Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
File:                     Mnib05LhxcabdCDMA2gDrxJYzvk.mft (raw, json)
Hash identifier:          A5qRnopSvdKtcABiCam1HXzFqBR/n9/5uVEENkKnqlU=
Subject key identifier:   61:20:BE:32:F4:75:E4:C2:3C:90:91:27:ED:46:0D:30:FA:E9:7E:4F
Authority key identifier: 32:78:9B:D3:92:E1:C5:C6:9B:74:20:CC:03:68:03:AF:12:58:CE:F9
Certificate issuer:       /CN=32789bd392e1c5c69b7420cc036803af1258cef9
Certificate serial:       019511350AE86DB987428EB50EFC925238C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
Manifest number:          05A8
Signing time:             Mon 17 Feb 2025 00:00:43 +0000
Manifest this update:     Mon 17 Feb 2025 00:00:43 +0000
Manifest next update:     Tue 18 Feb 2025 00:00:43 +0000
Files and hashes:         1: Mnib05LhxcabdCDMA2gDrxJYzvk.crl (hash: SIUr12sBFm4sU5h/42g9hwKezn0zWmvh6GLTQg7kxqc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:35:0a:e8:6d:b9:87:42:8e:b5:0e:fc:92:52:38:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32789bd392e1c5c69b7420cc036803af1258cef9
        Validity
            Not Before: Feb 17 00:00:43 2025 GMT
            Not After : Feb 18 00:00:43 2025 GMT
        Subject: CN=6120be32f475e4c23c909127ed460d30fae97e4f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:b5:35:f9:07:6c:0f:46:9a:f8:da:94:e1:f9:
                    5b:5b:cd:24:f0:11:23:01:e8:7c:18:8b:bd:74:6b:
                    c7:26:5c:9b:75:dd:a2:f4:de:44:f1:13:e1:e6:86:
                    62:80:9d:66:ae:9e:e0:d6:a5:40:9a:1b:7f:60:4a:
                    bb:34:a5:76:6f:fd:53:29:1d:e0:b0:fb:19:25:41:
                    ed:b4:c4:a2:5b:fc:39:01:4e:41:3f:e5:98:45:8d:
                    c4:b4:a2:27:09:47:9b:b7:76:47:4f:f1:52:8d:c7:
                    69:da:b2:a6:a7:58:47:bb:ca:1e:51:66:74:79:fd:
                    2d:78:4a:6e:88:a5:f8:66:4c:c0:05:38:fb:9f:db:
                    43:82:d9:e8:3b:6b:ac:f2:53:44:3d:21:1b:bc:04:
                    14:10:6e:4c:d9:77:e9:48:7c:1d:30:13:ff:8b:e6:
                    ff:33:c8:93:83:44:73:39:cb:25:bd:c2:ee:3a:25:
                    ea:cf:77:e1:29:a8:61:71:65:88:81:08:b6:23:d1:
                    b8:94:4e:a8:8b:96:b2:31:8b:e6:64:73:7d:10:5a:
                    74:9d:37:c4:1d:30:0d:21:0b:95:e1:a9:8d:e4:34:
                    b6:6d:e2:11:22:e9:b7:3d:c7:12:37:ad:4c:2b:db:
                    bf:2e:04:8d:19:2a:4e:0d:69:54:fe:30:21:e1:ab:
                    be:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:20:BE:32:F4:75:E4:C2:3C:90:91:27:ED:46:0D:30:FA:E9:7E:4F
            X509v3 Authority Key Identifier:
                keyid:32:78:9B:D3:92:E1:C5:C6:9B:74:20:CC:03:68:03:AF:12:58:CE:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:93:58:b4:26:f2:30:0d:83:3d:e2:43:2e:35:dc:1f:73:ec:
         db:fd:dc:7e:ed:3b:39:37:5d:5b:85:57:2e:79:9f:62:ff:67:
         0e:e7:a4:6d:ff:6b:e8:73:2d:ed:10:31:31:45:8e:7b:0d:93:
         ba:23:2a:7d:14:6b:e8:bd:cb:d5:96:52:ed:b0:14:f2:33:2a:
         43:32:d0:92:67:b4:3c:a7:88:c4:81:3e:86:18:ff:ee:19:62:
         ca:c9:80:f2:b2:5d:c8:74:fe:b5:12:d6:72:07:5a:83:d5:43:
         1f:fc:09:d0:18:5e:56:0d:74:78:db:e8:15:dd:5a:37:aa:39:
         89:1c:8a:dd:11:7e:08:01:00:ba:7c:64:fd:3c:c0:80:a4:68:
         67:88:53:e3:7f:08:c2:fa:83:5e:8b:0b:f0:93:69:1c:d6:9d:
         47:ba:d5:5b:e7:f3:00:e9:80:8a:53:c3:14:2b:db:ce:7d:76:
         59:bb:63:e4:b1:9d:ee:a4:47:8f:1f:d9:ca:fa:9e:0f:12:74:
         b0:ad:ae:0a:b9:26:06:71:7a:80:b6:6c:2d:b8:cc:7f:35:d8:
         3d:a7:92:59:7c:c5:20:46:38:e3:ee:07:aa:6d:e2:6a:d7:0f:
         83:e2:8f:04:e8:60:5f:f7:d3:b4:f7:b0:7e:1f:e9:c2:c1:d0:
         9c:9a:c3:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURNQrobbmHQo61DvySUjjGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNzg5YmQzOTJlMWM1YzY5Yjc0MjBjYzAzNjgwM2FmMTI1
OGNlZjkwHhcNMjUwMjE3MDAwMDQzWhcNMjUwMjE4MDAwMDQzWjAzMTEwLwYDVQQD
Eyg2MTIwYmUzMmY0NzVlNGMyM2M5MDkxMjdlZDQ2MGQzMGZhZTk3ZTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbU1+QdsD0aa+NqU4flbW80k8BEj
Aeh8GIu9dGvHJlybdd2i9N5E8RPh5oZigJ1mrp7g1qVAmht/YEq7NKV2b/1TKR3g
sPsZJUHttMSiW/w5AU5BP+WYRY3EtKInCUebt3ZHT/FSjcdp2rKmp1hHu8oeUWZ0
ef0teEpuiKX4ZkzABTj7n9tDgtnoO2us8lNEPSEbvAQUEG5M2XfpSHwdMBP/i+b/
M8iTg0RzOcslvcLuOiXqz3fhKahhcWWIgQi2I9G4lE6oi5ayMYvmZHN9EFp0nTfE
HTANIQuV4amN5DS2beIRIum3PccSN61MK9u/LgSNGSpODWlU/jAh4au+yQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGEgvjL0deTCPJCRJ+1GDTD66X5PMB8GA1UdIwQY
MBaAFDJ4m9OS4cXGm3QgzANoA68SWM75MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xYzE3ZDYtM2ZkNC00YmExLWJlNGMt
Mzg2NmQ0NDEyODkzLzEvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xYzE3ZDYtM2ZkNC00YmExLWJlNGMtMzg2NmQ0NDEyODkz
LzEvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABJNYtCby
MA2DPeJDLjXcH3Ps2/3cfu07OTddW4VXLnmfYv9nDuekbf9r6HMt7RAxMUWOew2T
uiMqfRRr6L3L1ZZS7bAU8jMqQzLQkme0PKeIxIE+hhj/7hliysmA8rJdyHT+tRLW
cgdag9VDH/wJ0BheVg10eNvoFd1aN6o5iRyK3RF+CAEAunxk/TzAgKRoZ4hT438I
wvqDXosL8JNpHNadR7rVW+fzAOmAilPDFCvbzn12Wbtj5LGd7qRHjx/ZyvqeDxJ0
sK2uCrkmBnF6gLZsLbjMfzXYPaeSWXzFIEY44+4Hqm3iatcPg+KPBOhgX/fTtPew
fh/pwsHQnJrDkg==
-----END CERTIFICATE-----