Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft
File:                     pnUQ3cUswCV-TCVS9b1XVURUxgs.mft (raw, json)
Hash identifier:          bKHdtv7ISYX0dhGow2YP6E5ydOe1+EZ6OJXEW1xfuZU=
Subject key identifier:   0D:9E:AF:5B:E9:C2:FB:9B:A8:AD:7A:53:30:73:01:12:5C:47:13:A2
Authority key identifier: A6:75:10:DD:C5:2C:C0:25:7E:4C:25:52:F5:BD:57:55:44:54:C6:0B
Certificate issuer:       /CN=a67510ddc52cc0257e4c2552f5bd57554454c60b
Certificate serial:       0194C42CAD72893E1DDB871877247518B9DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pnUQ3cUswCV-TCVS9b1XVURUxgs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft
Manifest number:          03AC
Signing time:             Sun 02 Feb 2025 01:00:49 +0000
Manifest this update:     Sun 02 Feb 2025 01:00:49 +0000
Manifest next update:     Mon 03 Feb 2025 01:00:49 +0000
Files and hashes:         1: pnUQ3cUswCV-TCVS9b1XVURUxgs.crl (hash: BZJiEkZBwt2mexoNW1JjnzDloJddg7Y2ETldMNdAGPM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pnUQ3cUswCV-TCVS9b1XVURUxgs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:2c:ad:72:89:3e:1d:db:87:18:77:24:75:18:b9:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a67510ddc52cc0257e4c2552f5bd57554454c60b
        Validity
            Not Before: Feb  2 01:00:49 2025 GMT
            Not After : Feb  3 01:00:49 2025 GMT
        Subject: CN=0d9eaf5be9c2fb9ba8ad7a53307301125c4713a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:c0:0e:4a:60:e9:11:09:00:9c:fb:18:c6:b5:
                    2b:c5:e6:fc:fc:cf:48:e9:88:87:a3:fe:37:c7:3f:
                    5d:53:a6:75:a2:45:5e:be:e4:3c:f0:f1:73:fd:f0:
                    df:82:d3:32:48:50:6f:d5:53:08:7d:05:22:65:88:
                    d0:02:52:ab:ab:3b:3a:20:60:ae:2a:18:4e:f2:61:
                    8a:85:4b:d4:83:d0:bb:30:70:35:84:e2:b1:6a:84:
                    0c:8d:84:05:28:37:13:97:72:cd:7d:e6:d6:c6:68:
                    f4:d9:84:e2:1f:fc:0c:fe:2c:8a:aa:52:02:3c:87:
                    87:e9:7c:14:4a:e7:e1:a3:10:5f:07:c9:5d:6f:af:
                    64:dd:52:59:c6:d6:14:ad:60:66:ee:de:92:5a:23:
                    a9:14:0e:e1:7b:6b:ba:d0:60:ac:c6:64:6b:6c:bc:
                    07:8e:41:83:6f:c6:50:b8:9b:1b:4a:4b:ef:3e:85:
                    4c:a8:fc:55:4a:b6:36:e0:64:94:a3:0c:ab:34:89:
                    e4:a1:ad:23:4d:3c:f9:58:26:3f:a3:2d:bf:e5:77:
                    ba:aa:08:2d:75:0b:02:c7:52:e1:06:72:09:fc:37:
                    23:b5:37:3b:06:f0:92:4a:35:d3:f2:a6:24:f1:7e:
                    a7:71:21:2f:cb:61:f6:44:e2:bb:7a:54:3d:a2:a6:
                    56:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:9E:AF:5B:E9:C2:FB:9B:A8:AD:7A:53:30:73:01:12:5C:47:13:A2
            X509v3 Authority Key Identifier:
                keyid:A6:75:10:DD:C5:2C:C0:25:7E:4C:25:52:F5:BD:57:55:44:54:C6:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnUQ3cUswCV-TCVS9b1XVURUxgs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:28:9c:1d:a3:fc:46:e5:94:2b:6d:79:16:6b:f4:6b:66:6b:
         b5:07:41:8e:35:e9:db:3f:95:cd:ae:3b:d8:02:3d:f2:66:02:
         9c:f9:fa:a8:e3:94:7d:0a:47:c2:da:f8:25:13:a3:d5:60:b5:
         02:53:8a:bb:65:67:fe:62:e6:8c:f0:dc:8f:91:1b:79:ae:2e:
         e5:eb:da:58:53:4b:a8:e5:6f:10:87:93:83:6d:e0:57:77:6e:
         71:44:07:ea:0d:8a:52:6b:73:79:cc:7a:13:54:5e:ee:51:b6:
         f7:db:61:7f:84:aa:eb:2b:1a:59:30:21:b9:c7:09:d7:c7:fb:
         a8:ca:0e:9d:88:1e:81:62:5f:50:e1:df:17:5d:c0:dd:f0:83:
         d1:ee:1e:10:37:aa:0f:d4:c3:73:92:0a:e1:5b:8a:41:43:d5:
         84:c4:0b:11:4d:06:4b:8b:02:c2:dc:6f:ee:bb:e5:17:68:bf:
         44:b8:d4:f9:5a:35:fc:3e:f4:ce:77:e6:44:92:3a:15:e2:6e:
         5f:66:bc:2e:57:91:73:0a:9b:1b:a8:02:f1:e4:b8:78:07:17:
         22:5b:b4:16:37:a4:cc:c8:b6:c0:51:24:4f:da:d6:7e:b3:84:
         4c:cc:45:40:72:6f:81:6d:9c:88:a2:dd:d5:f8:cd:51:76:72:
         b3:c9:96:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTELK1yiT4d24cYdyR1GLnbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NzUxMGRkYzUyY2MwMjU3ZTRjMjU1MmY1YmQ1NzU1NDQ1
NGM2MGIwHhcNMjUwMjAyMDEwMDQ5WhcNMjUwMjAzMDEwMDQ5WjAzMTEwLwYDVQQD
EygwZDllYWY1YmU5YzJmYjliYThhZDdhNTMzMDczMDExMjVjNDcxM2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAysAOSmDpEQkAnPsYxrUrxeb8/M9I
6YiHo/43xz9dU6Z1okVevuQ88PFz/fDfgtMySFBv1VMIfQUiZYjQAlKrqzs6IGCu
KhhO8mGKhUvUg9C7MHA1hOKxaoQMjYQFKDcTl3LNfebWxmj02YTiH/wM/iyKqlIC
PIeH6XwUSufhoxBfB8ldb69k3VJZxtYUrWBm7t6SWiOpFA7he2u60GCsxmRrbLwH
jkGDb8ZQuJsbSkvvPoVMqPxVSrY24GSUowyrNInkoa0jTTz5WCY/oy2/5Xe6qggt
dQsCx1LhBnIJ/DcjtTc7BvCSSjXT8qYk8X6ncSEvy2H2ROK7elQ9oqZWRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA2er1vpwvubqK16UzBzARJcRxOiMB8GA1UdIwQY
MBaAFKZ1EN3FLMAlfkwlUvW9V1VEVMYLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG5VUTNjVXN3Q1YtVENWUzliMVhWVVJVeGdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9lMzFmNzgtNjhiYi00NzI5LWJkNjUt
NjBkMjU1YmUwNDc5LzEvcG5VUTNjVXN3Q1YtVENWUzliMVhWVVJVeGdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9lMzFmNzgtNjhiYi00NzI5LWJkNjUtNjBkMjU1YmUwNDc5
LzEvcG5VUTNjVXN3Q1YtVENWUzliMVhWVVJVeGdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjSicHaP8
RuWUK215Fmv0a2ZrtQdBjjXp2z+Vza472AI98mYCnPn6qOOUfQpHwtr4JROj1WC1
AlOKu2Vn/mLmjPDcj5Ebea4u5evaWFNLqOVvEIeTg23gV3ducUQH6g2KUmtzecx6
E1Re7lG299thf4Sq6ysaWTAhuccJ18f7qMoOnYgegWJfUOHfF13A3fCD0e4eEDeq
D9TDc5IK4VuKQUPVhMQLEU0GS4sCwtxv7rvlF2i/RLjU+Vo1/D70znfmRJI6FeJu
X2a8LleRcwqbG6gC8eS4eAcXIlu0FjekzMi2wFEkT9rWfrOETMxFQHJvgW2ciKLd
1fjNUXZys8mW0Q==
-----END CERTIFICATE-----