Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.mft
File:                     2QrRERMYMAumeOiOBQKx_FHjU3k.mft (raw, json)
Hash identifier:          Ios3k+JM5+FSU3ZdxJFi5OAeY4BpT7Q4Y7KGoBz8PMY=
Subject key identifier:   E6:98:F2:85:4F:3F:FB:C2:5F:7C:FB:3D:25:FA:E8:22:DE:4E:A0:CA
Authority key identifier: D9:0A:D1:11:13:18:30:0B:A6:78:E8:8E:05:02:B1:FC:51:E3:53:79
Certificate issuer:       /CN=d90ad1111318300ba678e88e0502b1fc51e35379
Certificate serial:       0194C3BE4F42F895EBF792E0ACE64A761FCF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2QrRERMYMAumeOiOBQKx_FHjU3k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.mft
Manifest number:          38
Signing time:             Sat 01 Feb 2025 23:00:16 +0000
Manifest this update:     Sat 01 Feb 2025 23:00:16 +0000
Manifest next update:     Sun 02 Feb 2025 23:00:16 +0000
Files and hashes:         1: 2QrRERMYMAumeOiOBQKx_FHjU3k.crl (hash: 4GI+PgczhTpE5jkUBZdVh/qfy36A//2grcAnTFGvFK8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2QrRERMYMAumeOiOBQKx_FHjU3k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 23:00:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:be:4f:42:f8:95:eb:f7:92:e0:ac:e6:4a:76:1f:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d90ad1111318300ba678e88e0502b1fc51e35379
        Validity
            Not Before: Feb  1 23:00:16 2025 GMT
            Not After : Feb  2 23:00:16 2025 GMT
        Subject: CN=e698f2854f3ffbc25f7cfb3d25fae822de4ea0ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:04:f7:51:43:bf:ac:0a:7b:ad:56:20:30:2b:
                    82:65:d4:79:77:2d:2d:06:ec:82:19:f8:5f:cd:7d:
                    0f:6d:8c:e0:5d:73:cf:23:23:57:ed:9f:9c:4c:36:
                    ee:3b:ae:99:28:40:f1:49:fe:d8:13:3c:2b:d1:18:
                    ce:0c:c3:32:74:93:76:be:74:4d:96:9d:3a:b3:44:
                    8b:0f:cc:93:7e:c0:84:35:02:72:35:6a:c9:96:87:
                    72:bd:ae:05:28:54:a0:03:a4:15:fd:d5:b4:c0:bb:
                    d0:35:be:77:dd:58:85:a2:1c:d0:89:af:ca:38:81:
                    96:cf:89:bf:e0:ab:15:38:12:1c:87:6d:a1:14:0b:
                    2a:59:82:b7:1b:06:38:56:9b:58:47:f8:c7:99:e5:
                    50:72:e7:65:3c:68:d7:1e:18:25:67:4a:e0:35:ee:
                    e0:40:41:c6:e6:78:5f:42:46:e3:8f:42:ce:b8:ea:
                    8d:9e:35:cf:2b:66:fd:28:bb:1c:a2:b6:74:21:01:
                    a3:09:74:7d:db:ef:3f:47:08:2b:8a:a2:c7:d4:81:
                    63:c7:cd:d0:96:bf:1e:8e:03:08:ad:7d:5d:4e:45:
                    0f:20:15:d4:3f:59:1f:86:ac:9d:5e:12:b8:7a:9c:
                    69:21:b6:5b:73:cd:49:ac:01:59:8f:2d:01:5b:7c:
                    af:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:98:F2:85:4F:3F:FB:C2:5F:7C:FB:3D:25:FA:E8:22:DE:4E:A0:CA
            X509v3 Authority Key Identifier:
                keyid:D9:0A:D1:11:13:18:30:0B:A6:78:E8:8E:05:02:B1:FC:51:E3:53:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2QrRERMYMAumeOiOBQKx_FHjU3k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:15:7d:2a:60:d9:53:27:3c:1f:f2:67:3e:89:cd:b4:ad:e1:
         8f:94:9c:e8:94:ec:b9:bc:1a:ca:5f:19:13:6f:95:f3:a4:47:
         80:14:b3:4e:fa:95:73:23:5e:4b:8f:98:e2:9e:5c:4b:05:0d:
         c2:52:1a:f3:a7:96:48:a1:16:88:72:43:c9:c6:fb:c6:02:df:
         c9:e2:a8:f2:3d:a5:65:1a:83:25:78:95:a7:e3:10:cd:7d:2c:
         d0:54:d1:df:f9:15:16:8b:d0:ad:44:05:95:a3:3d:a8:7b:73:
         f8:30:43:1c:14:4a:d2:a3:2e:7e:f2:3d:6e:d9:d1:1a:dc:a4:
         bd:e7:a8:9f:bc:a3:d5:55:a7:ed:0f:d0:51:14:f3:52:ed:c8:
         3f:88:cf:4d:20:75:6d:96:17:59:1a:ba:ec:05:69:a9:7a:d5:
         01:81:0a:ec:83:de:57:d0:1d:07:2a:5d:a9:93:d5:a9:00:ac:
         69:0f:65:25:54:8d:8d:2b:89:2f:a3:72:b4:55:11:bf:03:e5:
         4c:4d:14:d4:e7:8f:7b:27:73:ed:a7:02:06:9f:72:28:ed:3c:
         93:86:cf:5a:f4:02:08:fd:5b:6d:64:5e:15:5c:1b:2b:57:40:
         9b:8d:91:e5:88:28:e9:6e:31:d8:14:5d:33:90:db:c7:eb:4f:
         66:b9:d6:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDvk9C+JXr95LgrOZKdh/PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MGFkMTExMTMxODMwMGJhNjc4ZTg4ZTA1MDJiMWZjNTFl
MzUzNzkwHhcNMjUwMjAxMjMwMDE2WhcNMjUwMjAyMjMwMDE2WjAzMTEwLwYDVQQD
EyhlNjk4ZjI4NTRmM2ZmYmMyNWY3Y2ZiM2QyNWZhZTgyMmRlNGVhMGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowT3UUO/rAp7rVYgMCuCZdR5dy0t
BuyCGfhfzX0PbYzgXXPPIyNX7Z+cTDbuO66ZKEDxSf7YEzwr0RjODMMydJN2vnRN
lp06s0SLD8yTfsCENQJyNWrJlodyva4FKFSgA6QV/dW0wLvQNb533ViFohzQia/K
OIGWz4m/4KsVOBIch22hFAsqWYK3GwY4VptYR/jHmeVQcudlPGjXHhglZ0rgNe7g
QEHG5nhfQkbjj0LOuOqNnjXPK2b9KLscorZ0IQGjCXR92+8/RwgriqLH1IFjx83Q
lr8ejgMIrX1dTkUPIBXUP1kfhqydXhK4epxpIbZbc81JrAFZjy0BW3yvLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOaY8oVPP/vCX3z7PSX66CLeTqDKMB8GA1UdIwQY
MBaAFNkK0RETGDALpnjojgUCsfxR41N5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlFyUkVSTVlNQXVtZU9pT0JRS3hfRkhqVTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS83NThhMGYtM2M0Yy00MzEwLTlhNzIt
NWEyN2I4YWYyOGE1LzEvMlFyUkVSTVlNQXVtZU9pT0JRS3hfRkhqVTNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS83NThhMGYtM2M0Yy00MzEwLTlhNzItNWEyN2I4YWYyOGE1
LzEvMlFyUkVSTVlNQXVtZU9pT0JRS3hfRkhqVTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATRV9KmDZ
Uyc8H/JnPonNtK3hj5Sc6JTsubwayl8ZE2+V86RHgBSzTvqVcyNeS4+Y4p5cSwUN
wlIa86eWSKEWiHJDycb7xgLfyeKo8j2lZRqDJXiVp+MQzX0s0FTR3/kVFovQrUQF
laM9qHtz+DBDHBRK0qMufvI9btnRGtykveeon7yj1VWn7Q/QURTzUu3IP4jPTSB1
bZYXWRq67AVpqXrVAYEK7IPeV9AdBypdqZPVqQCsaQ9lJVSNjSuJL6NytFURvwPl
TE0U1OePeydz7acCBp9yKO08k4bPWvQCCP1bbWReFVwbK1dAm42R5Ygo6W4x2BRd
M5Dbx+tPZrnWIw==
-----END CERTIFICATE-----