Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft
File:                     MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft (raw, json)
Hash identifier:          hlQd+qfmRys70/PJ2zqZh7XJWI5s0oRenTvXimv0ZKw=
Subject key identifier:   4C:E8:E6:19:6D:76:FA:0C:71:C5:F6:F6:6B:85:01:52:44:91:91:F9
Authority key identifier: 30:FD:95:CE:80:EA:CE:73:4E:34:0D:DD:72:31:10:FA:52:52:FA:34
Certificate issuer:       /CN=30fd95ce80eace734e340ddd723110fa5252fa34
Certificate serial:       0194C3F5C0E10A7E810FEEF0613B7AF44BEA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MP2VzoDqznNONA3dcjEQ-lJS-jQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft
Manifest number:          142C
Signing time:             Sun 02 Feb 2025 00:00:50 +0000
Manifest this update:     Sun 02 Feb 2025 00:00:50 +0000
Manifest next update:     Mon 03 Feb 2025 00:00:50 +0000
Files and hashes:         1: MP2VzoDqznNONA3dcjEQ-lJS-jQ.crl (hash: PSIgmYHyvFN5CbKT58sURTi5Kp/PpE6NM1ZKnALQRyg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MP2VzoDqznNONA3dcjEQ-lJS-jQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:f5:c0:e1:0a:7e:81:0f:ee:f0:61:3b:7a:f4:4b:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30fd95ce80eace734e340ddd723110fa5252fa34
        Validity
            Not Before: Feb  2 00:00:50 2025 GMT
            Not After : Feb  3 00:00:50 2025 GMT
        Subject: CN=4ce8e6196d76fa0c71c5f6f66b850152449191f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:2a:3f:df:39:ce:9a:07:a5:d6:5c:5d:11:9a:
                    cd:f5:32:57:77:6d:08:53:0c:99:2b:4b:fd:8c:70:
                    c4:e1:31:d2:cd:bd:5b:80:2f:b2:2d:74:61:9d:15:
                    7b:a5:7f:cd:1a:4b:dc:60:d6:98:65:a7:6c:a7:c0:
                    9d:83:53:c0:ab:4b:d4:ac:71:7b:d7:d8:17:40:9a:
                    84:fc:fb:76:fe:81:bf:38:c9:18:e2:c0:4f:37:63:
                    68:04:d3:16:d4:f4:43:0e:e0:21:a9:3c:dd:a3:84:
                    9b:de:6a:61:78:5b:d8:b3:f4:1c:63:b4:63:54:1d:
                    2b:8d:80:8c:50:3b:de:96:66:77:5e:a6:59:e8:8b:
                    a6:30:15:7a:91:85:65:eb:38:e2:49:7a:dd:80:4f:
                    8d:4e:51:a2:29:c9:18:52:c4:e5:03:d8:9e:ac:c8:
                    0a:10:2f:49:d4:4e:38:ff:0b:4e:cb:5e:e0:92:f8:
                    4d:6c:c6:fc:e9:f5:bb:38:73:d7:9a:9e:4f:48:c5:
                    42:53:9d:86:a6:2d:32:b4:c3:30:a1:91:b6:cb:f8:
                    12:77:0c:26:f5:79:ce:9d:06:85:f8:41:82:bd:5f:
                    24:24:de:a0:23:00:04:ab:bf:b4:f7:31:38:f1:34:
                    27:21:2d:96:5e:51:3e:86:ab:d5:ff:49:82:18:6e:
                    9e:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:E8:E6:19:6D:76:FA:0C:71:C5:F6:F6:6B:85:01:52:44:91:91:F9
            X509v3 Authority Key Identifier:
                keyid:30:FD:95:CE:80:EA:CE:73:4E:34:0D:DD:72:31:10:FA:52:52:FA:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MP2VzoDqznNONA3dcjEQ-lJS-jQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:3b:1e:3d:32:b9:24:3a:c8:17:27:2f:2c:af:72:8d:66:15:
         e8:f2:2b:a7:75:6e:4c:4e:47:95:e0:2c:e6:ee:65:ff:cc:1d:
         39:dd:0b:51:dc:a1:1f:7d:e0:2d:c2:12:04:2f:a8:b7:45:f9:
         8c:8e:d0:f2:10:0f:98:a8:38:9d:96:5b:b5:29:2f:9e:00:7a:
         00:15:7a:bd:f2:fe:0a:94:c8:29:fc:88:37:0e:a0:35:3b:6c:
         1b:7f:25:2f:e9:46:08:be:97:53:e3:ab:a9:72:9c:76:97:62:
         f1:c6:d6:45:a7:51:5c:8d:63:8a:95:ba:b5:38:9e:5b:e7:a6:
         7f:1e:29:32:cf:9f:53:b2:56:d7:08:e7:6e:28:68:a6:5f:2e:
         7a:12:41:58:83:1a:cb:da:1f:0b:46:ab:62:ec:3c:6d:e1:85:
         66:6b:72:c5:b9:90:8a:25:c3:62:3e:9a:b5:0a:7b:d3:6b:cf:
         39:a6:89:e1:23:5d:d2:56:4d:b9:1a:ef:ed:58:5f:4b:5f:64:
         dc:01:bb:da:a7:4f:22:66:a9:b6:39:ad:d0:68:0e:1f:2e:7b:
         93:5f:ad:a5:30:2b:f5:2b:df:01:14:44:43:7a:31:03:71:51:
         f5:d9:be:a8:f3:2e:ad:89:ff:2f:89:2c:d4:a9:34:17:8a:40:
         30:0b:5d:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTD9cDhCn6BD+7wYTt69EvqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZmQ5NWNlODBlYWNlNzM0ZTM0MGRkZDcyMzExMGZhNTI1
MmZhMzQwHhcNMjUwMjAyMDAwMDUwWhcNMjUwMjAzMDAwMDUwWjAzMTEwLwYDVQQD
Eyg0Y2U4ZTYxOTZkNzZmYTBjNzFjNWY2ZjY2Yjg1MDE1MjQ0OTE5MWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4yo/3znOmgel1lxdEZrN9TJXd20I
UwyZK0v9jHDE4THSzb1bgC+yLXRhnRV7pX/NGkvcYNaYZadsp8Cdg1PAq0vUrHF7
19gXQJqE/Pt2/oG/OMkY4sBPN2NoBNMW1PRDDuAhqTzdo4Sb3mpheFvYs/QcY7Rj
VB0rjYCMUDvelmZ3XqZZ6IumMBV6kYVl6zjiSXrdgE+NTlGiKckYUsTlA9ierMgK
EC9J1E44/wtOy17gkvhNbMb86fW7OHPXmp5PSMVCU52Gpi0ytMMwoZG2y/gSdwwm
9XnOnQaF+EGCvV8kJN6gIwAEq7+09zE48TQnIS2WXlE+hqvV/0mCGG6eHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEzo5hltdvoMccX29muFAVJEkZH5MB8GA1UdIwQY
MBaAFDD9lc6A6s5zTjQN3XIxEPpSUvo0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVAyVnpvRHF6bk5PTkEzZGNqRVEtbEpTLWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS84MjBmMTctMzdiYi00ODY3LWJjODAt
YzdkM2U5NmZkMzViLzEvTVAyVnpvRHF6bk5PTkEzZGNqRVEtbEpTLWpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS84MjBmMTctMzdiYi00ODY3LWJjODAtYzdkM2U5NmZkMzVi
LzEvTVAyVnpvRHF6bk5PTkEzZGNqRVEtbEpTLWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEzsePTK5
JDrIFycvLK9yjWYV6PIrp3VuTE5HleAs5u5l/8wdOd0LUdyhH33gLcISBC+ot0X5
jI7Q8hAPmKg4nZZbtSkvngB6ABV6vfL+CpTIKfyINw6gNTtsG38lL+lGCL6XU+Or
qXKcdpdi8cbWRadRXI1jipW6tTieW+emfx4pMs+fU7JW1wjnbihopl8uehJBWIMa
y9ofC0arYuw8beGFZmtyxbmQiiXDYj6atQp702vPOaaJ4SNd0lZNuRrv7VhfS19k
3AG72qdPImaptjmt0GgOHy57k1+tpTAr9SvfARREQ3oxA3FR9dm+qPMurYn/L4ks
1Kk0F4pAMAtdEA==
-----END CERTIFICATE-----