Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/84faed-0cb5-4799-9447-a3988fc90d60/1/ESpqJg0eZ-CntObc9AP9Ofbel1Q.mft
File:                     ESpqJg0eZ-CntObc9AP9Ofbel1Q.mft (raw, json)
Hash identifier:          SBHLGadUYP2Ku6QHR5gZLljgdDhf05THIT58H/4njK4=
Subject key identifier:   1B:82:2E:63:98:B7:9C:31:CF:8A:FA:CB:EB:98:95:59:D4:80:36:A3
Authority key identifier: 11:2A:6A:26:0D:1E:67:E0:A7:B4:E6:DC:F4:03:FD:39:F6:DE:97:54
Certificate issuer:       /CN=112a6a260d1e67e0a7b4e6dcf403fd39f6de9754
Certificate serial:       019510C80195ED30431C589FFA8151DF91BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ESpqJg0eZ-CntObc9AP9Ofbel1Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/84faed-0cb5-4799-9447-a3988fc90d60/1/ESpqJg0eZ-CntObc9AP9Ofbel1Q.mft
Manifest number:          032D
Signing time:             Sun 16 Feb 2025 22:01:37 +0000
Manifest this update:     Sun 16 Feb 2025 22:01:37 +0000
Manifest next update:     Mon 17 Feb 2025 22:01:37 +0000
Files and hashes:         1: ESpqJg0eZ-CntObc9AP9Ofbel1Q.crl (hash: TQO3KjHtW+CzNUU9wOgsucGuHf3FExQQdC4H6Yopbbo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/84faed-0cb5-4799-9447-a3988fc90d60/1/ESpqJg0eZ-CntObc9AP9Ofbel1Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/84faed-0cb5-4799-9447-a3988fc90d60/1/ESpqJg0eZ-CntObc9AP9Ofbel1Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ESpqJg0eZ-CntObc9AP9Ofbel1Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:01:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c8:01:95:ed:30:43:1c:58:9f:fa:81:51:df:91:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=112a6a260d1e67e0a7b4e6dcf403fd39f6de9754
        Validity
            Not Before: Feb 16 22:01:37 2025 GMT
            Not After : Feb 17 22:01:37 2025 GMT
        Subject: CN=1b822e6398b79c31cf8afacbeb989559d48036a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:2b:8d:62:cc:53:2c:b0:21:15:95:d9:11:7e:
                    0b:51:de:09:55:fa:22:ff:02:58:78:d0:3f:ac:61:
                    6d:28:71:dc:a5:3b:70:60:76:26:12:c5:98:bd:1e:
                    74:14:72:16:fd:97:5b:e8:96:96:41:aa:8a:32:e6:
                    2f:d1:cf:5a:47:05:0c:92:8e:a8:e4:a7:66:bd:6d:
                    3c:a1:47:c0:27:19:dc:a1:4c:f3:89:04:30:37:64:
                    51:ee:63:51:e7:01:7b:cc:d8:a2:d9:b4:89:fb:07:
                    46:ab:c2:b1:f9:76:ea:50:fb:ac:3c:e7:7e:f7:9d:
                    d7:92:75:70:5f:fb:39:83:54:f0:ca:46:d9:58:d8:
                    d7:b1:b5:46:c6:c2:43:0f:e6:de:c4:ae:9f:3e:23:
                    46:6e:2d:71:0e:9a:14:3e:72:a1:bd:2c:91:1a:85:
                    fa:a9:04:e0:35:d5:86:0d:eb:e5:ca:7f:4a:ac:85:
                    72:2c:65:70:1b:5c:b3:3e:15:43:08:0c:66:e1:da:
                    ae:64:4a:ca:02:0c:11:01:95:ef:ee:5b:07:b0:39:
                    97:66:aa:eb:d7:00:76:df:19:99:6c:b4:2c:13:85:
                    a0:0d:83:4e:ef:e1:40:34:c6:a2:e3:bf:99:fc:59:
                    07:b6:ea:74:a1:00:c8:bd:84:6b:23:32:8e:cb:1f:
                    97:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:82:2E:63:98:B7:9C:31:CF:8A:FA:CB:EB:98:95:59:D4:80:36:A3
            X509v3 Authority Key Identifier:
                keyid:11:2A:6A:26:0D:1E:67:E0:A7:B4:E6:DC:F4:03:FD:39:F6:DE:97:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ESpqJg0eZ-CntObc9AP9Ofbel1Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/84faed-0cb5-4799-9447-a3988fc90d60/1/ESpqJg0eZ-CntObc9AP9Ofbel1Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/84faed-0cb5-4799-9447-a3988fc90d60/1/ESpqJg0eZ-CntObc9AP9Ofbel1Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:8a:a4:e8:59:a7:4f:03:51:d4:c5:b7:16:5c:d6:2f:e7:ac:
         e1:52:88:99:d5:e0:01:12:1e:a2:f1:75:c5:54:d8:6b:2e:25:
         f0:b2:a4:c8:87:7d:69:79:c5:1d:ae:f4:7d:20:39:dd:71:9d:
         32:7f:a8:9d:30:3a:a8:56:15:94:cf:84:92:61:97:d3:d4:ae:
         35:8d:aa:ef:50:5d:86:65:ce:fb:c3:26:23:eb:f4:77:28:ff:
         f4:f7:7f:e2:a3:42:9b:d3:2d:e5:52:69:e3:7e:63:33:9f:7e:
         e9:c3:7c:24:3b:89:40:fb:95:50:99:13:60:d5:42:a6:7e:c3:
         9a:0a:22:cd:6d:8d:1e:f0:7a:41:f9:52:57:d5:f9:36:4d:3a:
         4e:a2:f8:cf:5c:93:8d:76:7a:8f:00:3d:f0:ee:71:26:62:f5:
         28:a8:a5:b5:4e:30:70:be:eb:70:85:51:eb:1f:c7:a7:5f:2d:
         09:ea:c9:8c:23:83:2d:6c:e0:32:6b:f2:cd:dd:18:11:cb:38:
         41:ee:05:00:81:89:72:7d:ab:91:87:8c:d7:d7:db:c5:f3:53:
         01:34:38:91:22:f6:6a:2c:44:1b:e0:ab:de:6f:39:2c:d7:ae:
         e6:ea:a0:76:9d:e5:d0:67:44:fb:c9:9f:74:a2:09:2b:03:e2:
         58:11:1b:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQyAGV7TBDHFif+oFR35G7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMmE2YTI2MGQxZTY3ZTBhN2I0ZTZkY2Y0MDNmZDM5ZjZk
ZTk3NTQwHhcNMjUwMjE2MjIwMTM3WhcNMjUwMjE3MjIwMTM3WjAzMTEwLwYDVQQD
EygxYjgyMmU2Mzk4Yjc5YzMxY2Y4YWZhY2JlYjk4OTU1OWQ0ODAzNmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCuNYsxTLLAhFZXZEX4LUd4JVfoi
/wJYeNA/rGFtKHHcpTtwYHYmEsWYvR50FHIW/Zdb6JaWQaqKMuYv0c9aRwUMko6o
5KdmvW08oUfAJxncoUzziQQwN2RR7mNR5wF7zNii2bSJ+wdGq8Kx+XbqUPusPOd+
953XknVwX/s5g1TwykbZWNjXsbVGxsJDD+bexK6fPiNGbi1xDpoUPnKhvSyRGoX6
qQTgNdWGDevlyn9KrIVyLGVwG1yzPhVDCAxm4dquZErKAgwRAZXv7lsHsDmXZqrr
1wB23xmZbLQsE4WgDYNO7+FANMai47+Z/FkHtup0oQDIvYRrIzKOyx+XAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBuCLmOYt5wxz4r6y+uYlVnUgDajMB8GA1UdIwQY
MBaAFBEqaiYNHmfgp7Tm3PQD/Tn23pdUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVNwcUpnMGVaLUNudE9iYzlBUDlPZmJlbDFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi84NGZhZWQtMGNiNS00Nzk5LTk0NDct
YTM5ODhmYzkwZDYwLzEvRVNwcUpnMGVaLUNudE9iYzlBUDlPZmJlbDFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi84NGZhZWQtMGNiNS00Nzk5LTk0NDctYTM5ODhmYzkwZDYw
LzEvRVNwcUpnMGVaLUNudE9iYzlBUDlPZmJlbDFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX4qk6Fmn
TwNR1MW3FlzWL+es4VKImdXgARIeovF1xVTYay4l8LKkyId9aXnFHa70fSA53XGd
Mn+onTA6qFYVlM+EkmGX09SuNY2q71BdhmXO+8MmI+v0dyj/9Pd/4qNCm9Mt5VJp
435jM59+6cN8JDuJQPuVUJkTYNVCpn7DmgoizW2NHvB6QflSV9X5Nk06TqL4z1yT
jXZ6jwA98O5xJmL1KKiltU4wcL7rcIVR6x/Hp18tCerJjCODLWzgMmvyzd0YEcs4
Qe4FAIGJcn2rkYeM19fbxfNTATQ4kSL2aixEG+Cr3m85LNeu5uqgdp3l0GdE+8mf
dKIJKwPiWBEbeA==
-----END CERTIFICATE-----