Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/8a06f4-986e-4669-bdf9-8ee2f9dcb1ed/1/uaY9guJ4W32wBSjcVacGncUQpC8.mft
File:                     uaY9guJ4W32wBSjcVacGncUQpC8.mft (raw, json)
Hash identifier:          Y7FwukmMeljA9KJ7qR6XpTbYvge+lK83TOpmR2cDDuQ=
Subject key identifier:   77:A3:C4:87:FD:B7:33:CB:00:A8:30:CA:0A:8A:AB:EE:CB:44:BE:02
Authority key identifier: B9:A6:3D:82:E2:78:5B:7D:B0:05:28:DC:55:A7:06:9D:C5:10:A4:2F
Certificate issuer:       /CN=b9a63d82e2785b7db00528dc55a7069dc510a42f
Certificate serial:       0194C350E81E1023D3086787E88D917930C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uaY9guJ4W32wBSjcVacGncUQpC8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/8a06f4-986e-4669-bdf9-8ee2f9dcb1ed/1/uaY9guJ4W32wBSjcVacGncUQpC8.mft
Manifest number:          02DF
Signing time:             Sat 01 Feb 2025 21:00:46 +0000
Manifest this update:     Sat 01 Feb 2025 21:00:46 +0000
Manifest next update:     Sun 02 Feb 2025 21:00:46 +0000
Files and hashes:         1: uaY9guJ4W32wBSjcVacGncUQpC8.crl (hash: JZItoFz6BDpIrrOP9VcJRC3TiE5sLUk/hgxXayjLqds=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/8a06f4-986e-4669-bdf9-8ee2f9dcb1ed/1/uaY9guJ4W32wBSjcVacGncUQpC8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/8a06f4-986e-4669-bdf9-8ee2f9dcb1ed/1/uaY9guJ4W32wBSjcVacGncUQpC8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uaY9guJ4W32wBSjcVacGncUQpC8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 21:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:50:e8:1e:10:23:d3:08:67:87:e8:8d:91:79:30:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9a63d82e2785b7db00528dc55a7069dc510a42f
        Validity
            Not Before: Feb  1 21:00:46 2025 GMT
            Not After : Feb  2 21:00:46 2025 GMT
        Subject: CN=77a3c487fdb733cb00a830ca0a8aabeecb44be02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:a9:42:8d:63:22:cd:6d:e2:11:0e:2c:ba:3e:
                    90:a7:62:d0:81:01:66:d9:81:e4:db:89:be:8a:de:
                    0b:8d:89:ce:e4:24:37:48:6d:7b:7f:a9:58:e7:31:
                    0d:42:6e:42:8f:63:91:38:a5:82:35:c8:da:29:3a:
                    ac:1c:03:a4:c6:b7:32:e8:db:67:92:23:7d:37:86:
                    8d:98:8f:9f:0c:73:ef:be:2e:49:e4:72:1b:ea:a4:
                    88:48:67:6a:64:3b:ef:e6:6c:4c:84:62:df:8e:d5:
                    4a:9d:83:e5:3a:6e:0e:c2:6f:69:82:e5:de:7a:b4:
                    47:c5:c5:c3:e9:65:a5:68:29:04:dd:68:51:43:d6:
                    5e:e8:a2:0b:c9:0b:9f:d7:d0:fe:39:fb:f9:b9:12:
                    87:b3:0d:68:66:26:7e:eb:0c:e7:b4:c4:06:41:32:
                    9f:8a:b5:a2:9c:d5:f6:30:11:54:57:2a:06:c1:65:
                    05:7e:24:44:ed:d5:42:16:11:8f:77:ba:ef:9f:5d:
                    2a:a9:cb:70:74:6f:4b:32:74:03:c3:04:bb:11:af:
                    e7:0c:dc:ab:16:37:fe:ae:56:f0:23:c9:82:41:9e:
                    c5:66:40:c1:a2:4f:cb:3d:9d:5a:e6:c1:d0:94:23:
                    07:3e:b0:be:5f:ac:54:a0:8b:23:95:21:bb:7f:29:
                    a9:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:A3:C4:87:FD:B7:33:CB:00:A8:30:CA:0A:8A:AB:EE:CB:44:BE:02
            X509v3 Authority Key Identifier:
                keyid:B9:A6:3D:82:E2:78:5B:7D:B0:05:28:DC:55:A7:06:9D:C5:10:A4:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uaY9guJ4W32wBSjcVacGncUQpC8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/8a06f4-986e-4669-bdf9-8ee2f9dcb1ed/1/uaY9guJ4W32wBSjcVacGncUQpC8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/8a06f4-986e-4669-bdf9-8ee2f9dcb1ed/1/uaY9guJ4W32wBSjcVacGncUQpC8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         e5:e9:e5:21:d5:70:bb:a1:66:58:76:3f:12:60:71:32:71:bf:
         bb:89:9b:e0:48:9e:90:b3:c4:77:f5:28:d9:41:1e:c0:1b:4d:
         16:88:cb:5b:b7:d9:f3:80:fc:bb:7e:ea:ed:32:ca:04:aa:c3:
         fa:19:51:66:b9:fb:d5:a9:8d:d9:13:7b:89:08:cf:e7:c4:55:
         fe:08:78:44:5a:4b:d2:e1:1c:60:5b:8e:9f:df:77:00:ed:a5:
         7e:d1:11:a3:40:cd:6f:9b:88:b3:e8:5e:e7:ea:86:48:cc:fd:
         f5:4b:67:30:d1:c1:0c:7a:1a:56:c1:4e:c7:0a:4c:51:f4:1a:
         eb:2f:66:35:39:c9:44:4a:10:8a:16:0c:f1:7f:3e:44:9a:ce:
         bd:1e:d8:9b:b9:5a:0e:7f:e1:e1:b2:77:76:e3:04:0d:17:aa:
         95:69:b5:dc:11:d5:b5:7c:6d:83:48:20:72:86:a1:21:9a:54:
         31:81:fc:da:dc:77:8b:fd:71:15:22:f4:b9:14:4e:83:4f:79:
         0b:f9:30:b6:e6:cc:7b:56:1a:d3:08:7e:dc:7f:ec:8a:5d:3e:
         ce:93:bc:7f:aa:9d:e9:2d:10:69:18:42:00:e7:c6:0a:50:33:
         54:ae:85:89:76:81:a9:4c:e5:83:ce:04:66:ec:d0:f4:d5:bd:
         a1:e1:b2:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDUOgeECPTCGeH6I2ReTDAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YTYzZDgyZTI3ODViN2RiMDA1MjhkYzU1YTcwNjlkYzUx
MGE0MmYwHhcNMjUwMjAxMjEwMDQ2WhcNMjUwMjAyMjEwMDQ2WjAzMTEwLwYDVQQD
Eyg3N2EzYzQ4N2ZkYjczM2NiMDBhODMwY2EwYThhYWJlZWNiNDRiZTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqlCjWMizW3iEQ4suj6Qp2LQgQFm
2YHk24m+it4LjYnO5CQ3SG17f6lY5zENQm5Cj2OROKWCNcjaKTqsHAOkxrcy6Ntn
kiN9N4aNmI+fDHPvvi5J5HIb6qSISGdqZDvv5mxMhGLfjtVKnYPlOm4Owm9pguXe
erRHxcXD6WWlaCkE3WhRQ9Ze6KILyQuf19D+Ofv5uRKHsw1oZiZ+6wzntMQGQTKf
irWinNX2MBFUVyoGwWUFfiRE7dVCFhGPd7rvn10qqctwdG9LMnQDwwS7Ea/nDNyr
Fjf+rlbwI8mCQZ7FZkDBok/LPZ1a5sHQlCMHPrC+X6xUoIsjlSG7fympDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHejxIf9tzPLAKgwygqKq+7LRL4CMB8GA1UdIwQY
MBaAFLmmPYLieFt9sAUo3FWnBp3FEKQvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWFZOWd1SjRXMzJ3QlNqY1ZhY0duY1VRcEM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC84YTA2ZjQtOTg2ZS00NjY5LWJkZjkt
OGVlMmY5ZGNiMWVkLzEvdWFZOWd1SjRXMzJ3QlNqY1ZhY0duY1VRcEM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC84YTA2ZjQtOTg2ZS00NjY5LWJkZjktOGVlMmY5ZGNiMWVk
LzEvdWFZOWd1SjRXMzJ3QlNqY1ZhY0duY1VRcEM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA5enlIdVw
u6FmWHY/EmBxMnG/u4mb4EiekLPEd/Uo2UEewBtNFojLW7fZ84D8u37q7TLKBKrD
+hlRZrn71amN2RN7iQjP58RV/gh4RFpL0uEcYFuOn993AO2lftERo0DNb5uIs+he
5+qGSMz99UtnMNHBDHoaVsFOxwpMUfQa6y9mNTnJREoQihYM8X8+RJrOvR7Ym7la
Dn/h4bJ3duMEDReqlWm13BHVtXxtg0ggcoahIZpUMYH82tx3i/1xFSL0uRROg095
C/kwtubMe1Ya0wh+3H/sil0+zpO8f6qd6S0QaRhCAOfGClAzVK6FiXaBqUzlg84E
ZuzQ9NW9oeGyfw==
-----END CERTIFICATE-----