Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/d341a6-98a2-4b1e-9ba4-b66044adbcb1/1/rTD7Q4juZxRK4E3choEtY-Ao9Hg.mft
File:                     rTD7Q4juZxRK4E3choEtY-Ao9Hg.mft (raw, json)
Hash identifier:          5nN7aQ0UoQsn+BcOIQuBBD/gZoCdzbPISRAEt2Ld4TA=
Subject key identifier:   9B:72:63:76:53:B1:30:57:3D:4E:46:A0:FA:C0:B9:02:4F:43:AD:3D
Authority key identifier: AD:30:FB:43:88:EE:67:14:4A:E0:4D:DC:86:81:2D:63:E0:28:F4:78
Certificate issuer:       /CN=ad30fb4388ee67144ae04ddc86812d63e028f478
Certificate serial:       019510C71205885E766096CECD99C44F0884
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rTD7Q4juZxRK4E3choEtY-Ao9Hg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/d341a6-98a2-4b1e-9ba4-b66044adbcb1/1/rTD7Q4juZxRK4E3choEtY-Ao9Hg.mft
Manifest number:          1452
Signing time:             Sun 16 Feb 2025 22:00:36 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:36 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:36 +0000
Files and hashes:         1: rTD7Q4juZxRK4E3choEtY-Ao9Hg.crl (hash: 0JwGo0fmYeCUnaImhUQrf6HsX25yjfxmh6VcbA8kAmw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/d341a6-98a2-4b1e-9ba4-b66044adbcb1/1/rTD7Q4juZxRK4E3choEtY-Ao9Hg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/d341a6-98a2-4b1e-9ba4-b66044adbcb1/1/rTD7Q4juZxRK4E3choEtY-Ao9Hg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rTD7Q4juZxRK4E3choEtY-Ao9Hg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:12:05:88:5e:76:60:96:ce:cd:99:c4:4f:08:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad30fb4388ee67144ae04ddc86812d63e028f478
        Validity
            Not Before: Feb 16 22:00:36 2025 GMT
            Not After : Feb 17 22:00:36 2025 GMT
        Subject: CN=9b72637653b130573d4e46a0fac0b9024f43ad3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:42:c4:ad:6d:e6:00:8a:d6:08:c6:58:1e:ca:
                    bf:8b:81:13:c0:c0:25:d5:38:d1:eb:aa:71:c1:21:
                    f3:dd:cf:74:02:91:11:01:ea:28:83:d5:1b:f7:d5:
                    9e:a7:2e:8c:d2:5b:e9:7c:91:d3:6d:0f:6e:6f:54:
                    2f:af:25:ce:a8:ce:a3:d0:5f:ec:03:a6:e0:53:26:
                    7b:85:a2:f9:b3:53:43:fc:f9:d5:18:25:91:c1:ad:
                    43:1f:34:e1:c9:42:e7:87:0a:b0:b5:ff:25:d5:af:
                    d7:52:a9:42:1f:33:79:98:40:0f:ed:2a:c9:3e:ca:
                    90:d0:ed:49:76:9b:b7:8e:46:a8:77:8f:21:3f:00:
                    45:0a:f7:9f:e8:fc:fd:c9:65:2b:7b:aa:87:33:07:
                    ea:1a:eb:16:26:5a:54:29:fc:fb:6a:ef:83:1e:6e:
                    0c:ac:4f:ce:8b:75:d7:0f:e3:34:4e:93:62:e5:f0:
                    0a:3f:17:0e:93:80:56:7a:68:9c:93:6d:2b:8f:96:
                    7e:6f:30:0b:ee:56:00:8a:03:06:10:ff:c7:a2:8b:
                    2b:79:e4:2e:53:6d:a5:d7:83:25:be:9a:05:9e:c1:
                    3a:f2:64:c3:7a:ff:80:67:61:f6:fd:8b:03:43:68:
                    62:64:db:35:cf:a5:f9:e3:79:ea:4e:89:cf:39:d8:
                    58:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:72:63:76:53:B1:30:57:3D:4E:46:A0:FA:C0:B9:02:4F:43:AD:3D
            X509v3 Authority Key Identifier:
                keyid:AD:30:FB:43:88:EE:67:14:4A:E0:4D:DC:86:81:2D:63:E0:28:F4:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rTD7Q4juZxRK4E3choEtY-Ao9Hg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/d341a6-98a2-4b1e-9ba4-b66044adbcb1/1/rTD7Q4juZxRK4E3choEtY-Ao9Hg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/d341a6-98a2-4b1e-9ba4-b66044adbcb1/1/rTD7Q4juZxRK4E3choEtY-Ao9Hg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:e3:e1:9f:23:e4:8b:db:0e:47:9a:b5:ec:e5:03:8d:db:f6:
         d6:03:19:6c:7b:8e:87:67:59:85:3b:e1:31:50:be:81:49:3c:
         83:b7:fc:3d:74:6e:c1:e6:e7:83:b8:03:87:27:07:7a:36:f5:
         e7:e2:b7:e5:b5:e9:b4:7e:dc:58:d1:67:cd:f2:25:ed:69:a3:
         4c:bf:35:62:f1:9c:a6:c1:88:cb:84:36:67:d8:40:90:00:ce:
         57:5e:7d:6d:f9:87:53:66:76:30:28:00:7a:6d:99:fc:8d:f2:
         79:58:b2:b3:bd:a5:9b:ba:d2:99:c2:50:1a:58:a6:3a:0d:ce:
         c2:60:fe:0b:9a:26:54:05:40:92:3a:01:40:ee:a4:3a:c4:a3:
         aa:cc:5a:de:bc:4f:3d:29:fd:c1:48:8e:bc:a8:e1:b7:cb:a5:
         91:ea:07:59:dc:0c:e4:05:94:b8:d7:54:29:ed:bf:68:81:2b:
         13:f8:d4:63:c1:ad:d1:72:98:05:a8:a3:ee:fe:71:47:c7:9e:
         bc:88:64:43:71:aa:3c:a4:45:08:11:04:d5:1b:97:94:a8:77:
         6d:a9:00:ac:2c:89:09:fc:a4:42:1f:43:df:8e:8e:10:67:86:
         69:5b:ba:de:52:f9:a0:8d:8a:2b:cb:5c:63:a5:61:a3:ed:a1:
         72:ee:bf:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxxIFiF52YJbOzZnETwiEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMzBmYjQzODhlZTY3MTQ0YWUwNGRkYzg2ODEyZDYzZTAy
OGY0NzgwHhcNMjUwMjE2MjIwMDM2WhcNMjUwMjE3MjIwMDM2WjAzMTEwLwYDVQQD
Eyg5YjcyNjM3NjUzYjEzMDU3M2Q0ZTQ2YTBmYWMwYjkwMjRmNDNhZDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA40LErW3mAIrWCMZYHsq/i4ETwMAl
1TjR66pxwSHz3c90ApERAeoog9Ub99Wepy6M0lvpfJHTbQ9ub1QvryXOqM6j0F/s
A6bgUyZ7haL5s1ND/PnVGCWRwa1DHzThyULnhwqwtf8l1a/XUqlCHzN5mEAP7SrJ
PsqQ0O1Jdpu3jkaod48hPwBFCvef6Pz9yWUre6qHMwfqGusWJlpUKfz7au+DHm4M
rE/Oi3XXD+M0TpNi5fAKPxcOk4BWemick20rj5Z+bzAL7lYAigMGEP/HoosreeQu
U22l14MlvpoFnsE68mTDev+AZ2H2/YsDQ2hiZNs1z6X543nqTonPOdhY9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJtyY3ZTsTBXPU5GoPrAuQJPQ609MB8GA1UdIwQY
MBaAFK0w+0OI7mcUSuBN3IaBLWPgKPR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclREN1E0anVaeFJLNEUzY2hvRXRZLUFvOUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9kMzQxYTYtOThhMi00YjFlLTliYTQt
YjY2MDQ0YWRiY2IxLzEvclREN1E0anVaeFJLNEUzY2hvRXRZLUFvOUhnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9kMzQxYTYtOThhMi00YjFlLTliYTQtYjY2MDQ0YWRiY2Ix
LzEvclREN1E0anVaeFJLNEUzY2hvRXRZLUFvOUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhePhnyPk
i9sOR5q17OUDjdv21gMZbHuOh2dZhTvhMVC+gUk8g7f8PXRuwebng7gDhycHejb1
5+K35bXptH7cWNFnzfIl7WmjTL81YvGcpsGIy4Q2Z9hAkADOV159bfmHU2Z2MCgA
em2Z/I3yeViys72lm7rSmcJQGlimOg3OwmD+C5omVAVAkjoBQO6kOsSjqsxa3rxP
PSn9wUiOvKjht8ulkeoHWdwM5AWUuNdUKe2/aIErE/jUY8Gt0XKYBaij7v5xR8ee
vIhkQ3GqPKRFCBEE1RuXlKh3bakArCyJCfykQh9D346OEGeGaVu63lL5oI2KK8tc
Y6Vho+2hcu6/ww==
-----END CERTIFICATE-----