Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft
File:                     t38R7tTnnIXMxWLfPR8oPjOdou0.mft (raw, json)
Hash identifier:          8jbHHPEwBWh45AAngiXtPMHvG4JOtrMRxNrTq7LrDCI=
Subject key identifier:   BF:AA:40:25:BE:EE:58:D3:46:41:EE:F7:22:2E:06:2A:A8:0B:B8:53
Authority key identifier: B7:7F:11:EE:D4:E7:9C:85:CC:C5:62:DF:3D:1F:28:3E:33:9D:A2:ED
Certificate issuer:       /CN=b77f11eed4e79c85ccc562df3d1f283e339da2ed
Certificate serial:       019510C724367399D3B7B035608D9B336F50
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t38R7tTnnIXMxWLfPR8oPjOdou0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft
Manifest number:          0AF8
Signing time:             Sun 16 Feb 2025 22:00:41 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:41 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:41 +0000
Files and hashes:         1: t38R7tTnnIXMxWLfPR8oPjOdou0.crl (hash: 5vxAK+vNDAfwWN+GYReU1h4q4UyQDMMKL24qP3TzrDs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/t38R7tTnnIXMxWLfPR8oPjOdou0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:24:36:73:99:d3:b7:b0:35:60:8d:9b:33:6f:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b77f11eed4e79c85ccc562df3d1f283e339da2ed
        Validity
            Not Before: Feb 16 22:00:41 2025 GMT
            Not After : Feb 17 22:00:41 2025 GMT
        Subject: CN=bfaa4025beee58d34641eef7222e062aa80bb853
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:5b:1a:0a:a2:6e:6b:64:7e:04:a9:de:02:e8:
                    c9:b2:64:36:72:27:a4:e0:8a:90:04:5c:49:d5:c2:
                    f0:8c:25:bf:47:e0:53:b2:de:95:29:49:6e:3e:d3:
                    7f:9d:f1:e5:30:70:8b:2a:df:bb:f7:0b:07:94:64:
                    b4:61:e8:73:ff:ac:3b:23:80:4a:c4:8e:47:57:13:
                    dc:a3:f4:60:ad:c7:73:2c:a3:b4:a5:76:18:6e:54:
                    a9:ca:90:39:5a:de:e3:ee:13:de:fc:37:72:59:9a:
                    1f:db:33:57:2e:a5:a1:f7:3f:56:ef:ff:e9:c9:bc:
                    49:5b:b8:8a:c3:0e:6c:9f:01:f2:cb:ff:89:8b:a4:
                    25:dc:a4:4b:55:15:f4:7d:93:9b:32:97:2d:f9:46:
                    90:48:f9:b9:66:ff:ab:96:44:3f:52:45:2e:c6:c8:
                    5b:c8:e0:1f:97:78:8f:4c:36:23:8a:29:5f:98:16:
                    72:da:e4:a3:7e:33:31:4a:14:00:43:07:79:2d:6c:
                    a4:8e:a8:e5:d3:e8:6d:10:0d:75:6a:84:97:ec:cd:
                    2c:52:10:a7:be:18:b5:d2:9a:6a:75:e3:5a:3f:05:
                    05:74:a0:b9:ba:ba:1e:6e:3c:e0:7a:1d:c9:9e:b3:
                    a2:29:5e:89:bc:6d:d9:02:3f:d8:6a:a7:59:fb:5e:
                    50:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:AA:40:25:BE:EE:58:D3:46:41:EE:F7:22:2E:06:2A:A8:0B:B8:53
            X509v3 Authority Key Identifier:
                keyid:B7:7F:11:EE:D4:E7:9C:85:CC:C5:62:DF:3D:1F:28:3E:33:9D:A2:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t38R7tTnnIXMxWLfPR8oPjOdou0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:82:04:8c:52:d4:29:83:b0:98:37:a5:19:cf:dc:34:5d:4d:
         68:c3:e8:a1:18:89:63:77:13:7d:11:e8:7f:bf:b8:a0:23:08:
         f9:61:b0:e2:9e:9a:0a:d6:d8:96:bb:4d:15:50:06:64:71:01:
         8a:b2:27:0f:a4:19:6e:08:04:4c:c2:b9:9e:33:ae:98:ac:10:
         e4:0b:52:23:3a:29:57:ae:f5:91:6d:7a:49:98:4b:c2:6a:b6:
         b1:71:68:7a:fa:50:c6:39:96:71:09:f4:d9:43:bb:92:0f:07:
         32:44:e9:23:54:eb:8f:db:c9:c6:78:6e:97:01:76:51:23:9d:
         96:b8:2a:ff:01:1f:0a:fe:14:e9:d9:6c:78:ac:dc:af:da:c5:
         3b:8f:52:a8:73:e3:25:e9:c7:0d:e5:79:ae:b7:77:ad:44:f3:
         f4:fb:9f:94:07:84:8e:5c:7d:2f:3e:4c:3a:16:a2:0e:a5:fd:
         f5:0b:0f:fd:c4:58:5b:1e:c0:15:69:94:43:3f:d5:4d:88:e1:
         34:df:30:b5:b7:98:34:97:8b:67:10:f6:a3:13:b6:2e:1c:ec:
         9f:e1:55:6c:45:62:b2:8b:93:74:14:e7:4a:3f:23:68:44:70:
         71:23:b7:f7:f8:00:9d:81:88:c7:f7:31:d4:74:6b:57:30:98:
         09:37:87:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxyQ2c5nTt7A1YI2bM29QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3N2YxMWVlZDRlNzljODVjY2M1NjJkZjNkMWYyODNlMzM5
ZGEyZWQwHhcNMjUwMjE2MjIwMDQxWhcNMjUwMjE3MjIwMDQxWjAzMTEwLwYDVQQD
EyhiZmFhNDAyNWJlZWU1OGQzNDY0MWVlZjcyMjJlMDYyYWE4MGJiODUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjlsaCqJua2R+BKneAujJsmQ2ciek
4IqQBFxJ1cLwjCW/R+BTst6VKUluPtN/nfHlMHCLKt+79wsHlGS0Yehz/6w7I4BK
xI5HVxPco/RgrcdzLKO0pXYYblSpypA5Wt7j7hPe/DdyWZof2zNXLqWh9z9W7//p
ybxJW7iKww5snwHyy/+Ji6Ql3KRLVRX0fZObMpct+UaQSPm5Zv+rlkQ/UkUuxshb
yOAfl3iPTDYjiilfmBZy2uSjfjMxShQAQwd5LWykjqjl0+htEA11aoSX7M0sUhCn
vhi10ppqdeNaPwUFdKC5uroebjzgeh3JnrOiKV6JvG3ZAj/YaqdZ+15QwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL+qQCW+7ljTRkHu9yIuBiqoC7hTMB8GA1UdIwQY
MBaAFLd/Ee7U55yFzMVi3z0fKD4znaLtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDM4Ujd0VG5uSVhNeFdMZlBSOG9Qak9kb3UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi85NzUwMzAtNDNiMi00MDBiLThkYzkt
MGM3NzU1OWQ5ZGIwLzEvdDM4Ujd0VG5uSVhNeFdMZlBSOG9Qak9kb3UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi85NzUwMzAtNDNiMi00MDBiLThkYzktMGM3NzU1OWQ5ZGIw
LzEvdDM4Ujd0VG5uSVhNeFdMZlBSOG9Qak9kb3UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo4IEjFLU
KYOwmDelGc/cNF1NaMPooRiJY3cTfRHof7+4oCMI+WGw4p6aCtbYlrtNFVAGZHEB
irInD6QZbggETMK5njOumKwQ5AtSIzopV671kW16SZhLwmq2sXFoevpQxjmWcQn0
2UO7kg8HMkTpI1Trj9vJxnhulwF2USOdlrgq/wEfCv4U6dlseKzcr9rFO49SqHPj
JenHDeV5rrd3rUTz9PuflAeEjlx9Lz5MOhaiDqX99QsP/cRYWx7AFWmUQz/VTYjh
NN8wtbeYNJeLZxD2oxO2Lhzsn+FVbEVisouTdBTnSj8jaERwcSO39/gAnYGIx/cx
1HRrVzCYCTeHCQ==
-----END CERTIFICATE-----