Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft
File:                     aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft (raw, json)
Hash identifier:          I4ollTpbNEYsg06n1FPibR91H31r8M5RJiFX9A9W6mY=
Subject key identifier:   A8:24:C2:82:C6:FD:76:4B:44:FE:07:65:F1:5F:03:6D:A4:40:F7:71
Authority key identifier: 69:8D:47:BE:DF:84:89:AA:02:D3:DB:46:F9:8B:4F:7A:26:4B:48:0A
Certificate issuer:       /CN=698d47bedf8489aa02d3db46f98b4f7a264b480a
Certificate serial:       019511A25A124C4FE75F9389EE9729CB68AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aY1Hvt-EiaoC09tG-YtPeiZLSAo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft
Manifest number:          13E5
Signing time:             Mon 17 Feb 2025 02:00:07 +0000
Manifest this update:     Mon 17 Feb 2025 02:00:07 +0000
Manifest next update:     Tue 18 Feb 2025 02:00:07 +0000
Files and hashes:         1: aY1Hvt-EiaoC09tG-YtPeiZLSAo.crl (hash: WJf1cr14u/a88jwuSnxtTsn/BBXpsV2qzyOayCwi+nE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aY1Hvt-EiaoC09tG-YtPeiZLSAo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:a2:5a:12:4c:4f:e7:5f:93:89:ee:97:29:cb:68:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=698d47bedf8489aa02d3db46f98b4f7a264b480a
        Validity
            Not Before: Feb 17 02:00:07 2025 GMT
            Not After : Feb 18 02:00:07 2025 GMT
        Subject: CN=a824c282c6fd764b44fe0765f15f036da440f771
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:05:bd:6d:b0:6b:24:ba:ce:13:ec:ed:15:a1:
                    0e:20:d5:e9:8e:ae:2d:c6:9f:0a:c1:af:b5:80:25:
                    0b:4d:58:65:90:c4:23:d0:bc:a4:4e:00:b0:1f:1b:
                    85:f1:04:40:c7:de:dd:9c:f8:36:ea:11:2d:73:93:
                    57:02:52:2e:78:ec:43:e0:1c:b0:86:04:cd:87:1d:
                    28:96:68:2e:32:46:c2:47:a5:21:4c:1b:65:f7:ab:
                    63:56:0a:ea:be:26:ba:a0:99:75:e8:fe:0a:14:2e:
                    10:6a:17:59:63:85:24:b7:9b:af:0c:67:33:51:73:
                    04:59:3a:13:fe:10:fb:46:a0:82:8d:4c:b5:6f:a1:
                    1c:09:4d:d8:b9:5f:29:99:d6:91:7f:29:e1:3a:47:
                    06:b9:43:53:a2:5b:96:c8:2b:01:ec:26:10:8a:01:
                    ba:7c:ef:dd:64:94:08:a0:01:65:82:e4:c8:95:7e:
                    bf:ce:dd:2c:51:d6:9a:fe:c4:12:55:84:c6:3c:2f:
                    de:ad:5e:40:c9:90:e0:69:b6:ca:75:f8:ce:4d:41:
                    34:0e:98:ff:c9:b6:24:fb:ae:ea:68:14:10:c6:03:
                    0a:9a:71:12:ce:47:3c:37:86:18:0f:fb:66:2e:90:
                    c5:11:c8:d9:ae:3f:68:4f:2e:aa:c6:13:67:5c:bf:
                    3f:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:24:C2:82:C6:FD:76:4B:44:FE:07:65:F1:5F:03:6D:A4:40:F7:71
            X509v3 Authority Key Identifier:
                keyid:69:8D:47:BE:DF:84:89:AA:02:D3:DB:46:F9:8B:4F:7A:26:4B:48:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aY1Hvt-EiaoC09tG-YtPeiZLSAo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:79:c3:d9:85:b1:ed:5f:9a:83:70:41:b9:a3:f9:24:f2:b8:
         52:5c:a1:7f:aa:45:4e:4c:01:d5:cd:2b:21:7f:12:1c:a1:4f:
         e3:1c:dd:5b:4f:e8:0e:36:bc:10:d7:9f:18:ce:c0:87:96:0c:
         e5:db:19:1c:cb:f3:e7:ff:1b:33:7c:2a:d4:42:3d:95:79:f5:
         b6:fe:9b:d6:7b:41:09:70:f5:a7:d5:7c:ea:6b:43:a7:e5:02:
         82:4c:ff:7d:8e:d7:2a:13:fb:25:69:84:ef:a3:77:99:16:77:
         76:00:2b:f0:4f:cf:13:1a:97:d2:db:dd:19:c4:8d:3e:63:da:
         c2:e1:b9:64:9e:ed:10:3e:05:4c:ca:5f:7e:6f:00:73:e9:8c:
         fa:bb:85:58:e0:52:2c:f8:61:7b:6e:bc:6d:ec:05:db:33:5b:
         08:a4:90:9d:82:eb:ed:27:95:12:aa:2d:02:df:0a:29:bb:3a:
         8a:80:20:f8:6a:a4:b9:f9:b8:26:39:4f:20:c5:9d:2b:1c:76:
         b5:d9:80:07:18:79:2b:30:c9:41:6d:e7:97:c0:eb:ec:b6:06:
         8a:a8:6c:f7:1f:0f:ea:17:d8:10:35:73:37:57:97:bd:2f:52:
         92:d2:7f:16:a5:0f:6a:54:15:ab:a7:80:bb:d7:64:aa:d9:39:
         34:d7:8e:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURoloSTE/nX5OJ7pcpy2iuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5OGQ0N2JlZGY4NDg5YWEwMmQzZGI0NmY5OGI0ZjdhMjY0
YjQ4MGEwHhcNMjUwMjE3MDIwMDA3WhcNMjUwMjE4MDIwMDA3WjAzMTEwLwYDVQQD
EyhhODI0YzI4MmM2ZmQ3NjRiNDRmZTA3NjVmMTVmMDM2ZGE0NDBmNzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwW9bbBrJLrOE+ztFaEOINXpjq4t
xp8Kwa+1gCULTVhlkMQj0LykTgCwHxuF8QRAx97dnPg26hEtc5NXAlIueOxD4Byw
hgTNhx0olmguMkbCR6UhTBtl96tjVgrqvia6oJl16P4KFC4QahdZY4Ukt5uvDGcz
UXMEWToT/hD7RqCCjUy1b6EcCU3YuV8pmdaRfynhOkcGuUNToluWyCsB7CYQigG6
fO/dZJQIoAFlguTIlX6/zt0sUdaa/sQSVYTGPC/erV5AyZDgabbKdfjOTUE0Dpj/
ybYk+67qaBQQxgMKmnESzkc8N4YYD/tmLpDFEcjZrj9oTy6qxhNnXL8/YQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKgkwoLG/XZLRP4HZfFfA22kQPdxMB8GA1UdIwQY
MBaAFGmNR77fhImqAtPbRvmLT3omS0gKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVkxSHZ0LUVpYW9DMDl0Ry1ZdFBlaVpMU0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy81OWMwNjMtMjdkYy00NGNlLWE2MGYt
YjE0OWViNzA1ZGNjLzEvYVkxSHZ0LUVpYW9DMDl0Ry1ZdFBlaVpMU0FvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy81OWMwNjMtMjdkYy00NGNlLWE2MGYtYjE0OWViNzA1ZGNj
LzEvYVkxSHZ0LUVpYW9DMDl0Ry1ZdFBlaVpMU0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEnnD2YWx
7V+ag3BBuaP5JPK4Ulyhf6pFTkwB1c0rIX8SHKFP4xzdW0/oDja8ENefGM7Ah5YM
5dsZHMvz5/8bM3wq1EI9lXn1tv6b1ntBCXD1p9V86mtDp+UCgkz/fY7XKhP7JWmE
76N3mRZ3dgAr8E/PExqX0tvdGcSNPmPawuG5ZJ7tED4FTMpffm8Ac+mM+ruFWOBS
LPhhe268bewF2zNbCKSQnYLr7SeVEqotAt8KKbs6ioAg+Gqkufm4JjlPIMWdKxx2
tdmABxh5KzDJQW3nl8Dr7LYGiqhs9x8P6hfYEDVzN1eXvS9SktJ/FqUPalQVq6eA
u9dkqtk5NNeObQ==
-----END CERTIFICATE-----