Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft
File:                     PO7GxHlRspnHCAZYPXkdUM2BbF8.mft (raw, json)
Hash identifier:          FcQ9mf30eJiJcGfBzSeK8wSGXPAgVpOtlFF8PoiE4JU=
Subject key identifier:   18:37:A0:B5:F7:C5:EC:89:2C:4F:F5:F9:23:F9:CB:FF:8A:55:3A:09
Authority key identifier: 3C:EE:C6:C4:79:51:B2:99:C7:08:06:58:3D:79:1D:50:CD:81:6C:5F
Certificate issuer:       /CN=3ceec6c47951b299c70806583d791d50cd816c5f
Certificate serial:       0194C3508B16C573CF3AA402823465809F39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft
Manifest number:          7D
Signing time:             Sat 01 Feb 2025 21:00:23 +0000
Manifest this update:     Sat 01 Feb 2025 21:00:23 +0000
Manifest next update:     Sun 02 Feb 2025 21:00:23 +0000
Files and hashes:         1: PO7GxHlRspnHCAZYPXkdUM2BbF8.crl (hash: VqUOOm1r+LhI6iO6ZVHRxnM+clgtdz0nneYN5B17Pao=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 21:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:50:8b:16:c5:73:cf:3a:a4:02:82:34:65:80:9f:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ceec6c47951b299c70806583d791d50cd816c5f
        Validity
            Not Before: Feb  1 21:00:23 2025 GMT
            Not After : Feb  2 21:00:23 2025 GMT
        Subject: CN=1837a0b5f7c5ec892c4ff5f923f9cbff8a553a09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:70:60:59:43:83:0a:0c:2a:fd:73:0e:10:1d:
                    3e:b6:62:40:f1:37:da:e0:d1:e8:a7:db:f1:5a:53:
                    97:b9:4c:5e:44:53:38:49:c7:87:43:f2:bb:78:96:
                    0c:15:d9:b1:b3:58:78:1a:77:56:15:40:84:78:1d:
                    aa:67:c2:26:bf:ce:4f:60:3c:38:db:06:2b:66:91:
                    22:67:25:b9:4e:38:39:4b:fb:cb:01:14:32:d2:f8:
                    53:d8:9c:c9:12:f1:41:3e:34:23:f5:f0:66:b9:3b:
                    7f:60:c7:93:dc:01:d1:d2:54:0b:aa:49:16:08:aa:
                    4e:38:ba:17:78:fe:61:fc:6e:87:f8:bd:cf:a0:00:
                    ff:42:a6:33:b2:17:c6:65:3c:ca:2e:7d:1d:4f:2e:
                    9c:ba:97:7c:a5:57:ec:25:3d:01:13:d4:86:d4:a3:
                    b2:7e:12:a2:7c:2e:d6:f1:af:f0:70:b1:bd:1b:66:
                    c5:e2:21:a1:bb:7b:df:d6:f2:d5:5c:78:e9:21:be:
                    19:e5:4b:f1:9a:7a:f0:56:fb:61:39:ca:a4:7d:03:
                    56:10:31:0e:29:73:ef:43:f0:da:82:92:41:22:ba:
                    f2:3c:4f:0e:18:d8:75:ec:24:83:3f:f7:1a:aa:40:
                    7e:54:d2:3b:74:0f:63:9f:1c:00:10:1a:13:12:94:
                    18:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:37:A0:B5:F7:C5:EC:89:2C:4F:F5:F9:23:F9:CB:FF:8A:55:3A:09
            X509v3 Authority Key Identifier:
                keyid:3C:EE:C6:C4:79:51:B2:99:C7:08:06:58:3D:79:1D:50:CD:81:6C:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:dc:ef:61:c6:04:3e:58:b2:af:37:05:27:32:fc:a0:d2:14:
         e2:75:a1:1e:65:3d:c9:92:b5:b4:61:4e:6b:c5:a8:4d:03:e9:
         14:d3:86:c4:e5:dd:20:09:b2:4e:33:78:56:26:c5:54:7e:64:
         14:dc:43:a4:11:ff:ef:f5:12:c3:36:ea:75:54:a8:4c:52:76:
         7f:38:b8:9a:bd:37:e5:ab:e7:e1:f3:1d:10:17:e1:49:2f:65:
         f1:76:03:4c:85:cc:d7:d8:15:c5:91:92:e9:b9:b0:8f:a8:b7:
         91:bc:76:5a:5e:59:1e:4e:9e:63:47:53:eb:57:92:96:ea:3f:
         02:ce:ff:1b:28:2b:ce:3e:78:0c:88:6a:06:57:9c:9b:10:c7:
         1f:b3:83:0f:ee:ff:34:e1:ee:c8:65:b0:cd:01:c8:fd:a1:c6:
         55:b7:55:d1:89:ca:65:1e:64:f5:1c:1b:37:d0:1b:c6:e6:8f:
         6b:3f:67:67:2c:e6:b5:03:01:e1:00:16:c8:39:06:c4:78:48:
         eb:17:2e:76:2f:2e:cb:63:19:d1:70:7f:10:23:27:59:4e:2a:
         b8:a8:97:70:00:11:fe:f6:d8:6c:3e:d1:c3:db:32:29:14:e7:
         4a:15:5f:64:45:b6:00:33:45:ce:89:d3:d7:d4:de:e8:3b:ef:
         df:16:02:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDUIsWxXPPOqQCgjRlgJ85MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZWVjNmM0Nzk1MWIyOTljNzA4MDY1ODNkNzkxZDUwY2Q4
MTZjNWYwHhcNMjUwMjAxMjEwMDIzWhcNMjUwMjAyMjEwMDIzWjAzMTEwLwYDVQQD
EygxODM3YTBiNWY3YzVlYzg5MmM0ZmY1ZjkyM2Y5Y2JmZjhhNTUzYTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHBgWUODCgwq/XMOEB0+tmJA8Tfa
4NHop9vxWlOXuUxeRFM4SceHQ/K7eJYMFdmxs1h4GndWFUCEeB2qZ8Imv85PYDw4
2wYrZpEiZyW5Tjg5S/vLARQy0vhT2JzJEvFBPjQj9fBmuTt/YMeT3AHR0lQLqkkW
CKpOOLoXeP5h/G6H+L3PoAD/QqYzshfGZTzKLn0dTy6cupd8pVfsJT0BE9SG1KOy
fhKifC7W8a/wcLG9G2bF4iGhu3vf1vLVXHjpIb4Z5UvxmnrwVvthOcqkfQNWEDEO
KXPvQ/DagpJBIrryPE8OGNh17CSDP/caqkB+VNI7dA9jnxwAEBoTEpQY/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBg3oLX3xeyJLE/1+SP5y/+KVToJMB8GA1UdIwQY
MBaAFDzuxsR5UbKZxwgGWD15HVDNgWxfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9iMzMwYzctZmRhYy00MDBhLTk2N2It
YTcyZWFkMjk1MzI1LzEvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9iMzMwYzctZmRhYy00MDBhLTk2N2ItYTcyZWFkMjk1MzI1
LzEvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACdzvYcYE
PliyrzcFJzL8oNIU4nWhHmU9yZK1tGFOa8WoTQPpFNOGxOXdIAmyTjN4VibFVH5k
FNxDpBH/7/USwzbqdVSoTFJ2fzi4mr035avn4fMdEBfhSS9l8XYDTIXM19gVxZGS
6bmwj6i3kbx2Wl5ZHk6eY0dT61eSluo/As7/Gygrzj54DIhqBlecmxDHH7ODD+7/
NOHuyGWwzQHI/aHGVbdV0YnKZR5k9RwbN9AbxuaPaz9nZyzmtQMB4QAWyDkGxHhI
6xcudi8uy2MZ0XB/ECMnWU4quKiXcAAR/vbYbD7Rw9syKRTnShVfZEW2ADNFzonT
19Te6Dvv3xYCZQ==
-----END CERTIFICATE-----