8oFo9gz6eKP+8
ceS0ZPvrDrUDhRZ1hBDKTmzehwPb8CMJRnZTOxAhRnGh8ckGxAewwGla7UZVICPG
5Ro9/XfDOO5q1g==
-----END CERTIFICATE-----