Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/3b222e-a4b3-4fbe-839f-363a558e19be/1/rTaQk6MtG34Ou-MkRRxY10iuzUI.mft
File:                     rTaQk6MtG34Ou-MkRRxY10iuzUI.mft (raw, json)
Hash identifier:          I031Dy5jxhE6jm93nzmA3wKjkwT6Hns82EGj8Ax9Tu4=
Subject key identifier:   CE:55:81:B0:C9:68:1D:68:CB:66:DC:F6:64:E9:9B:B8:A9:F1:21:AB
Authority key identifier: AD:36:90:93:A3:2D:1B:7E:0E:BB:E3:24:45:1C:58:D7:48:AE:CD:42
Certificate issuer:       /CN=ad369093a32d1b7e0ebbe324451c58d748aecd42
Certificate serial:       019511A2B864F59A9F92C0B8069F570FC0FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rTaQk6MtG34Ou-MkRRxY10iuzUI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/3b222e-a4b3-4fbe-839f-363a558e19be/1/rTaQk6MtG34Ou-MkRRxY10iuzUI.mft
Manifest number:          036C
Signing time:             Mon 17 Feb 2025 02:00:31 +0000
Manifest this update:     Mon 17 Feb 2025 02:00:31 +0000
Manifest next update:     Tue 18 Feb 2025 02:00:31 +0000
Files and hashes:         1: rTaQk6MtG34Ou-MkRRxY10iuzUI.crl (hash: b8VnCDRZwgGzmPiAs9rhycpzsXBp645S68qYlvujbjA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/89/3b222e-a4b3-4fbe-839f-363a558e19be/1/rTaQk6MtG34Ou-MkRRxY10iuzUI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/89/3b222e-a4b3-4fbe-839f-363a558e19be/1/rTaQk6MtG34Ou-MkRRxY10iuzUI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rTaQk6MtG34Ou-MkRRxY10iuzUI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:a2:b8:64:f5:9a:9f:92:c0:b8:06:9f:57:0f:c0:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad369093a32d1b7e0ebbe324451c58d748aecd42
        Validity
            Not Before: Feb 17 02:00:31 2025 GMT
            Not After : Feb 18 02:00:31 2025 GMT
        Subject: CN=ce5581b0c9681d68cb66dcf664e99bb8a9f121ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:a3:5c:ff:8f:2a:c9:5d:fb:a4:1a:dd:5f:bf:
                    3e:88:d1:8b:d4:7f:1e:20:35:a8:e4:2f:d6:67:d0:
                    9c:e8:53:23:0e:4b:50:f5:73:95:91:36:ce:29:f3:
                    81:d3:1e:36:97:d0:ae:17:fc:e1:85:35:b8:4b:2a:
                    3a:1d:10:0c:03:36:02:79:20:74:bc:99:3f:bf:1e:
                    cd:ea:aa:1a:1d:5d:85:e0:d8:8f:39:c7:16:d7:b9:
                    69:59:fb:fc:76:a9:74:62:e2:e7:83:c8:dd:4c:a7:
                    29:0c:49:b3:9f:ba:95:fc:42:85:a8:ef:12:39:cd:
                    31:33:11:35:60:87:c9:80:90:cf:76:1d:c2:52:70:
                    4c:30:3a:d6:27:90:4a:44:7a:54:e1:be:5c:b4:8b:
                    e8:ba:37:b5:bb:79:5f:bd:bd:89:b0:fa:d3:f8:34:
                    eb:d2:f1:6a:49:3b:24:d5:0c:21:42:53:1c:e1:21:
                    6c:89:4d:b5:11:14:f1:ec:3c:20:06:68:3f:03:63:
                    45:83:c4:bf:e8:36:55:ca:06:b7:53:5a:a8:51:9d:
                    95:1c:a1:da:f4:80:d0:7c:52:16:52:37:fa:77:75:
                    69:23:ab:35:aa:be:d8:f8:2c:eb:2f:43:92:ff:db:
                    93:dd:2f:75:b2:c8:a1:fe:42:a9:44:86:c8:90:c9:
                    66:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:55:81:B0:C9:68:1D:68:CB:66:DC:F6:64:E9:9B:B8:A9:F1:21:AB
            X509v3 Authority Key Identifier:
                keyid:AD:36:90:93:A3:2D:1B:7E:0E:BB:E3:24:45:1C:58:D7:48:AE:CD:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rTaQk6MtG34Ou-MkRRxY10iuzUI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/3b222e-a4b3-4fbe-839f-363a558e19be/1/rTaQk6MtG34Ou-MkRRxY10iuzUI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/3b222e-a4b3-4fbe-839f-363a558e19be/1/rTaQk6MtG34Ou-MkRRxY10iuzUI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:67:5c:ac:6f:49:79:1b:fa:4c:31:09:c9:ca:f3:69:d4:3b:
         64:68:f7:7f:9d:bb:ac:40:e1:4f:23:75:d3:5b:0c:36:d9:b2:
         7c:9a:87:0f:e0:4e:88:1a:f0:83:85:ff:a9:a0:96:c4:45:e9:
         eb:d3:b5:40:0c:8e:cc:ad:8e:9a:fd:e2:8e:f5:09:cf:e3:d2:
         ff:43:15:60:53:f0:85:9a:6b:00:c5:00:08:27:03:6c:63:a1:
         67:a6:1c:86:cf:5b:0e:55:3c:d4:ed:62:3d:ce:11:82:d8:2d:
         04:b1:86:49:c7:2d:f4:39:54:05:3c:fc:82:f5:b8:bb:c1:df:
         17:c2:37:17:08:de:4a:43:50:66:87:d5:9f:db:88:7f:8b:c5:
         04:48:c4:e3:1e:b3:f2:0e:fc:28:6d:fe:83:1f:7d:2d:d6:6b:
         7f:9e:29:47:76:aa:1e:38:89:34:c5:c4:44:34:15:ba:8d:e5:
         22:90:07:f6:4d:eb:be:ff:5c:e9:8f:78:03:05:82:bb:49:f4:
         7c:63:e6:17:e4:52:bc:52:5e:b3:7e:58:b6:b2:dc:f9:00:02:
         c1:f1:00:d1:e8:a8:0e:37:4a:1e:76:85:97:c5:a5:fb:78:62:
         8d:4f:3e:e2:15:a0:7f:64:9f:f2:ba:f9:99:e9:6d:d4:a1:df:
         c7:14:6a:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURorhk9ZqfksC4Bp9XD8D6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMzY5MDkzYTMyZDFiN2UwZWJiZTMyNDQ1MWM1OGQ3NDhh
ZWNkNDIwHhcNMjUwMjE3MDIwMDMxWhcNMjUwMjE4MDIwMDMxWjAzMTEwLwYDVQQD
EyhjZTU1ODFiMGM5NjgxZDY4Y2I2NmRjZjY2NGU5OWJiOGE5ZjEyMWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKNc/48qyV37pBrdX78+iNGL1H8e
IDWo5C/WZ9Cc6FMjDktQ9XOVkTbOKfOB0x42l9CuF/zhhTW4Syo6HRAMAzYCeSB0
vJk/vx7N6qoaHV2F4NiPOccW17lpWfv8dql0YuLng8jdTKcpDEmzn7qV/EKFqO8S
Oc0xMxE1YIfJgJDPdh3CUnBMMDrWJ5BKRHpU4b5ctIvouje1u3lfvb2JsPrT+DTr
0vFqSTsk1QwhQlMc4SFsiU21ERTx7DwgBmg/A2NFg8S/6DZVyga3U1qoUZ2VHKHa
9IDQfFIWUjf6d3VpI6s1qr7Y+CzrL0OS/9uT3S91ssih/kKpRIbIkMlmswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM5VgbDJaB1oy2bc9mTpm7ip8SGrMB8GA1UdIwQY
MBaAFK02kJOjLRt+DrvjJEUcWNdIrs1CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclRhUWs2TXRHMzRPdS1Na1JSeFkxMGl1elVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8zYjIyMmUtYTRiMy00ZmJlLTgzOWYt
MzYzYTU1OGUxOWJlLzEvclRhUWs2TXRHMzRPdS1Na1JSeFkxMGl1elVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS8zYjIyMmUtYTRiMy00ZmJlLTgzOWYtMzYzYTU1OGUxOWJl
LzEvclRhUWs2TXRHMzRPdS1Na1JSeFkxMGl1elVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlGdcrG9J
eRv6TDEJycrzadQ7ZGj3f527rEDhTyN101sMNtmyfJqHD+BOiBrwg4X/qaCWxEXp
69O1QAyOzK2Omv3ijvUJz+PS/0MVYFPwhZprAMUACCcDbGOhZ6Ychs9bDlU81O1i
Pc4RgtgtBLGGScct9DlUBTz8gvW4u8HfF8I3FwjeSkNQZofVn9uIf4vFBEjE4x6z
8g78KG3+gx99LdZrf54pR3aqHjiJNMXERDQVuo3lIpAH9k3rvv9c6Y94AwWCu0n0
fGPmF+RSvFJes35YtrLc+QACwfEA0eioDjdKHnaFl8Wl+3hijU8+4hWgf2Sf8rr5
melt1KHfxxRqYg==
-----END CERTIFICATE-----