Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft
File:                     8p5p65n-wSVjcxHUMFL3kx2P3TI.mft (raw, json)
Hash identifier:          SqvnF3opcQLRUKd2Ny98D8maofQ2qGTUt0jHjxfAyKQ=
Subject key identifier:   0B:3F:E9:D3:99:7E:92:3C:73:9C:A1:CF:24:73:F4:2F:8A:44:26:B5
Authority key identifier: F2:9E:69:EB:99:FE:C1:25:63:73:11:D4:30:52:F7:93:1D:8F:DD:32
Certificate issuer:       /CN=f29e69eb99fec125637311d43052f7931d8fdd32
Certificate serial:       01951135536CECD3B6E816C175650A06CB8A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8p5p65n-wSVjcxHUMFL3kx2P3TI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft
Manifest number:          03F0
Signing time:             Mon 17 Feb 2025 00:01:02 +0000
Manifest this update:     Mon 17 Feb 2025 00:01:02 +0000
Manifest next update:     Tue 18 Feb 2025 00:01:02 +0000
Files and hashes:         1: 8p5p65n-wSVjcxHUMFL3kx2P3TI.crl (hash: u1lX4JCKm3smvYkN0hEoQW3e1EpukE/0cl+7J5K4l/s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8p5p65n-wSVjcxHUMFL3kx2P3TI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:35:53:6c:ec:d3:b6:e8:16:c1:75:65:0a:06:cb:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f29e69eb99fec125637311d43052f7931d8fdd32
        Validity
            Not Before: Feb 17 00:01:02 2025 GMT
            Not After : Feb 18 00:01:02 2025 GMT
        Subject: CN=0b3fe9d3997e923c739ca1cf2473f42f8a4426b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:aa:52:a2:0d:a2:30:dd:61:ba:43:48:5c:c5:
                    2b:f0:04:8c:8e:9f:7f:5c:a4:70:d1:7f:45:69:6b:
                    88:18:b5:c3:a7:18:9c:ac:e4:52:4a:aa:82:b6:b0:
                    84:e8:38:ed:5c:2d:4c:a8:c9:ae:e1:cc:9e:9c:fe:
                    92:17:50:67:18:5d:64:ba:7c:13:6d:44:a6:97:77:
                    d0:b2:f9:2d:4b:47:4a:5a:82:d2:30:26:ff:1c:09:
                    11:1c:f2:c3:17:21:93:8b:9b:97:9c:00:e2:d3:27:
                    05:11:cd:ac:e7:82:c5:57:53:dd:47:21:50:ba:80:
                    55:ff:f2:ba:7b:36:f4:47:82:cb:4f:6a:86:8f:e8:
                    bc:71:37:37:86:e5:5b:b2:6c:e2:a2:f6:69:98:6e:
                    cd:91:b9:0b:8e:57:45:c1:c6:78:b4:18:4e:68:c7:
                    26:75:0f:a5:f5:7b:d9:6a:ed:37:e6:ce:51:d2:64:
                    2d:37:33:73:7d:a8:a6:a7:4f:fa:d9:e3:dd:fe:f7:
                    f4:b1:d9:6f:a3:4f:62:61:2e:01:da:d9:1f:e9:b6:
                    58:75:d6:01:7c:90:e3:7a:43:49:5a:84:bb:58:d8:
                    bb:46:2f:20:d8:3e:f8:36:bc:a5:67:3e:64:54:04:
                    47:73:24:eb:45:43:c4:4d:96:e4:76:1a:2a:97:ff:
                    8e:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:3F:E9:D3:99:7E:92:3C:73:9C:A1:CF:24:73:F4:2F:8A:44:26:B5
            X509v3 Authority Key Identifier:
                keyid:F2:9E:69:EB:99:FE:C1:25:63:73:11:D4:30:52:F7:93:1D:8F:DD:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8p5p65n-wSVjcxHUMFL3kx2P3TI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:d2:01:a4:d4:16:0a:13:41:63:85:3c:39:9b:34:cd:92:e5:
         14:dd:19:42:e0:ea:b0:3a:b7:6a:b3:f5:4d:fe:53:94:0b:00:
         50:f2:16:c5:5b:8f:af:ad:62:20:eb:d9:5e:1b:71:98:03:b6:
         86:27:8f:76:31:95:29:b1:ab:12:43:a0:8a:8c:b2:fc:07:55:
         df:11:ce:a3:31:e9:03:16:b6:c1:49:47:f5:e0:a1:93:17:e5:
         77:c1:80:4a:dd:e4:83:72:e6:65:75:d9:1b:1b:b3:62:cf:a2:
         81:e5:bf:c6:4f:2c:05:51:13:28:3e:07:90:67:79:58:41:d9:
         10:7c:af:80:ea:0f:b2:fa:30:59:a4:0a:d9:f4:50:a8:f5:26:
         80:eb:f8:d1:b5:07:3d:ee:8b:8e:7b:e4:00:e1:eb:85:01:8c:
         f9:38:b6:4d:16:bd:af:7c:12:fa:08:11:97:ab:8f:0e:98:e5:
         cf:75:25:25:8c:cf:79:ca:6e:89:31:34:4c:4d:ca:f7:58:91:
         c0:42:4b:39:d0:67:7e:e8:ba:96:16:0d:d7:dd:b4:a9:f5:1d:
         fc:50:75:c5:19:69:a7:d4:f5:fb:79:47:25:52:54:f1:c4:35:
         50:03:a9:ae:5b:01:02:02:36:34:14:f4:73:c8:f0:88:83:9e:
         b8:4c:34:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURNVNs7NO26BbBdWUKBsuKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyOWU2OWViOTlmZWMxMjU2MzczMTFkNDMwNTJmNzkzMWQ4
ZmRkMzIwHhcNMjUwMjE3MDAwMTAyWhcNMjUwMjE4MDAwMTAyWjAzMTEwLwYDVQQD
EygwYjNmZTlkMzk5N2U5MjNjNzM5Y2ExY2YyNDczZjQyZjhhNDQyNmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKpSog2iMN1hukNIXMUr8ASMjp9/
XKRw0X9FaWuIGLXDpxicrORSSqqCtrCE6DjtXC1MqMmu4cyenP6SF1BnGF1kunwT
bUSml3fQsvktS0dKWoLSMCb/HAkRHPLDFyGTi5uXnADi0ycFEc2s54LFV1PdRyFQ
uoBV//K6ezb0R4LLT2qGj+i8cTc3huVbsmziovZpmG7NkbkLjldFwcZ4tBhOaMcm
dQ+l9XvZau035s5R0mQtNzNzfaimp0/62ePd/vf0sdlvo09iYS4B2tkf6bZYddYB
fJDjekNJWoS7WNi7Ri8g2D74NrylZz5kVARHcyTrRUPETZbkdhoql/+OIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAs/6dOZfpI8c5yhzyRz9C+KRCa1MB8GA1UdIwQY
MBaAFPKeaeuZ/sElY3MR1DBS95Mdj90yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHA1cDY1bi13U1ZqY3hIVU1GTDNreDJQM1RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85YzgyNmQtOTNiOC00YzNhLWEyMWYt
NTEzNDAzZTNkODIwLzEvOHA1cDY1bi13U1ZqY3hIVU1GTDNreDJQM1RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC85YzgyNmQtOTNiOC00YzNhLWEyMWYtNTEzNDAzZTNkODIw
LzEvOHA1cDY1bi13U1ZqY3hIVU1GTDNreDJQM1RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYtIBpNQW
ChNBY4U8OZs0zZLlFN0ZQuDqsDq3arP1Tf5TlAsAUPIWxVuPr61iIOvZXhtxmAO2
hiePdjGVKbGrEkOgioyy/AdV3xHOozHpAxa2wUlH9eChkxfld8GASt3kg3LmZXXZ
GxuzYs+igeW/xk8sBVETKD4HkGd5WEHZEHyvgOoPsvowWaQK2fRQqPUmgOv40bUH
Pe6LjnvkAOHrhQGM+Ti2TRa9r3wS+ggRl6uPDpjlz3UlJYzPecpuiTE0TE3K91iR
wEJLOdBnfui6lhYN1920qfUd/FB1xRlpp9T1+3lHJVJU8cQ1UAOprlsBAgI2NBT0
c8jwiIOeuEw0uw==
-----END CERTIFICATE-----