Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/6bde9e-6ed8-47d5-9d9c-54d784efbb7a/1/Gcxj87NPFwGJ0HPIi31lL3Azofw.mft
File:                     Gcxj87NPFwGJ0HPIi31lL3Azofw.mft (raw, json)
Hash identifier:          RhIkVPlXkoZYxOu2l4UXBSzmGdNacKrasOSfk7rO51w=
Subject key identifier:   29:A8:A3:41:04:9F:4B:69:11:0F:F6:E9:47:9C:96:B4:66:9C:CA:A4
Authority key identifier: 19:CC:63:F3:B3:4F:17:01:89:D0:73:C8:8B:7D:65:2F:70:33:A1:FC
Certificate issuer:       /CN=19cc63f3b34f170189d073c88b7d652f7033a1fc
Certificate serial:       0195116C1241C406CB7ACB3E46ADAC3CDE82
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gcxj87NPFwGJ0HPIi31lL3Azofw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/6bde9e-6ed8-47d5-9d9c-54d784efbb7a/1/Gcxj87NPFwGJ0HPIi31lL3Azofw.mft
Manifest number:          01DA
Signing time:             Mon 17 Feb 2025 01:00:49 +0000
Manifest this update:     Mon 17 Feb 2025 01:00:49 +0000
Manifest next update:     Tue 18 Feb 2025 01:00:49 +0000
Files and hashes:         1: Gcxj87NPFwGJ0HPIi31lL3Azofw.crl (hash: iIZ3IoNY4dSUBoBtQVoRre3FzhVx1WRPIeDb3OyT/N0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/75/6bde9e-6ed8-47d5-9d9c-54d784efbb7a/1/Gcxj87NPFwGJ0HPIi31lL3Azofw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/75/6bde9e-6ed8-47d5-9d9c-54d784efbb7a/1/Gcxj87NPFwGJ0HPIi31lL3Azofw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Gcxj87NPFwGJ0HPIi31lL3Azofw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:6c:12:41:c4:06:cb:7a:cb:3e:46:ad:ac:3c:de:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=19cc63f3b34f170189d073c88b7d652f7033a1fc
        Validity
            Not Before: Feb 17 01:00:49 2025 GMT
            Not After : Feb 18 01:00:49 2025 GMT
        Subject: CN=29a8a341049f4b69110ff6e9479c96b4669ccaa4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:71:ca:04:38:fb:2b:d8:0f:45:7e:0e:6c:c9:
                    50:31:82:56:0c:cb:76:a4:d6:41:af:f7:2b:62:85:
                    b4:af:d2:45:c8:8f:83:58:a2:99:36:71:13:f2:e1:
                    b7:bf:96:78:3b:c2:60:df:ff:e3:e9:5a:40:b3:65:
                    44:91:ec:e3:2e:52:d8:6a:8d:13:bf:84:c2:23:d3:
                    ef:72:49:43:8a:5b:b1:5a:2b:85:aa:8b:ac:17:c0:
                    b9:ca:bd:41:c6:6c:e6:a6:89:aa:44:31:1e:0f:5f:
                    93:39:f8:bb:70:71:30:ae:cf:e7:b1:74:76:e5:77:
                    96:f0:75:45:49:ce:59:5f:e6:82:8b:4a:67:8e:16:
                    43:36:4f:6a:8a:1d:9f:ae:69:95:90:a1:a4:f8:20:
                    0c:9e:dd:1d:62:12:ab:f7:76:5b:52:3e:f6:fc:ae:
                    03:22:1d:82:b9:07:4e:4a:51:31:40:e0:af:70:64:
                    d0:41:05:1d:55:ab:1d:9f:91:21:1c:1f:4b:0c:a9:
                    9c:75:ab:68:05:e1:33:11:a6:d0:c4:85:2d:e6:1f:
                    0d:e9:f2:31:d9:e6:c7:13:06:49:c6:c8:88:68:43:
                    c4:fd:c7:36:a2:e1:56:23:75:b3:18:c8:94:19:8f:
                    30:6e:38:f7:5b:69:00:b2:53:4a:e1:3c:55:28:c2:
                    15:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:A8:A3:41:04:9F:4B:69:11:0F:F6:E9:47:9C:96:B4:66:9C:CA:A4
            X509v3 Authority Key Identifier:
                keyid:19:CC:63:F3:B3:4F:17:01:89:D0:73:C8:8B:7D:65:2F:70:33:A1:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gcxj87NPFwGJ0HPIi31lL3Azofw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/6bde9e-6ed8-47d5-9d9c-54d784efbb7a/1/Gcxj87NPFwGJ0HPIi31lL3Azofw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/6bde9e-6ed8-47d5-9d9c-54d784efbb7a/1/Gcxj87NPFwGJ0HPIi31lL3Azofw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:ca:9f:e2:af:de:e1:c1:a7:52:84:2d:79:73:e0:52:87:07:
         b9:e6:f4:2e:28:f2:c2:27:a4:4c:44:e0:41:d2:e9:f9:bd:d5:
         65:4e:98:62:fc:8d:64:fb:5c:07:4b:b4:ed:a6:ea:34:76:ba:
         05:5b:b0:d9:84:28:f7:bd:96:5f:9a:e0:af:41:d9:e2:7b:fb:
         f0:ef:c9:ec:55:30:f1:cd:5d:5d:30:bc:3d:a6:78:e9:9b:f6:
         b0:cc:ec:26:4c:a0:35:dc:89:36:a2:26:9e:5f:5e:8a:a2:e6:
         04:19:ce:65:93:38:a3:e1:1b:94:b5:04:fd:c1:eb:2a:4a:26:
         95:39:cd:16:ac:64:9b:5b:00:2f:d5:9f:8e:df:69:7a:6d:04:
         34:43:28:f5:85:04:ba:95:c0:57:2e:d4:71:b6:db:1c:69:45:
         fd:88:a0:36:7e:7e:34:a2:49:22:fb:09:58:ce:80:23:42:af:
         5f:a3:da:3f:a7:28:8a:25:e5:a6:3d:c7:b3:24:cb:a3:77:83:
         9b:6f:a8:66:d1:f0:62:46:ac:dc:32:7a:dc:d7:2a:39:c4:1e:
         27:57:4f:3e:f6:b4:b8:c4:a4:61:dc:0e:a5:a7:8f:26:68:12:
         ce:7e:ad:62:72:8a:08:a9:ff:4b:5f:27:28:6e:2d:e3:ba:4f:
         ae:eb:ec:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURbBJBxAbLess+Rq2sPN6CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5Y2M2M2YzYjM0ZjE3MDE4OWQwNzNjODhiN2Q2NTJmNzAz
M2ExZmMwHhcNMjUwMjE3MDEwMDQ5WhcNMjUwMjE4MDEwMDQ5WjAzMTEwLwYDVQQD
EygyOWE4YTM0MTA0OWY0YjY5MTEwZmY2ZTk0NzljOTZiNDY2OWNjYWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnHKBDj7K9gPRX4ObMlQMYJWDMt2
pNZBr/crYoW0r9JFyI+DWKKZNnET8uG3v5Z4O8Jg3//j6VpAs2VEkezjLlLYao0T
v4TCI9PvcklDiluxWiuFqousF8C5yr1BxmzmpomqRDEeD1+TOfi7cHEwrs/nsXR2
5XeW8HVFSc5ZX+aCi0pnjhZDNk9qih2frmmVkKGk+CAMnt0dYhKr93ZbUj72/K4D
Ih2CuQdOSlExQOCvcGTQQQUdVasdn5EhHB9LDKmcdatoBeEzEabQxIUt5h8N6fIx
2ebHEwZJxsiIaEPE/cc2ouFWI3WzGMiUGY8wbjj3W2kAslNK4TxVKMIV1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCmoo0EEn0tpEQ/26UeclrRmnMqkMB8GA1UdIwQY
MBaAFBnMY/OzTxcBidBzyIt9ZS9wM6H8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2N4ajg3TlBGd0dKMEhQSWkzMWxMM0F6b2Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS82YmRlOWUtNmVkOC00N2Q1LTlkOWMt
NTRkNzg0ZWZiYjdhLzEvR2N4ajg3TlBGd0dKMEhQSWkzMWxMM0F6b2Z3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS82YmRlOWUtNmVkOC00N2Q1LTlkOWMtNTRkNzg0ZWZiYjdh
LzEvR2N4ajg3TlBGd0dKMEhQSWkzMWxMM0F6b2Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUMqf4q/e
4cGnUoQteXPgUocHueb0LijywiekTETgQdLp+b3VZU6YYvyNZPtcB0u07abqNHa6
BVuw2YQo972WX5rgr0HZ4nv78O/J7FUw8c1dXTC8PaZ46Zv2sMzsJkygNdyJNqIm
nl9eiqLmBBnOZZM4o+EblLUE/cHrKkomlTnNFqxkm1sAL9Wfjt9pem0ENEMo9YUE
upXAVy7UcbbbHGlF/YigNn5+NKJJIvsJWM6AI0KvX6PaP6coiiXlpj3HsyTLo3eD
m2+oZtHwYkas3DJ63NcqOcQeJ1dPPva0uMSkYdwOpaePJmgSzn6tYnKKCKn/S18n
KG4t47pPruvsxA==
-----END CERTIFICATE-----