Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft
File:                     hJxbptQKtOTjm3tpttLZhEqiSK8.mft (raw, json)
Hash identifier:          MyU4DVJwogV33+sceXyuy4kI0A8wtF/ketNK0Ps1BKg=
Subject key identifier:   DA:FC:7F:36:8F:CD:F8:B3:F8:9A:F3:06:F2:55:E5:DF:51:37:B0:E7
Authority key identifier: 84:9C:5B:A6:D4:0A:B4:E4:E3:9B:7B:69:B6:D2:D9:84:4A:A2:48:AF
Certificate issuer:       /CN=849c5ba6d40ab4e4e39b7b69b6d2d9844aa248af
Certificate serial:       01951210D02896AE85FF479AF4734D1856A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hJxbptQKtOTjm3tpttLZhEqiSK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft
Manifest number:          0B36
Signing time:             Mon 17 Feb 2025 04:00:46 +0000
Manifest this update:     Mon 17 Feb 2025 04:00:46 +0000
Manifest next update:     Tue 18 Feb 2025 04:00:46 +0000
Files and hashes:         1: hJxbptQKtOTjm3tpttLZhEqiSK8.crl (hash: lZuBQHLyZg02A/hWFcexncDk9lMhFGR3mKomCRLH3fs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hJxbptQKtOTjm3tpttLZhEqiSK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:12:10:d0:28:96:ae:85:ff:47:9a:f4:73:4d:18:56:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=849c5ba6d40ab4e4e39b7b69b6d2d9844aa248af
        Validity
            Not Before: Feb 17 04:00:46 2025 GMT
            Not After : Feb 18 04:00:46 2025 GMT
        Subject: CN=dafc7f368fcdf8b3f89af306f255e5df5137b0e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:b7:8f:70:59:0c:48:bb:e7:1e:ce:c4:3a:1d:
                    cb:27:56:04:ba:8c:eb:25:fb:34:98:c6:c2:b0:7e:
                    e8:c9:14:58:87:2d:b5:a1:91:0e:93:62:20:00:e3:
                    ec:bb:5c:a2:78:4b:e9:8f:9f:4f:95:18:f8:34:39:
                    de:09:6c:b6:02:c1:c6:12:31:eb:cf:0b:1a:40:25:
                    85:3d:1c:2f:7c:76:ff:b1:8a:a3:ff:77:c0:bf:7d:
                    44:a8:a9:29:65:3b:9f:82:61:11:ce:50:00:d7:8a:
                    85:4c:74:98:f1:2f:60:2d:cd:ec:bf:c3:1e:04:2d:
                    c7:c5:0a:67:66:3d:77:13:26:2d:6e:55:1f:96:fe:
                    da:d0:4f:fa:15:80:4c:94:b3:7c:70:59:a0:c6:16:
                    04:00:04:d3:dc:67:b6:c4:45:1a:78:d5:be:f9:a7:
                    53:6a:35:3e:b8:78:0e:97:49:8a:f6:20:8c:c9:2a:
                    0f:71:12:b4:22:31:29:9c:2a:ca:1f:28:05:7c:b0:
                    66:86:d4:58:56:da:7f:96:97:7d:13:bd:c4:af:2f:
                    d7:67:53:46:e8:20:d2:3f:43:00:02:8b:43:66:ab:
                    9c:ef:49:c6:a6:e5:ab:49:43:ca:e9:1b:e3:35:2f:
                    12:74:9f:a7:d3:7d:f8:2a:16:fe:7e:e0:af:33:49:
                    32:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:FC:7F:36:8F:CD:F8:B3:F8:9A:F3:06:F2:55:E5:DF:51:37:B0:E7
            X509v3 Authority Key Identifier:
                keyid:84:9C:5B:A6:D4:0A:B4:E4:E3:9B:7B:69:B6:D2:D9:84:4A:A2:48:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hJxbptQKtOTjm3tpttLZhEqiSK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:45:fa:7a:54:0a:b3:57:b7:a8:1b:7a:bd:6a:c6:31:25:5e:
         88:16:0e:20:c2:d0:7f:1c:c0:d5:8c:6a:fc:c9:4c:6c:65:c6:
         af:14:4d:86:86:97:a3:80:41:e8:c2:37:c5:4c:25:bc:e9:60:
         70:60:0c:22:22:ad:1e:49:d1:72:66:37:82:03:8b:66:0d:bc:
         d5:1d:db:a5:66:4c:77:c2:ce:72:27:76:65:c1:5a:3f:e8:a4:
         54:38:14:f7:77:52:21:4e:05:7c:ae:3d:9d:6c:c9:76:a0:d9:
         9a:d1:d5:51:82:01:6d:69:f0:76:56:b0:6e:be:b8:1e:c6:98:
         fa:1e:5a:69:b0:bc:40:1e:63:93:85:2e:57:a3:d1:2d:a6:37:
         5d:e6:fc:71:db:cd:64:95:be:a7:77:9d:12:63:71:b1:e6:6a:
         b3:2b:b2:08:ba:7a:4d:6c:c3:32:f2:ed:0b:70:49:17:f6:0d:
         e0:8b:a8:12:1b:fc:c8:09:1d:e0:ff:93:3d:a2:fe:fd:8e:10:
         13:cc:17:ad:20:02:2e:7a:45:d4:49:3c:59:6e:75:b3:4f:1a:
         70:7e:3b:24:f4:3a:f5:e7:6a:ff:f7:07:ab:41:25:47:7e:f1:
         19:da:b5:eb:b6:d8:4b:61:1a:9a:0f:2d:fc:1e:a6:00:fa:10:
         a3:8d:96:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSENAolq6F/0ea9HNNGFaoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0OWM1YmE2ZDQwYWI0ZTRlMzliN2I2OWI2ZDJkOTg0NGFh
MjQ4YWYwHhcNMjUwMjE3MDQwMDQ2WhcNMjUwMjE4MDQwMDQ2WjAzMTEwLwYDVQQD
EyhkYWZjN2YzNjhmY2RmOGIzZjg5YWYzMDZmMjU1ZTVkZjUxMzdiMGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurePcFkMSLvnHs7EOh3LJ1YEuozr
Jfs0mMbCsH7oyRRYhy21oZEOk2IgAOPsu1yieEvpj59PlRj4NDneCWy2AsHGEjHr
zwsaQCWFPRwvfHb/sYqj/3fAv31EqKkpZTufgmERzlAA14qFTHSY8S9gLc3sv8Me
BC3HxQpnZj13EyYtblUflv7a0E/6FYBMlLN8cFmgxhYEAATT3Ge2xEUaeNW++adT
ajU+uHgOl0mK9iCMySoPcRK0IjEpnCrKHygFfLBmhtRYVtp/lpd9E73Ery/XZ1NG
6CDSP0MAAotDZquc70nGpuWrSUPK6RvjNS8SdJ+n0334Khb+fuCvM0kypQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNr8fzaPzfiz+JrzBvJV5d9RN7DnMB8GA1UdIwQY
MBaAFIScW6bUCrTk45t7abbS2YRKokivMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEp4YnB0UUt0T1RqbTN0cHR0TFpoRXFpU0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8zN2M1MTQtODIxMy00MzhjLWExNjQt
ZDk4NDg3YmRlZTQ4LzEvaEp4YnB0UUt0T1RqbTN0cHR0TFpoRXFpU0s4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8zN2M1MTQtODIxMy00MzhjLWExNjQtZDk4NDg3YmRlZTQ4
LzEvaEp4YnB0UUt0T1RqbTN0cHR0TFpoRXFpU0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiEX6elQK
s1e3qBt6vWrGMSVeiBYOIMLQfxzA1Yxq/MlMbGXGrxRNhoaXo4BB6MI3xUwlvOlg
cGAMIiKtHknRcmY3ggOLZg281R3bpWZMd8LOcid2ZcFaP+ikVDgU93dSIU4FfK49
nWzJdqDZmtHVUYIBbWnwdlawbr64HsaY+h5aabC8QB5jk4UuV6PRLaY3Xeb8cdvN
ZJW+p3edEmNxseZqsyuyCLp6TWzDMvLtC3BJF/YN4IuoEhv8yAkd4P+TPaL+/Y4Q
E8wXrSACLnpF1Ek8WW51s08acH47JPQ69edq//cHq0ElR37xGdq167bYS2Eamg8t
/B6mAPoQo42WDg==
-----END CERTIFICATE-----