Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft
File:                     _tPwXKP9-ef5nGXMagpnJPWTGnA.mft (raw, json)
Hash identifier:          7vHfDUyqmgLHCDkYppbcNTe7vFXQtTsDMfqceIgDhl8=
Subject key identifier:   72:EC:9A:34:5E:19:C8:12:47:30:5F:3A:52:2D:37:F2:FD:99:55:4C
Authority key identifier: FE:D3:F0:5C:A3:FD:F9:E7:F9:9C:65:CC:6A:0A:67:24:F5:93:1A:70
Certificate issuer:       /CN=fed3f05ca3fdf9e7f99c65cc6a0a6724f5931a70
Certificate serial:       019510C6F04B839D82BB38695C7CA782F67C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_tPwXKP9-ef5nGXMagpnJPWTGnA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft
Manifest number:          1451
Signing time:             Sun 16 Feb 2025 22:00:27 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:27 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:27 +0000
Files and hashes:         1: _tPwXKP9-ef5nGXMagpnJPWTGnA.crl (hash: AwVQ9gxJajhwukMxG8+kXRQXxe71IwYKrOnXQm2whOg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_tPwXKP9-ef5nGXMagpnJPWTGnA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c6:f0:4b:83:9d:82:bb:38:69:5c:7c:a7:82:f6:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fed3f05ca3fdf9e7f99c65cc6a0a6724f5931a70
        Validity
            Not Before: Feb 16 22:00:27 2025 GMT
            Not After : Feb 17 22:00:27 2025 GMT
        Subject: CN=72ec9a345e19c81247305f3a522d37f2fd99554c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:81:fb:3f:e7:1c:72:78:e9:e3:59:74:e6:de:
                    46:55:87:bd:34:42:99:7d:cd:7d:4f:92:d9:5a:bb:
                    72:36:22:e1:e8:2e:41:da:4b:3c:e0:0b:dc:46:bf:
                    7f:91:27:ba:32:a3:19:04:5f:d2:bc:93:73:56:db:
                    32:6a:ce:5a:07:20:a9:d6:2c:e6:cb:19:89:7a:37:
                    08:b7:2e:75:94:e6:a4:2a:76:bb:ba:2c:0b:fc:51:
                    f7:8e:1f:7d:d3:b3:0b:a0:da:e7:ad:ad:fc:01:6e:
                    8e:11:69:66:f7:c3:6f:ac:fa:e2:92:a0:dd:2c:09:
                    89:a3:76:80:a5:5b:88:2b:ee:73:4c:4f:22:77:3a:
                    de:0a:63:7b:d9:32:36:5a:67:2c:14:66:4b:e5:22:
                    a1:9d:9a:d0:13:dd:00:cf:e5:85:29:20:3d:6c:76:
                    da:a9:66:8d:8e:7a:c4:26:d9:ae:d7:45:b1:e2:7a:
                    3b:ec:db:f3:53:ad:e4:76:b0:73:81:51:5f:ad:bf:
                    01:85:8a:d1:03:ce:16:af:6d:e0:39:a4:94:f6:16:
                    1e:06:02:c1:65:52:2c:6b:b8:ea:25:bb:cc:0e:f9:
                    a1:5b:37:c9:26:f2:ef:58:d9:a8:36:5e:15:90:a1:
                    ee:0e:55:39:25:48:57:17:2e:be:b9:a4:c1:1b:89:
                    64:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:EC:9A:34:5E:19:C8:12:47:30:5F:3A:52:2D:37:F2:FD:99:55:4C
            X509v3 Authority Key Identifier:
                keyid:FE:D3:F0:5C:A3:FD:F9:E7:F9:9C:65:CC:6A:0A:67:24:F5:93:1A:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_tPwXKP9-ef5nGXMagpnJPWTGnA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:c5:35:ae:49:06:73:6a:e7:f2:20:aa:d6:5c:40:e5:88:31:
         62:2d:70:67:1a:ed:37:80:76:cc:d4:1c:5b:18:51:7b:55:83:
         b2:7f:ec:97:eb:90:85:0b:e6:77:cb:18:1f:22:4f:f7:5a:3b:
         d4:f7:fd:0f:d4:a3:9b:2e:3e:06:e7:a2:8e:91:72:de:e3:41:
         ab:a3:af:06:85:6e:e7:97:4a:e1:a2:c1:4f:ae:f6:0c:e6:68:
         05:e0:b2:9e:6f:dc:e3:5e:92:04:08:47:5f:8b:6c:6c:9b:75:
         43:96:c5:ad:cf:c5:e1:cf:b7:10:e5:38:a5:c8:ef:39:dc:c1:
         d1:dd:9b:d7:88:46:7f:e3:a9:39:c0:77:2e:2b:06:59:42:09:
         08:e4:b6:47:4b:dd:d8:86:a6:35:17:a6:a9:b4:c1:af:ef:6b:
         64:19:a4:cb:c4:63:f8:87:20:9f:25:dd:9a:64:1e:d9:24:a8:
         c3:21:06:ad:5a:98:ba:13:2a:51:37:de:e9:6a:c4:d3:74:19:
         0e:a7:73:fc:59:f6:0c:e3:73:6d:66:2e:75:d8:a1:4f:c2:e6:
         5e:e7:9b:ba:bb:02:a8:1e:a2:dc:9c:59:d9:9a:71:51:26:ae:
         bf:de:64:b7:27:aa:db:87:e1:32:33:dd:43:27:5b:26:11:c5:
         2d:af:2b:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxvBLg52CuzhpXHyngvZ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZDNmMDVjYTNmZGY5ZTdmOTljNjVjYzZhMGE2NzI0ZjU5
MzFhNzAwHhcNMjUwMjE2MjIwMDI3WhcNMjUwMjE3MjIwMDI3WjAzMTEwLwYDVQQD
Eyg3MmVjOWEzNDVlMTljODEyNDczMDVmM2E1MjJkMzdmMmZkOTk1NTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIH7P+cccnjp41l05t5GVYe9NEKZ
fc19T5LZWrtyNiLh6C5B2ks84AvcRr9/kSe6MqMZBF/SvJNzVtsyas5aByCp1izm
yxmJejcIty51lOakKna7uiwL/FH3jh9907MLoNrnra38AW6OEWlm98NvrPrikqDd
LAmJo3aApVuIK+5zTE8idzreCmN72TI2WmcsFGZL5SKhnZrQE90Az+WFKSA9bHba
qWaNjnrEJtmu10Wx4no77NvzU63kdrBzgVFfrb8BhYrRA84Wr23gOaSU9hYeBgLB
ZVIsa7jqJbvMDvmhWzfJJvLvWNmoNl4VkKHuDlU5JUhXFy6+uaTBG4lknQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHLsmjReGcgSRzBfOlItN/L9mVVMMB8GA1UdIwQY
MBaAFP7T8Fyj/fnn+ZxlzGoKZyT1kxpwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3RQd1hLUDktZWY1bkdYTWFncG5KUFdUR25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9jOTU2MzktNzIyYS00MDIxLWJlZWIt
YWM1ZWU2MjViYWJjLzEvX3RQd1hLUDktZWY1bkdYTWFncG5KUFdUR25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9jOTU2MzktNzIyYS00MDIxLWJlZWItYWM1ZWU2MjViYWJj
LzEvX3RQd1hLUDktZWY1bkdYTWFncG5KUFdUR25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPsU1rkkG
c2rn8iCq1lxA5YgxYi1wZxrtN4B2zNQcWxhRe1WDsn/sl+uQhQvmd8sYHyJP91o7
1Pf9D9Sjmy4+BueijpFy3uNBq6OvBoVu55dK4aLBT672DOZoBeCynm/c416SBAhH
X4tsbJt1Q5bFrc/F4c+3EOU4pcjvOdzB0d2b14hGf+OpOcB3LisGWUIJCOS2R0vd
2IamNRemqbTBr+9rZBmky8Rj+IcgnyXdmmQe2SSowyEGrVqYuhMqUTfe6WrE03QZ
Dqdz/Fn2DONzbWYuddihT8LmXuebursCqB6i3JxZ2ZpxUSauv95ktyeq24fhMjPd
QydbJhHFLa8rzA==
-----END CERTIFICATE-----