Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.mft
File:                     O8RoMnEppQF7l23I7aydG56aFMw.mft (raw, json)
Hash identifier:          IYfpFJ47v6hmXIgLn6MEbS2JbfjqdwvzdISlCfgD+AQ=
Subject key identifier:   21:0F:B6:72:35:30:3C:84:54:1E:A5:8C:D5:FC:E3:CE:CA:D4:52:18
Authority key identifier: 3B:C4:68:32:71:29:A5:01:7B:97:6D:C8:ED:AC:9D:1B:9E:9A:14:CC
Certificate issuer:       /CN=3bc468327129a5017b976dc8edac9d1b9e9a14cc
Certificate serial:       0194C4D10365A715850CBDA81A70F119928B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O8RoMnEppQF7l23I7aydG56aFMw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.mft
Manifest number:          13BA
Signing time:             Sun 02 Feb 2025 04:00:19 +0000
Manifest this update:     Sun 02 Feb 2025 04:00:19 +0000
Manifest next update:     Mon 03 Feb 2025 04:00:19 +0000
Files and hashes:         1: O8RoMnEppQF7l23I7aydG56aFMw.crl (hash: fXCnSqFGyv+D/YYIXMpbC/sj48bg3QFjdJZWw7s3ERM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O8RoMnEppQF7l23I7aydG56aFMw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:d1:03:65:a7:15:85:0c:bd:a8:1a:70:f1:19:92:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3bc468327129a5017b976dc8edac9d1b9e9a14cc
        Validity
            Not Before: Feb  2 04:00:19 2025 GMT
            Not After : Feb  3 04:00:19 2025 GMT
        Subject: CN=210fb67235303c84541ea58cd5fce3cecad45218
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:0a:87:52:27:0c:0d:66:b3:29:c2:64:52:c9:
                    4d:88:7f:da:64:32:d2:e4:79:c6:fc:8d:0a:f0:7f:
                    68:8c:7a:b6:c3:ff:88:fc:1c:bd:ee:2f:a8:10:69:
                    04:ea:24:7c:4f:c5:51:26:5c:bf:55:d0:83:b0:ed:
                    74:fa:57:a0:9f:a7:dc:9d:d5:26:f7:1d:7b:8e:28:
                    cf:b0:f3:fa:db:d3:df:80:a7:d6:51:fa:a3:a4:e6:
                    73:cc:13:09:d5:3a:f6:e6:e7:55:5f:c3:91:d9:5a:
                    94:c1:45:f1:1f:37:30:e4:e7:d0:d5:21:25:16:26:
                    2e:bd:e9:97:12:d2:29:e9:c6:a2:84:eb:ed:ad:e9:
                    96:3c:f7:a4:a2:52:e2:ff:5f:53:4f:3e:55:3f:8c:
                    53:30:26:7d:53:40:c2:09:1a:3a:d7:b5:f2:0b:c5:
                    dc:e2:b9:14:ad:2f:a6:07:03:0c:cb:a5:ff:2b:20:
                    3c:b1:dd:a2:75:b4:8c:07:79:07:16:0c:70:80:ba:
                    5c:77:93:e6:50:5d:64:56:52:39:1a:6c:8b:10:0c:
                    fc:7c:ee:ca:4c:0a:c4:1d:19:8a:07:32:2a:f2:5a:
                    4e:19:ba:fe:1a:84:3c:26:94:fb:f0:e7:67:d3:94:
                    a5:3e:28:a2:39:37:5a:65:b2:63:4d:20:53:fc:f6:
                    cb:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:0F:B6:72:35:30:3C:84:54:1E:A5:8C:D5:FC:E3:CE:CA:D4:52:18
            X509v3 Authority Key Identifier:
                keyid:3B:C4:68:32:71:29:A5:01:7B:97:6D:C8:ED:AC:9D:1B:9E:9A:14:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O8RoMnEppQF7l23I7aydG56aFMw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:25:c8:bc:c1:55:8a:11:98:66:2e:f0:09:d7:69:9a:f4:6c:
         b0:f3:f5:02:51:d4:7c:01:ae:92:31:23:07:8d:3f:64:01:56:
         3d:fd:d4:ff:2f:2e:04:6a:ee:cb:c0:04:7a:89:d1:d9:db:bc:
         49:b6:7c:92:b3:cd:95:f2:ec:4a:4f:0a:89:5f:60:fc:b1:93:
         25:7c:43:ba:e4:36:01:d9:fa:f5:f9:8e:60:c2:dc:40:2b:3c:
         21:1d:21:7c:34:6d:73:d0:7b:46:de:b7:41:84:db:8d:b6:55:
         22:63:c5:4d:f6:2a:5a:9e:48:20:57:25:db:af:2d:41:f7:c9:
         78:7e:6f:46:9f:11:46:a4:73:6d:bb:df:8c:25:57:b6:c5:bf:
         99:6c:f9:d8:f0:bf:2b:0a:e9:76:d6:ce:45:5a:df:e1:d9:fc:
         12:8a:65:8e:6e:d8:4f:cb:fb:13:66:2e:bd:fb:c7:7d:5e:db:
         e3:f8:b2:30:ca:19:3a:b7:00:e2:d6:bf:ba:23:bf:09:f1:85:
         31:3d:9f:1e:2d:05:0c:f8:31:aa:53:c4:62:85:45:86:59:b1:
         26:d0:11:8c:d6:dc:58:b7:36:ec:82:2e:eb:6f:9d:de:82:f9:
         77:8e:dd:e8:d0:e7:d7:bb:20:5d:f8:bc:20:31:4f:86:0e:35:
         c2:c1:0c:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTE0QNlpxWFDL2oGnDxGZKLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYzQ2ODMyNzEyOWE1MDE3Yjk3NmRjOGVkYWM5ZDFiOWU5
YTE0Y2MwHhcNMjUwMjAyMDQwMDE5WhcNMjUwMjAzMDQwMDE5WjAzMTEwLwYDVQQD
EygyMTBmYjY3MjM1MzAzYzg0NTQxZWE1OGNkNWZjZTNjZWNhZDQ1MjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgqHUicMDWazKcJkUslNiH/aZDLS
5HnG/I0K8H9ojHq2w/+I/By97i+oEGkE6iR8T8VRJly/VdCDsO10+legn6fcndUm
9x17jijPsPP629PfgKfWUfqjpOZzzBMJ1Tr25udVX8OR2VqUwUXxHzcw5OfQ1SEl
FiYuvemXEtIp6caihOvtremWPPekolLi/19TTz5VP4xTMCZ9U0DCCRo617XyC8Xc
4rkUrS+mBwMMy6X/KyA8sd2idbSMB3kHFgxwgLpcd5PmUF1kVlI5GmyLEAz8fO7K
TArEHRmKBzIq8lpOGbr+GoQ8JpT78Odn05SlPiiiOTdaZbJjTSBT/PbLmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCEPtnI1MDyEVB6ljNX8487K1FIYMB8GA1UdIwQY
MBaAFDvEaDJxKaUBe5dtyO2snRuemhTMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzhSb01uRXBwUUY3bDIzSTdheWRHNTZhRk13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC84ZDRjMDMtNWZjNy00MWFjLTk0ZjYt
MWYwMmM3ZTkyM2IzLzEvTzhSb01uRXBwUUY3bDIzSTdheWRHNTZhRk13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC84ZDRjMDMtNWZjNy00MWFjLTk0ZjYtMWYwMmM3ZTkyM2Iz
LzEvTzhSb01uRXBwUUY3bDIzSTdheWRHNTZhRk13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjCXIvMFV
ihGYZi7wCddpmvRssPP1AlHUfAGukjEjB40/ZAFWPf3U/y8uBGruy8AEeonR2du8
SbZ8krPNlfLsSk8KiV9g/LGTJXxDuuQ2Adn69fmOYMLcQCs8IR0hfDRtc9B7Rt63
QYTbjbZVImPFTfYqWp5IIFcl268tQffJeH5vRp8RRqRzbbvfjCVXtsW/mWz52PC/
KwrpdtbORVrf4dn8Eopljm7YT8v7E2YuvfvHfV7b4/iyMMoZOrcA4ta/uiO/CfGF
MT2fHi0FDPgxqlPEYoVFhlmxJtARjNbcWLc27IIu62+d3oL5d47d6NDn17sgXfi8
IDFPhg41wsEMDQ==
-----END CERTIFICATE-----