Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/399d34-e4d0-4b80-8ecd-b7892f76e8c5/1/N28vTtsjIwxkt5O0GVfvSjI-PFM.mft
File:                     N28vTtsjIwxkt5O0GVfvSjI-PFM.mft (raw, json)
Hash identifier:          SJANA4Ry1Go9FKIdLnn2PLhMXJBUKAlMnv9ya017ywg=
Subject key identifier:   46:F4:14:EA:03:EF:3C:E4:AE:04:C5:7C:A5:A1:BB:5B:28:1A:66:9E
Authority key identifier: 37:6F:2F:4E:DB:23:23:0C:64:B7:93:B4:19:57:EF:4A:32:3E:3C:53
Certificate issuer:       /CN=376f2f4edb23230c64b793b41957ef4a323e3c53
Certificate serial:       0194BB28EA4018FB9EC89D92232117F0A94C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/N28vTtsjIwxkt5O0GVfvSjI-PFM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/399d34-e4d0-4b80-8ecd-b7892f76e8c5/1/N28vTtsjIwxkt5O0GVfvSjI-PFM.mft
Manifest number:          0ED5
Signing time:             Fri 31 Jan 2025 07:00:08 +0000
Manifest this update:     Fri 31 Jan 2025 07:00:08 +0000
Manifest next update:     Sat 01 Feb 2025 07:00:08 +0000
Files and hashes:         1: N28vTtsjIwxkt5O0GVfvSjI-PFM.crl (hash: S1S+PDXWBJoRKd/tsfHmsHYmZnRzXBtngsCBlbMD/Jg=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/399d34-e4d0-4b80-8ecd-b7892f76e8c5/1/N28vTtsjIwxkt5O0GVfvSjI-PFM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/399d34-e4d0-4b80-8ecd-b7892f76e8c5/1/N28vTtsjIwxkt5O0GVfvSjI-PFM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/N28vTtsjIwxkt5O0GVfvSjI-PFM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 07:00:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:bb:28:ea:40:18:fb:9e:c8:9d:92:23:21:17:f0:a9:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=376f2f4edb23230c64b793b41957ef4a323e3c53
        Validity
            Not Before: Jan 31 07:00:08 2025 GMT
            Not After : Feb  1 07:00:08 2025 GMT
        Subject: CN=46f414ea03ef3ce4ae04c57ca5a1bb5b281a669e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:7d:67:94:bf:66:d3:ac:13:31:66:9c:fa:bc:
                    8d:64:8c:39:b7:7d:07:f7:54:fa:ad:68:b7:ec:28:
                    63:53:76:f8:da:9b:1c:55:7a:01:7b:5b:e4:45:dc:
                    72:19:5b:c9:6d:a6:1f:00:a7:75:8f:a6:69:d5:fe:
                    f4:c7:6c:10:11:ab:35:2d:93:9a:31:eb:e0:11:01:
                    27:39:89:d0:5e:26:84:e1:f8:f1:f7:6d:be:5e:79:
                    03:3e:10:16:17:c0:4f:be:28:4e:62:fe:62:4a:d3:
                    0e:2c:b8:d8:ab:9d:38:2a:26:07:e5:28:f8:32:2f:
                    8a:1f:bb:7d:00:e0:29:21:ff:84:91:fa:1e:cf:0c:
                    07:6c:f5:f7:01:77:13:e2:cc:74:66:82:f3:10:bd:
                    fa:87:22:3b:83:08:76:87:14:c1:e3:8f:41:b8:9f:
                    73:17:d6:21:da:df:ff:cb:08:f4:0c:f1:b2:1b:77:
                    a6:5d:07:c3:d5:47:b0:6f:f9:6b:56:b8:37:89:fe:
                    84:14:af:56:99:76:d6:fa:3d:6c:56:26:6d:d6:2c:
                    f4:27:c6:b2:b3:f3:21:bc:76:ba:8b:18:79:83:90:
                    e3:a3:dd:6b:d3:f5:9a:2f:b7:60:a6:0c:8d:d9:06:
                    87:7f:41:9f:c3:3d:e7:f3:61:37:ad:8d:9d:da:11:
                    e7:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:F4:14:EA:03:EF:3C:E4:AE:04:C5:7C:A5:A1:BB:5B:28:1A:66:9E
            X509v3 Authority Key Identifier:
                keyid:37:6F:2F:4E:DB:23:23:0C:64:B7:93:B4:19:57:EF:4A:32:3E:3C:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N28vTtsjIwxkt5O0GVfvSjI-PFM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/399d34-e4d0-4b80-8ecd-b7892f76e8c5/1/N28vTtsjIwxkt5O0GVfvSjI-PFM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/399d34-e4d0-4b80-8ecd-b7892f76e8c5/1/N28vTtsjIwxkt5O0GVfvSjI-PFM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:e8:09:99:15:7f:d4:2c:39:4b:a1:20:f4:3a:81:c0:1c:da:
         fb:85:26:5d:65:2f:d8:34:bb:23:26:da:66:02:c0:ba:29:22:
         e8:41:33:82:30:e8:26:5f:f8:59:80:f0:d0:61:64:cd:a3:3a:
         c6:e3:0f:f4:a1:2c:ca:a0:7c:e4:20:e6:40:b3:73:6e:ea:2b:
         7f:6e:10:33:21:0d:14:c2:e4:52:bb:00:c2:9e:85:c0:45:b0:
         ce:f3:06:24:26:2b:f1:f5:be:30:31:18:c4:0c:95:c7:97:38:
         8b:07:0a:aa:50:4d:15:55:e7:19:32:53:3d:1c:7a:f3:ee:5f:
         ea:2a:ab:e9:06:6d:5d:df:1d:bb:a8:ad:5a:98:35:bc:c5:3a:
         0f:d7:3e:a1:86:af:3a:fa:f9:1e:c8:83:1c:64:af:be:f5:5b:
         53:af:68:9c:72:06:e6:42:74:f0:7d:45:6b:7e:a3:59:81:3d:
         f6:46:ee:58:a6:2d:90:00:58:de:4e:79:31:ed:f9:2a:fe:fe:
         c8:6f:d7:2a:96:5e:86:da:f8:9c:e7:b3:04:48:5e:29:ec:0f:
         f3:a7:64:91:50:25:87:a4:56:05:fe:5f:98:70:fa:ac:60:30:
         ff:7a:d6:d8:ee:bb:6b:d9:9d:ee:e0:af:65:41:36:7d:d8:76:
         c6:ef:a7:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS7KOpAGPueyJ2SIyEX8KlMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NmYyZjRlZGIyMzIzMGM2NGI3OTNiNDE5NTdlZjRhMzIz
ZTNjNTMwHhcNMjUwMTMxMDcwMDA4WhcNMjUwMjAxMDcwMDA4WjAzMTEwLwYDVQQD
Eyg0NmY0MTRlYTAzZWYzY2U0YWUwNGM1N2NhNWExYmI1YjI4MWE2NjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy31nlL9m06wTMWac+ryNZIw5t30H
91T6rWi37ChjU3b42pscVXoBe1vkRdxyGVvJbaYfAKd1j6Zp1f70x2wQEas1LZOa
MevgEQEnOYnQXiaE4fjx922+XnkDPhAWF8BPvihOYv5iStMOLLjYq504KiYH5Sj4
Mi+KH7t9AOApIf+EkfoezwwHbPX3AXcT4sx0ZoLzEL36hyI7gwh2hxTB449BuJ9z
F9Yh2t//ywj0DPGyG3emXQfD1Uewb/lrVrg3if6EFK9WmXbW+j1sViZt1iz0J8ay
s/MhvHa6ixh5g5Djo91r0/WaL7dgpgyN2QaHf0Gfwz3n82E3rY2d2hHnPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEb0FOoD7zzkrgTFfKWhu1soGmaeMB8GA1UdIwQY
MBaAFDdvL07bIyMMZLeTtBlX70oyPjxTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjI4dlR0c2pJd3hrdDVPMEdWZnZTakktUEZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8zOTlkMzQtZTRkMC00YjgwLThlY2Qt
Yjc4OTJmNzZlOGM1LzEvTjI4dlR0c2pJd3hrdDVPMEdWZnZTakktUEZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8zOTlkMzQtZTRkMC00YjgwLThlY2QtYjc4OTJmNzZlOGM1
LzEvTjI4dlR0c2pJd3hrdDVPMEdWZnZTakktUEZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF+gJmRV/
1Cw5S6Eg9DqBwBza+4UmXWUv2DS7IybaZgLAuiki6EEzgjDoJl/4WYDw0GFkzaM6
xuMP9KEsyqB85CDmQLNzbuorf24QMyENFMLkUrsAwp6FwEWwzvMGJCYr8fW+MDEY
xAyVx5c4iwcKqlBNFVXnGTJTPRx68+5f6iqr6QZtXd8du6itWpg1vMU6D9c+oYav
Ovr5HsiDHGSvvvVbU69onHIG5kJ08H1Fa36jWYE99kbuWKYtkABY3k55Me35Kv7+
yG/XKpZehtr4nOezBEheKewP86dkkVAlh6RWBf5fmHD6rGAw/3rW2O67a9md7uCv
ZUE2fdh2xu+ntw==
-----END CERTIFICATE-----