Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/307e30-177d-4b3f-b564-bd2f8c6d5499/1/v_tlOi9T2WcLP5GEAgnz8seKwbI.mft
File:                     v_tlOi9T2WcLP5GEAgnz8seKwbI.mft (raw, json)
Hash identifier:          dneJl0oo1cdYcCFHhsZHkzonwNM9XNlIX7S9OeVenQg=
Subject key identifier:   5F:02:DB:E7:A6:12:3C:3F:05:D8:D4:1D:51:7D:FB:C3:83:3F:5D:45
Authority key identifier: BF:FB:65:3A:2F:53:D9:67:0B:3F:91:84:02:09:F3:F2:C7:8A:C1:B2
Certificate issuer:       /CN=bffb653a2f53d9670b3f91840209f3f2c78ac1b2
Certificate serial:       0194C3881D8083B14C8FE363A365810EF54E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v_tlOi9T2WcLP5GEAgnz8seKwbI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/307e30-177d-4b3f-b564-bd2f8c6d5499/1/v_tlOi9T2WcLP5GEAgnz8seKwbI.mft
Manifest number:          142C
Signing time:             Sat 01 Feb 2025 22:01:04 +0000
Manifest this update:     Sat 01 Feb 2025 22:01:04 +0000
Manifest next update:     Sun 02 Feb 2025 22:01:04 +0000
Files and hashes:         1: v_tlOi9T2WcLP5GEAgnz8seKwbI.crl (hash: z0ywiVrg3nW8pj7IYqkxzGD0ItYoGCQz0hYKvvnaDD0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/307e30-177d-4b3f-b564-bd2f8c6d5499/1/v_tlOi9T2WcLP5GEAgnz8seKwbI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/307e30-177d-4b3f-b564-bd2f8c6d5499/1/v_tlOi9T2WcLP5GEAgnz8seKwbI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/v_tlOi9T2WcLP5GEAgnz8seKwbI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:88:1d:80:83:b1:4c:8f:e3:63:a3:65:81:0e:f5:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bffb653a2f53d9670b3f91840209f3f2c78ac1b2
        Validity
            Not Before: Feb  1 22:01:04 2025 GMT
            Not After : Feb  2 22:01:04 2025 GMT
        Subject: CN=5f02dbe7a6123c3f05d8d41d517dfbc3833f5d45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:63:3c:fb:15:62:ef:a5:b4:09:d5:04:6f:c4:
                    34:6f:ee:1c:80:af:7e:7d:6c:1b:b6:a8:03:54:1c:
                    7f:a1:ef:f7:f0:18:a5:16:6b:f1:cb:6c:5a:14:2b:
                    fb:64:10:1b:b3:88:3a:f8:ca:a5:7a:e3:1b:48:50:
                    c1:fb:32:e9:b0:ce:b3:a1:4c:8f:7e:54:31:c9:2f:
                    e1:58:17:34:84:cf:44:14:0b:f9:b1:ea:45:88:1f:
                    5f:eb:2f:9d:56:1d:53:ad:4a:e4:91:64:06:88:d1:
                    17:0d:fa:2d:f5:e1:c1:72:49:36:63:86:d3:9f:eb:
                    57:26:5b:5e:73:9f:f1:55:2e:9d:7b:ce:5c:ce:7b:
                    5d:22:a1:11:09:b6:ef:26:8c:eb:e8:8d:b1:96:4b:
                    c2:af:e2:6a:d7:f4:2c:da:e6:3f:f2:12:b3:19:ec:
                    02:7a:91:b1:ef:14:0a:09:41:81:84:d2:ea:b5:73:
                    30:87:a3:67:81:87:28:c4:0f:8d:d5:a9:9a:9d:9b:
                    ac:65:4b:48:9d:a5:b5:6c:c2:c6:cf:90:fc:34:5b:
                    f3:eb:49:f2:70:57:1a:c5:f7:cc:8d:00:9d:a8:cb:
                    71:04:31:8b:70:ac:92:3a:f9:41:a5:0e:8f:57:6c:
                    44:e3:ee:50:3c:ba:3e:03:be:98:68:37:6c:2c:5a:
                    01:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:02:DB:E7:A6:12:3C:3F:05:D8:D4:1D:51:7D:FB:C3:83:3F:5D:45
            X509v3 Authority Key Identifier:
                keyid:BF:FB:65:3A:2F:53:D9:67:0B:3F:91:84:02:09:F3:F2:C7:8A:C1:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v_tlOi9T2WcLP5GEAgnz8seKwbI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/307e30-177d-4b3f-b564-bd2f8c6d5499/1/v_tlOi9T2WcLP5GEAgnz8seKwbI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/307e30-177d-4b3f-b564-bd2f8c6d5499/1/v_tlOi9T2WcLP5GEAgnz8seKwbI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:1e:f8:a3:a5:7f:d6:cd:9e:d8:15:ad:bf:8e:a5:60:64:5c:
         bf:f3:5b:77:e9:f9:bf:41:16:f9:b0:f1:a4:bc:30:00:7f:64:
         ce:d7:1b:79:e4:68:11:1d:0a:db:cc:c3:c8:12:89:67:14:62:
         b9:90:c4:54:21:3f:25:4e:cc:5d:0f:a5:53:7d:75:bf:a7:88:
         a7:3f:67:b4:58:a8:39:4f:a9:74:40:af:4d:d6:e3:ef:a0:59:
         64:d4:eb:6c:cd:d4:36:3b:52:91:6f:c7:4c:e5:1f:79:21:f7:
         ee:21:c0:eb:c6:b5:3f:d0:52:7f:59:c9:df:1f:eb:15:70:d7:
         7d:e4:06:be:44:bc:1d:67:06:c8:33:b6:dc:df:83:11:73:34:
         35:59:6a:4c:3a:23:e6:ff:4c:64:0e:53:df:7e:92:96:b9:32:
         88:82:6b:0f:c0:86:c3:41:49:e4:80:dc:e7:18:28:d6:20:ff:
         b5:92:4b:e4:6b:8a:5b:d3:a9:bd:af:6a:60:c6:a9:b3:87:cc:
         0c:be:cc:a0:78:81:1f:ea:46:43:19:b5:09:52:c2:d6:b2:95:
         cd:f6:6b:b5:57:f6:80:31:12:48:52:35:a1:a2:c7:a5:a6:95:
         a3:40:17:16:7f:4f:bf:1f:5b:38:63:a5:e6:84:99:09:65:71:
         99:77:11:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDiB2Ag7FMj+Njo2WBDvVOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZmI2NTNhMmY1M2Q5NjcwYjNmOTE4NDAyMDlmM2YyYzc4
YWMxYjIwHhcNMjUwMjAxMjIwMTA0WhcNMjUwMjAyMjIwMTA0WjAzMTEwLwYDVQQD
Eyg1ZjAyZGJlN2E2MTIzYzNmMDVkOGQ0MWQ1MTdkZmJjMzgzM2Y1ZDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2M8+xVi76W0CdUEb8Q0b+4cgK9+
fWwbtqgDVBx/oe/38BilFmvxy2xaFCv7ZBAbs4g6+MqleuMbSFDB+zLpsM6zoUyP
flQxyS/hWBc0hM9EFAv5sepFiB9f6y+dVh1TrUrkkWQGiNEXDfot9eHBckk2Y4bT
n+tXJltec5/xVS6de85czntdIqERCbbvJozr6I2xlkvCr+Jq1/Qs2uY/8hKzGewC
epGx7xQKCUGBhNLqtXMwh6NngYcoxA+N1amanZusZUtInaW1bMLGz5D8NFvz60ny
cFcaxffMjQCdqMtxBDGLcKySOvlBpQ6PV2xE4+5QPLo+A76YaDdsLFoB3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF8C2+emEjw/BdjUHVF9+8ODP11FMB8GA1UdIwQY
MBaAFL/7ZTovU9lnCz+RhAIJ8/LHisGyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdl90bE9pOVQyV2NMUDVHRUFnbno4c2VLd2JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMDdlMzAtMTc3ZC00YjNmLWI1NjQt
YmQyZjhjNmQ1NDk5LzEvdl90bE9pOVQyV2NMUDVHRUFnbno4c2VLd2JJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMDdlMzAtMTc3ZC00YjNmLWI1NjQtYmQyZjhjNmQ1NDk5
LzEvdl90bE9pOVQyV2NMUDVHRUFnbno4c2VLd2JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATh74o6V/
1s2e2BWtv46lYGRcv/Nbd+n5v0EW+bDxpLwwAH9kztcbeeRoER0K28zDyBKJZxRi
uZDEVCE/JU7MXQ+lU311v6eIpz9ntFioOU+pdECvTdbj76BZZNTrbM3UNjtSkW/H
TOUfeSH37iHA68a1P9BSf1nJ3x/rFXDXfeQGvkS8HWcGyDO23N+DEXM0NVlqTDoj
5v9MZA5T336SlrkyiIJrD8CGw0FJ5IDc5xgo1iD/tZJL5GuKW9Opva9qYMaps4fM
DL7MoHiBH+pGQxm1CVLC1rKVzfZrtVf2gDESSFI1oaLHpaaVo0AXFn9Pvx9bOGOl
5oSZCWVxmXcR3A==
-----END CERTIFICATE-----