Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/e24bb6-7363-4442-b568-c80dec87cd09/1/rIpdP4uUYpQnOEoSDHdHYFY611o.mft
File:                     rIpdP4uUYpQnOEoSDHdHYFY611o.mft (raw, json)
Hash identifier:          SMea9Rmv28fG4xrf0sq/bJ8xVXSaJWUEehQXfPEaUaM=
Subject key identifier:   32:C1:DF:71:60:2F:5D:A1:EE:65:BF:10:45:6E:52:34:7C:20:C1:81
Authority key identifier: AC:8A:5D:3F:8B:94:62:94:27:38:4A:12:0C:77:47:60:56:3A:D7:5A
Certificate issuer:       /CN=ac8a5d3f8b94629427384a120c774760563ad75a
Certificate serial:       019510C73E89E090CF309D39CBE1430E10B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rIpdP4uUYpQnOEoSDHdHYFY611o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/e24bb6-7363-4442-b568-c80dec87cd09/1/rIpdP4uUYpQnOEoSDHdHYFY611o.mft
Manifest number:          0E33
Signing time:             Sun 16 Feb 2025 22:00:47 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:47 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:47 +0000
Files and hashes:         1: rIpdP4uUYpQnOEoSDHdHYFY611o.crl (hash: tS032cc2F8oLrTl+8O++JZBzVofXBkXjUWr3sYYrKl0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/e24bb6-7363-4442-b568-c80dec87cd09/1/rIpdP4uUYpQnOEoSDHdHYFY611o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/e24bb6-7363-4442-b568-c80dec87cd09/1/rIpdP4uUYpQnOEoSDHdHYFY611o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rIpdP4uUYpQnOEoSDHdHYFY611o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:3e:89:e0:90:cf:30:9d:39:cb:e1:43:0e:10:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ac8a5d3f8b94629427384a120c774760563ad75a
        Validity
            Not Before: Feb 16 22:00:47 2025 GMT
            Not After : Feb 17 22:00:47 2025 GMT
        Subject: CN=32c1df71602f5da1ee65bf10456e52347c20c181
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:b8:61:cd:c7:40:22:d5:ef:89:2b:e2:37:51:
                    20:67:40:69:9c:be:ef:a4:f4:5f:e4:be:23:44:2b:
                    4e:4d:f4:35:d7:c1:23:b1:0d:86:ea:0a:21:e8:5a:
                    02:49:2f:9b:b4:6b:4f:41:5f:86:b4:0a:69:57:df:
                    8a:39:4e:fd:94:a9:e4:75:b1:c6:b8:1b:c8:02:a9:
                    03:69:4b:aa:6e:13:3e:43:49:1d:e9:bc:f8:bc:52:
                    f7:44:b4:55:66:ba:67:e6:f9:d0:6d:2c:44:89:d2:
                    dc:86:26:20:26:d6:7f:ad:93:19:22:cc:66:ba:9d:
                    6c:2f:e7:dc:7e:82:2d:14:6c:f4:2c:47:de:e0:90:
                    70:5c:85:31:54:f6:63:51:0e:fa:b3:d7:67:92:c0:
                    12:ea:79:06:19:b5:01:09:6e:a6:f3:4b:49:87:2a:
                    0c:19:d2:db:8f:5d:2a:90:7f:e3:0a:b7:31:23:bd:
                    ac:74:9f:03:48:48:de:b4:6f:45:e7:de:dc:25:9e:
                    3d:11:8b:ea:31:ec:72:35:7e:8b:7d:06:fa:13:e6:
                    26:e7:19:5e:fc:86:c5:20:1e:2d:eb:16:9e:fa:99:
                    9e:97:91:57:d0:56:81:01:e5:01:8f:72:ee:a5:79:
                    c2:e2:a6:25:60:d7:20:1c:5e:0b:0f:39:41:b9:77:
                    c0:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:C1:DF:71:60:2F:5D:A1:EE:65:BF:10:45:6E:52:34:7C:20:C1:81
            X509v3 Authority Key Identifier:
                keyid:AC:8A:5D:3F:8B:94:62:94:27:38:4A:12:0C:77:47:60:56:3A:D7:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rIpdP4uUYpQnOEoSDHdHYFY611o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/e24bb6-7363-4442-b568-c80dec87cd09/1/rIpdP4uUYpQnOEoSDHdHYFY611o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/e24bb6-7363-4442-b568-c80dec87cd09/1/rIpdP4uUYpQnOEoSDHdHYFY611o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c5:f8:7e:f8:a1:de:61:a3:d2:b5:d8:4a:87:8f:71:d7:20:2f:
         89:f3:9d:fb:80:9d:2b:7e:5c:46:56:45:94:59:f2:37:1c:78:
         36:23:8d:f6:67:d7:db:4f:1e:e5:ce:ad:14:50:dd:99:33:6b:
         15:bf:b6:53:65:6a:46:49:f8:3c:26:91:9e:47:32:31:5b:d5:
         53:66:7e:c5:e1:14:bc:da:4e:f6:04:5e:4d:b4:16:04:56:c2:
         f2:bd:03:27:19:a3:d9:e5:4e:f5:8f:40:34:c8:21:6d:69:df:
         5e:88:2f:c4:be:e5:f6:b6:08:23:6e:b7:34:f6:76:91:70:e0:
         43:53:8d:9a:63:fd:6c:8c:35:3b:95:86:6d:6e:4d:0b:e6:2b:
         0a:33:8e:1a:c2:44:38:fa:f0:ec:f4:96:3e:54:44:da:34:94:
         62:1c:df:d9:38:97:e4:2c:58:2a:7a:f1:e4:d3:ac:bb:a5:a8:
         4f:f8:f3:77:b2:cd:af:93:81:91:70:79:92:e8:ba:95:dc:1c:
         9b:ee:71:42:c6:82:74:9d:8f:45:1a:a2:57:8e:1e:c5:fa:06:
         02:61:38:7c:fc:f2:1f:5e:6c:be:ed:e9:1f:7b:8e:39:40:cf:
         dd:b3:63:42:ba:ee:7c:d3:89:9a:27:0a:68:4c:87:7b:46:ee:
         d1:0f:4c:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxz6J4JDPMJ05y+FDDhCwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjOGE1ZDNmOGI5NDYyOTQyNzM4NGExMjBjNzc0NzYwNTYz
YWQ3NWEwHhcNMjUwMjE2MjIwMDQ3WhcNMjUwMjE3MjIwMDQ3WjAzMTEwLwYDVQQD
EygzMmMxZGY3MTYwMmY1ZGExZWU2NWJmMTA0NTZlNTIzNDdjMjBjMTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bhhzcdAItXviSviN1EgZ0BpnL7v
pPRf5L4jRCtOTfQ118EjsQ2G6goh6FoCSS+btGtPQV+GtAppV9+KOU79lKnkdbHG
uBvIAqkDaUuqbhM+Q0kd6bz4vFL3RLRVZrpn5vnQbSxEidLchiYgJtZ/rZMZIsxm
up1sL+fcfoItFGz0LEfe4JBwXIUxVPZjUQ76s9dnksAS6nkGGbUBCW6m80tJhyoM
GdLbj10qkH/jCrcxI72sdJ8DSEjetG9F597cJZ49EYvqMexyNX6LfQb6E+Ym5xle
/IbFIB4t6xae+pmel5FX0FaBAeUBj3LupXnC4qYlYNcgHF4LDzlBuXfAMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDLB33FgL12h7mW/EEVuUjR8IMGBMB8GA1UdIwQY
MBaAFKyKXT+LlGKUJzhKEgx3R2BWOtdaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcklwZFA0dVVZcFFuT0VvU0RIZEhZRlk2MTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9lMjRiYjYtNzM2My00NDQyLWI1Njgt
YzgwZGVjODdjZDA5LzEvcklwZFA0dVVZcFFuT0VvU0RIZEhZRlk2MTFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9lMjRiYjYtNzM2My00NDQyLWI1NjgtYzgwZGVjODdjZDA5
LzEvcklwZFA0dVVZcFFuT0VvU0RIZEhZRlk2MTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxfh++KHe
YaPStdhKh49x1yAvifOd+4CdK35cRlZFlFnyNxx4NiON9mfX208e5c6tFFDdmTNr
Fb+2U2VqRkn4PCaRnkcyMVvVU2Z+xeEUvNpO9gReTbQWBFbC8r0DJxmj2eVO9Y9A
NMghbWnfXogvxL7l9rYII263NPZ2kXDgQ1ONmmP9bIw1O5WGbW5NC+YrCjOOGsJE
OPrw7PSWPlRE2jSUYhzf2TiX5CxYKnrx5NOsu6WoT/jzd7LNr5OBkXB5kui6ldwc
m+5xQsaCdJ2PRRqiV44exfoGAmE4fPzyH15svu3pH3uOOUDP3bNjQrrufNOJmicK
aEyHe0bu0Q9MCA==
-----END CERTIFICATE-----