Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/6bde9e-6ed8-47d5-9d9c-54d784efbb7a/1/Gcxj87NPFwGJ0HPIi31lL3Azofw.mft
File:                     Gcxj87NPFwGJ0HPIi31lL3Azofw.mft (raw, json)
Hash identifier:          qUSu7xb6+AxGLZvd5ohe55UJvrAUj5fInpwb/0ODg5s=
Subject key identifier:   FF:C1:C9:99:39:C9:4D:02:E4:8E:42:E4:F6:F7:C1:03:E5:CF:E0:22
Authority key identifier: 19:CC:63:F3:B3:4F:17:01:89:D0:73:C8:8B:7D:65:2F:70:33:A1:FC
Certificate issuer:       /CN=19cc63f3b34f170189d073c88b7d652f7033a1fc
Certificate serial:       0194BA848043FB45FD917C157DA546D043D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gcxj87NPFwGJ0HPIi31lL3Azofw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/6bde9e-6ed8-47d5-9d9c-54d784efbb7a/1/Gcxj87NPFwGJ0HPIi31lL3Azofw.mft
Manifest number:          01AD
Signing time:             Fri 31 Jan 2025 04:00:33 +0000
Manifest this update:     Fri 31 Jan 2025 04:00:33 +0000
Manifest next update:     Sat 01 Feb 2025 04:00:33 +0000
Files and hashes:         1: Gcxj87NPFwGJ0HPIi31lL3Azofw.crl (hash: vXDZEKrFBcKn0Jsumz+ctIpI2DHz2PMB8xCF2u96hTw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/75/6bde9e-6ed8-47d5-9d9c-54d784efbb7a/1/Gcxj87NPFwGJ0HPIi31lL3Azofw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/75/6bde9e-6ed8-47d5-9d9c-54d784efbb7a/1/Gcxj87NPFwGJ0HPIi31lL3Azofw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Gcxj87NPFwGJ0HPIi31lL3Azofw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 04:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:ba:84:80:43:fb:45:fd:91:7c:15:7d:a5:46:d0:43:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=19cc63f3b34f170189d073c88b7d652f7033a1fc
        Validity
            Not Before: Jan 31 04:00:33 2025 GMT
            Not After : Feb  1 04:00:33 2025 GMT
        Subject: CN=ffc1c99939c94d02e48e42e4f6f7c103e5cfe022
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:e8:c4:b2:5b:e7:5a:33:9e:1f:a2:d6:ae:a5:
                    8d:2f:9f:8b:94:a3:1d:62:1b:f5:97:35:33:e4:d6:
                    75:26:66:95:40:ca:74:27:08:50:29:4a:d2:1f:de:
                    4d:6b:c9:37:88:6a:4d:65:1a:51:e3:28:70:34:a8:
                    8b:28:76:e7:e1:68:c5:14:ae:e1:3a:97:df:c0:16:
                    ae:4d:c8:b3:a4:18:d7:68:e0:09:ac:7a:f8:52:19:
                    36:b5:49:27:d2:91:e3:f5:58:bd:1b:78:db:7b:de:
                    ff:fe:8f:20:9b:37:85:6b:1a:22:21:f4:d1:29:78:
                    9a:d1:43:b3:2a:c0:44:9b:c6:12:3d:db:43:d4:de:
                    4a:bf:d5:6b:2a:d2:96:67:05:9b:dc:8a:c2:94:81:
                    bb:78:a5:1c:5b:34:52:b5:a5:87:43:8e:81:e5:7a:
                    9f:63:8d:88:9b:81:b5:29:f1:21:4d:39:3d:3e:7f:
                    e7:55:9e:0f:5b:19:11:10:33:3f:67:db:5a:e5:15:
                    7e:70:b0:10:2c:57:e8:6d:57:90:02:2b:ca:22:b6:
                    d5:d5:f6:1b:85:75:95:67:1e:b3:60:78:49:8d:50:
                    e3:bd:de:fe:dd:df:81:9b:6b:89:89:b0:98:ff:c5:
                    ee:05:a9:74:e3:93:85:3f:db:3a:10:ad:c3:68:2b:
                    36:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:C1:C9:99:39:C9:4D:02:E4:8E:42:E4:F6:F7:C1:03:E5:CF:E0:22
            X509v3 Authority Key Identifier:
                keyid:19:CC:63:F3:B3:4F:17:01:89:D0:73:C8:8B:7D:65:2F:70:33:A1:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gcxj87NPFwGJ0HPIi31lL3Azofw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/6bde9e-6ed8-47d5-9d9c-54d784efbb7a/1/Gcxj87NPFwGJ0HPIi31lL3Azofw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/6bde9e-6ed8-47d5-9d9c-54d784efbb7a/1/Gcxj87NPFwGJ0HPIi31lL3Azofw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:1f:14:e2:a1:6f:1c:0c:b9:c0:c9:03:b0:1b:b6:f2:21:72:
         03:0c:55:99:e3:ea:35:74:54:52:63:41:1e:ed:cd:5d:4c:60:
         07:cc:d5:46:b0:99:a6:3b:cd:ec:37:a1:4f:57:88:30:b7:0f:
         26:2e:79:43:ce:b5:62:64:c7:7f:35:d5:67:9e:98:53:f0:51:
         bf:88:0d:79:72:04:9c:67:23:00:76:49:3a:5e:5b:b2:81:73:
         41:c7:22:6c:d9:1b:2a:ca:73:e3:0a:1d:d4:05:80:9b:37:8f:
         c1:08:0a:66:33:86:35:60:2f:11:b7:c0:b8:4b:40:c4:fc:d0:
         85:74:40:06:f2:eb:b8:ee:31:39:78:2e:8d:ee:72:19:51:7e:
         4d:e9:ad:a3:c7:16:00:52:92:0b:18:d5:31:b9:0e:51:3e:37:
         0d:ab:93:86:0e:25:f2:cd:bb:a5:25:ac:e4:7c:33:05:ec:0e:
         1e:f6:12:20:fe:65:c0:6b:ee:8f:84:17:0f:89:cd:9b:d8:93:
         9e:8d:65:4e:30:4b:7e:0c:b7:61:5e:a8:9f:c4:2c:20:93:3c:
         62:07:f1:89:cd:95:64:96:b7:f4:49:c3:a9:02:61:6d:35:53:
         6e:62:cd:03:a1:23:fb:0a:61:c8:58:14:74:1e:e7:e7:62:7d:
         de:45:09:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS6hIBD+0X9kXwVfaVG0EPZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5Y2M2M2YzYjM0ZjE3MDE4OWQwNzNjODhiN2Q2NTJmNzAz
M2ExZmMwHhcNMjUwMTMxMDQwMDMzWhcNMjUwMjAxMDQwMDMzWjAzMTEwLwYDVQQD
EyhmZmMxYzk5OTM5Yzk0ZDAyZTQ4ZTQyZTRmNmY3YzEwM2U1Y2ZlMDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+jEslvnWjOeH6LWrqWNL5+LlKMd
Yhv1lzUz5NZ1JmaVQMp0JwhQKUrSH95Na8k3iGpNZRpR4yhwNKiLKHbn4WjFFK7h
OpffwBauTcizpBjXaOAJrHr4Uhk2tUkn0pHj9Vi9G3jbe97//o8gmzeFaxoiIfTR
KXia0UOzKsBEm8YSPdtD1N5Kv9VrKtKWZwWb3IrClIG7eKUcWzRStaWHQ46B5Xqf
Y42Im4G1KfEhTTk9Pn/nVZ4PWxkREDM/Z9ta5RV+cLAQLFfobVeQAivKIrbV1fYb
hXWVZx6zYHhJjVDjvd7+3d+Bm2uJibCY/8XuBal045OFP9s6EK3DaCs2RwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP/ByZk5yU0C5I5C5Pb3wQPlz+AiMB8GA1UdIwQY
MBaAFBnMY/OzTxcBidBzyIt9ZS9wM6H8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2N4ajg3TlBGd0dKMEhQSWkzMWxMM0F6b2Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS82YmRlOWUtNmVkOC00N2Q1LTlkOWMt
NTRkNzg0ZWZiYjdhLzEvR2N4ajg3TlBGd0dKMEhQSWkzMWxMM0F6b2Z3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS82YmRlOWUtNmVkOC00N2Q1LTlkOWMtNTRkNzg0ZWZiYjdh
LzEvR2N4ajg3TlBGd0dKMEhQSWkzMWxMM0F6b2Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATR8U4qFv
HAy5wMkDsBu28iFyAwxVmePqNXRUUmNBHu3NXUxgB8zVRrCZpjvN7DehT1eIMLcP
Ji55Q861YmTHfzXVZ56YU/BRv4gNeXIEnGcjAHZJOl5bsoFzQccibNkbKspz4wod
1AWAmzePwQgKZjOGNWAvEbfAuEtAxPzQhXRABvLruO4xOXguje5yGVF+Temto8cW
AFKSCxjVMbkOUT43DauThg4l8s27pSWs5HwzBewOHvYSIP5lwGvuj4QXD4nNm9iT
no1lTjBLfgy3YV6on8QsIJM8Ygfxic2VZJa39EnDqQJhbTVTbmLNA6Ej+wphyFgU
dB7n52J93kUJVA==
-----END CERTIFICATE-----