Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
File:                     DwQeIIaCRVpnlCzipkhYygcEfos.mft (raw, json)
Hash identifier:          bXQ5SDEYapvZ8KqXbUh1Ygf6rIwwc1AiwN9vcfGUeiI=
Subject key identifier:   93:DD:A6:A6:98:BE:AC:62:0C:FB:7B:60:30:15:BE:D9:7C:85:7F:E7
Authority key identifier: 0F:04:1E:20:86:82:45:5A:67:94:2C:E2:A6:48:58:CA:07:04:7E:8B
Certificate issuer:       /CN=0f041e208682455a67942ce2a64858ca07047e8b
Certificate serial:       01951210C2624E6795223AEB0A549CBEB1D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
Manifest number:          1455
Signing time:             Mon 17 Feb 2025 04:00:42 +0000
Manifest this update:     Mon 17 Feb 2025 04:00:42 +0000
Manifest next update:     Tue 18 Feb 2025 04:00:42 +0000
Files and hashes:         1: DwQeIIaCRVpnlCzipkhYygcEfos.crl (hash: whNfGTMUJ+OXmfmt5VLU+gXlW6qqW93htBaj7rWPG0g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:12:10:c2:62:4e:67:95:22:3a:eb:0a:54:9c:be:b1:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f041e208682455a67942ce2a64858ca07047e8b
        Validity
            Not Before: Feb 17 04:00:42 2025 GMT
            Not After : Feb 18 04:00:42 2025 GMT
        Subject: CN=93dda6a698beac620cfb7b603015bed97c857fe7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:06:c4:f2:db:ab:81:d1:bc:88:dc:a1:21:11:
                    08:c9:ed:3c:ff:eb:7e:bd:9d:c8:fa:f1:0d:e4:44:
                    16:07:12:58:7b:dc:1e:66:10:4b:31:67:a7:f0:73:
                    ef:6d:e4:05:6e:0e:f2:2d:26:25:4c:61:d1:70:a3:
                    d5:e0:35:fb:a7:78:61:d7:96:48:ab:81:d6:91:03:
                    f9:9a:40:61:f9:c5:a5:39:ab:84:f1:41:ff:5c:94:
                    79:be:82:9b:a4:9f:b5:c8:ac:1e:5d:ce:bf:89:0a:
                    0b:88:cb:5d:50:6f:4a:3d:c3:ac:e9:00:d0:95:3d:
                    a1:b3:c7:72:cb:68:48:b2:9f:b5:18:ca:0f:e2:f9:
                    a1:2f:61:6d:ed:47:55:7b:70:e0:63:d3:27:b2:aa:
                    15:fc:64:9b:c3:eb:52:83:e4:7b:49:54:65:cb:8d:
                    1b:6f:ec:6c:de:e5:ba:08:2e:32:44:58:82:62:5e:
                    d8:c5:bb:a2:de:9a:01:7c:5d:f6:20:32:55:7a:e6:
                    88:b7:7c:99:9b:b4:0d:1c:a3:7b:4c:c2:a9:17:b3:
                    ac:40:42:3f:88:f4:ed:d5:77:49:69:36:21:c2:7b:
                    70:7e:74:2c:49:63:ee:88:3c:16:40:71:92:33:ca:
                    e7:e0:55:d4:f2:45:42:8e:ec:02:da:3f:06:6e:e1:
                    e1:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:DD:A6:A6:98:BE:AC:62:0C:FB:7B:60:30:15:BE:D9:7C:85:7F:E7
            X509v3 Authority Key Identifier:
                keyid:0F:04:1E:20:86:82:45:5A:67:94:2C:E2:A6:48:58:CA:07:04:7E:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:da:71:84:79:7a:ab:d4:c6:dc:71:ff:a2:ec:98:65:04:a1:
         3d:72:3d:53:9c:38:69:c6:14:da:3d:14:1a:31:fb:d0:d1:88:
         e2:ea:05:4d:e4:4d:51:9c:67:ce:3f:d5:06:c3:5d:40:0d:06:
         94:0a:cb:52:80:06:69:02:44:4b:77:00:83:17:61:6e:fa:69:
         9b:93:0d:4b:73:63:5d:a3:4a:33:0c:a3:bf:50:5f:c7:d2:97:
         64:d1:b6:a1:ca:ab:79:81:56:76:49:66:e8:41:04:cc:b1:53:
         5f:70:97:11:08:ce:6b:c1:61:b4:cd:6b:66:da:9d:fd:69:ff:
         0d:47:04:11:63:14:f6:dd:d9:71:e5:ad:a8:ed:8e:cc:1c:34:
         0a:3f:95:82:23:30:7c:2a:60:1d:7b:aa:6b:9f:74:98:3d:77:
         26:e6:37:65:60:5e:bf:ed:7a:2c:f6:a0:9b:78:69:36:0e:61:
         9f:de:81:59:26:67:1c:5f:79:19:a7:6a:41:d3:86:b0:8e:09:
         44:f0:fe:91:f3:eb:ba:21:4f:82:51:54:2f:0a:59:d3:3e:bf:
         d1:3c:fb:80:b2:dc:8c:3c:e5:31:12:2f:9f:8e:26:d8:70:e9:
         d6:a0:21:5b:51:b1:2a:e3:17:3f:cb:0a:9f:b9:91:d6:cb:5d:
         bd:bb:b5:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSEMJiTmeVIjrrClScvrHWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMDQxZTIwODY4MjQ1NWE2Nzk0MmNlMmE2NDg1OGNhMDcw
NDdlOGIwHhcNMjUwMjE3MDQwMDQyWhcNMjUwMjE4MDQwMDQyWjAzMTEwLwYDVQQD
Eyg5M2RkYTZhNjk4YmVhYzYyMGNmYjdiNjAzMDE1YmVkOTdjODU3ZmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswbE8turgdG8iNyhIREIye08/+t+
vZ3I+vEN5EQWBxJYe9weZhBLMWen8HPvbeQFbg7yLSYlTGHRcKPV4DX7p3hh15ZI
q4HWkQP5mkBh+cWlOauE8UH/XJR5voKbpJ+1yKweXc6/iQoLiMtdUG9KPcOs6QDQ
lT2hs8dyy2hIsp+1GMoP4vmhL2Ft7UdVe3DgY9MnsqoV/GSbw+tSg+R7SVRly40b
b+xs3uW6CC4yRFiCYl7Yxbui3poBfF32IDJVeuaIt3yZm7QNHKN7TMKpF7OsQEI/
iPTt1XdJaTYhwntwfnQsSWPuiDwWQHGSM8rn4FXU8kVCjuwC2j8GbuHhCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJPdpqaYvqxiDPt7YDAVvtl8hX/nMB8GA1UdIwQY
MBaAFA8EHiCGgkVaZ5Qs4qZIWMoHBH6LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mOTIyZTctZDUzZS00ZGFmLTg3NzAt
N2ZmZGZlZTU3ZjUyLzEvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mOTIyZTctZDUzZS00ZGFmLTg3NzAtN2ZmZGZlZTU3ZjUy
LzEvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHdpxhHl6
q9TG3HH/ouyYZQShPXI9U5w4acYU2j0UGjH70NGI4uoFTeRNUZxnzj/VBsNdQA0G
lArLUoAGaQJES3cAgxdhbvppm5MNS3NjXaNKMwyjv1Bfx9KXZNG2ocqreYFWdklm
6EEEzLFTX3CXEQjOa8FhtM1rZtqd/Wn/DUcEEWMU9t3ZceWtqO2OzBw0Cj+VgiMw
fCpgHXuqa590mD13JuY3ZWBev+16LPagm3hpNg5hn96BWSZnHF95GadqQdOGsI4J
RPD+kfPruiFPglFULwpZ0z6/0Tz7gLLcjDzlMRIvn44m2HDp1qAhW1GxKuMXP8sK
n7mR1stdvbu1Kw==
-----END CERTIFICATE-----