Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/d9c3c0-2eaf-4326-8ee2-a7d80e600844/1/FHVOhj0RfOYhDylUYajGqgQ8bIA.mft
File:                     FHVOhj0RfOYhDylUYajGqgQ8bIA.mft (raw, json)
Hash identifier:          sdwg+GfSDtxyT8g5Yh7otZEtUWBgYPilAVVZlvgy4HE=
Subject key identifier:   8E:FA:55:D4:72:A5:EC:57:EA:5B:A7:FD:63:EB:60:34:08:99:7B:66
Authority key identifier: 14:75:4E:86:3D:11:7C:E6:21:0F:29:54:61:A8:C6:AA:04:3C:6C:80
Certificate issuer:       /CN=14754e863d117ce6210f295461a8c6aa043c6c80
Certificate serial:       01958CCE352882E632EC26209050B3A04F39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FHVOhj0RfOYhDylUYajGqgQ8bIA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/d9c3c0-2eaf-4326-8ee2-a7d80e600844/1/FHVOhj0RfOYhDylUYajGqgQ8bIA.mft
Manifest number:          1492
Signing time:             Thu 13 Mar 2025 00:01:19 +0000
Manifest this update:     Thu 13 Mar 2025 00:01:19 +0000
Manifest next update:     Fri 14 Mar 2025 00:01:19 +0000
Files and hashes:         1: FHVOhj0RfOYhDylUYajGqgQ8bIA.crl (hash: m0P6ZiCj1/rYx2QUaDErTMjlFdGcxQ2TUyG3he2sr18=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/d9c3c0-2eaf-4326-8ee2-a7d80e600844/1/FHVOhj0RfOYhDylUYajGqgQ8bIA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/d9c3c0-2eaf-4326-8ee2-a7d80e600844/1/FHVOhj0RfOYhDylUYajGqgQ8bIA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FHVOhj0RfOYhDylUYajGqgQ8bIA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 19:14:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8c:ce:35:28:82:e6:32:ec:26:20:90:50:b3:a0:4f:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14754e863d117ce6210f295461a8c6aa043c6c80
        Validity
            Not Before: Mar 13 00:01:19 2025 GMT
            Not After : Mar 14 00:01:19 2025 GMT
        Subject: CN=8efa55d472a5ec57ea5ba7fd63eb603408997b66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:8e:f8:2a:16:36:13:4e:62:8d:1d:ab:70:e9:
                    6d:a2:66:67:fb:23:e4:f1:d6:e0:a1:44:ac:9c:99:
                    68:56:42:53:a4:16:2a:51:71:69:f4:ea:2c:0f:4e:
                    de:85:29:ec:65:1f:3e:96:20:49:01:ab:72:33:5c:
                    c1:15:14:12:2d:6f:b7:ed:2e:10:08:f0:43:a9:ce:
                    f6:57:92:66:21:a2:f9:e9:91:e9:20:a6:72:92:b2:
                    1d:ce:28:f6:fc:50:54:c1:cb:69:c1:99:1b:fb:ab:
                    02:50:7f:d9:29:2c:d3:1a:11:3e:9e:cb:03:2a:66:
                    d5:88:52:3d:55:f9:ab:c4:c8:80:57:83:03:1e:8e:
                    54:5a:ec:36:3c:18:4b:ce:48:5e:e1:e3:2a:29:f6:
                    8e:60:c4:13:3a:74:3c:4c:b2:66:86:d4:5e:d8:1f:
                    51:9e:22:17:3e:4c:e8:73:1f:aa:9e:ad:1e:cf:4f:
                    f8:17:83:7b:bc:d8:53:1f:01:a0:02:0c:4d:67:46:
                    c6:31:f6:b7:a7:92:32:53:09:49:8d:cb:f1:82:25:
                    1e:09:ec:c0:cb:0f:9a:c3:02:57:38:c7:1a:2f:ef:
                    40:50:dc:1d:d8:0a:63:71:60:0b:d0:1b:0b:ea:c5:
                    87:6f:20:97:a4:d3:af:a6:73:ce:fb:55:00:06:5e:
                    8f:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:FA:55:D4:72:A5:EC:57:EA:5B:A7:FD:63:EB:60:34:08:99:7B:66
            X509v3 Authority Key Identifier:
                keyid:14:75:4E:86:3D:11:7C:E6:21:0F:29:54:61:A8:C6:AA:04:3C:6C:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FHVOhj0RfOYhDylUYajGqgQ8bIA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/d9c3c0-2eaf-4326-8ee2-a7d80e600844/1/FHVOhj0RfOYhDylUYajGqgQ8bIA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/d9c3c0-2eaf-4326-8ee2-a7d80e600844/1/FHVOhj0RfOYhDylUYajGqgQ8bIA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:b1:fe:66:09:d7:8e:44:55:e6:91:d8:71:15:fe:ab:2b:be:
         c8:8e:67:ca:48:39:5e:59:c0:96:dd:25:c1:ce:1f:e6:b0:89:
         1f:ca:50:d4:97:5d:4f:e0:2f:61:3c:bf:4b:98:37:6c:4e:57:
         68:85:66:8a:0f:97:65:11:91:7f:39:21:50:a5:25:42:f4:59:
         78:91:b2:75:14:35:13:46:71:2a:2c:f1:ff:18:21:ac:bd:96:
         4f:45:79:39:10:6e:4a:5c:57:43:4b:5d:50:64:89:a1:db:c9:
         24:44:ad:c9:a2:5c:ea:34:21:09:e2:51:48:7d:45:9e:84:54:
         f3:fe:d5:ac:66:71:f9:00:f8:da:fd:c0:d1:92:e7:59:a2:45:
         91:77:f6:84:e6:4a:e4:af:44:bf:6b:6e:64:e9:ca:e5:d1:45:
         1e:75:d8:82:3e:c9:9f:cd:fa:37:fd:02:ae:f6:34:ba:27:e7:
         ff:9d:fa:7c:12:36:0f:26:57:4f:62:de:c8:f0:54:22:cb:a4:
         b2:5c:fa:fe:a4:fc:24:23:97:d8:5a:a2:6f:49:62:9f:d0:a6:
         65:2f:ad:75:cc:dd:e7:90:00:1d:73:86:49:cf:65:06:94:ae:
         75:8d:1e:5f:f9:f8:30:77:c6:7c:ba:fc:df:c9:15:95:a4:2a:
         aa:24:28:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWMzjUoguYy7CYgkFCzoE85MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0NzU0ZTg2M2QxMTdjZTYyMTBmMjk1NDYxYThjNmFhMDQz
YzZjODAwHhcNMjUwMzEzMDAwMTE5WhcNMjUwMzE0MDAwMTE5WjAzMTEwLwYDVQQD
Eyg4ZWZhNTVkNDcyYTVlYzU3ZWE1YmE3ZmQ2M2ViNjAzNDA4OTk3YjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwI74KhY2E05ijR2rcOltomZn+yPk
8dbgoUSsnJloVkJTpBYqUXFp9OosD07ehSnsZR8+liBJAatyM1zBFRQSLW+37S4Q
CPBDqc72V5JmIaL56ZHpIKZykrIdzij2/FBUwctpwZkb+6sCUH/ZKSzTGhE+nssD
KmbViFI9VfmrxMiAV4MDHo5UWuw2PBhLzkhe4eMqKfaOYMQTOnQ8TLJmhtRe2B9R
niIXPkzocx+qnq0ez0/4F4N7vNhTHwGgAgxNZ0bGMfa3p5IyUwlJjcvxgiUeCezA
yw+awwJXOMcaL+9AUNwd2ApjcWAL0BsL6sWHbyCXpNOvpnPO+1UABl6PJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI76VdRypexX6lun/WPrYDQImXtmMB8GA1UdIwQY
MBaAFBR1ToY9EXzmIQ8pVGGoxqoEPGyAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkhWT2hqMFJmT1loRHlsVVlhakdxZ1E4YklBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9kOWMzYzAtMmVhZi00MzI2LThlZTIt
YTdkODBlNjAwODQ0LzEvRkhWT2hqMFJmT1loRHlsVVlhakdxZ1E4YklBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9kOWMzYzAtMmVhZi00MzI2LThlZTItYTdkODBlNjAwODQ0
LzEvRkhWT2hqMFJmT1loRHlsVVlhakdxZ1E4YklBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALbH+ZgnX
jkRV5pHYcRX+qyu+yI5nykg5XlnAlt0lwc4f5rCJH8pQ1JddT+AvYTy/S5g3bE5X
aIVmig+XZRGRfzkhUKUlQvRZeJGydRQ1E0ZxKizx/xghrL2WT0V5ORBuSlxXQ0td
UGSJodvJJEStyaJc6jQhCeJRSH1FnoRU8/7VrGZx+QD42v3A0ZLnWaJFkXf2hOZK
5K9Ev2tuZOnK5dFFHnXYgj7Jn836N/0CrvY0uifn/536fBI2DyZXT2LeyPBUIsuk
slz6/qT8JCOX2Fqib0lin9CmZS+tdczd55AAHXOGSc9lBpSudY0eX/n4MHfGfLr8
38kVlaQqqiQo4Q==
-----END CERTIFICATE-----