Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.mft
File:                     PE7ZQuXHQud7-5vrlU-HJTT1KEg.mft (raw, json)
Hash identifier:          GMImyLdr50/orTpRacZ0eGk/37BXxp1TqnCY7bOpNo8=
Subject key identifier:   E4:10:FE:3C:E5:66:F8:41:34:34:A4:49:93:D7:F3:A6:99:93:11:07
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Certificate issuer:       /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial:       01951210D685D0E2C49A399382B9022466B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.mft
Manifest number:          0F2A
Signing time:             Mon 17 Feb 2025 04:00:48 +0000
Manifest this update:     Mon 17 Feb 2025 04:00:48 +0000
Manifest next update:     Tue 18 Feb 2025 04:00:48 +0000
Files and hashes:         1: PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl (hash: Gca27g/BjSUU4IfLwHSLHAuEh6Aa5QFSLt2OEbabieQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:12:10:d6:85:d0:e2:c4:9a:39:93:82:b9:02:24:66:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
        Validity
            Not Before: Feb 17 04:00:48 2025 GMT
            Not After : Feb 18 04:00:48 2025 GMT
        Subject: CN=e410fe3ce566f8413434a44993d7f3a699931107
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:fe:35:ae:77:e1:9c:0b:a3:2e:cb:a4:3b:8f:
                    6a:79:5c:e8:73:38:54:55:c2:6c:9d:a4:41:56:d1:
                    68:4d:e3:c5:01:b7:f2:eb:17:eb:b0:51:7c:3d:03:
                    97:61:fa:ab:09:90:41:8b:9e:7b:22:c7:47:8e:30:
                    ce:53:ee:7c:02:4c:5d:02:1d:71:8b:bd:e7:bb:fb:
                    6f:af:cc:7c:e3:8f:63:ed:c1:85:49:a5:06:cd:a4:
                    fd:91:70:17:cd:ec:2b:99:96:ac:eb:60:e6:2c:83:
                    de:d2:72:88:6f:5d:e5:53:94:08:6c:8a:1b:e2:fc:
                    78:be:e8:2f:af:1c:b6:98:9f:26:1a:d7:93:ab:4c:
                    da:9a:cc:97:c7:f7:bd:4c:9a:c0:72:60:93:22:c6:
                    cd:bf:11:e7:b4:80:2e:8d:15:68:3a:81:4e:7b:a9:
                    89:e2:0c:be:33:6b:bc:16:e6:f2:cc:f5:3f:fc:78:
                    fa:51:3c:76:79:df:2d:f5:03:a2:9c:9f:c5:c9:34:
                    1b:94:09:12:63:03:bd:1d:73:90:6e:cc:76:5f:bf:
                    f8:5f:fe:d5:5a:8c:fa:ee:73:85:02:c1:c2:4e:f2:
                    be:0d:8d:e7:7f:6f:64:67:6a:be:cd:87:57:cf:81:
                    c9:d6:08:c2:ac:d5:59:69:a9:65:0b:c6:cf:39:f0:
                    79:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:10:FE:3C:E5:66:F8:41:34:34:A4:49:93:D7:F3:A6:99:93:11:07
            X509v3 Authority Key Identifier:
                keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:2f:be:f7:0f:cc:ab:fc:0e:4c:b5:47:31:ac:8b:4b:b8:44:
         eb:e2:bc:9c:64:18:dd:cf:6d:a9:ea:0b:4f:54:6e:65:c0:59:
         3b:a5:e7:56:25:29:3f:8c:7c:62:ff:0d:ad:4d:3f:0f:6d:73:
         cd:13:18:2f:7d:a6:e0:c3:ac:b5:20:df:1d:b2:9b:5d:e8:21:
         3a:43:a8:4e:77:17:5a:7e:72:26:e6:bd:a6:23:5d:61:de:88:
         89:ba:4d:45:86:62:33:f0:60:11:b6:48:6f:5d:a4:0a:fd:30:
         01:d5:2a:31:e0:b9:03:95:68:fa:24:b4:04:08:5e:f3:96:10:
         c0:33:00:87:fc:43:1d:2e:22:b0:f2:5b:c4:b7:fe:80:ca:6a:
         8d:4d:58:e2:c6:2b:f8:5a:3c:f0:78:ac:aa:1d:6a:e4:cd:a7:
         2f:04:12:a3:fd:0d:10:2f:c5:50:fb:c3:1f:68:f6:5d:52:9c:
         48:9f:4b:5a:b5:c9:18:b8:78:bb:3f:c5:0d:55:66:ba:d0:05:
         c3:8a:c5:f0:fb:27:ac:a8:f3:e4:38:ee:ec:d5:1b:cb:32:ab:
         33:dd:dd:6e:47:67:87:16:fc:89:e1:96:76:85:4a:ca:73:03:
         30:59:cc:51:72:ec:f0:9c:69:b1:9a:7b:38:c6:d4:6f:3c:87:
         b0:bf:4a:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSENaF0OLEmjmTgrkCJGaxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjUwMjE3MDQwMDQ4WhcNMjUwMjE4MDQwMDQ4WjAzMTEwLwYDVQQD
EyhlNDEwZmUzY2U1NjZmODQxMzQzNGE0NDk5M2Q3ZjNhNjk5OTMxMTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuf41rnfhnAujLsukO49qeVzoczhU
VcJsnaRBVtFoTePFAbfy6xfrsFF8PQOXYfqrCZBBi557IsdHjjDOU+58AkxdAh1x
i73nu/tvr8x8449j7cGFSaUGzaT9kXAXzewrmZas62DmLIPe0nKIb13lU5QIbIob
4vx4vugvrxy2mJ8mGteTq0zamsyXx/e9TJrAcmCTIsbNvxHntIAujRVoOoFOe6mJ
4gy+M2u8FubyzPU//Hj6UTx2ed8t9QOinJ/FyTQblAkSYwO9HXOQbsx2X7/4X/7V
Woz67nOFAsHCTvK+DY3nf29kZ2q+zYdXz4HJ1gjCrNVZaallC8bPOfB5SwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOQQ/jzlZvhBNDSkSZPX86aZkxEHMB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAby++9w/M
q/wOTLVHMayLS7hE6+K8nGQY3c9tqeoLT1RuZcBZO6XnViUpP4x8Yv8NrU0/D21z
zRMYL32m4MOstSDfHbKbXeghOkOoTncXWn5yJua9piNdYd6IibpNRYZiM/BgEbZI
b12kCv0wAdUqMeC5A5Vo+iS0BAhe85YQwDMAh/xDHS4isPJbxLf+gMpqjU1Y4sYr
+Fo88Hisqh1q5M2nLwQSo/0NEC/FUPvDH2j2XVKcSJ9LWrXJGLh4uz/FDVVmutAF
w4rF8PsnrKjz5Dju7NUbyzKrM93dbkdnhxb8ieGWdoVKynMDMFnMUXLs8JxpsZp7
OMbUbzyHsL9KHg==
-----END CERTIFICATE-----