Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/5a99e8-bb46-4fcd-aea1-8d56a7b09953/1/hPWQymLCRkQFg4GMMfJXOg9Q_9A.mft
File:                     hPWQymLCRkQFg4GMMfJXOg9Q_9A.mft (raw, json)
Hash identifier:          MF0C/N+x1ZjzBKsJBqtbfPjX9x8RNBHY4MGXYI05skY=
Subject key identifier:   A2:80:68:E3:D7:01:09:42:3C:7D:4E:E3:B2:30:FC:33:F5:81:AB:38
Authority key identifier: 84:F5:90:CA:62:C2:46:44:05:83:81:8C:31:F2:57:3A:0F:50:FF:D0
Certificate issuer:       /CN=84f590ca62c246440583818c31f2573a0f50ffd0
Certificate serial:       0194C42C1866DEF1803BB74B557794D9BF55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hPWQymLCRkQFg4GMMfJXOg9Q_9A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/5a99e8-bb46-4fcd-aea1-8d56a7b09953/1/hPWQymLCRkQFg4GMMfJXOg9Q_9A.mft
Manifest number:          0842
Signing time:             Sun 02 Feb 2025 01:00:11 +0000
Manifest this update:     Sun 02 Feb 2025 01:00:11 +0000
Manifest next update:     Mon 03 Feb 2025 01:00:11 +0000
Files and hashes:         1: hPWQymLCRkQFg4GMMfJXOg9Q_9A.crl (hash: qsdglCifetT6v8/BO8Ndp+rn+eyt0mjuY2IgSWlCiFE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/77/5a99e8-bb46-4fcd-aea1-8d56a7b09953/1/hPWQymLCRkQFg4GMMfJXOg9Q_9A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/77/5a99e8-bb46-4fcd-aea1-8d56a7b09953/1/hPWQymLCRkQFg4GMMfJXOg9Q_9A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hPWQymLCRkQFg4GMMfJXOg9Q_9A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:2c:18:66:de:f1:80:3b:b7:4b:55:77:94:d9:bf:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84f590ca62c246440583818c31f2573a0f50ffd0
        Validity
            Not Before: Feb  2 01:00:11 2025 GMT
            Not After : Feb  3 01:00:11 2025 GMT
        Subject: CN=a28068e3d70109423c7d4ee3b230fc33f581ab38
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:58:19:c8:b8:de:b6:55:29:4c:0f:db:30:f7:
                    29:00:b3:ea:7b:7c:97:0e:7f:8f:a3:b6:35:c4:eb:
                    25:25:f0:41:70:45:2a:80:8f:f0:46:20:be:77:cf:
                    51:ab:77:a6:45:81:17:00:27:59:09:5e:5b:db:d6:
                    ca:53:43:2a:61:99:11:a1:40:b9:45:3d:b4:6f:4a:
                    eb:d8:54:8c:93:60:78:66:72:07:1a:80:f2:a4:ac:
                    1c:78:5e:e7:fc:f5:1e:74:d3:ef:66:13:06:94:23:
                    de:0e:a6:6d:ed:ed:b1:19:b9:c7:a3:f7:a5:62:3d:
                    8c:db:96:03:ca:93:40:cd:9a:5d:48:f7:cd:a1:88:
                    6c:7e:3d:af:52:7a:e9:22:33:d8:37:3f:4b:d4:1b:
                    df:b4:81:37:f1:81:4a:ad:dc:be:4e:d8:1c:0a:9a:
                    60:67:e7:8e:4e:7d:b0:4b:a8:25:6b:00:d8:19:d1:
                    05:41:01:e9:d0:19:f2:03:52:fb:ce:98:78:d9:ab:
                    3a:86:d7:71:ea:c3:7b:be:3a:66:54:b3:77:cb:cb:
                    b4:6e:35:1e:6d:c6:8b:c1:af:09:b1:ea:cd:81:4d:
                    06:80:78:f0:3f:9f:35:6e:fc:46:ec:bb:34:6f:d1:
                    59:7d:24:68:88:af:ae:5a:96:7a:7e:39:ec:28:4e:
                    6e:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:80:68:E3:D7:01:09:42:3C:7D:4E:E3:B2:30:FC:33:F5:81:AB:38
            X509v3 Authority Key Identifier:
                keyid:84:F5:90:CA:62:C2:46:44:05:83:81:8C:31:F2:57:3A:0F:50:FF:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPWQymLCRkQFg4GMMfJXOg9Q_9A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/5a99e8-bb46-4fcd-aea1-8d56a7b09953/1/hPWQymLCRkQFg4GMMfJXOg9Q_9A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/5a99e8-bb46-4fcd-aea1-8d56a7b09953/1/hPWQymLCRkQFg4GMMfJXOg9Q_9A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:13:5f:db:74:15:0e:83:a3:1b:74:d2:ca:3d:da:f5:5b:fd:
         10:39:aa:d5:e1:62:45:1e:77:ca:7b:70:4b:8b:1e:2a:0b:21:
         f4:e9:9b:50:bd:4e:ea:a6:d3:a5:91:db:ac:4a:ec:6e:01:12:
         c7:ab:f3:97:3d:8f:d6:07:2d:08:ec:78:ee:54:a6:48:78:ec:
         cb:17:0d:e8:64:f8:59:f8:ed:a5:d4:8f:22:9e:79:12:d9:15:
         43:d7:70:ad:1f:61:74:44:d2:a8:9c:88:e3:04:29:37:eb:c9:
         f2:a4:6b:91:3d:e0:82:73:a6:cc:94:66:77:f7:5c:56:cd:cf:
         20:0a:04:aa:a4:e1:89:ef:d7:b6:10:45:12:3f:61:73:83:26:
         b3:66:39:e6:54:f5:58:ef:a6:24:41:e5:bc:dd:9a:c9:0d:ff:
         2e:74:d8:78:89:31:f9:a3:93:fa:0d:3b:57:7d:66:f5:a9:28:
         3c:95:f1:42:60:d7:ec:45:f2:15:34:b9:02:2d:35:27:91:66:
         47:9e:eb:fd:c5:3e:1a:81:6a:4c:72:61:eb:28:ec:3e:59:d6:
         63:cc:9b:77:ca:c3:f6:ad:31:70:61:2a:a6:46:63:72:dc:b0:
         8e:ab:09:e0:df:8e:87:11:24:3c:0d:6d:d6:e0:33:03:4f:26:
         50:aa:ea:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTELBhm3vGAO7dLVXeU2b9VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjU5MGNhNjJjMjQ2NDQwNTgzODE4YzMxZjI1NzNhMGY1
MGZmZDAwHhcNMjUwMjAyMDEwMDExWhcNMjUwMjAzMDEwMDExWjAzMTEwLwYDVQQD
EyhhMjgwNjhlM2Q3MDEwOTQyM2M3ZDRlZTNiMjMwZmMzM2Y1ODFhYjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVgZyLjetlUpTA/bMPcpALPqe3yX
Dn+Po7Y1xOslJfBBcEUqgI/wRiC+d89Rq3emRYEXACdZCV5b29bKU0MqYZkRoUC5
RT20b0rr2FSMk2B4ZnIHGoDypKwceF7n/PUedNPvZhMGlCPeDqZt7e2xGbnHo/el
Yj2M25YDypNAzZpdSPfNoYhsfj2vUnrpIjPYNz9L1BvftIE38YFKrdy+TtgcCppg
Z+eOTn2wS6glawDYGdEFQQHp0BnyA1L7zph42as6htdx6sN7vjpmVLN3y8u0bjUe
bcaLwa8JserNgU0GgHjwP581bvxG7Ls0b9FZfSRoiK+uWpZ6fjnsKE5uNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKKAaOPXAQlCPH1O47Iw/DP1gas4MB8GA1UdIwQY
MBaAFIT1kMpiwkZEBYOBjDHyVzoPUP/QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBXUXltTENSa1FGZzRHTU1mSlhPZzlRXzlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny81YTk5ZTgtYmI0Ni00ZmNkLWFlYTEt
OGQ1NmE3YjA5OTUzLzEvaFBXUXltTENSa1FGZzRHTU1mSlhPZzlRXzlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny81YTk5ZTgtYmI0Ni00ZmNkLWFlYTEtOGQ1NmE3YjA5OTUz
LzEvaFBXUXltTENSa1FGZzRHTU1mSlhPZzlRXzlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVRNf23QV
DoOjG3TSyj3a9Vv9EDmq1eFiRR53yntwS4seKgsh9OmbUL1O6qbTpZHbrErsbgES
x6vzlz2P1gctCOx47lSmSHjsyxcN6GT4WfjtpdSPIp55EtkVQ9dwrR9hdETSqJyI
4wQpN+vJ8qRrkT3ggnOmzJRmd/dcVs3PIAoEqqThie/XthBFEj9hc4Mms2Y55lT1
WO+mJEHlvN2ayQ3/LnTYeIkx+aOT+g07V31m9akoPJXxQmDX7EXyFTS5Ai01J5Fm
R57r/cU+GoFqTHJh6yjsPlnWY8ybd8rD9q0xcGEqpkZjctywjqsJ4N+OhxEkPA1t
1uAzA08mUKrqbg==
-----END CERTIFICATE-----