Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/cd4f4d-aa58-4a2f-a3c5-7e8c545a97ae/1/tDlkbascuAzWConx-qE0bzlSO_o.mft
File:                     tDlkbascuAzWConx-qE0bzlSO_o.mft (raw, json)
Hash identifier:          D9dSVYCoc3y21M/oreTSOru/UHLCJQAbgzML5GV4sfI=
Subject key identifier:   9A:AA:40:3E:47:46:B9:BF:69:8A:2F:4D:E1:E2:13:7E:A9:C4:7E:4B
Authority key identifier: B4:39:64:6D:AB:1C:B8:0C:D6:0A:89:F1:FA:A1:34:6F:39:52:3B:FA
Certificate issuer:       /CN=b439646dab1cb80cd60a89f1faa1346f39523bfa
Certificate serial:       0195903E1093601ECDC8F7D335E27CDB3CB5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tDlkbascuAzWConx-qE0bzlSO_o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/cd4f4d-aa58-4a2f-a3c5-7e8c545a97ae/1/tDlkbascuAzWConx-qE0bzlSO_o.mft
Manifest number:          1494
Signing time:             Thu 13 Mar 2025 16:02:21 +0000
Manifest this update:     Thu 13 Mar 2025 16:02:21 +0000
Manifest next update:     Fri 14 Mar 2025 16:02:21 +0000
Files and hashes:         1: tDlkbascuAzWConx-qE0bzlSO_o.crl (hash: IGRLhDZwpOhrGWtCVwVWhFFCz9KN2BQUkPvjpFGWH+w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/cd4f4d-aa58-4a2f-a3c5-7e8c545a97ae/1/tDlkbascuAzWConx-qE0bzlSO_o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/cd4f4d-aa58-4a2f-a3c5-7e8c545a97ae/1/tDlkbascuAzWConx-qE0bzlSO_o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tDlkbascuAzWConx-qE0bzlSO_o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 14 Mar 2025 15:28:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:90:3e:10:93:60:1e:cd:c8:f7:d3:35:e2:7c:db:3c:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b439646dab1cb80cd60a89f1faa1346f39523bfa
        Validity
            Not Before: Mar 13 16:02:21 2025 GMT
            Not After : Mar 14 16:02:21 2025 GMT
        Subject: CN=9aaa403e4746b9bf698a2f4de1e2137ea9c47e4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:e3:e3:da:f7:ad:c2:2c:ce:aa:25:6f:ee:7c:
                    34:96:c1:d7:ec:69:0d:a1:ca:75:6b:2a:8e:1a:b5:
                    b9:68:85:bc:81:6c:f3:92:fe:12:3b:02:a9:2c:0c:
                    9e:29:cf:07:c9:25:d7:e9:d9:ff:13:13:3e:6b:1f:
                    37:a9:a1:15:8e:f4:ee:5e:aa:91:19:15:0d:f6:6f:
                    a4:be:0d:00:3b:e9:f8:9c:af:53:65:a3:f1:e6:e1:
                    a0:c7:80:07:e6:37:32:c8:d3:3a:26:fe:ec:19:4b:
                    82:1d:ff:44:a3:e2:b6:26:1c:e9:e0:f8:e4:95:d2:
                    83:1a:7b:20:16:f8:b6:6f:1a:e8:20:5a:2b:a3:80:
                    d3:51:18:b0:2c:33:e2:a5:8a:76:be:36:7f:82:b3:
                    ab:ee:1d:a7:d7:35:cb:de:11:82:f5:33:41:ba:1e:
                    68:6c:ce:31:f7:0a:23:91:40:98:c5:d6:28:17:b0:
                    e6:af:da:15:7f:a7:df:21:bd:b6:52:66:a1:c1:69:
                    d2:3e:7d:c6:26:58:e7:a6:63:4c:8e:6d:b2:05:ca:
                    32:15:c3:e9:24:a2:62:8f:4f:43:b6:69:61:6c:88:
                    f4:99:65:20:65:be:a6:87:3e:a9:be:87:c0:07:c0:
                    5f:e3:74:87:76:b3:c4:cc:58:08:72:58:e1:b6:11:
                    7a:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:AA:40:3E:47:46:B9:BF:69:8A:2F:4D:E1:E2:13:7E:A9:C4:7E:4B
            X509v3 Authority Key Identifier:
                keyid:B4:39:64:6D:AB:1C:B8:0C:D6:0A:89:F1:FA:A1:34:6F:39:52:3B:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDlkbascuAzWConx-qE0bzlSO_o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/cd4f4d-aa58-4a2f-a3c5-7e8c545a97ae/1/tDlkbascuAzWConx-qE0bzlSO_o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/cd4f4d-aa58-4a2f-a3c5-7e8c545a97ae/1/tDlkbascuAzWConx-qE0bzlSO_o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:0b:8b:fe:65:f0:f4:5e:e6:46:c8:52:96:39:d6:ba:9d:59:
         aa:c0:e8:82:93:d0:c9:1d:f4:c3:94:a2:e0:2c:1f:98:a6:27:
         9d:1a:85:2a:c4:b3:93:57:2e:bb:9b:c4:db:4d:71:a5:8b:e2:
         a3:fe:1d:fb:3c:6a:89:6c:17:a8:85:82:7e:80:aa:84:2a:af:
         8a:f0:35:9b:74:bf:a6:b3:1c:53:7a:52:47:16:54:e7:49:a2:
         e0:8b:0f:6a:cd:50:34:bd:26:54:6c:53:56:ee:68:d8:1b:90:
         ec:dc:00:76:13:54:7c:69:2c:e9:b9:0e:b0:56:c0:d2:dc:d7:
         1f:6e:17:d8:11:9a:63:b1:b8:2d:c3:25:3b:68:09:6f:cc:2d:
         cd:48:a0:c4:c1:ed:21:1f:d8:62:40:78:c3:10:62:60:93:c7:
         bf:74:38:fb:bb:e6:a1:87:f4:67:dc:77:53:e5:d4:21:af:77:
         e9:3e:76:27:80:34:d5:4b:55:eb:82:77:54:6f:3c:e4:14:a8:
         90:9a:f1:a4:62:ca:74:8a:28:a6:b4:93:e0:3d:d1:14:a7:16:
         f1:52:3c:6b:2a:6f:d4:9c:18:0c:67:9f:77:71:be:dc:3a:de:
         6a:03:94:bf:79:6b:c2:5d:14:9a:7a:c1:10:b8:17:b6:ac:76:
         4a:35:53:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWQPhCTYB7NyPfTNeJ82zy1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Mzk2NDZkYWIxY2I4MGNkNjBhODlmMWZhYTEzNDZmMzk1
MjNiZmEwHhcNMjUwMzEzMTYwMjIxWhcNMjUwMzE0MTYwMjIxWjAzMTEwLwYDVQQD
Eyg5YWFhNDAzZTQ3NDZiOWJmNjk4YTJmNGRlMWUyMTM3ZWE5YzQ3ZTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjePj2vetwizOqiVv7nw0lsHX7GkN
ocp1ayqOGrW5aIW8gWzzkv4SOwKpLAyeKc8HySXX6dn/ExM+ax83qaEVjvTuXqqR
GRUN9m+kvg0AO+n4nK9TZaPx5uGgx4AH5jcyyNM6Jv7sGUuCHf9Eo+K2Jhzp4Pjk
ldKDGnsgFvi2bxroIForo4DTURiwLDPipYp2vjZ/grOr7h2n1zXL3hGC9TNBuh5o
bM4x9wojkUCYxdYoF7Dmr9oVf6ffIb22UmahwWnSPn3GJljnpmNMjm2yBcoyFcPp
JKJij09DtmlhbIj0mWUgZb6mhz6pvofAB8Bf43SHdrPEzFgIcljhthF6AQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJqqQD5HRrm/aYovTeHiE36pxH5LMB8GA1UdIwQY
MBaAFLQ5ZG2rHLgM1gqJ8fqhNG85Ujv6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERsa2Jhc2N1QXpXQ29ueC1xRTBiemxTT19vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9jZDRmNGQtYWE1OC00YTJmLWEzYzUt
N2U4YzU0NWE5N2FlLzEvdERsa2Jhc2N1QXpXQ29ueC1xRTBiemxTT19vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9jZDRmNGQtYWE1OC00YTJmLWEzYzUtN2U4YzU0NWE5N2Fl
LzEvdERsa2Jhc2N1QXpXQ29ueC1xRTBiemxTT19vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJAuL/mXw
9F7mRshSljnWup1ZqsDogpPQyR30w5Si4CwfmKYnnRqFKsSzk1cuu5vE201xpYvi
o/4d+zxqiWwXqIWCfoCqhCqvivA1m3S/prMcU3pSRxZU50mi4IsPas1QNL0mVGxT
Vu5o2BuQ7NwAdhNUfGks6bkOsFbA0tzXH24X2BGaY7G4LcMlO2gJb8wtzUigxMHt
IR/YYkB4wxBiYJPHv3Q4+7vmoYf0Z9x3U+XUIa936T52J4A01UtV64J3VG885BSo
kJrxpGLKdIooprST4D3RFKcW8VI8aypv1JwYDGefd3G+3DreagOUv3lrwl0UmnrB
ELgXtqx2SjVTaA==
-----END CERTIFICATE-----