Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/dcc22e-aab3-4e17-a4a0-d87017d7a6ac/1/aWZRzL2U9r6et0MyEiM1yrvvw5o.mft
File:                     aWZRzL2U9r6et0MyEiM1yrvvw5o.mft (raw, json)
Hash identifier:          LMNULNgU72UTkgFwbwF8k4cU+NuhjR7fDEfAgAU/Oag=
Subject key identifier:   A3:D4:A5:A2:D7:43:E4:7B:26:86:48:F0:CA:0F:25:38:14:DA:72:6A
Authority key identifier: 69:66:51:CC:BD:94:F6:BE:9E:B7:43:32:12:23:35:CA:BB:EF:C3:9A
Certificate issuer:       /CN=696651ccbd94f6be9eb74332122335cabbefc39a
Certificate serial:       0195113490F7FF3EB92C78BDD68B6A777D8E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aWZRzL2U9r6et0MyEiM1yrvvw5o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/dcc22e-aab3-4e17-a4a0-d87017d7a6ac/1/aWZRzL2U9r6et0MyEiM1yrvvw5o.mft
Manifest number:          0383
Signing time:             Mon 17 Feb 2025 00:00:12 +0000
Manifest this update:     Mon 17 Feb 2025 00:00:12 +0000
Manifest next update:     Tue 18 Feb 2025 00:00:12 +0000
Files and hashes:         1: aWZRzL2U9r6et0MyEiM1yrvvw5o.crl (hash: TdgtUcyh+lfowAWkVFNTArtHgt/H4uQ26pRnCwDkCe4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/dcc22e-aab3-4e17-a4a0-d87017d7a6ac/1/aWZRzL2U9r6et0MyEiM1yrvvw5o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/dcc22e-aab3-4e17-a4a0-d87017d7a6ac/1/aWZRzL2U9r6et0MyEiM1yrvvw5o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aWZRzL2U9r6et0MyEiM1yrvvw5o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:34:90:f7:ff:3e:b9:2c:78:bd:d6:8b:6a:77:7d:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=696651ccbd94f6be9eb74332122335cabbefc39a
        Validity
            Not Before: Feb 17 00:00:12 2025 GMT
            Not After : Feb 18 00:00:12 2025 GMT
        Subject: CN=a3d4a5a2d743e47b268648f0ca0f253814da726a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:65:e0:8a:d4:49:7c:af:65:cd:1c:ed:a9:d8:
                    b3:3f:c1:a3:d9:38:32:76:11:3b:f1:48:fd:d0:83:
                    cd:1e:7a:9c:46:e8:76:2e:cf:53:7e:6d:11:d7:c1:
                    ff:db:3f:40:51:f5:c3:75:c2:8b:3b:6e:05:e4:5c:
                    25:44:98:a6:bf:a5:55:2c:07:8e:17:3a:83:37:f4:
                    9c:61:c7:11:40:c1:a9:49:c0:e7:a4:e5:42:3a:86:
                    a5:2b:dd:04:fb:6f:29:21:ee:db:97:c1:73:09:5e:
                    a9:5a:e1:b8:bf:2c:fd:9a:1f:f8:57:3e:8d:e5:65:
                    eb:66:25:5b:6a:5d:eb:95:11:96:5a:4e:92:e9:db:
                    51:67:cb:09:b3:52:c1:b8:e2:82:79:68:59:28:92:
                    da:15:6b:b5:c4:76:31:27:6c:3a:04:b3:f0:df:e1:
                    c2:b0:87:3e:c7:0b:09:ca:ca:e6:11:b8:b5:38:20:
                    59:42:77:77:4c:60:7a:6f:81:b7:b8:97:35:45:4b:
                    78:0f:bd:48:c0:5b:18:7f:30:bb:ca:fc:88:e4:9d:
                    3f:3b:92:5c:d2:a8:3b:84:54:a2:86:b6:c4:43:9c:
                    e8:30:11:2e:f3:e2:43:1c:e1:63:d2:97:90:07:da:
                    a0:6f:32:25:35:95:58:7d:bd:42:6e:e8:42:bb:c6:
                    df:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:D4:A5:A2:D7:43:E4:7B:26:86:48:F0:CA:0F:25:38:14:DA:72:6A
            X509v3 Authority Key Identifier:
                keyid:69:66:51:CC:BD:94:F6:BE:9E:B7:43:32:12:23:35:CA:BB:EF:C3:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aWZRzL2U9r6et0MyEiM1yrvvw5o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/dcc22e-aab3-4e17-a4a0-d87017d7a6ac/1/aWZRzL2U9r6et0MyEiM1yrvvw5o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/dcc22e-aab3-4e17-a4a0-d87017d7a6ac/1/aWZRzL2U9r6et0MyEiM1yrvvw5o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:bd:9d:bb:2a:9e:ce:48:ce:29:4e:73:de:7c:76:5b:70:52:
         2a:3e:82:8f:76:c3:91:f3:5a:f9:69:2d:6e:38:1a:39:7e:80:
         3c:66:3d:c6:0a:12:9f:94:bd:b8:d4:f2:5d:8a:02:0c:a5:72:
         ed:3b:b6:71:b5:ad:a9:29:37:0b:3b:0b:50:3b:cc:a9:ec:0b:
         ed:5b:84:37:7e:7f:90:43:df:a5:b5:7f:08:cc:d2:1b:44:1c:
         5c:f1:6b:6d:be:82:6f:de:18:8e:af:35:e2:2d:35:7b:3b:16:
         f6:5d:de:20:62:7b:8d:7f:76:55:4a:ad:f6:29:51:7b:78:0e:
         bb:e8:ff:78:06:43:07:fe:53:6a:70:9f:68:b2:bc:3d:43:67:
         e9:7d:7b:8b:83:10:b0:32:bb:e0:de:77:42:68:c2:92:e9:36:
         f7:ee:a2:fa:fe:86:15:30:d7:2a:98:c2:6c:59:17:e9:d7:69:
         de:ea:1b:11:19:c3:d3:c6:b9:d9:e0:83:33:ca:a2:4c:ef:93:
         5e:15:f7:f0:5d:3b:a3:27:44:26:58:76:68:bd:49:44:11:08:
         22:fa:1e:cb:65:ae:a1:48:33:39:6f:6a:22:5c:47:c8:46:c7:
         27:43:28:cc:91:a9:b9:6e:d7:d9:5c:e4:8e:c1:8c:e3:44:79:
         cb:aa:c9:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURNJD3/z65LHi91otqd32OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NjY1MWNjYmQ5NGY2YmU5ZWI3NDMzMjEyMjMzNWNhYmJl
ZmMzOWEwHhcNMjUwMjE3MDAwMDEyWhcNMjUwMjE4MDAwMDEyWjAzMTEwLwYDVQQD
EyhhM2Q0YTVhMmQ3NDNlNDdiMjY4NjQ4ZjBjYTBmMjUzODE0ZGE3MjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmXgitRJfK9lzRztqdizP8Gj2Tgy
dhE78Uj90IPNHnqcRuh2Ls9Tfm0R18H/2z9AUfXDdcKLO24F5FwlRJimv6VVLAeO
FzqDN/ScYccRQMGpScDnpOVCOoalK90E+28pIe7bl8FzCV6pWuG4vyz9mh/4Vz6N
5WXrZiVbal3rlRGWWk6S6dtRZ8sJs1LBuOKCeWhZKJLaFWu1xHYxJ2w6BLPw3+HC
sIc+xwsJysrmEbi1OCBZQnd3TGB6b4G3uJc1RUt4D71IwFsYfzC7yvyI5J0/O5Jc
0qg7hFSihrbEQ5zoMBEu8+JDHOFj0peQB9qgbzIlNZVYfb1CbuhCu8bfIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKPUpaLXQ+R7JoZI8MoPJTgU2nJqMB8GA1UdIwQY
MBaAFGlmUcy9lPa+nrdDMhIjNcq778OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVdaUnpMMlU5cjZldDBNeUVpTTF5cnZ2dzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9kY2MyMmUtYWFiMy00ZTE3LWE0YTAt
ZDg3MDE3ZDdhNmFjLzEvYVdaUnpMMlU5cjZldDBNeUVpTTF5cnZ2dzVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9kY2MyMmUtYWFiMy00ZTE3LWE0YTAtZDg3MDE3ZDdhNmFj
LzEvYVdaUnpMMlU5cjZldDBNeUVpTTF5cnZ2dzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK72duyqe
zkjOKU5z3nx2W3BSKj6Cj3bDkfNa+WktbjgaOX6APGY9xgoSn5S9uNTyXYoCDKVy
7Tu2cbWtqSk3CzsLUDvMqewL7VuEN35/kEPfpbV/CMzSG0QcXPFrbb6Cb94Yjq81
4i01ezsW9l3eIGJ7jX92VUqt9ilRe3gOu+j/eAZDB/5TanCfaLK8PUNn6X17i4MQ
sDK74N53QmjCkuk29+6i+v6GFTDXKpjCbFkX6ddp3uobERnD08a52eCDM8qiTO+T
XhX38F07oydEJlh2aL1JRBEIIvoey2WuoUgzOW9qIlxHyEbHJ0MozJGpuW7X2Vzk
jsGM40R5y6rJRQ==
-----END CERTIFICATE-----