Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/76b445-3461-4f4f-9b42-74f01b2586f5/1/jEN4tXFoLTR3O0Y3UnAclAX77Xg.mft
File:                     jEN4tXFoLTR3O0Y3UnAclAX77Xg.mft (raw, json)
Hash identifier:          0qEMAfzfikLxdUGXoay1f/nPIWE3m446JpPbZWiJAWA=
Subject key identifier:   33:A0:B0:7E:7C:C9:0B:01:97:5C:82:12:EA:44:D6:FD:0A:86:12:07
Authority key identifier: 8C:43:78:B5:71:68:2D:34:77:3B:46:37:52:70:1C:94:05:FB:ED:78
Certificate issuer:       /CN=8c4378b571682d34773b463752701c9405fbed78
Certificate serial:       0195127E83D68B011F001EE4DA1EE71F6C4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jEN4tXFoLTR3O0Y3UnAclAX77Xg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/76b445-3461-4f4f-9b42-74f01b2586f5/1/jEN4tXFoLTR3O0Y3UnAclAX77Xg.mft
Manifest number:          034D
Signing time:             Mon 17 Feb 2025 06:00:35 +0000
Manifest this update:     Mon 17 Feb 2025 06:00:35 +0000
Manifest next update:     Tue 18 Feb 2025 06:00:35 +0000
Files and hashes:         1: jEN4tXFoLTR3O0Y3UnAclAX77Xg.crl (hash: qZ1QB/4KPCE59a0SuPo5HNa+fSQzV+1XBdzfUz+7Y0I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/76b445-3461-4f4f-9b42-74f01b2586f5/1/jEN4tXFoLTR3O0Y3UnAclAX77Xg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/76b445-3461-4f4f-9b42-74f01b2586f5/1/jEN4tXFoLTR3O0Y3UnAclAX77Xg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jEN4tXFoLTR3O0Y3UnAclAX77Xg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:12:7e:83:d6:8b:01:1f:00:1e:e4:da:1e:e7:1f:6c:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c4378b571682d34773b463752701c9405fbed78
        Validity
            Not Before: Feb 17 06:00:35 2025 GMT
            Not After : Feb 18 06:00:35 2025 GMT
        Subject: CN=33a0b07e7cc90b01975c8212ea44d6fd0a861207
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:88:f0:4b:88:9c:9f:13:64:d1:80:b8:fd:3f:
                    17:c5:87:99:d2:2b:0e:d7:cf:b6:68:66:53:3d:e2:
                    11:39:a6:3a:d6:ea:8c:c4:be:17:bf:03:d5:90:99:
                    41:ad:9c:2d:f2:86:e6:6a:d1:a4:48:f3:18:ad:ce:
                    87:38:da:fe:fe:67:bd:4d:b1:26:25:ea:9d:80:25:
                    f3:c8:f7:f3:4f:b9:39:2b:40:d1:47:cb:b2:b2:17:
                    04:66:95:5f:29:93:d2:82:e2:27:e2:5d:27:70:c7:
                    49:15:53:ee:57:b8:c1:93:40:8b:20:48:48:3f:6c:
                    ca:bd:b2:19:ad:9d:37:fc:59:cb:e2:1a:68:64:5c:
                    8e:56:da:07:4a:14:87:f1:65:57:09:63:7d:e4:eb:
                    c6:da:0a:5a:40:21:95:ae:11:d3:a4:26:91:20:ca:
                    f9:8c:cc:78:86:dd:88:46:72:27:32:30:14:3c:a1:
                    01:fc:dc:19:7c:02:24:61:17:39:ab:1c:62:b1:31:
                    16:20:c4:06:18:0e:36:94:13:91:9d:a3:80:52:de:
                    6c:16:1b:71:64:62:cf:11:1e:fb:b2:00:2b:da:3e:
                    20:bd:92:bd:6e:cd:7a:23:14:a7:4d:da:90:2c:8b:
                    68:13:33:45:9f:9c:a7:de:47:60:37:25:5c:f6:23:
                    8e:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:A0:B0:7E:7C:C9:0B:01:97:5C:82:12:EA:44:D6:FD:0A:86:12:07
            X509v3 Authority Key Identifier:
                keyid:8C:43:78:B5:71:68:2D:34:77:3B:46:37:52:70:1C:94:05:FB:ED:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jEN4tXFoLTR3O0Y3UnAclAX77Xg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/76b445-3461-4f4f-9b42-74f01b2586f5/1/jEN4tXFoLTR3O0Y3UnAclAX77Xg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/76b445-3461-4f4f-9b42-74f01b2586f5/1/jEN4tXFoLTR3O0Y3UnAclAX77Xg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:9d:ba:d3:13:08:c0:c1:ed:55:9b:ac:29:a3:ca:4a:da:52:
         f9:88:59:9e:68:04:1e:b8:f2:ce:0b:d1:1b:6f:1f:ff:85:4a:
         cc:31:8e:37:19:54:e4:3b:da:18:1a:c8:0c:e6:06:29:6e:98:
         c5:ef:9b:e9:70:b3:ca:12:ae:98:ab:a1:75:09:ef:e1:d2:64:
         80:2b:2c:b5:c2:41:c9:c0:0f:e7:be:85:ce:dd:06:06:46:f9:
         a5:4c:3b:87:f1:5e:98:c8:e6:ea:8b:b7:2b:69:e7:94:ab:92:
         b7:ea:02:a1:92:50:96:ee:44:49:5b:15:1e:56:39:fd:f8:56:
         91:97:3a:3c:40:17:ea:18:4b:59:c8:73:4e:42:49:2b:7d:26:
         8a:7a:e3:47:28:01:36:48:0b:b6:d8:ee:f7:ac:1d:90:4b:7e:
         70:b7:e6:c4:2d:73:0f:80:d0:bb:bf:53:1e:7c:32:ab:8f:72:
         4f:ad:c1:20:1e:b4:5b:ef:79:37:d9:a9:27:80:6c:be:01:58:
         38:89:14:30:0d:36:42:47:f3:74:7d:b6:75:20:44:c4:17:9d:
         20:1e:e7:19:a4:d1:78:2a:cc:02:91:d4:e5:77:80:e5:6f:2c:
         58:c2:b9:6c:14:22:2d:9d:3f:7c:35:d7:0d:a6:aa:04:0b:d2:
         22:f7:cc:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSfoPWiwEfAB7k2h7nH2xKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjNDM3OGI1NzE2ODJkMzQ3NzNiNDYzNzUyNzAxYzk0MDVm
YmVkNzgwHhcNMjUwMjE3MDYwMDM1WhcNMjUwMjE4MDYwMDM1WjAzMTEwLwYDVQQD
EygzM2EwYjA3ZTdjYzkwYjAxOTc1YzgyMTJlYTQ0ZDZmZDBhODYxMjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwojwS4icnxNk0YC4/T8XxYeZ0isO
18+2aGZTPeIROaY61uqMxL4XvwPVkJlBrZwt8obmatGkSPMYrc6HONr+/me9TbEm
JeqdgCXzyPfzT7k5K0DRR8uyshcEZpVfKZPSguIn4l0ncMdJFVPuV7jBk0CLIEhI
P2zKvbIZrZ03/FnL4hpoZFyOVtoHShSH8WVXCWN95OvG2gpaQCGVrhHTpCaRIMr5
jMx4ht2IRnInMjAUPKEB/NwZfAIkYRc5qxxisTEWIMQGGA42lBORnaOAUt5sFhtx
ZGLPER77sgAr2j4gvZK9bs16IxSnTdqQLItoEzNFn5yn3kdgNyVc9iOOgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDOgsH58yQsBl1yCEupE1v0KhhIHMB8GA1UdIwQY
MBaAFIxDeLVxaC00dztGN1JwHJQF++14MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakVONHRYRm9MVFIzTzBZM1VuQWNsQVg3N1hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny83NmI0NDUtMzQ2MS00ZjRmLTliNDIt
NzRmMDFiMjU4NmY1LzEvakVONHRYRm9MVFIzTzBZM1VuQWNsQVg3N1hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny83NmI0NDUtMzQ2MS00ZjRmLTliNDItNzRmMDFiMjU4NmY1
LzEvakVONHRYRm9MVFIzTzBZM1VuQWNsQVg3N1hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUp260xMI
wMHtVZusKaPKStpS+YhZnmgEHrjyzgvRG28f/4VKzDGONxlU5DvaGBrIDOYGKW6Y
xe+b6XCzyhKumKuhdQnv4dJkgCsstcJBycAP576Fzt0GBkb5pUw7h/FemMjm6ou3
K2nnlKuSt+oCoZJQlu5ESVsVHlY5/fhWkZc6PEAX6hhLWchzTkJJK30minrjRygB
NkgLttju96wdkEt+cLfmxC1zD4DQu79THnwyq49yT63BIB60W+95N9mpJ4BsvgFY
OIkUMA02QkfzdH22dSBExBedIB7nGaTReCrMApHU5XeA5W8sWMK5bBQiLZ0/fDXX
DaaqBAvSIvfMQg==
-----END CERTIFICATE-----