Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/c8961f-d1d7-46ac-9f8d-33ebac095077/1/rlDsNS6NuwzfbgjFfHHKoRpEUAM.mft
File:                     rlDsNS6NuwzfbgjFfHHKoRpEUAM.mft (raw, json)
Hash identifier:          HNBK1PLPb/Bhk3i1astyvs/WflG1/6IcPMiT1mgYUwI=
Subject key identifier:   F7:2F:F5:B7:0B:A8:F4:D4:A8:8B:01:DC:57:2A:05:1A:71:81:24:D4
Authority key identifier: AE:50:EC:35:2E:8D:BB:0C:DF:6E:08:C5:7C:71:CA:A1:1A:44:50:03
Certificate issuer:       /CN=ae50ec352e8dbb0cdf6e08c57c71caa11a445003
Certificate serial:       019510C6ED40E75B77D96C659EA15E6E8C3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rlDsNS6NuwzfbgjFfHHKoRpEUAM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/c8961f-d1d7-46ac-9f8d-33ebac095077/1/rlDsNS6NuwzfbgjFfHHKoRpEUAM.mft
Manifest number:          1453
Signing time:             Sun 16 Feb 2025 22:00:27 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:27 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:27 +0000
Files and hashes:         1: rlDsNS6NuwzfbgjFfHHKoRpEUAM.crl (hash: T1T33mG58XDorOVHzDNyxZPhAmJlHvGt9tMaRdn7058=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/c8961f-d1d7-46ac-9f8d-33ebac095077/1/rlDsNS6NuwzfbgjFfHHKoRpEUAM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/c8961f-d1d7-46ac-9f8d-33ebac095077/1/rlDsNS6NuwzfbgjFfHHKoRpEUAM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rlDsNS6NuwzfbgjFfHHKoRpEUAM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c6:ed:40:e7:5b:77:d9:6c:65:9e:a1:5e:6e:8c:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae50ec352e8dbb0cdf6e08c57c71caa11a445003
        Validity
            Not Before: Feb 16 22:00:27 2025 GMT
            Not After : Feb 17 22:00:27 2025 GMT
        Subject: CN=f72ff5b70ba8f4d4a88b01dc572a051a718124d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:d4:4b:33:ea:b8:ad:b3:30:94:ea:55:9b:f8:
                    49:9c:3c:44:5f:6b:60:ed:94:70:e0:5a:88:ac:fd:
                    32:89:58:fb:9d:fd:41:7a:ad:84:ff:e4:e8:df:33:
                    bf:da:a2:c1:a0:fe:f5:3a:b0:73:2b:3b:e6:48:b4:
                    a4:8b:20:9a:d9:c0:c0:19:cc:a6:b1:c5:58:ed:b5:
                    76:06:8c:a7:dc:2c:df:13:07:42:8a:09:d1:ad:ba:
                    74:72:3d:d6:9a:f6:58:3d:50:5f:d9:8e:b0:a8:a2:
                    1f:2d:7d:7a:66:7b:fa:65:55:f6:9c:67:af:68:54:
                    ff:7d:be:eb:42:e9:25:6d:9b:fd:13:20:8e:28:5d:
                    d9:68:de:37:2e:b7:be:1f:b4:6a:3a:99:da:27:16:
                    65:d9:39:d0:a0:bf:a0:15:59:4c:9c:aa:73:13:e4:
                    fd:41:4b:f2:ac:e1:55:cd:36:9d:76:ee:27:2b:f1:
                    bd:ab:27:de:a2:32:85:fd:7c:e1:27:de:4a:38:7f:
                    1a:30:f0:00:df:79:0a:53:4b:fd:7b:09:4c:b0:58:
                    e1:b7:75:4b:82:cb:0a:76:a6:05:f6:c2:4d:42:54:
                    1d:7b:4c:31:87:2e:fb:25:91:d6:b3:29:3d:0e:39:
                    1d:74:33:a3:28:6a:ba:6b:f2:25:e2:df:d6:ef:df:
                    fa:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:2F:F5:B7:0B:A8:F4:D4:A8:8B:01:DC:57:2A:05:1A:71:81:24:D4
            X509v3 Authority Key Identifier:
                keyid:AE:50:EC:35:2E:8D:BB:0C:DF:6E:08:C5:7C:71:CA:A1:1A:44:50:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rlDsNS6NuwzfbgjFfHHKoRpEUAM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/c8961f-d1d7-46ac-9f8d-33ebac095077/1/rlDsNS6NuwzfbgjFfHHKoRpEUAM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/c8961f-d1d7-46ac-9f8d-33ebac095077/1/rlDsNS6NuwzfbgjFfHHKoRpEUAM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:9f:f4:5a:9e:fb:5f:3e:e5:29:00:fc:e7:2c:41:39:c5:2f:
         e5:1c:c5:c3:cd:62:32:76:2a:a4:e2:92:b2:a6:4f:bd:88:a3:
         f9:20:b2:c1:e9:02:6f:5f:6e:77:3b:04:2c:7e:78:18:c7:50:
         66:92:80:86:e7:a3:15:ad:ac:08:20:3b:08:2e:7b:56:fd:62:
         a7:d7:c0:13:74:bc:d4:66:16:fb:22:d3:a9:cc:02:79:a8:90:
         6e:aa:3f:2f:c8:ce:bb:b3:5f:06:4d:59:dc:93:56:40:3c:fe:
         24:ea:96:de:7d:a5:66:ac:d4:ab:a8:0c:84:09:0b:6c:1c:ce:
         31:12:d5:aa:9f:3e:04:3b:b8:81:7a:27:34:d4:b2:a6:af:1b:
         04:8d:71:43:8f:84:dc:90:71:68:e2:f4:b3:5e:e5:3a:24:8f:
         eb:38:e6:b9:0c:a5:6d:cd:00:ac:ae:3a:d1:3f:6f:7f:cd:3a:
         6e:bc:66:0c:af:c6:db:7a:29:a1:a8:36:58:95:73:cc:39:53:
         84:d0:6d:64:dc:41:7b:95:49:09:53:11:75:5d:f0:99:96:9c:
         88:e2:78:5f:44:3a:f8:d1:a8:b7:4d:77:20:58:23:7c:7e:ea:
         c2:6c:c2:01:9d:d8:17:4d:d0:79:74:60:b0:62:76:d1:dc:bd:
         0d:b5:46:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxu1A51t32WxlnqFebow8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNTBlYzM1MmU4ZGJiMGNkZjZlMDhjNTdjNzFjYWExMWE0
NDUwMDMwHhcNMjUwMjE2MjIwMDI3WhcNMjUwMjE3MjIwMDI3WjAzMTEwLwYDVQQD
EyhmNzJmZjViNzBiYThmNGQ0YTg4YjAxZGM1NzJhMDUxYTcxODEyNGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNRLM+q4rbMwlOpVm/hJnDxEX2tg
7ZRw4FqIrP0yiVj7nf1Beq2E/+To3zO/2qLBoP71OrBzKzvmSLSkiyCa2cDAGcym
scVY7bV2Boyn3CzfEwdCignRrbp0cj3WmvZYPVBf2Y6wqKIfLX16Znv6ZVX2nGev
aFT/fb7rQuklbZv9EyCOKF3ZaN43Lre+H7RqOpnaJxZl2TnQoL+gFVlMnKpzE+T9
QUvyrOFVzTaddu4nK/G9qyfeojKF/XzhJ95KOH8aMPAA33kKU0v9ewlMsFjht3VL
gssKdqYF9sJNQlQde0wxhy77JZHWsyk9DjkddDOjKGq6a/Il4t/W79/60QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPcv9bcLqPTUqIsB3FcqBRpxgSTUMB8GA1UdIwQY
MBaAFK5Q7DUujbsM324IxXxxyqEaRFADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmxEc05TNk51d3pmYmdqRmZISEtvUnBFVUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9jODk2MWYtZDFkNy00NmFjLTlmOGQt
MzNlYmFjMDk1MDc3LzEvcmxEc05TNk51d3pmYmdqRmZISEtvUnBFVUFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9jODk2MWYtZDFkNy00NmFjLTlmOGQtMzNlYmFjMDk1MDc3
LzEvcmxEc05TNk51d3pmYmdqRmZISEtvUnBFVUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYJ/0Wp77
Xz7lKQD85yxBOcUv5RzFw81iMnYqpOKSsqZPvYij+SCywekCb19udzsELH54GMdQ
ZpKAhuejFa2sCCA7CC57Vv1ip9fAE3S81GYW+yLTqcwCeaiQbqo/L8jOu7NfBk1Z
3JNWQDz+JOqW3n2lZqzUq6gMhAkLbBzOMRLVqp8+BDu4gXonNNSypq8bBI1xQ4+E
3JBxaOL0s17lOiSP6zjmuQylbc0ArK460T9vf806brxmDK/G23opoag2WJVzzDlT
hNBtZNxBe5VJCVMRdV3wmZaciOJ4X0Q6+NGot013IFgjfH7qwmzCAZ3YF03QeXRg
sGJ20dy9DbVG5w==
-----END CERTIFICATE-----