Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/d00e3d-54c7-436f-a8ce-338aa0cf98e2/1/PwbJ3z-o-T2e8O0EscoENduLxlA.mft
File:                     PwbJ3z-o-T2e8O0EscoENduLxlA.mft (raw, json)
Hash identifier:          HSx3sLmb8nDC0hVDu82INtCfJl6PaWlaZROBgAwpVWE=
Subject key identifier:   6B:55:48:B8:B0:29:F6:58:CC:9F:75:EF:C9:3F:24:76:33:3D:81:DB
Authority key identifier: 3F:06:C9:DF:3F:A8:F9:3D:9E:F0:ED:04:B1:CA:04:35:DB:8B:C6:50
Certificate issuer:       /CN=3f06c9df3fa8f93d9ef0ed04b1ca0435db8bc650
Certificate serial:       0194C46347CA848C18B1CBA908E156CCB4A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PwbJ3z-o-T2e8O0EscoENduLxlA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/d00e3d-54c7-436f-a8ce-338aa0cf98e2/1/PwbJ3z-o-T2e8O0EscoENduLxlA.mft
Manifest number:          142B
Signing time:             Sun 02 Feb 2025 02:00:28 +0000
Manifest this update:     Sun 02 Feb 2025 02:00:28 +0000
Manifest next update:     Mon 03 Feb 2025 02:00:28 +0000
Files and hashes:         1: PwbJ3z-o-T2e8O0EscoENduLxlA.crl (hash: O2PDmysirgyzyA8CsZXzkW2MtJvWLAoGNEs2defWOcU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/d00e3d-54c7-436f-a8ce-338aa0cf98e2/1/PwbJ3z-o-T2e8O0EscoENduLxlA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/d00e3d-54c7-436f-a8ce-338aa0cf98e2/1/PwbJ3z-o-T2e8O0EscoENduLxlA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PwbJ3z-o-T2e8O0EscoENduLxlA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:63:47:ca:84:8c:18:b1:cb:a9:08:e1:56:cc:b4:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3f06c9df3fa8f93d9ef0ed04b1ca0435db8bc650
        Validity
            Not Before: Feb  2 02:00:28 2025 GMT
            Not After : Feb  3 02:00:28 2025 GMT
        Subject: CN=6b5548b8b029f658cc9f75efc93f2476333d81db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:a7:fc:85:a6:b2:fb:35:78:07:df:17:84:16:
                    f5:59:0c:c6:7b:31:9c:46:f0:0c:f7:6a:c4:a6:4f:
                    d5:f7:43:e4:26:6a:a5:e1:3c:ac:57:b4:87:0d:b5:
                    8a:0a:34:dc:05:2d:1e:6f:a4:a8:d5:f1:44:74:fe:
                    ac:0c:20:0f:56:f2:6e:f0:99:b3:0d:c0:05:bf:c6:
                    16:d5:5e:bf:de:30:d3:fe:52:86:0d:1b:9b:fe:f5:
                    fa:3e:34:cf:ae:8b:d7:03:16:6a:df:44:48:c5:1f:
                    16:95:22:72:24:a3:96:ba:32:c1:7c:a8:90:bd:66:
                    22:c2:01:00:9d:36:f6:04:b2:30:66:72:c7:91:c3:
                    cd:ee:a4:94:77:e9:19:0a:74:b2:0b:5d:0c:0d:91:
                    b6:66:72:71:2e:bc:2a:e0:12:5b:00:ed:89:9f:08:
                    24:cb:0a:33:f0:84:86:0d:01:e5:75:54:5b:38:c0:
                    55:1f:c5:fb:80:8e:95:1a:eb:0e:60:22:c7:62:ee:
                    e5:b1:7c:a9:ee:ad:60:58:be:a6:c4:9a:6a:c7:47:
                    59:90:47:2b:cb:ed:fc:f6:3c:00:1b:af:a7:37:33:
                    52:ef:94:7c:f5:f4:73:d8:5f:c8:86:ec:c1:70:3c:
                    97:8a:37:43:14:0d:99:6c:de:e5:8a:6d:ee:10:fb:
                    a3:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:55:48:B8:B0:29:F6:58:CC:9F:75:EF:C9:3F:24:76:33:3D:81:DB
            X509v3 Authority Key Identifier:
                keyid:3F:06:C9:DF:3F:A8:F9:3D:9E:F0:ED:04:B1:CA:04:35:DB:8B:C6:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PwbJ3z-o-T2e8O0EscoENduLxlA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/d00e3d-54c7-436f-a8ce-338aa0cf98e2/1/PwbJ3z-o-T2e8O0EscoENduLxlA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/d00e3d-54c7-436f-a8ce-338aa0cf98e2/1/PwbJ3z-o-T2e8O0EscoENduLxlA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:2c:44:bf:c1:8f:ad:ce:26:37:c8:da:68:1a:13:23:f0:91:
         36:6b:e8:70:57:67:b9:e9:02:02:1b:0a:89:a4:1d:73:55:32:
         cc:82:05:97:ff:88:1e:f7:b2:34:2f:94:05:e7:95:69:6e:15:
         f1:e5:2f:eb:b0:ef:24:ab:4b:6c:84:14:82:59:6d:49:db:bd:
         b8:ad:47:25:88:2a:53:5c:44:73:3d:6f:5d:63:81:f8:44:fe:
         c3:b2:e7:6d:15:78:7f:a6:3f:74:80:95:94:13:b8:3c:1a:9b:
         5d:14:e0:ae:67:3d:57:df:03:fc:36:01:6a:b7:43:81:70:6b:
         41:67:fc:b9:f2:dd:97:63:f8:3c:58:95:23:92:41:04:a7:20:
         a6:29:9e:fe:dc:14:3d:4d:8c:9b:70:9e:12:c0:7b:bd:8d:43:
         da:01:3d:dc:63:0c:58:56:57:30:33:f8:11:a0:1c:4b:71:cd:
         94:c0:38:35:6c:b9:2f:76:9a:d5:45:a1:32:2d:01:30:2d:59:
         fc:ed:18:7e:5a:12:0e:eb:01:24:b4:84:6b:e5:45:59:35:f7:
         1d:79:15:5c:41:74:1d:6f:68:25:90:12:0d:26:be:21:8c:e7:
         71:82:d5:7c:dc:9e:64:3a:c4:28:d7:73:e9:c0:d8:b7:b4:10:
         1b:9d:33:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTEY0fKhIwYscupCOFWzLSpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMDZjOWRmM2ZhOGY5M2Q5ZWYwZWQwNGIxY2EwNDM1ZGI4
YmM2NTAwHhcNMjUwMjAyMDIwMDI4WhcNMjUwMjAzMDIwMDI4WjAzMTEwLwYDVQQD
Eyg2YjU1NDhiOGIwMjlmNjU4Y2M5Zjc1ZWZjOTNmMjQ3NjMzM2Q4MWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Kf8haay+zV4B98XhBb1WQzGezGc
RvAM92rEpk/V90PkJmql4TysV7SHDbWKCjTcBS0eb6So1fFEdP6sDCAPVvJu8Jmz
DcAFv8YW1V6/3jDT/lKGDRub/vX6PjTProvXAxZq30RIxR8WlSJyJKOWujLBfKiQ
vWYiwgEAnTb2BLIwZnLHkcPN7qSUd+kZCnSyC10MDZG2ZnJxLrwq4BJbAO2Jnwgk
ywoz8ISGDQHldVRbOMBVH8X7gI6VGusOYCLHYu7lsXyp7q1gWL6mxJpqx0dZkEcr
y+389jwAG6+nNzNS75R89fRz2F/IhuzBcDyXijdDFA2ZbN7lim3uEPujrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGtVSLiwKfZYzJ9178k/JHYzPYHbMB8GA1UdIwQY
MBaAFD8Gyd8/qPk9nvDtBLHKBDXbi8ZQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHdiSjN6LW8tVDJlOE8wRXNjb0VOZHVMeGxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9kMDBlM2QtNTRjNy00MzZmLWE4Y2Ut
MzM4YWEwY2Y5OGUyLzEvUHdiSjN6LW8tVDJlOE8wRXNjb0VOZHVMeGxBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9kMDBlM2QtNTRjNy00MzZmLWE4Y2UtMzM4YWEwY2Y5OGUy
LzEvUHdiSjN6LW8tVDJlOE8wRXNjb0VOZHVMeGxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfCxEv8GP
rc4mN8jaaBoTI/CRNmvocFdnuekCAhsKiaQdc1UyzIIFl/+IHveyNC+UBeeVaW4V
8eUv67DvJKtLbIQUglltSdu9uK1HJYgqU1xEcz1vXWOB+ET+w7LnbRV4f6Y/dICV
lBO4PBqbXRTgrmc9V98D/DYBardDgXBrQWf8ufLdl2P4PFiVI5JBBKcgpime/twU
PU2Mm3CeEsB7vY1D2gE93GMMWFZXMDP4EaAcS3HNlMA4NWy5L3aa1UWhMi0BMC1Z
/O0YfloSDusBJLSEa+VFWTX3HXkVXEF0HW9oJZASDSa+IYzncYLVfNyeZDrEKNdz
6cDYt7QQG50zLQ==
-----END CERTIFICATE-----