Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/f90ac9-5367-4232-b137-778873a2726c/1/TqgFrqhgMLrN0Lo-TkJOG67wgk0.mft
File:                     TqgFrqhgMLrN0Lo-TkJOG67wgk0.mft (raw, json)
Hash identifier:          ZNwZUYhGgxZoFDWk3bCjgQRJqgz5BIyB2bztnmh0Vzo=
Subject key identifier:   49:06:1F:78:1B:22:B0:EA:D8:8E:86:8E:87:AF:9D:D0:0C:5C:43:24
Authority key identifier: 4E:A8:05:AE:A8:60:30:BA:CD:D0:BA:3E:4E:42:4E:1B:AE:F0:82:4D
Certificate issuer:       /CN=4ea805aea86030bacdd0ba3e4e424e1baef0824d
Certificate serial:       0194C46399D7FEE49FC40DD3E99536D30FBC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TqgFrqhgMLrN0Lo-TkJOG67wgk0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/f90ac9-5367-4232-b137-778873a2726c/1/TqgFrqhgMLrN0Lo-TkJOG67wgk0.mft
Manifest number:          1D
Signing time:             Sun 02 Feb 2025 02:00:49 +0000
Manifest this update:     Sun 02 Feb 2025 02:00:49 +0000
Manifest next update:     Mon 03 Feb 2025 02:00:49 +0000
Files and hashes:         1: TqgFrqhgMLrN0Lo-TkJOG67wgk0.crl (hash: gelKLdUYdZlWgzfTqolrX4DNeQbiPU32dYagAX/kPpc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/f90ac9-5367-4232-b137-778873a2726c/1/TqgFrqhgMLrN0Lo-TkJOG67wgk0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/f90ac9-5367-4232-b137-778873a2726c/1/TqgFrqhgMLrN0Lo-TkJOG67wgk0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TqgFrqhgMLrN0Lo-TkJOG67wgk0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:63:99:d7:fe:e4:9f:c4:0d:d3:e9:95:36:d3:0f:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ea805aea86030bacdd0ba3e4e424e1baef0824d
        Validity
            Not Before: Feb  2 02:00:49 2025 GMT
            Not After : Feb  3 02:00:49 2025 GMT
        Subject: CN=49061f781b22b0ead88e868e87af9dd00c5c4324
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:ae:6e:5e:35:5b:82:f4:67:e5:d4:be:9d:9f:
                    8d:00:f4:be:3e:c1:1c:d2:85:e5:9a:75:bf:ea:0b:
                    22:5e:e8:05:f3:d9:9a:59:12:8f:b0:07:4a:70:c1:
                    8c:d6:fc:dc:a2:3d:4b:39:4b:48:a6:18:9b:10:a3:
                    6c:eb:e9:b9:60:af:c9:63:2f:16:aa:cf:f8:0b:e4:
                    07:2b:2f:8d:da:69:81:31:3c:e7:8f:61:09:4c:8d:
                    b9:3c:19:35:78:5f:49:25:03:21:19:2a:75:4e:54:
                    74:15:21:3a:f6:dc:7e:7e:46:ea:2a:6e:4a:bc:d1:
                    51:92:2d:f1:48:80:e7:69:e1:f4:02:1b:c5:b8:b8:
                    61:07:fe:4d:96:7a:bf:33:9c:77:85:33:d6:be:55:
                    ef:b0:94:3d:42:22:e7:64:a7:a3:ec:7c:1f:91:0e:
                    c7:0a:e4:a0:c3:99:87:61:15:66:df:93:72:5f:11:
                    0f:52:f6:31:92:f7:1d:08:9f:11:d4:b0:1e:45:d2:
                    f9:f0:ce:fa:4a:d4:4e:d5:73:55:d2:16:68:e7:65:
                    39:8c:eb:14:c3:7b:6b:14:a9:cc:23:16:29:fd:47:
                    ef:b4:f1:d2:32:c5:65:28:2a:c3:87:7c:00:64:b7:
                    78:a4:4d:f9:32:44:55:cc:99:0a:ce:72:d9:61:f7:
                    c4:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:06:1F:78:1B:22:B0:EA:D8:8E:86:8E:87:AF:9D:D0:0C:5C:43:24
            X509v3 Authority Key Identifier:
                keyid:4E:A8:05:AE:A8:60:30:BA:CD:D0:BA:3E:4E:42:4E:1B:AE:F0:82:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TqgFrqhgMLrN0Lo-TkJOG67wgk0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f90ac9-5367-4232-b137-778873a2726c/1/TqgFrqhgMLrN0Lo-TkJOG67wgk0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f90ac9-5367-4232-b137-778873a2726c/1/TqgFrqhgMLrN0Lo-TkJOG67wgk0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:1f:31:4e:39:ab:4e:c6:27:29:6d:7c:61:91:46:2b:e9:eb:
         5c:48:2a:9c:5f:8a:df:ba:79:e1:a5:01:c6:ac:f8:b3:0d:2c:
         36:ff:0d:c6:53:24:21:e8:79:f3:3c:68:d8:a1:df:e8:18:c9:
         93:7c:85:da:15:9c:33:de:54:73:25:2f:7f:2f:9b:6d:36:0f:
         e4:40:5d:6a:5d:20:e9:15:dc:bb:74:64:13:8e:df:5d:61:5a:
         1e:43:04:b5:33:6b:dd:9c:4c:ea:be:03:cd:46:9a:12:d0:74:
         a1:2a:2e:71:42:8c:bf:f1:1e:05:d0:9a:b7:d3:89:40:af:f5:
         65:a8:e8:c7:b0:08:2b:92:8c:a4:b3:2e:a9:1a:38:96:7d:f9:
         8f:2a:f9:a7:73:f1:04:9d:cf:9c:0e:e6:54:76:eb:2c:69:58:
         79:c6:af:68:c7:16:79:57:03:3c:82:17:df:6a:f0:7c:21:c0:
         6f:66:cb:e5:27:ee:84:e1:c2:71:b5:7b:e6:2b:44:af:b6:dd:
         46:51:71:ca:04:bf:a4:43:c7:54:cc:e6:2e:22:36:79:2f:3f:
         9d:cd:bc:c9:7d:de:60:b6:b6:c1:7b:4f:1b:2b:89:db:19:4b:
         88:a8:04:69:c7:a7:30:1c:df:7e:a0:bc:f2:e9:64:f3:5d:cb:
         66:f3:2a:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTEY5nX/uSfxA3T6ZU20w+8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlYTgwNWFlYTg2MDMwYmFjZGQwYmEzZTRlNDI0ZTFiYWVm
MDgyNGQwHhcNMjUwMjAyMDIwMDQ5WhcNMjUwMjAzMDIwMDQ5WjAzMTEwLwYDVQQD
Eyg0OTA2MWY3ODFiMjJiMGVhZDg4ZTg2OGU4N2FmOWRkMDBjNWM0MzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAza5uXjVbgvRn5dS+nZ+NAPS+PsEc
0oXlmnW/6gsiXugF89maWRKPsAdKcMGM1vzcoj1LOUtIphibEKNs6+m5YK/JYy8W
qs/4C+QHKy+N2mmBMTznj2EJTI25PBk1eF9JJQMhGSp1TlR0FSE69tx+fkbqKm5K
vNFRki3xSIDnaeH0AhvFuLhhB/5Nlnq/M5x3hTPWvlXvsJQ9QiLnZKej7HwfkQ7H
CuSgw5mHYRVm35NyXxEPUvYxkvcdCJ8R1LAeRdL58M76StRO1XNV0hZo52U5jOsU
w3trFKnMIxYp/UfvtPHSMsVlKCrDh3wAZLd4pE35MkRVzJkKznLZYffEGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEkGH3gbIrDq2I6GjoevndAMXEMkMB8GA1UdIwQY
MBaAFE6oBa6oYDC6zdC6Pk5CThuu8IJNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHFnRnJxaGdNTHJOMExvLVRrSk9HNjd3Z2swLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9mOTBhYzktNTM2Ny00MjMyLWIxMzct
Nzc4ODczYTI3MjZjLzEvVHFnRnJxaGdNTHJOMExvLVRrSk9HNjd3Z2swLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9mOTBhYzktNTM2Ny00MjMyLWIxMzctNzc4ODczYTI3MjZj
LzEvVHFnRnJxaGdNTHJOMExvLVRrSk9HNjd3Z2swLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkB8xTjmr
TsYnKW18YZFGK+nrXEgqnF+K37p54aUBxqz4sw0sNv8NxlMkIeh58zxo2KHf6BjJ
k3yF2hWcM95UcyUvfy+bbTYP5EBdal0g6RXcu3RkE47fXWFaHkMEtTNr3ZxM6r4D
zUaaEtB0oSoucUKMv/EeBdCat9OJQK/1Zajox7AIK5KMpLMuqRo4ln35jyr5p3Px
BJ3PnA7mVHbrLGlYecavaMcWeVcDPIIX32rwfCHAb2bL5SfuhOHCcbV75itEr7bd
RlFxygS/pEPHVMzmLiI2eS8/nc28yX3eYLa2wXtPGyuJ2xlLiKgEacenMBzffqC8
8ulk813LZvMq7w==
-----END CERTIFICATE-----