Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/399d34-e4d0-4b80-8ecd-b7892f76e8c5/1/N28vTtsjIwxkt5O0GVfvSjI-PFM.mft
File:                     N28vTtsjIwxkt5O0GVfvSjI-PFM.mft (raw, json)
Hash identifier:          OD38tU87Uj73fTZs7q1DpOUlXN02hdBgE6q8LOeNOqw=
Subject key identifier:   ED:1B:E9:6E:01:01:2C:1A:3C:5B:49:3A:8B:6B:50:FE:2E:00:EF:D4
Authority key identifier: 37:6F:2F:4E:DB:23:23:0C:64:B7:93:B4:19:57:EF:4A:32:3E:3C:53
Certificate issuer:       /CN=376f2f4edb23230c64b793b41957ef4a323e3c53
Certificate serial:       0194C4D166D4E1F8CB9C1B28D985D248D750
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/N28vTtsjIwxkt5O0GVfvSjI-PFM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/399d34-e4d0-4b80-8ecd-b7892f76e8c5/1/N28vTtsjIwxkt5O0GVfvSjI-PFM.mft
Manifest number:          0EDA
Signing time:             Sun 02 Feb 2025 04:00:45 +0000
Manifest this update:     Sun 02 Feb 2025 04:00:45 +0000
Manifest next update:     Mon 03 Feb 2025 04:00:45 +0000
Files and hashes:         1: N28vTtsjIwxkt5O0GVfvSjI-PFM.crl (hash: VPg6mx1QDf6TGi7f83GnnNE1o8Q7yiyyoXY94CHJqRk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/399d34-e4d0-4b80-8ecd-b7892f76e8c5/1/N28vTtsjIwxkt5O0GVfvSjI-PFM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/399d34-e4d0-4b80-8ecd-b7892f76e8c5/1/N28vTtsjIwxkt5O0GVfvSjI-PFM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/N28vTtsjIwxkt5O0GVfvSjI-PFM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:d1:66:d4:e1:f8:cb:9c:1b:28:d9:85:d2:48:d7:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=376f2f4edb23230c64b793b41957ef4a323e3c53
        Validity
            Not Before: Feb  2 04:00:45 2025 GMT
            Not After : Feb  3 04:00:45 2025 GMT
        Subject: CN=ed1be96e01012c1a3c5b493a8b6b50fe2e00efd4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:a0:1e:a1:61:58:bf:10:39:24:9c:37:60:f9:
                    67:6d:b4:d6:a0:63:6a:ef:a3:20:99:53:e4:82:2f:
                    1e:39:84:7b:e5:cc:64:99:10:03:f1:62:44:79:c6:
                    91:c9:88:78:06:ab:d2:c5:e8:8b:9e:b0:ec:7f:e8:
                    c7:53:41:85:cc:38:40:1a:01:54:0e:13:96:3a:ef:
                    ed:a9:42:84:e1:25:6a:e7:66:c0:ce:b7:80:38:99:
                    66:52:e5:23:cd:b4:dd:dc:dd:f8:53:fd:0e:8b:1b:
                    03:11:6e:c0:bd:a4:bf:2a:87:67:c6:e5:45:90:1f:
                    c6:4c:0f:b5:7e:af:97:f4:10:2e:88:b4:cf:a4:00:
                    e3:14:a7:4b:9d:ac:03:56:be:43:0c:b1:0c:8f:60:
                    42:92:8a:2a:43:9d:55:b9:d0:d0:4f:47:b8:30:e2:
                    fa:6e:bd:c5:aa:fb:57:40:70:f3:01:b9:19:b8:a8:
                    fa:3d:3c:13:ad:ac:13:99:a9:fa:ab:5d:12:8e:77:
                    1e:f8:80:c2:9a:80:b2:ab:64:b5:01:b2:a2:5b:47:
                    fe:6a:bb:03:28:00:49:b0:b9:f7:37:5d:b7:a2:54:
                    83:b9:6c:60:72:35:af:92:e2:0c:06:41:8e:07:d2:
                    5e:64:4e:c6:ac:5f:ef:91:2a:b4:2b:de:a3:63:1d:
                    9f:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:1B:E9:6E:01:01:2C:1A:3C:5B:49:3A:8B:6B:50:FE:2E:00:EF:D4
            X509v3 Authority Key Identifier:
                keyid:37:6F:2F:4E:DB:23:23:0C:64:B7:93:B4:19:57:EF:4A:32:3E:3C:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N28vTtsjIwxkt5O0GVfvSjI-PFM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/399d34-e4d0-4b80-8ecd-b7892f76e8c5/1/N28vTtsjIwxkt5O0GVfvSjI-PFM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/399d34-e4d0-4b80-8ecd-b7892f76e8c5/1/N28vTtsjIwxkt5O0GVfvSjI-PFM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:cd:63:2b:f4:23:c2:7b:79:e4:8b:c2:d1:30:50:bf:0b:e0:
         8b:7a:19:0b:7c:f1:7f:4b:cc:08:94:80:9f:9e:95:dd:64:3d:
         0e:85:41:7a:87:c8:bb:00:13:5e:4a:fe:26:fc:82:c5:a8:91:
         05:cf:a1:7b:94:1f:33:13:b4:6e:cc:b9:9d:82:33:42:d7:10:
         d9:ef:23:a1:74:69:a0:68:2e:a0:e8:3c:ea:e3:ea:f9:56:94:
         89:5a:ff:39:bf:2e:8f:a0:01:77:4c:0e:32:d1:24:bf:3d:49:
         bd:3b:a2:27:97:bc:6a:6b:7c:af:bf:2c:76:b0:2c:ca:97:eb:
         d8:a8:36:03:b6:9a:6b:4a:72:c5:5a:47:0d:e4:9c:99:20:d9:
         d2:0f:87:8d:48:ac:41:6c:70:87:4b:4b:7e:9b:c0:46:3c:e9:
         59:60:56:64:4b:8f:41:9e:13:e3:5e:22:30:64:96:27:fb:75:
         a1:7c:9f:68:7e:b6:7f:66:0b:bf:39:9d:2a:f6:0b:2e:70:72:
         1e:a6:b7:a3:d5:75:9d:07:c3:d2:35:63:34:67:6e:8a:61:3f:
         52:d1:13:46:98:4a:c1:88:18:fb:0f:22:87:1b:ce:a1:ef:1c:
         8c:45:62:d7:ec:04:cc:a9:91:e1:34:fd:bf:d3:64:40:1b:10:
         9e:62:2e:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTE0WbU4fjLnBso2YXSSNdQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NmYyZjRlZGIyMzIzMGM2NGI3OTNiNDE5NTdlZjRhMzIz
ZTNjNTMwHhcNMjUwMjAyMDQwMDQ1WhcNMjUwMjAzMDQwMDQ1WjAzMTEwLwYDVQQD
EyhlZDFiZTk2ZTAxMDEyYzFhM2M1YjQ5M2E4YjZiNTBmZTJlMDBlZmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2qAeoWFYvxA5JJw3YPlnbbTWoGNq
76MgmVPkgi8eOYR75cxkmRAD8WJEecaRyYh4BqvSxeiLnrDsf+jHU0GFzDhAGgFU
DhOWOu/tqUKE4SVq52bAzreAOJlmUuUjzbTd3N34U/0OixsDEW7AvaS/KodnxuVF
kB/GTA+1fq+X9BAuiLTPpADjFKdLnawDVr5DDLEMj2BCkooqQ51VudDQT0e4MOL6
br3FqvtXQHDzAbkZuKj6PTwTrawTman6q10Sjnce+IDCmoCyq2S1AbKiW0f+arsD
KABJsLn3N123olSDuWxgcjWvkuIMBkGOB9JeZE7GrF/vkSq0K96jYx2fYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO0b6W4BASwaPFtJOotrUP4uAO/UMB8GA1UdIwQY
MBaAFDdvL07bIyMMZLeTtBlX70oyPjxTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjI4dlR0c2pJd3hrdDVPMEdWZnZTakktUEZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8zOTlkMzQtZTRkMC00YjgwLThlY2Qt
Yjc4OTJmNzZlOGM1LzEvTjI4dlR0c2pJd3hrdDVPMEdWZnZTakktUEZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8zOTlkMzQtZTRkMC00YjgwLThlY2QtYjc4OTJmNzZlOGM1
LzEvTjI4dlR0c2pJd3hrdDVPMEdWZnZTakktUEZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfc1jK/Qj
wnt55IvC0TBQvwvgi3oZC3zxf0vMCJSAn56V3WQ9DoVBeofIuwATXkr+JvyCxaiR
Bc+he5QfMxO0bsy5nYIzQtcQ2e8joXRpoGguoOg86uPq+VaUiVr/Ob8uj6ABd0wO
MtEkvz1JvTuiJ5e8amt8r78sdrAsypfr2Kg2A7aaa0pyxVpHDeScmSDZ0g+HjUis
QWxwh0tLfpvARjzpWWBWZEuPQZ4T414iMGSWJ/t1oXyfaH62f2YLvzmdKvYLLnBy
Hqa3o9V1nQfD0jVjNGduimE/UtETRphKwYgY+w8ihxvOoe8cjEVi1+wEzKmR4TT9
v9NkQBsQnmIumg==
-----END CERTIFICATE-----