Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/e4d7c6-a299-4b88-8247-9c4032963e17/1/U_tSQvmM_53qm6qMiuRmpCtTfFw.mft
File:                     U_tSQvmM_53qm6qMiuRmpCtTfFw.mft (raw, json)
Hash identifier:          5h+54EqRuj9q9WSPY+DatKFt8TQ89/DJRwQaP62kVTQ=
Subject key identifier:   9D:49:EF:ED:97:48:B7:7E:1A:D3:E2:8E:4E:A5:A0:03:38:02:6B:86
Authority key identifier: 53:FB:52:42:F9:8C:FF:9D:EA:9B:AA:8C:8A:E4:66:A4:2B:53:7C:5C
Certificate issuer:       /CN=53fb5242f98cff9dea9baa8c8ae466a42b537c5c
Certificate serial:       0194C3882160F28F0891E87874E3B3099F0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U_tSQvmM_53qm6qMiuRmpCtTfFw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/e4d7c6-a299-4b88-8247-9c4032963e17/1/U_tSQvmM_53qm6qMiuRmpCtTfFw.mft
Manifest number:          1413
Signing time:             Sat 01 Feb 2025 22:01:06 +0000
Manifest this update:     Sat 01 Feb 2025 22:01:06 +0000
Manifest next update:     Sun 02 Feb 2025 22:01:06 +0000
Files and hashes:         1: U_tSQvmM_53qm6qMiuRmpCtTfFw.crl (hash: OnFFBe9XfZ0+ChAMwuk9LwPpbAECIZg/yBYcuuJcJcU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/e4d7c6-a299-4b88-8247-9c4032963e17/1/U_tSQvmM_53qm6qMiuRmpCtTfFw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/e4d7c6-a299-4b88-8247-9c4032963e17/1/U_tSQvmM_53qm6qMiuRmpCtTfFw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U_tSQvmM_53qm6qMiuRmpCtTfFw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:88:21:60:f2:8f:08:91:e8:78:74:e3:b3:09:9f:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53fb5242f98cff9dea9baa8c8ae466a42b537c5c
        Validity
            Not Before: Feb  1 22:01:06 2025 GMT
            Not After : Feb  2 22:01:06 2025 GMT
        Subject: CN=9d49efed9748b77e1ad3e28e4ea5a00338026b86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:d4:89:f8:57:1b:32:c3:4e:9b:31:f9:53:ab:
                    a1:0b:43:25:b2:66:9f:bb:7b:1c:a9:32:84:2d:57:
                    89:d2:38:ca:de:29:17:12:43:40:08:9c:72:72:ab:
                    aa:00:5c:63:4b:3e:22:77:00:38:e7:8d:e6:c2:f0:
                    49:52:1e:91:55:20:31:2e:a0:ca:ba:90:5f:e8:33:
                    5e:17:59:70:64:d7:b6:4a:47:d6:2c:9c:71:89:6b:
                    e6:e9:86:0f:91:8b:75:c7:3d:32:a5:7c:45:b5:6a:
                    76:26:2e:51:33:a0:3a:4e:d2:60:21:27:fe:d6:dc:
                    18:81:b9:b5:2e:f8:05:a6:83:26:71:b6:64:f5:7d:
                    ab:fe:51:67:35:7e:f1:d7:6d:41:36:0e:42:f5:29:
                    f1:3e:d1:f8:9b:3b:6b:ba:f1:f9:8a:3c:dc:51:e5:
                    64:37:c7:ce:a0:55:63:4b:93:c6:02:e3:47:a8:89:
                    84:a5:f4:3e:6a:67:c5:38:c4:e8:ba:dc:6d:f5:36:
                    09:e2:71:47:a7:3f:4a:e6:19:ab:8d:8e:b6:2a:a5:
                    b2:7f:8b:a1:28:b9:6f:e6:aa:56:72:67:b9:3c:77:
                    c8:2f:39:1f:bc:cf:e6:e5:e1:bb:4e:48:53:15:bf:
                    98:2c:a9:ca:51:c5:03:86:68:16:b9:b1:18:dc:eb:
                    eb:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:49:EF:ED:97:48:B7:7E:1A:D3:E2:8E:4E:A5:A0:03:38:02:6B:86
            X509v3 Authority Key Identifier:
                keyid:53:FB:52:42:F9:8C:FF:9D:EA:9B:AA:8C:8A:E4:66:A4:2B:53:7C:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U_tSQvmM_53qm6qMiuRmpCtTfFw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/e4d7c6-a299-4b88-8247-9c4032963e17/1/U_tSQvmM_53qm6qMiuRmpCtTfFw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/e4d7c6-a299-4b88-8247-9c4032963e17/1/U_tSQvmM_53qm6qMiuRmpCtTfFw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:2d:99:ac:1e:4e:d9:32:94:7f:81:98:05:ba:7e:95:0c:62:
         fb:4d:8e:24:82:68:30:5a:10:2e:4e:a1:67:75:52:b2:b2:0c:
         3f:63:f9:9a:ba:d4:78:f2:a8:6f:aa:d1:87:8b:96:49:d6:b3:
         37:ed:5c:22:85:10:c5:7f:fe:5d:5d:aa:04:54:53:1d:a0:55:
         d8:50:78:4e:df:12:99:1c:03:a4:aa:da:5e:8a:8d:f1:1b:fc:
         b7:2d:de:e1:71:b0:5d:a7:21:39:28:37:3c:11:a4:0a:71:32:
         36:7b:0e:0a:78:a6:23:ef:39:d4:1a:0a:d9:c7:78:33:93:ca:
         e4:bf:94:e3:ab:81:12:9b:ff:df:17:22:67:ab:9f:38:ee:b7:
         c7:4e:90:92:49:b6:35:67:37:d1:c4:23:93:35:66:85:45:30:
         03:68:3c:93:ad:05:ef:71:66:22:8c:87:fe:d8:59:00:3c:dd:
         e1:8e:a4:74:4a:4c:6a:b5:f4:60:38:00:21:3b:a0:69:3c:b7:
         ae:71:a6:e0:8d:39:1f:e3:97:30:97:a7:78:c9:7e:a6:b7:32:
         bc:52:67:46:3f:e1:9e:89:1e:5f:32:14:7d:a8:1f:94:75:ec:
         e0:ca:c5:55:ba:49:2b:54:12:2c:17:61:b4:30:b2:7a:1c:66:
         43:d7:84:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDiCFg8o8Ikeh4dOOzCZ8PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZmI1MjQyZjk4Y2ZmOWRlYTliYWE4YzhhZTQ2NmE0MmI1
MzdjNWMwHhcNMjUwMjAxMjIwMTA2WhcNMjUwMjAyMjIwMTA2WjAzMTEwLwYDVQQD
Eyg5ZDQ5ZWZlZDk3NDhiNzdlMWFkM2UyOGU0ZWE1YTAwMzM4MDI2Yjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtSJ+FcbMsNOmzH5U6uhC0Mlsmaf
u3scqTKELVeJ0jjK3ikXEkNACJxycquqAFxjSz4idwA4543mwvBJUh6RVSAxLqDK
upBf6DNeF1lwZNe2SkfWLJxxiWvm6YYPkYt1xz0ypXxFtWp2Ji5RM6A6TtJgISf+
1twYgbm1LvgFpoMmcbZk9X2r/lFnNX7x121BNg5C9SnxPtH4mztruvH5ijzcUeVk
N8fOoFVjS5PGAuNHqImEpfQ+amfFOMToutxt9TYJ4nFHpz9K5hmrjY62KqWyf4uh
KLlv5qpWcme5PHfILzkfvM/m5eG7TkhTFb+YLKnKUcUDhmgWubEY3OvrYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ1J7+2XSLd+GtPijk6loAM4AmuGMB8GA1UdIwQY
MBaAFFP7UkL5jP+d6puqjIrkZqQrU3xcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVV90U1F2bU1fNTNxbTZxTWl1Um1wQ3RUZkZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9lNGQ3YzYtYTI5OS00Yjg4LTgyNDct
OWM0MDMyOTYzZTE3LzEvVV90U1F2bU1fNTNxbTZxTWl1Um1wQ3RUZkZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9lNGQ3YzYtYTI5OS00Yjg4LTgyNDctOWM0MDMyOTYzZTE3
LzEvVV90U1F2bU1fNTNxbTZxTWl1Um1wQ3RUZkZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsS2ZrB5O
2TKUf4GYBbp+lQxi+02OJIJoMFoQLk6hZ3VSsrIMP2P5mrrUePKob6rRh4uWSdaz
N+1cIoUQxX/+XV2qBFRTHaBV2FB4Tt8SmRwDpKraXoqN8Rv8ty3e4XGwXachOSg3
PBGkCnEyNnsOCnimI+851BoK2cd4M5PK5L+U46uBEpv/3xciZ6ufOO63x06Qkkm2
NWc30cQjkzVmhUUwA2g8k60F73FmIoyH/thZADzd4Y6kdEpMarX0YDgAITugaTy3
rnGm4I05H+OXMJeneMl+prcyvFJnRj/hnokeXzIUfagflHXs4MrFVbpJK1QSLBdh
tDCyehxmQ9eEZA==
-----END CERTIFICATE-----