Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/4d10c0-67bf-4135-97ab-bbf2ce07ecad/1/oaRYJWLDE1u1K9uWFF4a0DeGsUg.mft
File:                     oaRYJWLDE1u1K9uWFF4a0DeGsUg.mft (raw, json)
Hash identifier:          qNuX7m/OeCet+A55rD8+5WMOB3bNmm8UR/JvSbZat8k=
Subject key identifier:   CC:47:2A:97:B3:22:0A:95:DD:FF:5D:D3:57:18:A3:3A:BA:A4:D2:72
Authority key identifier: A1:A4:58:25:62:C3:13:5B:B5:2B:DB:96:14:5E:1A:D0:37:86:B1:48
Certificate issuer:       /CN=a1a4582562c3135bb52bdb96145e1ad03786b148
Certificate serial:       0194C387AD1E371C179BAEC4DACCF5C8BBD4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oaRYJWLDE1u1K9uWFF4a0DeGsUg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/4d10c0-67bf-4135-97ab-bbf2ce07ecad/1/oaRYJWLDE1u1K9uWFF4a0DeGsUg.mft
Manifest number:          11D3
Signing time:             Sat 01 Feb 2025 22:00:36 +0000
Manifest this update:     Sat 01 Feb 2025 22:00:36 +0000
Manifest next update:     Sun 02 Feb 2025 22:00:36 +0000
Files and hashes:         1: oaRYJWLDE1u1K9uWFF4a0DeGsUg.crl (hash: UmfX97nKZwrPYHzzYFRN/1MAou7GNoT/R2VEy4eJTcA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/4d10c0-67bf-4135-97ab-bbf2ce07ecad/1/oaRYJWLDE1u1K9uWFF4a0DeGsUg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/4d10c0-67bf-4135-97ab-bbf2ce07ecad/1/oaRYJWLDE1u1K9uWFF4a0DeGsUg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oaRYJWLDE1u1K9uWFF4a0DeGsUg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:87:ad:1e:37:1c:17:9b:ae:c4:da:cc:f5:c8:bb:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1a4582562c3135bb52bdb96145e1ad03786b148
        Validity
            Not Before: Feb  1 22:00:36 2025 GMT
            Not After : Feb  2 22:00:36 2025 GMT
        Subject: CN=cc472a97b3220a95ddff5dd35718a33abaa4d272
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:67:1e:d3:01:a3:b7:d4:ba:48:33:77:83:cc:
                    1c:ed:1a:62:38:c6:5f:d0:49:f9:cf:b2:b2:42:45:
                    e2:7b:14:21:b8:70:10:25:ba:f0:5e:79:a8:03:b3:
                    85:a1:2e:0b:30:2f:7f:7f:a5:31:52:43:ad:93:7d:
                    54:b7:84:ec:7d:7d:66:03:ff:57:07:aa:7c:ef:86:
                    1b:2d:bc:2f:aa:59:98:55:1e:7c:5b:46:01:3f:a3:
                    72:9e:eb:6f:13:23:5e:6c:74:69:65:ad:b0:4d:6a:
                    25:08:7f:45:99:c4:a6:e2:05:cb:1e:b2:5c:0c:3a:
                    e9:2d:4b:33:ed:71:df:84:2b:22:8b:84:26:1e:b7:
                    0a:d1:2e:fd:cc:15:ac:bf:9e:6b:f3:64:de:06:43:
                    d7:ed:cd:80:57:bb:db:83:7e:3c:1b:b0:da:2c:21:
                    36:f2:45:68:3e:d9:be:26:40:3a:e8:f0:67:9b:97:
                    30:b1:23:60:80:fa:b6:f8:3d:ee:07:05:1b:12:ee:
                    10:46:43:76:75:81:bc:44:b7:98:ad:70:21:3f:46:
                    e5:8a:b4:e4:6b:2c:bb:2a:9d:ef:a8:ae:a4:be:a6:
                    d6:b9:a3:e5:d2:14:23:c5:8c:c5:34:3c:ba:85:1f:
                    16:b1:1b:57:7c:d9:89:ba:2f:aa:66:64:97:0a:4b:
                    fe:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:47:2A:97:B3:22:0A:95:DD:FF:5D:D3:57:18:A3:3A:BA:A4:D2:72
            X509v3 Authority Key Identifier:
                keyid:A1:A4:58:25:62:C3:13:5B:B5:2B:DB:96:14:5E:1A:D0:37:86:B1:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oaRYJWLDE1u1K9uWFF4a0DeGsUg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/4d10c0-67bf-4135-97ab-bbf2ce07ecad/1/oaRYJWLDE1u1K9uWFF4a0DeGsUg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/4d10c0-67bf-4135-97ab-bbf2ce07ecad/1/oaRYJWLDE1u1K9uWFF4a0DeGsUg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:72:1b:c0:b5:a4:a7:87:d2:99:44:53:45:f8:e0:bb:ac:29:
         77:3b:1a:7e:75:b1:d6:fb:0c:5c:b0:59:6b:b5:27:7d:10:4c:
         de:82:c3:a8:2f:91:e1:d6:66:ba:db:cb:b1:c6:ee:06:89:fe:
         60:37:82:e4:aa:40:af:55:85:44:07:9e:27:22:d6:cd:b1:21:
         e7:1c:e8:27:5d:86:d4:ab:0b:b2:98:05:36:a0:20:fe:fc:f8:
         f2:69:8d:1c:aa:be:f6:b3:9d:f3:56:e0:99:a8:04:1c:7e:e8:
         18:42:af:b1:a0:24:a4:0b:a1:f4:b1:01:db:a1:48:15:8c:25:
         06:b5:2d:a5:80:19:22:87:f9:aa:61:84:4a:c6:83:ec:92:e4:
         d1:f4:6c:33:b3:31:e8:fe:3f:fc:1a:bc:3d:b3:ed:5c:fe:53:
         fe:e2:c4:2e:b4:9c:e0:87:6d:3c:38:7b:8d:1e:a6:6b:17:12:
         df:d3:8a:33:eb:ca:6c:b7:83:95:4e:db:2f:a6:aa:c9:bf:70:
         a9:dd:c5:db:d9:0a:c0:dc:24:aa:f8:d5:66:98:20:0d:0c:cb:
         6f:61:11:ef:8e:1a:2c:6a:c6:3f:8b:d1:fc:a1:3c:d2:31:72:
         43:81:97:c3:cb:90:49:e7:08:e5:a4:40:4e:0a:7e:9a:ea:77:
         17:48:96:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh60eNxwXm67E2sz1yLvUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYTQ1ODI1NjJjMzEzNWJiNTJiZGI5NjE0NWUxYWQwMzc4
NmIxNDgwHhcNMjUwMjAxMjIwMDM2WhcNMjUwMjAyMjIwMDM2WjAzMTEwLwYDVQQD
EyhjYzQ3MmE5N2IzMjIwYTk1ZGRmZjVkZDM1NzE4YTMzYWJhYTRkMjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Wce0wGjt9S6SDN3g8wc7RpiOMZf
0En5z7KyQkXiexQhuHAQJbrwXnmoA7OFoS4LMC9/f6UxUkOtk31Ut4TsfX1mA/9X
B6p874YbLbwvqlmYVR58W0YBP6NynutvEyNebHRpZa2wTWolCH9FmcSm4gXLHrJc
DDrpLUsz7XHfhCsii4QmHrcK0S79zBWsv55r82TeBkPX7c2AV7vbg348G7DaLCE2
8kVoPtm+JkA66PBnm5cwsSNggPq2+D3uBwUbEu4QRkN2dYG8RLeYrXAhP0blirTk
ayy7Kp3vqK6kvqbWuaPl0hQjxYzFNDy6hR8WsRtXfNmJui+qZmSXCkv+xQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMxHKpezIgqV3f9d01cYozq6pNJyMB8GA1UdIwQY
MBaAFKGkWCViwxNbtSvblhReGtA3hrFIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2FSWUpXTERFMXUxSzl1V0ZGNGEwRGVHc1VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS80ZDEwYzAtNjdiZi00MTM1LTk3YWIt
YmJmMmNlMDdlY2FkLzEvb2FSWUpXTERFMXUxSzl1V0ZGNGEwRGVHc1VnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS80ZDEwYzAtNjdiZi00MTM1LTk3YWItYmJmMmNlMDdlY2Fk
LzEvb2FSWUpXTERFMXUxSzl1V0ZGNGEwRGVHc1VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAanIbwLWk
p4fSmURTRfjgu6wpdzsafnWx1vsMXLBZa7UnfRBM3oLDqC+R4dZmutvLscbuBon+
YDeC5KpAr1WFRAeeJyLWzbEh5xzoJ12G1KsLspgFNqAg/vz48mmNHKq+9rOd81bg
magEHH7oGEKvsaAkpAuh9LEB26FIFYwlBrUtpYAZIof5qmGESsaD7JLk0fRsM7Mx
6P4//Bq8PbPtXP5T/uLELrSc4IdtPDh7jR6maxcS39OKM+vKbLeDlU7bL6aqyb9w
qd3F29kKwNwkqvjVZpggDQzLb2ER744aLGrGP4vR/KE80jFyQ4GXw8uQSecI5aRA
Tgp+mup3F0iWxw==
-----END CERTIFICATE-----