Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/13c33a-a46f-4889-b809-57303aa45cbb/1/lIHpRs_I4ZwWZ683XRCh5AQvDrk.mft
File:                     lIHpRs_I4ZwWZ683XRCh5AQvDrk.mft (raw, json)
Hash identifier:          r8vpejGquNYTGL4oUEYX87OZ0zRc0j0ofBgSykjvQmY=
Subject key identifier:   A8:F5:35:27:21:0F:D0:C7:01:2C:95:E3:D3:C0:61:CA:AD:32:F7:59
Authority key identifier: 94:81:E9:46:CF:C8:E1:9C:16:67:AF:37:5D:10:A1:E4:04:2F:0E:B9
Certificate issuer:       /CN=9481e946cfc8e19c1667af375d10a1e4042f0eb9
Certificate serial:       0195116BAD45AE3213E0A7571382F5C52EBC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lIHpRs_I4ZwWZ683XRCh5AQvDrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/13c33a-a46f-4889-b809-57303aa45cbb/1/lIHpRs_I4ZwWZ683XRCh5AQvDrk.mft
Manifest number:          036D
Signing time:             Mon 17 Feb 2025 01:00:24 +0000
Manifest this update:     Mon 17 Feb 2025 01:00:24 +0000
Manifest next update:     Tue 18 Feb 2025 01:00:24 +0000
Files and hashes:         1: lIHpRs_I4ZwWZ683XRCh5AQvDrk.crl (hash: 5kf6AyFsxxBy3hB0BvP7v8UCKTofRULhXR4tumdFBQ8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/13c33a-a46f-4889-b809-57303aa45cbb/1/lIHpRs_I4ZwWZ683XRCh5AQvDrk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/13c33a-a46f-4889-b809-57303aa45cbb/1/lIHpRs_I4ZwWZ683XRCh5AQvDrk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lIHpRs_I4ZwWZ683XRCh5AQvDrk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:6b:ad:45:ae:32:13:e0:a7:57:13:82:f5:c5:2e:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9481e946cfc8e19c1667af375d10a1e4042f0eb9
        Validity
            Not Before: Feb 17 01:00:24 2025 GMT
            Not After : Feb 18 01:00:24 2025 GMT
        Subject: CN=a8f53527210fd0c7012c95e3d3c061caad32f759
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:ab:e3:13:70:d4:9d:95:72:ab:ce:54:4e:cf:
                    dc:83:7c:f2:72:dc:49:8b:8c:43:0f:0c:a0:8b:39:
                    d4:e4:39:13:d8:03:b9:94:fe:ab:2e:6c:05:d9:59:
                    af:cf:33:fd:89:47:63:bc:ed:0b:ae:30:5c:c1:d0:
                    61:6f:32:25:69:65:54:a0:92:55:31:aa:94:44:be:
                    ac:7f:2a:0e:77:b3:cb:13:14:d0:06:f5:a6:9d:eb:
                    1e:ea:22:7f:d1:b7:1e:f5:2c:e8:32:c0:41:0c:4d:
                    1c:52:fd:6f:38:2d:aa:8c:0c:a8:a3:a9:37:e0:0c:
                    1f:29:2a:92:b4:9c:e2:6b:56:1e:92:a6:23:a1:6a:
                    7b:74:44:28:55:54:69:5f:f1:9c:e4:e4:eb:65:24:
                    2c:38:93:97:05:89:6d:03:bf:63:f3:e0:0b:73:d5:
                    ea:a0:4c:42:2c:b9:71:fb:52:63:4b:e4:58:9e:fb:
                    be:c3:cf:a6:12:fe:51:3b:c8:1d:f4:d1:b4:06:46:
                    3a:8a:6e:19:fd:e9:60:f5:c9:ea:da:67:89:86:92:
                    00:4f:95:62:d5:2d:ae:0e:cb:58:f1:55:e0:aa:92:
                    24:01:d3:64:12:78:60:b0:de:1c:63:1a:03:41:29:
                    0e:76:14:0f:6e:ee:fc:97:86:1d:57:11:f5:51:67:
                    0e:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:F5:35:27:21:0F:D0:C7:01:2C:95:E3:D3:C0:61:CA:AD:32:F7:59
            X509v3 Authority Key Identifier:
                keyid:94:81:E9:46:CF:C8:E1:9C:16:67:AF:37:5D:10:A1:E4:04:2F:0E:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lIHpRs_I4ZwWZ683XRCh5AQvDrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/13c33a-a46f-4889-b809-57303aa45cbb/1/lIHpRs_I4ZwWZ683XRCh5AQvDrk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/13c33a-a46f-4889-b809-57303aa45cbb/1/lIHpRs_I4ZwWZ683XRCh5AQvDrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:73:e6:a2:59:ae:88:be:0a:bc:39:1e:03:16:34:f1:de:24:
         03:86:b5:1c:37:f3:f3:52:2f:6e:bc:28:ed:bb:e5:6d:1b:9f:
         32:0e:b1:26:f7:eb:88:7d:81:af:b0:4c:61:44:c7:bc:48:5b:
         c4:9d:08:54:b0:f5:1f:e2:8f:47:2d:17:87:eb:71:2a:7f:60:
         96:ee:6e:13:86:56:3e:8a:93:20:68:c3:66:2c:43:63:23:24:
         67:90:58:89:5d:58:ef:50:9a:00:3f:58:f2:b3:6f:03:c1:64:
         9a:25:fa:46:8f:e0:52:60:b2:b2:ba:57:0d:c6:bc:46:0c:bb:
         9f:62:98:45:1f:41:bc:09:25:5b:8c:a5:27:ff:70:2a:3c:76:
         d3:1c:13:14:74:4a:f7:8d:02:b4:c6:6e:fc:8f:8d:75:b6:be:
         8f:e7:36:35:4a:06:a0:dc:c0:32:74:ca:99:e8:e2:a7:7e:40:
         8b:71:a3:51:bb:b0:ca:e2:6a:a9:ee:64:78:4c:df:f3:04:db:
         c6:cb:94:b8:76:f5:4f:a1:37:2c:9e:0e:43:fe:47:5b:7c:ae:
         78:dc:4f:f7:53:86:f1:5b:39:29:69:48:63:92:ac:2b:cf:d5:
         23:67:a7:76:f0:36:1d:31:ed:e8:33:5c:2b:02:a8:48:72:67:
         90:b6:fb:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURa61FrjIT4KdXE4L1xS68MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ODFlOTQ2Y2ZjOGUxOWMxNjY3YWYzNzVkMTBhMWU0MDQy
ZjBlYjkwHhcNMjUwMjE3MDEwMDI0WhcNMjUwMjE4MDEwMDI0WjAzMTEwLwYDVQQD
EyhhOGY1MzUyNzIxMGZkMGM3MDEyYzk1ZTNkM2MwNjFjYWFkMzJmNzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3avjE3DUnZVyq85UTs/cg3zyctxJ
i4xDDwygiznU5DkT2AO5lP6rLmwF2VmvzzP9iUdjvO0LrjBcwdBhbzIlaWVUoJJV
MaqURL6sfyoOd7PLExTQBvWmnese6iJ/0bce9SzoMsBBDE0cUv1vOC2qjAyoo6k3
4AwfKSqStJzia1YekqYjoWp7dEQoVVRpX/Gc5OTrZSQsOJOXBYltA79j8+ALc9Xq
oExCLLlx+1JjS+RYnvu+w8+mEv5RO8gd9NG0BkY6im4Z/elg9cnq2meJhpIAT5Vi
1S2uDstY8VXgqpIkAdNkEnhgsN4cYxoDQSkOdhQPbu78l4YdVxH1UWcOSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKj1NSchD9DHASyV49PAYcqtMvdZMB8GA1UdIwQY
MBaAFJSB6UbPyOGcFmevN10QoeQELw65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbElIcFJzX0k0WndXWjY4M1hSQ2g1QVF2RHJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8xM2MzM2EtYTQ2Zi00ODg5LWI4MDkt
NTczMDNhYTQ1Y2JiLzEvbElIcFJzX0k0WndXWjY4M1hSQ2g1QVF2RHJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8xM2MzM2EtYTQ2Zi00ODg5LWI4MDktNTczMDNhYTQ1Y2Ji
LzEvbElIcFJzX0k0WndXWjY4M1hSQ2g1QVF2RHJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOXPmolmu
iL4KvDkeAxY08d4kA4a1HDfz81Ivbrwo7bvlbRufMg6xJvfriH2Br7BMYUTHvEhb
xJ0IVLD1H+KPRy0Xh+txKn9glu5uE4ZWPoqTIGjDZixDYyMkZ5BYiV1Y71CaAD9Y
8rNvA8FkmiX6Ro/gUmCysrpXDca8Rgy7n2KYRR9BvAklW4ylJ/9wKjx20xwTFHRK
940CtMZu/I+Ndba+j+c2NUoGoNzAMnTKmejip35Ai3GjUbuwyuJqqe5keEzf8wTb
xsuUuHb1T6E3LJ4OQ/5HW3yueNxP91OG8Vs5KWlIY5KsK8/VI2endvA2HTHt6DNc
KwKoSHJnkLb7BQ==
-----END CERTIFICATE-----