Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft
File:                     Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft (raw, json)
Hash identifier:          Lk2+ZbO5hGr8z8UQrS/BxNXXL99If6ll4+I+U7V2PEM=
Subject key identifier:   B6:F5:7F:C3:BB:9C:66:5F:DA:FE:4D:F0:EA:E4:4E:59:BB:14:5E:C2
Authority key identifier: 3E:0A:BA:30:F4:B4:04:FF:4D:EC:9F:C0:01:6C:0B:BE:E4:B6:B8:77
Certificate issuer:       /CN=3e0aba30f4b404ff4dec9fc0016c0bbee4b6b877
Certificate serial:       0195116BC28F571D0B8E819EC1BF37E0E7FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft
Manifest number:          02D5
Signing time:             Mon 17 Feb 2025 01:00:29 +0000
Manifest this update:     Mon 17 Feb 2025 01:00:29 +0000
Manifest next update:     Tue 18 Feb 2025 01:00:29 +0000
Files and hashes:         1: Pgq6MPS0BP9N7J_AAWwLvuS2uHc.crl (hash: RxfWPvv1CAkFK2cyTWkpq7A6jA1N0esFLYSOUBcD9pU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:6b:c2:8f:57:1d:0b:8e:81:9e:c1:bf:37:e0:e7:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e0aba30f4b404ff4dec9fc0016c0bbee4b6b877
        Validity
            Not Before: Feb 17 01:00:29 2025 GMT
            Not After : Feb 18 01:00:29 2025 GMT
        Subject: CN=b6f57fc3bb9c665fdafe4df0eae44e59bb145ec2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:73:82:27:bf:a4:32:9b:a4:45:f7:11:eb:3a:
                    c0:9d:a3:d9:90:68:87:aa:3f:8f:57:c6:46:f4:b1:
                    00:a3:3f:fe:69:55:65:4d:a9:1e:6d:ae:cb:d3:83:
                    8d:ff:d7:a5:e5:20:8c:40:20:a5:78:5f:b8:1c:d5:
                    ee:4b:6f:3a:89:3a:24:f4:03:28:7b:05:7c:04:39:
                    85:41:c4:ed:72:f3:29:1d:48:38:ca:a5:c2:b3:8d:
                    ec:cc:cc:dd:63:f9:d8:3c:c9:61:ea:c1:8b:ed:ac:
                    b9:9c:23:2c:42:18:33:88:a6:e3:7c:d6:1e:ce:db:
                    51:3a:23:50:8c:50:7f:e2:8c:4a:1b:59:d4:bc:fc:
                    71:9e:54:a6:4f:51:ab:13:6f:7d:0a:a0:77:51:d8:
                    a0:7d:8e:fe:5c:92:d1:c9:03:12:9b:51:87:89:fd:
                    5f:f2:f6:3a:ca:53:e2:18:99:72:e0:8e:f5:ea:0e:
                    fe:d7:29:2a:8f:d6:4f:60:6e:e3:77:ec:32:5c:50:
                    2e:08:68:b9:9f:70:53:f5:7e:43:26:71:05:2a:62:
                    82:a8:36:22:44:c6:80:fe:24:5f:4d:cd:20:ce:31:
                    69:cd:6c:06:6a:a3:8d:2f:19:6f:01:0c:5f:e8:a2:
                    9e:31:21:3a:1d:05:4a:78:42:a3:19:69:f8:bc:c8:
                    b9:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:F5:7F:C3:BB:9C:66:5F:DA:FE:4D:F0:EA:E4:4E:59:BB:14:5E:C2
            X509v3 Authority Key Identifier:
                keyid:3E:0A:BA:30:F4:B4:04:FF:4D:EC:9F:C0:01:6C:0B:BE:E4:B6:B8:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b4:56:3f:10:9f:6c:0f:e4:4f:b1:9f:92:63:75:75:58:16:1e:
         fc:77:1b:6d:f8:e2:56:f4:cb:f5:ac:df:e4:9a:fc:ad:1a:7f:
         5b:2b:db:43:23:b5:60:b6:5f:d4:86:ac:0c:25:03:42:2f:2d:
         45:8a:8f:7a:c6:c5:c3:78:27:f7:a9:b2:92:ae:df:36:fd:03:
         67:f4:f1:76:ed:53:08:77:62:21:9e:88:ec:12:56:5b:7b:d3:
         d2:88:86:f3:36:5c:e6:47:36:bc:11:15:5d:7b:3b:d0:b1:4d:
         ee:b5:a7:01:52:95:56:47:0f:d8:76:b4:1b:6d:28:bf:cd:d1:
         fb:06:80:f5:1b:67:2d:51:f8:0e:eb:c6:43:58:7f:a2:f1:33:
         a8:f0:a5:a0:b4:cb:10:61:09:56:5a:e0:cb:5a:dc:a1:d0:88:
         7e:7b:d2:7f:5d:e5:1c:e7:ab:85:ab:79:8d:ae:d2:f6:2b:4b:
         9c:5d:a5:19:21:d8:6d:ae:7c:c4:8c:6e:c5:e5:19:0d:fe:62:
         7a:72:de:8e:07:73:94:f3:3f:10:12:66:20:53:0e:a0:ad:18:
         45:c7:77:ec:7a:6c:cc:58:9e:e4:84:6a:c7:a2:a4:c2:f9:ea:
         2c:f9:72:1d:c7:cd:31:52:a3:e9:fe:a1:5c:20:5e:41:74:50:
         3e:2a:77:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURa8KPVx0LjoGewb834Of6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMGFiYTMwZjRiNDA0ZmY0ZGVjOWZjMDAxNmMwYmJlZTRi
NmI4NzcwHhcNMjUwMjE3MDEwMDI5WhcNMjUwMjE4MDEwMDI5WjAzMTEwLwYDVQQD
EyhiNmY1N2ZjM2JiOWM2NjVmZGFmZTRkZjBlYWU0NGU1OWJiMTQ1ZWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXOCJ7+kMpukRfcR6zrAnaPZkGiH
qj+PV8ZG9LEAoz/+aVVlTakeba7L04ON/9el5SCMQCCleF+4HNXuS286iTok9AMo
ewV8BDmFQcTtcvMpHUg4yqXCs43szMzdY/nYPMlh6sGL7ay5nCMsQhgziKbjfNYe
zttROiNQjFB/4oxKG1nUvPxxnlSmT1GrE299CqB3UdigfY7+XJLRyQMSm1GHif1f
8vY6ylPiGJly4I716g7+1ykqj9ZPYG7jd+wyXFAuCGi5n3BT9X5DJnEFKmKCqDYi
RMaA/iRfTc0gzjFpzWwGaqONLxlvAQxf6KKeMSE6HQVKeEKjGWn4vMi5OQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLb1f8O7nGZf2v5N8OrkTlm7FF7CMB8GA1UdIwQY
MBaAFD4KujD0tAT/TeyfwAFsC77ktrh3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGdxNk1QUzBCUDlON0pfQUFXd0x2dVMydUhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9kNGU1NTctMDY0MC00OGQzLTg3ZDYt
NTkwMjlhOGI1MzNhLzEvUGdxNk1QUzBCUDlON0pfQUFXd0x2dVMydUhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9kNGU1NTctMDY0MC00OGQzLTg3ZDYtNTkwMjlhOGI1MzNh
LzEvUGdxNk1QUzBCUDlON0pfQUFXd0x2dVMydUhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtFY/EJ9s
D+RPsZ+SY3V1WBYe/HcbbfjiVvTL9azf5Jr8rRp/WyvbQyO1YLZf1IasDCUDQi8t
RYqPesbFw3gn96mykq7fNv0DZ/Txdu1TCHdiIZ6I7BJWW3vT0oiG8zZc5kc2vBEV
XXs70LFN7rWnAVKVVkcP2Ha0G20ov83R+waA9RtnLVH4DuvGQ1h/ovEzqPCloLTL
EGEJVlrgy1rcodCIfnvSf13lHOerhat5ja7S9itLnF2lGSHYba58xIxuxeUZDf5i
enLejgdzlPM/EBJmIFMOoK0YRcd37HpszFie5IRqx6KkwvnqLPlyHcfNMVKj6f6h
XCBeQXRQPip3jA==
-----END CERTIFICATE-----