Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
File:                     pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft (raw, json)
Hash identifier:          aZsQo+JMjTSzUrEeObkfhR8f6XSkIIz1fW7+tjbL2lg=
Subject key identifier:   2D:DC:C2:5D:B0:58:D3:23:36:0A:C1:63:FE:56:FA:A2:2F:96:D1:BF
Authority key identifier: A4:D3:80:41:AE:4E:73:15:77:24:AA:9F:3E:E0:43:05:E5:F1:28:34
Certificate issuer:       /CN=a4d38041ae4e73157724aa9f3ee04305e5f12834
Certificate serial:       0194C388546DCABD29AC5BBCAA0BF9EFF177
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
Manifest number:          13FE
Signing time:             Sat 01 Feb 2025 22:01:18 +0000
Manifest this update:     Sat 01 Feb 2025 22:01:18 +0000
Manifest next update:     Sun 02 Feb 2025 22:01:18 +0000
Files and hashes:         1: pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl (hash: 0jNVOoy/oHqhoLbwREGHMLYSMntddC9JmKmWhz8cYfk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:88:54:6d:ca:bd:29:ac:5b:bc:aa:0b:f9:ef:f1:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4d38041ae4e73157724aa9f3ee04305e5f12834
        Validity
            Not Before: Feb  1 22:01:18 2025 GMT
            Not After : Feb  2 22:01:18 2025 GMT
        Subject: CN=2ddcc25db058d323360ac163fe56faa22f96d1bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:1d:28:84:1e:41:4a:92:b0:b6:97:69:1f:15:
                    34:41:1d:64:bc:84:6b:d8:e1:ad:03:ff:9c:2f:a2:
                    a8:6f:b3:d8:7b:9f:fa:fe:61:91:18:de:90:0e:13:
                    6f:c1:00:28:5e:7e:4b:2e:76:b4:8e:0e:2d:ff:3a:
                    d4:9c:6e:7d:3e:d4:16:8c:c3:47:ce:9f:e7:d6:1d:
                    18:4a:8e:65:ba:7c:2b:09:bb:12:bf:8b:8b:8d:4d:
                    6b:2c:7f:77:b5:19:8d:e8:65:a4:41:22:e2:37:a6:
                    c5:65:bc:fd:22:42:62:21:d2:c6:b1:42:d5:06:06:
                    10:de:a6:af:d6:41:e1:67:84:cf:19:64:2b:0d:a7:
                    15:aa:64:70:e2:44:ab:f1:4b:3c:6f:f0:c1:9d:35:
                    85:f5:9f:30:e4:02:c3:ec:c1:eb:db:d2:4c:d4:69:
                    8a:7f:75:9a:6d:fa:14:a1:f9:8e:8d:e0:d6:06:2e:
                    16:23:0d:ea:86:3a:37:33:12:08:48:25:e4:61:09:
                    5d:f6:72:e6:b6:87:2c:aa:c9:c3:a7:7a:20:d2:58:
                    16:7f:b3:a0:a3:6e:db:ca:b4:bc:cf:cc:eb:60:6b:
                    12:7b:01:c4:79:52:8e:c7:a3:20:54:4d:15:41:c6:
                    af:0e:db:6d:91:77:fa:ab:3b:a6:94:ee:05:0a:f6:
                    85:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:DC:C2:5D:B0:58:D3:23:36:0A:C1:63:FE:56:FA:A2:2F:96:D1:BF
            X509v3 Authority Key Identifier:
                keyid:A4:D3:80:41:AE:4E:73:15:77:24:AA:9F:3E:E0:43:05:E5:F1:28:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:8c:fb:cc:46:1f:1b:82:8b:a7:ab:63:89:b1:fc:e4:41:d1:
         0d:1f:be:77:1e:94:c4:fd:5b:2a:e7:1f:1e:8f:76:fd:9e:f3:
         35:3d:4f:71:69:84:97:18:1c:6e:22:b2:60:e5:26:8f:7c:b9:
         f6:24:b8:9c:e9:5d:4c:8d:d2:f9:fb:7f:5b:3a:8a:9c:01:88:
         dd:1a:15:85:6b:19:95:3d:2c:10:36:a8:d9:b2:fe:e1:78:a4:
         84:11:34:c5:c2:a1:a9:fb:ed:c1:2c:e8:70:7a:32:ca:9f:db:
         0c:e4:17:72:df:58:23:cc:42:32:4f:80:8c:13:be:0f:8d:84:
         27:6c:3c:33:bf:51:1d:e1:2e:cc:56:2b:4a:dd:db:9e:c0:18:
         76:4f:9b:a7:6d:c1:ad:54:af:33:9a:77:6a:d4:77:8e:f3:9e:
         92:f4:fe:70:29:73:a2:a5:31:6f:02:5f:b5:8c:ee:6e:39:cd:
         ed:13:b3:df:13:47:ca:3d:66:74:37:ef:90:c5:43:a4:57:21:
         d4:39:5e:63:38:99:d3:26:f9:00:39:ad:ef:a6:4f:11:57:ae:
         2a:40:f4:e4:c9:1c:eb:79:8a:40:ee:26:dc:96:31:54:fc:53:
         38:cb:e2:59:40:56:4b:cb:42:8b:e7:42:d2:0b:a3:2e:b2:6b:
         a1:fa:6d:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDiFRtyr0prFu8qgv57/F3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZDM4MDQxYWU0ZTczMTU3NzI0YWE5ZjNlZTA0MzA1ZTVm
MTI4MzQwHhcNMjUwMjAxMjIwMTE4WhcNMjUwMjAyMjIwMTE4WjAzMTEwLwYDVQQD
EygyZGRjYzI1ZGIwNThkMzIzMzYwYWMxNjNmZTU2ZmFhMjJmOTZkMWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmB0ohB5BSpKwtpdpHxU0QR1kvIRr
2OGtA/+cL6Kob7PYe5/6/mGRGN6QDhNvwQAoXn5LLna0jg4t/zrUnG59PtQWjMNH
zp/n1h0YSo5lunwrCbsSv4uLjU1rLH93tRmN6GWkQSLiN6bFZbz9IkJiIdLGsULV
BgYQ3qav1kHhZ4TPGWQrDacVqmRw4kSr8Us8b/DBnTWF9Z8w5ALD7MHr29JM1GmK
f3WabfoUofmOjeDWBi4WIw3qhjo3MxIISCXkYQld9nLmtocsqsnDp3og0lgWf7Og
o27byrS8z8zrYGsSewHEeVKOx6MgVE0VQcavDtttkXf6qzumlO4FCvaFHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC3cwl2wWNMjNgrBY/5W+qIvltG/MB8GA1UdIwQY
MBaAFKTTgEGuTnMVdySqnz7gQwXl8Sg0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi80YjQ4ZjMtODgwOC00NzNkLWE3ZTYt
MTg2YjI4Njg1NGJlLzEvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi80YjQ4ZjMtODgwOC00NzNkLWE3ZTYtMTg2YjI4Njg1NGJl
LzEvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJoz7zEYf
G4KLp6tjibH85EHRDR++dx6UxP1bKucfHo92/Z7zNT1PcWmElxgcbiKyYOUmj3y5
9iS4nOldTI3S+ft/WzqKnAGI3RoVhWsZlT0sEDao2bL+4XikhBE0xcKhqfvtwSzo
cHoyyp/bDOQXct9YI8xCMk+AjBO+D42EJ2w8M79RHeEuzFYrSt3bnsAYdk+bp23B
rVSvM5p3atR3jvOekvT+cClzoqUxbwJftYzubjnN7ROz3xNHyj1mdDfvkMVDpFch
1DleYziZ0yb5ADmt76ZPEVeuKkD05Mkc63mKQO4m3JYxVPxTOMviWUBWS8tCi+dC
0gujLrJrofptiA==
-----END CERTIFICATE-----