Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/28979b-0a34-4a5c-a2fe-698d912b7346/1/GNo6QLEX-yVyzPekwnLS7GklKRw.mft
File:                     GNo6QLEX-yVyzPekwnLS7GklKRw.mft (raw, json)
Hash identifier:          d/oSiqi7JkwMyGG75BfJ8r1ToO34JH+pGviqChAgqBc=
Subject key identifier:   D3:DA:8B:A2:15:47:E3:91:9F:50:76:51:0E:29:DB:A4:7B:85:82:4C
Authority key identifier: 18:DA:3A:40:B1:17:FB:25:72:CC:F7:A4:C2:72:D2:EC:69:25:29:1C
Certificate issuer:       /CN=18da3a40b117fb2572ccf7a4c272d2ec6925291c
Certificate serial:       019510C79A28B5680334759F047EE327962F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GNo6QLEX-yVyzPekwnLS7GklKRw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/28979b-0a34-4a5c-a2fe-698d912b7346/1/GNo6QLEX-yVyzPekwnLS7GklKRw.mft
Manifest number:          1452
Signing time:             Sun 16 Feb 2025 22:01:11 +0000
Manifest this update:     Sun 16 Feb 2025 22:01:11 +0000
Manifest next update:     Mon 17 Feb 2025 22:01:11 +0000
Files and hashes:         1: GNo6QLEX-yVyzPekwnLS7GklKRw.crl (hash: S24mzRnt8a1XIoXvSU0SPTDv5JhMJFCdqqDQok7WCn4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/28979b-0a34-4a5c-a2fe-698d912b7346/1/GNo6QLEX-yVyzPekwnLS7GklKRw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/28979b-0a34-4a5c-a2fe-698d912b7346/1/GNo6QLEX-yVyzPekwnLS7GklKRw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GNo6QLEX-yVyzPekwnLS7GklKRw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:9a:28:b5:68:03:34:75:9f:04:7e:e3:27:96:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18da3a40b117fb2572ccf7a4c272d2ec6925291c
        Validity
            Not Before: Feb 16 22:01:11 2025 GMT
            Not After : Feb 17 22:01:11 2025 GMT
        Subject: CN=d3da8ba21547e3919f5076510e29dba47b85824c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:1c:fc:c4:0d:e1:bf:b9:13:e8:da:4d:0a:35:
                    38:5a:d8:06:5a:12:a8:84:f7:e4:18:a9:88:3b:41:
                    b9:a5:7e:eb:38:e0:8c:02:86:59:79:73:5b:5e:73:
                    48:be:ab:9a:94:47:b5:b8:b1:0e:38:cc:ae:7f:c6:
                    ba:9e:b5:b9:24:5e:15:55:fe:54:3c:83:6e:a5:fe:
                    c3:49:64:ad:63:a3:d9:60:8c:d5:b3:45:9e:34:6e:
                    8e:45:18:21:49:a7:a6:bc:69:3c:cf:6f:44:ac:c3:
                    bd:9c:1b:9a:b6:ce:a3:88:0f:54:eb:36:c8:5b:9c:
                    5d:1a:ad:de:c1:c2:ef:00:44:1f:85:94:81:ea:77:
                    12:38:33:c0:2b:be:b0:e3:10:48:e5:7c:89:2b:2e:
                    db:5c:29:68:52:10:8d:e4:f8:5a:b9:6f:58:a3:18:
                    fa:66:e2:1d:92:a4:5a:9c:ce:09:87:00:18:93:7f:
                    0d:84:97:d2:3c:84:5d:af:46:87:3a:45:4b:ce:83:
                    46:53:89:37:dd:c2:c3:7c:7f:57:11:ee:9c:b5:b1:
                    5e:13:f8:38:ee:fa:8e:ed:62:a0:62:2f:15:c4:90:
                    8c:00:ce:b7:32:1f:bf:6a:38:61:00:b8:a6:f9:62:
                    13:96:19:33:54:f0:d1:ca:e6:f4:70:6a:a6:7e:1c:
                    ee:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:DA:8B:A2:15:47:E3:91:9F:50:76:51:0E:29:DB:A4:7B:85:82:4C
            X509v3 Authority Key Identifier:
                keyid:18:DA:3A:40:B1:17:FB:25:72:CC:F7:A4:C2:72:D2:EC:69:25:29:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GNo6QLEX-yVyzPekwnLS7GklKRw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/28979b-0a34-4a5c-a2fe-698d912b7346/1/GNo6QLEX-yVyzPekwnLS7GklKRw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/28979b-0a34-4a5c-a2fe-698d912b7346/1/GNo6QLEX-yVyzPekwnLS7GklKRw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:76:86:17:36:3e:5a:47:89:fa:c7:b1:59:ef:f6:eb:8c:0a:
         e4:ce:45:e5:08:2e:8a:a7:fa:3b:ae:1b:a9:ba:e7:69:51:11:
         db:8a:f4:cc:ef:d8:7c:f3:8f:2e:7e:91:4e:4e:bf:b3:73:4a:
         64:ae:ec:ff:51:00:e0:83:55:89:e5:ec:38:83:74:d6:77:43:
         c0:f0:25:3c:3b:9c:26:4a:28:a8:92:14:ba:e0:8e:0f:29:58:
         1d:34:df:2f:61:32:bd:70:f2:15:28:21:91:35:fa:1e:de:a5:
         1d:e0:6b:41:d5:c7:88:8b:bf:b3:b1:bf:17:d8:74:ce:41:82:
         53:20:ad:a7:46:2c:1b:8a:6f:1c:99:0f:f6:2d:19:2a:c6:91:
         16:b3:54:48:55:d7:8b:ce:b0:33:35:89:bf:cc:97:38:b4:86:
         3b:e8:bd:0e:f0:92:c4:7d:2b:2e:cd:51:77:82:81:b8:cc:50:
         88:8f:30:ef:2d:d7:b4:8d:94:13:ff:2f:fc:c5:08:75:cb:c2:
         31:02:b9:68:6f:fd:ba:51:ec:89:09:9d:40:3f:4a:35:6d:76:
         f3:5b:6e:37:46:36:db:b4:7c:36:14:29:10:5e:ac:07:8c:f0:
         6f:0f:34:29:c0:02:c0:ad:3b:e0:d6:f3:57:36:01:4c:f7:6b:
         ba:23:8e:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQx5ootWgDNHWfBH7jJ5YvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ZGEzYTQwYjExN2ZiMjU3MmNjZjdhNGMyNzJkMmVjNjky
NTI5MWMwHhcNMjUwMjE2MjIwMTExWhcNMjUwMjE3MjIwMTExWjAzMTEwLwYDVQQD
EyhkM2RhOGJhMjE1NDdlMzkxOWY1MDc2NTEwZTI5ZGJhNDdiODU4MjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxz8xA3hv7kT6NpNCjU4WtgGWhKo
hPfkGKmIO0G5pX7rOOCMAoZZeXNbXnNIvqualEe1uLEOOMyuf8a6nrW5JF4VVf5U
PINupf7DSWStY6PZYIzVs0WeNG6ORRghSaemvGk8z29ErMO9nBuats6jiA9U6zbI
W5xdGq3ewcLvAEQfhZSB6ncSODPAK76w4xBI5XyJKy7bXCloUhCN5PhauW9Yoxj6
ZuIdkqRanM4JhwAYk38NhJfSPIRdr0aHOkVLzoNGU4k33cLDfH9XEe6ctbFeE/g4
7vqO7WKgYi8VxJCMAM63Mh+/ajhhALim+WITlhkzVPDRyub0cGqmfhzubwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNPai6IVR+ORn1B2UQ4p26R7hYJMMB8GA1UdIwQY
MBaAFBjaOkCxF/slcsz3pMJy0uxpJSkcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR05vNlFMRVgteVZ5elBla3duTFM3R2tsS1J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8yODk3OWItMGEzNC00YTVjLWEyZmUt
Njk4ZDkxMmI3MzQ2LzEvR05vNlFMRVgteVZ5elBla3duTFM3R2tsS1J3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8yODk3OWItMGEzNC00YTVjLWEyZmUtNjk4ZDkxMmI3MzQ2
LzEvR05vNlFMRVgteVZ5elBla3duTFM3R2tsS1J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArHaGFzY+
WkeJ+sexWe/264wK5M5F5Qguiqf6O64bqbrnaVER24r0zO/YfPOPLn6RTk6/s3NK
ZK7s/1EA4INVieXsOIN01ndDwPAlPDucJkooqJIUuuCODylYHTTfL2EyvXDyFSgh
kTX6Ht6lHeBrQdXHiIu/s7G/F9h0zkGCUyCtp0YsG4pvHJkP9i0ZKsaRFrNUSFXX
i86wMzWJv8yXOLSGO+i9DvCSxH0rLs1Rd4KBuMxQiI8w7y3XtI2UE/8v/MUIdcvC
MQK5aG/9ulHsiQmdQD9KNW1281tuN0Y227R8NhQpEF6sB4zwbw80KcACwK074Nbz
VzYBTPdruiOOUg==
-----END CERTIFICATE-----