Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/6a6b55-ca02-458d-8b5d-74d77302b184/1/IdhdIxrVS4Q5wqrtkaV3WGrEYAA.mft
File:                     IdhdIxrVS4Q5wqrtkaV3WGrEYAA.mft (raw, json)
Hash identifier:          hRmoUzwbKFQDMZP+4z7kMR52KYIRh2eePhQlUOYpSMo=
Subject key identifier:   1B:DE:1C:D8:27:C2:DB:AD:9D:D5:18:66:05:3A:D3:52:4E:51:F0:3B
Authority key identifier: 21:D8:5D:23:1A:D5:4B:84:39:C2:AA:ED:91:A5:77:58:6A:C4:60:00
Certificate issuer:       /CN=21d85d231ad54b8439c2aaed91a577586ac46000
Certificate serial:       019512106195C10779C4B309FB0316ADDEB5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IdhdIxrVS4Q5wqrtkaV3WGrEYAA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/6a6b55-ca02-458d-8b5d-74d77302b184/1/IdhdIxrVS4Q5wqrtkaV3WGrEYAA.mft
Manifest number:          0F58
Signing time:             Mon 17 Feb 2025 04:00:18 +0000
Manifest this update:     Mon 17 Feb 2025 04:00:18 +0000
Manifest next update:     Tue 18 Feb 2025 04:00:18 +0000
Files and hashes:         1: IdhdIxrVS4Q5wqrtkaV3WGrEYAA.crl (hash: dJSl7iZuekBAl0z3DA5Kvgt52XC4lJ6LWUEKLSJlmgY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/6a6b55-ca02-458d-8b5d-74d77302b184/1/IdhdIxrVS4Q5wqrtkaV3WGrEYAA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/6a6b55-ca02-458d-8b5d-74d77302b184/1/IdhdIxrVS4Q5wqrtkaV3WGrEYAA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IdhdIxrVS4Q5wqrtkaV3WGrEYAA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:12:10:61:95:c1:07:79:c4:b3:09:fb:03:16:ad:de:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21d85d231ad54b8439c2aaed91a577586ac46000
        Validity
            Not Before: Feb 17 04:00:18 2025 GMT
            Not After : Feb 18 04:00:18 2025 GMT
        Subject: CN=1bde1cd827c2dbad9dd51866053ad3524e51f03b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:74:44:e4:eb:7b:28:c2:a9:7c:27:7c:b9:df:
                    e3:27:0e:28:67:8d:f4:b3:ce:9f:3c:04:1a:ee:43:
                    bb:83:39:ff:78:eb:9c:7e:05:8f:75:2f:a5:32:43:
                    0e:a5:5d:18:b3:b3:75:3b:0f:d3:83:4b:d3:83:a9:
                    70:6a:e2:3f:20:a0:c9:ab:89:5f:53:12:01:14:d8:
                    c2:5b:a7:ef:28:96:fe:d8:1f:7a:9f:6a:2c:e3:0a:
                    d7:2e:ea:84:de:e1:99:d0:29:02:3e:8b:e0:56:3e:
                    3f:c9:35:86:77:80:5e:5a:70:a3:99:7d:36:19:da:
                    c2:e0:ae:df:22:d4:be:4e:36:15:7d:5b:44:74:5d:
                    21:58:ab:fd:e5:f1:37:25:c6:5d:2d:af:ac:bf:c9:
                    d8:7e:29:93:57:7f:b8:d7:b5:32:c3:a2:60:27:43:
                    fd:3f:8f:2b:b9:cd:48:98:34:e2:5b:e9:4e:c9:ee:
                    e0:c8:4e:2a:96:29:b2:78:9b:b6:c9:8c:92:4c:df:
                    c8:f1:8c:ff:41:fd:81:e2:82:df:9b:70:bd:87:41:
                    61:cc:4c:f1:c9:75:8e:74:4a:36:ca:a3:a2:79:2f:
                    c5:fc:48:e4:7a:61:d8:b0:d5:be:73:70:5e:0e:42:
                    d1:e7:9d:b3:7e:83:4b:9d:b7:c4:99:39:ff:0b:bf:
                    b1:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:DE:1C:D8:27:C2:DB:AD:9D:D5:18:66:05:3A:D3:52:4E:51:F0:3B
            X509v3 Authority Key Identifier:
                keyid:21:D8:5D:23:1A:D5:4B:84:39:C2:AA:ED:91:A5:77:58:6A:C4:60:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IdhdIxrVS4Q5wqrtkaV3WGrEYAA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/6a6b55-ca02-458d-8b5d-74d77302b184/1/IdhdIxrVS4Q5wqrtkaV3WGrEYAA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/6a6b55-ca02-458d-8b5d-74d77302b184/1/IdhdIxrVS4Q5wqrtkaV3WGrEYAA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:e9:ff:0b:d4:db:25:d0:7f:02:53:0f:41:31:a1:5a:82:68:
         c1:87:48:42:94:02:71:f6:41:e2:c1:42:1e:95:9b:04:a7:73:
         f9:f7:03:e2:53:e1:8c:10:4c:17:68:d4:d4:f4:6f:28:d5:1e:
         5c:1f:9c:d0:02:5a:65:d4:d6:b0:53:31:fb:ad:51:b9:21:7a:
         89:65:0f:57:71:55:16:29:c6:6d:dd:c8:f5:48:20:6d:7f:7a:
         0c:87:33:34:33:fb:22:d5:bb:61:7a:64:50:e9:91:d1:91:69:
         5e:a8:d6:8a:e5:f3:0f:83:09:39:5a:78:99:13:2b:cd:dd:90:
         75:e6:6e:d6:61:da:c0:a7:59:eb:c2:5e:cc:e4:0c:81:48:a2:
         4f:35:fd:52:e5:35:69:c7:72:f5:f5:8f:9d:06:21:f9:29:69:
         5b:c7:92:41:b4:f9:c5:ba:61:40:61:d8:de:9a:27:6f:cc:92:
         42:38:a1:cd:61:59:8c:38:06:21:c5:6c:eb:15:b4:e6:09:d4:
         96:eb:14:d7:b5:f4:10:f0:05:89:1b:97:95:98:db:3a:b6:c6:
         5b:29:2f:08:d6:9a:4c:33:07:3f:2d:66:cd:31:1c:5e:65:9f:
         8c:4f:8a:f0:67:ad:75:2c:50:7a:47:c8:8e:96:67:06:a0:ff:
         1e:31:96:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSEGGVwQd5xLMJ+wMWrd61MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxZDg1ZDIzMWFkNTRiODQzOWMyYWFlZDkxYTU3NzU4NmFj
NDYwMDAwHhcNMjUwMjE3MDQwMDE4WhcNMjUwMjE4MDQwMDE4WjAzMTEwLwYDVQQD
EygxYmRlMWNkODI3YzJkYmFkOWRkNTE4NjYwNTNhZDM1MjRlNTFmMDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXRE5Ot7KMKpfCd8ud/jJw4oZ430
s86fPAQa7kO7gzn/eOucfgWPdS+lMkMOpV0Ys7N1Ow/Tg0vTg6lwauI/IKDJq4lf
UxIBFNjCW6fvKJb+2B96n2os4wrXLuqE3uGZ0CkCPovgVj4/yTWGd4BeWnCjmX02
GdrC4K7fItS+TjYVfVtEdF0hWKv95fE3JcZdLa+sv8nYfimTV3+417Uyw6JgJ0P9
P48ruc1ImDTiW+lOye7gyE4qlimyeJu2yYySTN/I8Yz/Qf2B4oLfm3C9h0FhzEzx
yXWOdEo2yqOieS/F/EjkemHYsNW+c3BeDkLR552zfoNLnbfEmTn/C7+xoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBveHNgnwtutndUYZgU601JOUfA7MB8GA1UdIwQY
MBaAFCHYXSMa1UuEOcKq7ZGld1hqxGAAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWRoZEl4clZTNFE1d3FydGthVjNXR3JFWUFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS82YTZiNTUtY2EwMi00NThkLThiNWQt
NzRkNzczMDJiMTg0LzEvSWRoZEl4clZTNFE1d3FydGthVjNXR3JFWUFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS82YTZiNTUtY2EwMi00NThkLThiNWQtNzRkNzczMDJiMTg0
LzEvSWRoZEl4clZTNFE1d3FydGthVjNXR3JFWUFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmOn/C9Tb
JdB/AlMPQTGhWoJowYdIQpQCcfZB4sFCHpWbBKdz+fcD4lPhjBBMF2jU1PRvKNUe
XB+c0AJaZdTWsFMx+61RuSF6iWUPV3FVFinGbd3I9UggbX96DIczNDP7ItW7YXpk
UOmR0ZFpXqjWiuXzD4MJOVp4mRMrzd2QdeZu1mHawKdZ68JezOQMgUiiTzX9UuU1
acdy9fWPnQYh+SlpW8eSQbT5xbphQGHY3ponb8ySQjihzWFZjDgGIcVs6xW05gnU
lusU17X0EPAFiRuXlZjbOrbGWykvCNaaTDMHPy1mzTEcXmWfjE+K8GetdSxQekfI
jpZnBqD/HjGW7A==
-----END CERTIFICATE-----