Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.mft
File:                     MAhC2wg32vMRozS3IjGOcLWIsAk.mft (raw, json)
Hash identifier:          kodo5keL4Hw0eDpKBInO5ig6RFdOxnP7unVF94R3kVw=
Subject key identifier:   69:4A:79:1C:76:3C:8C:E6:56:A7:72:2B:CF:88:34:2D:01:2B:19:CA
Authority key identifier: 30:08:42:DB:08:37:DA:F3:11:A3:34:B7:22:31:8E:70:B5:88:B0:09
Certificate issuer:       /CN=300842db0837daf311a334b722318e70b588b009
Certificate serial:       0194C3885ADD3C605083CB2AECBBF8D55EAB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MAhC2wg32vMRozS3IjGOcLWIsAk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.mft
Manifest number:          142B
Signing time:             Sat 01 Feb 2025 22:01:20 +0000
Manifest this update:     Sat 01 Feb 2025 22:01:20 +0000
Manifest next update:     Sun 02 Feb 2025 22:01:20 +0000
Files and hashes:         1: MAhC2wg32vMRozS3IjGOcLWIsAk.crl (hash: XqLIqa2A2y96jqG0XoK0MzBp5WSVoHsgScnLctrxlWk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MAhC2wg32vMRozS3IjGOcLWIsAk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:88:5a:dd:3c:60:50:83:cb:2a:ec:bb:f8:d5:5e:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=300842db0837daf311a334b722318e70b588b009
        Validity
            Not Before: Feb  1 22:01:20 2025 GMT
            Not After : Feb  2 22:01:20 2025 GMT
        Subject: CN=694a791c763c8ce656a7722bcf88342d012b19ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:74:fe:0c:83:84:54:7f:85:71:92:87:3a:02:
                    8a:bb:ec:92:7a:db:5e:1c:5b:de:d0:ff:41:41:68:
                    01:6d:aa:f6:6b:92:d1:42:6a:48:71:97:e9:56:77:
                    74:e0:2e:97:ad:26:de:87:03:e8:6a:22:f2:08:9a:
                    3c:c9:de:26:c7:fb:3a:df:9b:ff:fa:db:da:81:9e:
                    8f:85:06:49:c8:d4:74:16:d8:d2:de:77:76:54:b2:
                    d7:c4:5a:5a:5f:dd:d4:c0:62:73:b2:42:fa:64:d8:
                    dd:f2:87:ee:be:12:1f:2f:7a:d0:8b:5e:a9:e3:d7:
                    56:f4:5e:17:f8:45:c8:3a:32:1d:e5:2f:b3:0a:5d:
                    68:5e:ec:c2:30:bc:6c:73:93:5b:86:de:04:30:ee:
                    60:a0:c6:ea:fc:f4:86:23:0e:5c:66:7d:92:9a:73:
                    0a:8e:fd:24:23:85:a0:65:ad:80:9c:2b:d0:96:72:
                    02:82:c4:db:1b:a5:b9:74:ee:dd:6f:5a:54:a5:88:
                    58:9e:a6:eb:ae:83:de:0a:7f:4e:fa:4f:28:7e:f6:
                    c0:4e:7f:e3:8b:87:7e:d2:d8:80:72:f6:4a:e6:3a:
                    84:e7:7e:c6:59:39:5d:40:ed:67:5a:4c:66:16:c3:
                    29:c5:03:ac:0d:d5:4a:5b:25:04:72:f8:a3:6d:b1:
                    00:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:4A:79:1C:76:3C:8C:E6:56:A7:72:2B:CF:88:34:2D:01:2B:19:CA
            X509v3 Authority Key Identifier:
                keyid:30:08:42:DB:08:37:DA:F3:11:A3:34:B7:22:31:8E:70:B5:88:B0:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MAhC2wg32vMRozS3IjGOcLWIsAk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:cb:4a:58:af:6d:0d:05:70:70:2c:1f:af:1c:89:25:83:df:
         bf:08:26:af:ce:88:34:cb:db:18:a9:f7:00:e3:99:94:c8:88:
         69:31:fe:c2:c4:c1:7d:0f:00:0a:a7:46:4d:89:38:8f:0f:36:
         85:8e:a0:ae:f0:ca:85:8a:fd:9e:5f:59:84:b9:dc:7c:6a:87:
         47:55:e0:4a:8a:e4:d8:b7:48:87:35:7c:37:3c:46:af:99:1a:
         d0:57:59:7b:33:89:d4:24:d1:dc:f4:99:51:b8:f1:66:72:d7:
         c4:71:5b:d9:22:1e:02:b7:d1:5a:70:85:9f:0f:ff:30:dc:d0:
         b1:99:e1:8f:85:0b:69:6a:67:47:40:be:5c:68:7c:4e:69:3f:
         6f:ce:ce:9f:94:0f:1e:42:f4:05:4a:4f:ec:19:52:00:ac:33:
         2d:56:2c:10:d3:16:40:a2:fc:9f:90:ca:36:69:13:5b:27:3d:
         79:58:73:d9:d8:15:cd:65:fb:69:4f:c8:99:90:ae:88:6b:fe:
         b0:7e:3f:8d:e7:44:3d:b0:56:b1:8b:fb:6b:1e:01:7f:a8:1c:
         b1:23:3c:9a:f0:e5:d2:48:3c:b5:90:bd:d2:07:2f:09:08:b4:
         e8:b3:c0:25:57:f0:0d:10:49:00:be:03:74:fd:ba:49:90:8c:
         59:96:37:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDiFrdPGBQg8sq7Lv41V6rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMDg0MmRiMDgzN2RhZjMxMWEzMzRiNzIyMzE4ZTcwYjU4
OGIwMDkwHhcNMjUwMjAxMjIwMTIwWhcNMjUwMjAyMjIwMTIwWjAzMTEwLwYDVQQD
Eyg2OTRhNzkxYzc2M2M4Y2U2NTZhNzcyMmJjZjg4MzQyZDAxMmIxOWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXT+DIOEVH+FcZKHOgKKu+ySette
HFve0P9BQWgBbar2a5LRQmpIcZfpVnd04C6XrSbehwPoaiLyCJo8yd4mx/s635v/
+tvagZ6PhQZJyNR0FtjS3nd2VLLXxFpaX93UwGJzskL6ZNjd8ofuvhIfL3rQi16p
49dW9F4X+EXIOjId5S+zCl1oXuzCMLxsc5Nbht4EMO5goMbq/PSGIw5cZn2SmnMK
jv0kI4WgZa2AnCvQlnICgsTbG6W5dO7db1pUpYhYnqbrroPeCn9O+k8ofvbATn/j
i4d+0tiAcvZK5jqE537GWTldQO1nWkxmFsMpxQOsDdVKWyUEcvijbbEAqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGlKeRx2PIzmVqdyK8+INC0BKxnKMB8GA1UdIwQY
MBaAFDAIQtsIN9rzEaM0tyIxjnC1iLAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUFoQzJ3ZzMydk1Sb3pTM0lqR09jTFdJc0FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84ZDY0ZDEtNDk0MC00MGU3LTg5NWMt
NTMxMmExMzNiOTRlLzEvTUFoQzJ3ZzMydk1Sb3pTM0lqR09jTFdJc0FrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84ZDY0ZDEtNDk0MC00MGU3LTg5NWMtNTMxMmExMzNiOTRl
LzEvTUFoQzJ3ZzMydk1Sb3pTM0lqR09jTFdJc0FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOstKWK9t
DQVwcCwfrxyJJYPfvwgmr86INMvbGKn3AOOZlMiIaTH+wsTBfQ8ACqdGTYk4jw82
hY6grvDKhYr9nl9ZhLncfGqHR1XgSork2LdIhzV8NzxGr5ka0FdZezOJ1CTR3PSZ
UbjxZnLXxHFb2SIeArfRWnCFnw//MNzQsZnhj4ULaWpnR0C+XGh8Tmk/b87On5QP
HkL0BUpP7BlSAKwzLVYsENMWQKL8n5DKNmkTWyc9eVhz2dgVzWX7aU/ImZCuiGv+
sH4/jedEPbBWsYv7ax4Bf6gcsSM8mvDl0kg8tZC90gcvCQi06LPAJVfwDRBJAL4D
dP26SZCMWZY3+g==
-----END CERTIFICATE-----