Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/81b00a-f68d-44f4-8825-982736b45bdf/1/iMaZNJivBRiWLl9I1chG3BddGIQ.mft
File:                     iMaZNJivBRiWLl9I1chG3BddGIQ.mft (raw, json)
Hash identifier:          aPUAn0QybeHNyv/NA4GnEsoU+oQb3IpJa/bU91ZUgNw=
Subject key identifier:   A6:85:B8:FB:EF:A0:AE:14:DF:6F:9A:30:D7:46:41:63:F7:E9:23:7F
Authority key identifier: 88:C6:99:34:98:AF:05:18:96:2E:5F:48:D5:C8:46:DC:17:5D:18:84
Certificate issuer:       /CN=88c6993498af0518962e5f48d5c846dc175d1884
Certificate serial:       01951134C9D4977849E26F6D4821FF9FECC2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iMaZNJivBRiWLl9I1chG3BddGIQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/81b00a-f68d-44f4-8825-982736b45bdf/1/iMaZNJivBRiWLl9I1chG3BddGIQ.mft
Manifest number:          1454
Signing time:             Mon 17 Feb 2025 00:00:26 +0000
Manifest this update:     Mon 17 Feb 2025 00:00:26 +0000
Manifest next update:     Tue 18 Feb 2025 00:00:26 +0000
Files and hashes:         1: iMaZNJivBRiWLl9I1chG3BddGIQ.crl (hash: 14MepzVKeQxAKBHW1ILtIKrH17qVGtzb0mvMdHkSiWc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/81b00a-f68d-44f4-8825-982736b45bdf/1/iMaZNJivBRiWLl9I1chG3BddGIQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/81b00a-f68d-44f4-8825-982736b45bdf/1/iMaZNJivBRiWLl9I1chG3BddGIQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iMaZNJivBRiWLl9I1chG3BddGIQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:34:c9:d4:97:78:49:e2:6f:6d:48:21:ff:9f:ec:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88c6993498af0518962e5f48d5c846dc175d1884
        Validity
            Not Before: Feb 17 00:00:26 2025 GMT
            Not After : Feb 18 00:00:26 2025 GMT
        Subject: CN=a685b8fbefa0ae14df6f9a30d7464163f7e9237f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:5c:b2:62:ca:fd:0e:c0:a7:7f:16:d1:9a:70:
                    50:0d:d8:76:2c:f9:a3:8d:07:90:b4:10:58:d2:3a:
                    90:f0:0c:3e:da:bc:70:0b:65:8b:cf:e1:6a:3d:36:
                    05:fa:1d:8f:82:8f:87:f7:f6:79:9f:a7:5b:23:48:
                    90:ea:9b:48:06:30:a1:5e:f6:cb:7f:5b:5c:73:4b:
                    44:2e:6d:76:16:3c:3b:0d:12:73:cb:b8:39:c4:6d:
                    74:5b:aa:02:f7:1e:2b:30:80:7a:2b:47:38:c2:99:
                    00:ba:1f:76:01:34:89:07:58:02:89:75:de:1f:21:
                    bd:c5:a8:4b:79:da:a6:9c:2d:23:03:e4:6d:b4:e6:
                    cb:20:3d:ff:0c:03:9b:ec:7b:3a:64:6c:34:51:a5:
                    09:e6:54:ae:b7:9d:a4:9e:20:36:50:4c:22:c0:ab:
                    c7:12:21:31:ec:53:61:a3:ba:ef:ca:10:c2:9b:c7:
                    47:7d:17:cf:1e:55:00:60:35:11:17:ab:35:4e:11:
                    04:cf:0a:39:3d:70:b6:46:25:d5:fd:f6:bd:aa:51:
                    fe:8e:80:6e:e1:b9:18:1a:19:71:ab:90:20:14:a8:
                    15:ce:4e:0f:1c:94:30:ba:08:63:a5:2d:60:61:7c:
                    63:97:44:32:e4:da:05:74:0b:62:6d:40:cb:12:00:
                    33:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:85:B8:FB:EF:A0:AE:14:DF:6F:9A:30:D7:46:41:63:F7:E9:23:7F
            X509v3 Authority Key Identifier:
                keyid:88:C6:99:34:98:AF:05:18:96:2E:5F:48:D5:C8:46:DC:17:5D:18:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMaZNJivBRiWLl9I1chG3BddGIQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/81b00a-f68d-44f4-8825-982736b45bdf/1/iMaZNJivBRiWLl9I1chG3BddGIQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/81b00a-f68d-44f4-8825-982736b45bdf/1/iMaZNJivBRiWLl9I1chG3BddGIQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:f2:01:76:37:d6:4a:4b:b6:d5:39:e6:4c:d8:91:ed:60:5b:
         21:f9:48:3c:41:a3:45:74:aa:65:79:6f:45:8a:29:95:6b:73:
         1f:c4:d5:d8:e5:5b:1b:5d:60:61:77:4c:f6:06:d3:55:9c:a7:
         19:4d:6a:90:6f:36:d9:39:28:5c:e3:b9:d2:c5:f3:d8:10:d6:
         b2:33:de:f3:b4:0a:3b:01:65:43:d5:da:e7:15:da:56:47:14:
         b1:ac:30:64:21:f9:61:70:db:0e:aa:b1:a4:a3:51:f5:88:7e:
         e7:e7:63:5b:9d:08:83:6d:ed:99:45:b5:97:c9:bc:f0:c2:51:
         b2:19:5c:71:b3:fe:4a:01:f3:4a:89:f2:05:23:cd:17:cf:3b:
         3e:32:92:7d:1c:11:70:d4:39:e0:00:24:44:b3:4c:7d:fa:e8:
         da:95:6e:15:72:15:f1:8a:90:9c:9b:3e:f3:da:3e:3d:06:dd:
         49:77:c3:99:71:9a:0f:72:5a:cd:b3:da:4a:92:37:a8:2e:59:
         e8:4c:99:1e:70:2a:d5:c1:19:f8:9b:d4:b8:56:8b:ed:f2:02:
         8c:13:ca:8f:b8:6d:cf:6d:00:57:49:8d:1c:07:77:60:1e:85:
         13:b2:2f:f5:62:40:2c:72:27:08:fd:fd:ed:aa:e1:ae:9f:09:
         6d:64:33:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURNMnUl3hJ4m9tSCH/n+zCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YzY5OTM0OThhZjA1MTg5NjJlNWY0OGQ1Yzg0NmRjMTc1
ZDE4ODQwHhcNMjUwMjE3MDAwMDI2WhcNMjUwMjE4MDAwMDI2WjAzMTEwLwYDVQQD
EyhhNjg1YjhmYmVmYTBhZTE0ZGY2ZjlhMzBkNzQ2NDE2M2Y3ZTkyMzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4lyyYsr9DsCnfxbRmnBQDdh2LPmj
jQeQtBBY0jqQ8Aw+2rxwC2WLz+FqPTYF+h2Pgo+H9/Z5n6dbI0iQ6ptIBjChXvbL
f1tcc0tELm12Fjw7DRJzy7g5xG10W6oC9x4rMIB6K0c4wpkAuh92ATSJB1gCiXXe
HyG9xahLedqmnC0jA+RttObLID3/DAOb7Hs6ZGw0UaUJ5lSut52kniA2UEwiwKvH
EiEx7FNho7rvyhDCm8dHfRfPHlUAYDURF6s1ThEEzwo5PXC2RiXV/fa9qlH+joBu
4bkYGhlxq5AgFKgVzk4PHJQwughjpS1gYXxjl0Qy5NoFdAtibUDLEgAzQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKaFuPvvoK4U32+aMNdGQWP36SN/MB8GA1UdIwQY
MBaAFIjGmTSYrwUYli5fSNXIRtwXXRiEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaU1hWk5KaXZCUmlXTGw5STFjaEczQmRkR0lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84MWIwMGEtZjY4ZC00NGY0LTg4MjUt
OTgyNzM2YjQ1YmRmLzEvaU1hWk5KaXZCUmlXTGw5STFjaEczQmRkR0lRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC84MWIwMGEtZjY4ZC00NGY0LTg4MjUtOTgyNzM2YjQ1YmRm
LzEvaU1hWk5KaXZCUmlXTGw5STFjaEczQmRkR0lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjPIBdjfW
Sku21TnmTNiR7WBbIflIPEGjRXSqZXlvRYoplWtzH8TV2OVbG11gYXdM9gbTVZyn
GU1qkG822TkoXOO50sXz2BDWsjPe87QKOwFlQ9Xa5xXaVkcUsawwZCH5YXDbDqqx
pKNR9Yh+5+djW50Ig23tmUW1l8m88MJRshlccbP+SgHzSonyBSPNF887PjKSfRwR
cNQ54AAkRLNMffro2pVuFXIV8YqQnJs+89o+PQbdSXfDmXGaD3JazbPaSpI3qC5Z
6EyZHnAq1cEZ+JvUuFaL7fICjBPKj7htz20AV0mNHAd3YB6FE7Iv9WJALHInCP39
7arhrp8JbWQz7A==
-----END CERTIFICATE-----