Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/2ca2c3-e20f-494e-b1ce-6a71b844ad66/1/xRlGjFXmvnFcDagFzvta7IXTKSY.mft
File:                     xRlGjFXmvnFcDagFzvta7IXTKSY.mft (raw, json)
Hash identifier:          ql0LiMhJNCRgyZ8I32ZDckFJGe3eA4PEZJhjT2orNW8=
Subject key identifier:   AA:3E:55:BA:18:1D:AE:7A:6D:01:9D:5A:28:96:83:BC:9A:A4:03:8C
Authority key identifier: C5:19:46:8C:55:E6:BE:71:5C:0D:A8:05:CE:FB:5A:EC:85:D3:29:26
Certificate issuer:       /CN=c519468c55e6be715c0da805cefb5aec85d32926
Certificate serial:       0194C3876CD24ADE5E0AA74D295FF8ABFA03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xRlGjFXmvnFcDagFzvta7IXTKSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/2ca2c3-e20f-494e-b1ce-6a71b844ad66/1/xRlGjFXmvnFcDagFzvta7IXTKSY.mft
Manifest number:          0D27
Signing time:             Sat 01 Feb 2025 22:00:19 +0000
Manifest this update:     Sat 01 Feb 2025 22:00:19 +0000
Manifest next update:     Sun 02 Feb 2025 22:00:19 +0000
Files and hashes:         1: xRlGjFXmvnFcDagFzvta7IXTKSY.crl (hash: n4pZgegMRampiQz6QarFWEEWShQi8FTkzIJSdn0+Rs4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/2ca2c3-e20f-494e-b1ce-6a71b844ad66/1/xRlGjFXmvnFcDagFzvta7IXTKSY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/2ca2c3-e20f-494e-b1ce-6a71b844ad66/1/xRlGjFXmvnFcDagFzvta7IXTKSY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xRlGjFXmvnFcDagFzvta7IXTKSY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:87:6c:d2:4a:de:5e:0a:a7:4d:29:5f:f8:ab:fa:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c519468c55e6be715c0da805cefb5aec85d32926
        Validity
            Not Before: Feb  1 22:00:19 2025 GMT
            Not After : Feb  2 22:00:19 2025 GMT
        Subject: CN=aa3e55ba181dae7a6d019d5a289683bc9aa4038c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:06:06:f5:d1:c2:19:d6:c0:47:3d:54:11:96:
                    66:86:eb:b0:11:77:b5:94:51:d3:f5:35:cb:5d:b0:
                    40:aa:c8:e2:a6:b4:64:32:6b:81:27:a4:d1:0d:c2:
                    2c:e6:67:58:37:27:10:d6:c9:c9:b0:bb:79:b1:31:
                    3d:36:57:f9:9c:08:93:4e:f0:fa:ae:c2:46:4a:df:
                    dc:fc:ff:2a:15:d8:e9:89:d8:9f:3e:40:16:11:02:
                    bf:d2:8e:98:b3:e3:9a:4e:d9:e8:f3:6b:ef:03:5b:
                    b1:be:bc:32:ff:a9:43:78:23:fc:29:c4:3e:8e:46:
                    10:18:ec:fa:a9:1b:bb:ed:bc:7a:1b:5f:5e:1d:7d:
                    48:d1:d1:78:ed:8c:69:b8:df:e5:71:ed:e1:a6:a0:
                    72:21:59:ca:f1:8b:15:ee:29:2e:f3:ea:1e:5d:28:
                    e2:0d:4e:f5:6a:1a:3a:8c:13:e5:62:8f:9d:e9:8e:
                    5b:24:6f:69:6d:90:44:aa:85:18:49:06:c5:28:1c:
                    f2:20:e6:62:24:bd:ab:9b:37:dd:f9:d6:83:fc:a3:
                    c1:c3:7b:87:22:fb:9b:b3:63:7a:9f:f1:fd:45:de:
                    7d:7a:39:09:e5:ff:4f:3d:10:c5:e3:c9:08:7c:7a:
                    11:c3:86:6f:59:8a:cb:7b:5e:a3:3d:9f:f4:dd:5e:
                    91:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:3E:55:BA:18:1D:AE:7A:6D:01:9D:5A:28:96:83:BC:9A:A4:03:8C
            X509v3 Authority Key Identifier:
                keyid:C5:19:46:8C:55:E6:BE:71:5C:0D:A8:05:CE:FB:5A:EC:85:D3:29:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xRlGjFXmvnFcDagFzvta7IXTKSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/2ca2c3-e20f-494e-b1ce-6a71b844ad66/1/xRlGjFXmvnFcDagFzvta7IXTKSY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/2ca2c3-e20f-494e-b1ce-6a71b844ad66/1/xRlGjFXmvnFcDagFzvta7IXTKSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:a8:9a:58:ee:35:1f:39:d4:1f:eb:b3:0d:95:29:09:ec:41:
         2e:c7:1c:08:6b:0f:ae:d1:3f:1f:06:75:10:f7:a2:c8:70:75:
         4c:9f:c4:00:01:17:3f:bc:dd:70:88:6e:78:de:b7:98:76:72:
         3d:dd:ee:58:5e:16:1c:7a:4e:27:63:fc:f8:49:2e:60:a1:23:
         22:f0:35:db:75:11:ae:db:7e:b5:43:5f:48:ea:65:79:23:5b:
         80:8b:50:a3:9c:e0:8c:26:9e:b8:47:6a:09:b3:a3:00:4e:f9:
         a0:aa:3a:65:b3:35:75:bb:36:6d:10:28:28:ec:9a:0f:8b:ac:
         1d:2f:73:ce:c0:9f:53:c0:0f:89:1c:bb:97:76:34:4a:03:e0:
         71:f9:1e:0c:a9:39:61:40:0e:b7:d2:89:43:e9:42:98:7b:ea:
         30:7f:e8:06:03:11:40:8d:27:b0:29:17:1c:eb:e8:0e:0b:79:
         39:60:6f:2a:23:9a:b9:cf:bc:02:21:cd:ec:fa:82:db:46:14:
         ab:3a:cf:50:63:73:3a:f7:fd:36:7e:ff:3f:c5:30:f1:21:dd:
         eb:9b:55:37:08:b4:bf:4b:a2:df:0e:57:1e:b3:d4:75:76:6c:
         8e:5e:91:67:05:e0:e5:df:77:27:60:8e:46:e1:3b:c1:ee:7f:
         a2:49:3d:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh2zSSt5eCqdNKV/4q/oDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1MTk0NjhjNTVlNmJlNzE1YzBkYTgwNWNlZmI1YWVjODVk
MzI5MjYwHhcNMjUwMjAxMjIwMDE5WhcNMjUwMjAyMjIwMDE5WjAzMTEwLwYDVQQD
EyhhYTNlNTViYTE4MWRhZTdhNmQwMTlkNWEyODk2ODNiYzlhYTQwMzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwYG9dHCGdbARz1UEZZmhuuwEXe1
lFHT9TXLXbBAqsjiprRkMmuBJ6TRDcIs5mdYNycQ1snJsLt5sTE9Nlf5nAiTTvD6
rsJGSt/c/P8qFdjpidifPkAWEQK/0o6Ys+OaTtno82vvA1uxvrwy/6lDeCP8KcQ+
jkYQGOz6qRu77bx6G19eHX1I0dF47YxpuN/lce3hpqByIVnK8YsV7iku8+oeXSji
DU71aho6jBPlYo+d6Y5bJG9pbZBEqoUYSQbFKBzyIOZiJL2rmzfd+daD/KPBw3uH
Ivubs2N6n/H9Rd59ejkJ5f9PPRDF48kIfHoRw4ZvWYrLe16jPZ/03V6RGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKo+VboYHa56bQGdWiiWg7yapAOMMB8GA1UdIwQY
MBaAFMUZRoxV5r5xXA2oBc77WuyF0ykmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFJsR2pGWG12bkZjRGFnRnp2dGE3SVhUS1NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS8yY2EyYzMtZTIwZi00OTRlLWIxY2Ut
NmE3MWI4NDRhZDY2LzEveFJsR2pGWG12bkZjRGFnRnp2dGE3SVhUS1NZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS8yY2EyYzMtZTIwZi00OTRlLWIxY2UtNmE3MWI4NDRhZDY2
LzEveFJsR2pGWG12bkZjRGFnRnp2dGE3SVhUS1NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH6iaWO41
HznUH+uzDZUpCexBLsccCGsPrtE/HwZ1EPeiyHB1TJ/EAAEXP7zdcIhueN63mHZy
Pd3uWF4WHHpOJ2P8+EkuYKEjIvA123URrtt+tUNfSOpleSNbgItQo5zgjCaeuEdq
CbOjAE75oKo6ZbM1dbs2bRAoKOyaD4usHS9zzsCfU8APiRy7l3Y0SgPgcfkeDKk5
YUAOt9KJQ+lCmHvqMH/oBgMRQI0nsCkXHOvoDgt5OWBvKiOauc+8AiHN7PqC20YU
qzrPUGNzOvf9Nn7/P8Uw8SHd65tVNwi0v0ui3w5XHrPUdXZsjl6RZwXg5d93J2CO
RuE7we5/okk98A==
-----END CERTIFICATE-----