Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/0b5bd7-603b-4a5c-8a98-d563959d277d/1/4T3UuB8fx53U2mQo-cKgJzRX_wY.mft
File:                     4T3UuB8fx53U2mQo-cKgJzRX_wY.mft (raw, json)
Hash identifier:          FQ74KHpHq3FCwo4fPmIohawHMl+GNJMZ7OYN1AYU1e8=
Subject key identifier:   57:08:85:7B:A3:63:40:07:DA:16:13:13:D0:8C:7E:3C:87:03:10:06
Authority key identifier: E1:3D:D4:B8:1F:1F:C7:9D:D4:DA:64:28:F9:C2:A0:27:34:57:FF:06
Certificate issuer:       /CN=e13dd4b81f1fc79dd4da6428f9c2a0273457ff06
Certificate serial:       01951210C2700A4F34DAC9F5468424CBAEE3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4T3UuB8fx53U2mQo-cKgJzRX_wY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/0b5bd7-603b-4a5c-8a98-d563959d277d/1/4T3UuB8fx53U2mQo-cKgJzRX_wY.mft
Manifest number:          02D0
Signing time:             Mon 17 Feb 2025 04:00:43 +0000
Manifest this update:     Mon 17 Feb 2025 04:00:43 +0000
Manifest next update:     Tue 18 Feb 2025 04:00:43 +0000
Files and hashes:         1: 4T3UuB8fx53U2mQo-cKgJzRX_wY.crl (hash: QqB4ej3hOvR5Jk0YVE3MyUXUiGlx1TI/FxmaUlEzgQs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/0b5bd7-603b-4a5c-8a98-d563959d277d/1/4T3UuB8fx53U2mQo-cKgJzRX_wY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/0b5bd7-603b-4a5c-8a98-d563959d277d/1/4T3UuB8fx53U2mQo-cKgJzRX_wY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4T3UuB8fx53U2mQo-cKgJzRX_wY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:12:10:c2:70:0a:4f:34:da:c9:f5:46:84:24:cb:ae:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e13dd4b81f1fc79dd4da6428f9c2a0273457ff06
        Validity
            Not Before: Feb 17 04:00:43 2025 GMT
            Not After : Feb 18 04:00:43 2025 GMT
        Subject: CN=5708857ba3634007da161313d08c7e3c87031006
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:9b:11:74:5e:c2:b4:ae:fd:4d:aa:47:25:35:
                    2f:78:fa:17:27:50:6d:bb:87:e7:a0:ca:e3:04:95:
                    c3:94:b4:b3:f1:bf:a8:75:75:8b:7b:71:80:19:f5:
                    8a:4a:68:07:9d:c7:2a:90:27:a3:9e:4f:e4:54:51:
                    b2:7e:30:38:d9:66:3b:fb:9c:37:f4:7a:6b:7d:e7:
                    a7:37:b5:3a:8d:38:da:1c:7c:21:74:60:ee:8b:b0:
                    3a:ff:95:bb:e0:dc:88:aa:e7:46:5e:7a:f3:5b:7f:
                    55:69:c2:6e:69:91:ae:1a:b5:d8:73:f4:36:a7:29:
                    1e:3b:d9:01:52:26:75:e4:ac:41:b8:54:b8:28:01:
                    25:55:19:d5:df:0a:d5:e4:e2:06:7d:4e:d9:38:f8:
                    8e:1c:68:8a:45:f7:61:f6:4c:d6:d9:4e:e1:0d:f1:
                    ad:71:ba:4b:56:78:68:b6:37:c7:ff:fe:b4:33:1f:
                    8a:78:8e:62:72:94:25:cd:a8:a8:da:ed:3d:b7:32:
                    a6:e1:8e:a9:37:ae:70:69:f2:f7:51:d9:18:9f:8d:
                    ad:a3:d6:d9:65:e5:b8:d5:f9:88:bf:5c:b8:84:86:
                    b1:ee:c0:c9:c2:7d:93:19:cc:ac:9e:56:99:19:13:
                    7f:d7:e6:22:8c:4c:24:cd:6d:07:5c:23:00:26:f5:
                    b9:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:08:85:7B:A3:63:40:07:DA:16:13:13:D0:8C:7E:3C:87:03:10:06
            X509v3 Authority Key Identifier:
                keyid:E1:3D:D4:B8:1F:1F:C7:9D:D4:DA:64:28:F9:C2:A0:27:34:57:FF:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4T3UuB8fx53U2mQo-cKgJzRX_wY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/0b5bd7-603b-4a5c-8a98-d563959d277d/1/4T3UuB8fx53U2mQo-cKgJzRX_wY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/0b5bd7-603b-4a5c-8a98-d563959d277d/1/4T3UuB8fx53U2mQo-cKgJzRX_wY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:2a:a4:ca:66:c7:d0:30:be:10:c0:35:28:2e:f1:fc:51:42:
         29:bc:b2:d6:32:46:c5:f3:34:8f:29:65:ca:72:bc:8e:3f:35:
         7d:63:0b:28:da:e5:a7:61:18:2b:48:09:b0:a4:02:bb:56:12:
         a0:07:eb:e7:14:07:55:bb:75:a4:fc:3d:bc:f9:1c:d8:b9:b0:
         b8:51:7b:0f:93:66:db:af:a8:9c:4e:7f:b3:b5:37:3e:d4:2f:
         49:e5:c1:64:4b:32:ca:fb:2d:10:95:8c:e7:ce:90:1a:98:10:
         bc:70:ad:b7:7b:02:c1:97:98:69:ea:4f:b8:29:d7:c1:85:80:
         06:05:1c:55:a1:35:8c:22:13:aa:d3:8f:a2:cd:25:16:09:5f:
         6b:5a:10:e3:56:47:9c:5f:7c:46:85:b3:85:ee:58:9a:12:3b:
         df:d1:29:a4:de:c1:af:e9:1d:d2:bf:ac:69:c4:1a:78:6e:e3:
         87:4a:89:67:9f:82:72:b1:ca:5b:b4:d6:80:41:31:67:aa:fd:
         a4:9f:1e:da:48:66:6f:9a:e1:e9:bf:6b:8f:31:f2:82:c2:d5:
         ee:36:42:76:47:dc:d0:ec:d9:c0:49:98:d4:aa:e7:ff:36:01:
         90:5e:3f:db:f8:59:0d:1d:d7:63:48:4c:64:85:71:e4:60:61:
         42:91:29:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSEMJwCk802sn1RoQky67jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxM2RkNGI4MWYxZmM3OWRkNGRhNjQyOGY5YzJhMDI3MzQ1
N2ZmMDYwHhcNMjUwMjE3MDQwMDQzWhcNMjUwMjE4MDQwMDQzWjAzMTEwLwYDVQQD
Eyg1NzA4ODU3YmEzNjM0MDA3ZGExNjEzMTNkMDhjN2UzYzg3MDMxMDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJsRdF7CtK79TapHJTUvePoXJ1Bt
u4fnoMrjBJXDlLSz8b+odXWLe3GAGfWKSmgHnccqkCejnk/kVFGyfjA42WY7+5w3
9HprfeenN7U6jTjaHHwhdGDui7A6/5W74NyIqudGXnrzW39VacJuaZGuGrXYc/Q2
pykeO9kBUiZ15KxBuFS4KAElVRnV3wrV5OIGfU7ZOPiOHGiKRfdh9kzW2U7hDfGt
cbpLVnhotjfH//60Mx+KeI5icpQlzaio2u09tzKm4Y6pN65wafL3UdkYn42to9bZ
ZeW41fmIv1y4hIax7sDJwn2TGcysnlaZGRN/1+YijEwkzW0HXCMAJvW5CQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFcIhXujY0AH2hYTE9CMfjyHAxAGMB8GA1UdIwQY
MBaAFOE91LgfH8ed1NpkKPnCoCc0V/8GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFQzVXVCOGZ4NTNVMm1Rby1jS2dKelJYX3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8wYjViZDctNjAzYi00YTVjLThhOTgt
ZDU2Mzk1OWQyNzdkLzEvNFQzVXVCOGZ4NTNVMm1Rby1jS2dKelJYX3dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8wYjViZDctNjAzYi00YTVjLThhOTgtZDU2Mzk1OWQyNzdk
LzEvNFQzVXVCOGZ4NTNVMm1Rby1jS2dKelJYX3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaSqkymbH
0DC+EMA1KC7x/FFCKbyy1jJGxfM0jyllynK8jj81fWMLKNrlp2EYK0gJsKQCu1YS
oAfr5xQHVbt1pPw9vPkc2LmwuFF7D5Nm26+onE5/s7U3PtQvSeXBZEsyyvstEJWM
586QGpgQvHCtt3sCwZeYaepPuCnXwYWABgUcVaE1jCITqtOPos0lFglfa1oQ41ZH
nF98RoWzhe5YmhI739EppN7Br+kd0r+sacQaeG7jh0qJZ5+CcrHKW7TWgEExZ6r9
pJ8e2khmb5rh6b9rjzHygsLV7jZCdkfc0OzZwEmY1Krn/zYBkF4/2/hZDR3XY0hM
ZIVx5GBhQpEpww==
-----END CERTIFICATE-----