Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/287870-0e1b-4cd2-8f24-6710e96a1b6f/1/q33wfyEEN2kvd-7DRpuaSCuW0ao.mft
File:                     q33wfyEEN2kvd-7DRpuaSCuW0ao.mft (raw, json)
Hash identifier:          HrQQNKCLziaehNVBbYY7/5Do3SxHskkbod/jBA+Wcjg=
Subject key identifier:   9E:A1:46:77:56:A2:8A:9D:4C:E5:27:9C:5F:81:F6:A7:96:66:D2:A3
Authority key identifier: AB:7D:F0:7F:21:04:37:69:2F:77:EE:C3:46:9B:9A:48:2B:96:D1:AA
Certificate issuer:       /CN=ab7df07f210437692f77eec3469b9a482b96d1aa
Certificate serial:       019511D9715A690198DA532A0C69426BB8FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q33wfyEEN2kvd-7DRpuaSCuW0ao.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/287870-0e1b-4cd2-8f24-6710e96a1b6f/1/q33wfyEEN2kvd-7DRpuaSCuW0ao.mft
Manifest number:          03EB
Signing time:             Mon 17 Feb 2025 03:00:17 +0000
Manifest this update:     Mon 17 Feb 2025 03:00:17 +0000
Manifest next update:     Tue 18 Feb 2025 03:00:17 +0000
Files and hashes:         1: q33wfyEEN2kvd-7DRpuaSCuW0ao.crl (hash: +PDX9+B8b6YKaOWAm/gCCnhhEEqaqXaHtBEROygeWpM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/287870-0e1b-4cd2-8f24-6710e96a1b6f/1/q33wfyEEN2kvd-7DRpuaSCuW0ao.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/287870-0e1b-4cd2-8f24-6710e96a1b6f/1/q33wfyEEN2kvd-7DRpuaSCuW0ao.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/q33wfyEEN2kvd-7DRpuaSCuW0ao.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:d9:71:5a:69:01:98:da:53:2a:0c:69:42:6b:b8:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab7df07f210437692f77eec3469b9a482b96d1aa
        Validity
            Not Before: Feb 17 03:00:17 2025 GMT
            Not After : Feb 18 03:00:17 2025 GMT
        Subject: CN=9ea1467756a28a9d4ce5279c5f81f6a79666d2a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:04:28:33:fe:0f:4a:20:f8:68:c9:d1:66:7b:
                    40:94:c8:cc:99:98:89:f3:33:c3:df:eb:64:1c:93:
                    b6:0e:5c:08:58:85:b1:57:17:de:e3:09:dd:41:66:
                    f1:32:ab:31:4b:9f:73:03:ce:94:66:de:84:35:d3:
                    24:c7:d5:b6:0c:95:b5:d5:b5:7a:80:35:7f:f2:9e:
                    5e:dc:d3:e0:89:ea:6a:b6:7a:0e:ef:d8:8d:b8:c3:
                    64:cf:05:67:31:c3:23:a7:d6:78:5c:9b:25:04:06:
                    b9:57:a8:d1:6d:87:fc:c9:35:b1:79:5a:48:b3:e8:
                    25:3a:85:3a:3e:1b:44:e4:b1:84:6f:68:77:38:34:
                    90:e0:09:bb:e8:e1:e5:d5:7d:80:3e:a8:c3:85:5b:
                    ae:ff:57:60:3b:0d:f9:58:5e:f7:fb:a8:7a:b4:70:
                    0e:6f:ce:dc:8f:ba:58:92:2c:52:b1:e7:23:b0:59:
                    3f:f7:3e:6a:58:1b:0a:21:d3:b2:ed:98:00:b9:e0:
                    51:2f:53:b1:13:d2:62:87:30:fd:6e:0c:75:bc:e9:
                    10:78:69:50:dc:04:d3:76:bb:65:3a:21:f5:32:97:
                    73:4a:3f:07:7f:b1:5d:29:de:13:c5:91:08:75:6b:
                    35:24:91:94:d8:9c:f0:01:7a:37:07:d7:66:a5:30:
                    1b:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:A1:46:77:56:A2:8A:9D:4C:E5:27:9C:5F:81:F6:A7:96:66:D2:A3
            X509v3 Authority Key Identifier:
                keyid:AB:7D:F0:7F:21:04:37:69:2F:77:EE:C3:46:9B:9A:48:2B:96:D1:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q33wfyEEN2kvd-7DRpuaSCuW0ao.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/287870-0e1b-4cd2-8f24-6710e96a1b6f/1/q33wfyEEN2kvd-7DRpuaSCuW0ao.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/287870-0e1b-4cd2-8f24-6710e96a1b6f/1/q33wfyEEN2kvd-7DRpuaSCuW0ao.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:67:d4:7f:92:d3:e8:23:9a:37:f1:26:74:51:78:88:d5:be:
         d6:19:c6:ca:e6:5e:49:4f:8e:65:5a:66:85:3a:14:bf:37:7c:
         fd:2e:05:e2:29:35:8d:27:b0:21:e3:e1:23:89:89:ca:a1:79:
         92:55:55:50:eb:f5:80:d4:9c:f2:b3:e4:e8:ed:30:fc:6f:a5:
         73:2e:f2:1e:7e:31:6e:6c:22:a5:4d:a5:c8:39:06:85:10:95:
         4f:1d:67:ff:aa:2b:1e:2b:9e:02:ce:5f:e1:e5:82:bb:ab:1f:
         84:58:86:e5:a9:bd:45:d3:c6:a9:5c:f0:77:31:7a:e8:01:21:
         52:fb:db:bf:72:76:e9:00:ce:fd:c4:a6:50:79:89:fa:ab:c6:
         b7:4e:d0:48:67:c1:36:e7:aa:d5:60:60:89:4c:28:7d:79:be:
         30:36:e5:fb:a5:b8:75:47:1d:4d:f3:d4:7f:b6:61:b2:8a:e4:
         86:f4:75:e0:58:6e:94:64:c7:fd:95:57:f1:e2:f8:30:bc:34:
         6d:e9:5e:0e:2b:8f:de:17:a3:67:2b:76:f0:37:e1:17:4d:d8:
         4e:9f:36:d7:89:36:90:6d:20:87:e1:92:b0:b0:61:70:7f:4c:
         b3:9e:70:db:50:34:00:fd:5b:d2:ae:10:d6:1a:df:9c:05:56:
         cc:8c:e3:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUR2XFaaQGY2lMqDGlCa7j7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiN2RmMDdmMjEwNDM3NjkyZjc3ZWVjMzQ2OWI5YTQ4MmI5
NmQxYWEwHhcNMjUwMjE3MDMwMDE3WhcNMjUwMjE4MDMwMDE3WjAzMTEwLwYDVQQD
Eyg5ZWExNDY3NzU2YTI4YTlkNGNlNTI3OWM1ZjgxZjZhNzk2NjZkMmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwQoM/4PSiD4aMnRZntAlMjMmZiJ
8zPD3+tkHJO2DlwIWIWxVxfe4wndQWbxMqsxS59zA86UZt6ENdMkx9W2DJW11bV6
gDV/8p5e3NPgiepqtnoO79iNuMNkzwVnMcMjp9Z4XJslBAa5V6jRbYf8yTWxeVpI
s+glOoU6PhtE5LGEb2h3ODSQ4Am76OHl1X2APqjDhVuu/1dgOw35WF73+6h6tHAO
b87cj7pYkixSsecjsFk/9z5qWBsKIdOy7ZgAueBRL1OxE9JihzD9bgx1vOkQeGlQ
3ATTdrtlOiH1MpdzSj8Hf7FdKd4TxZEIdWs1JJGU2JzwAXo3B9dmpTAbxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ6hRndWooqdTOUnnF+B9qeWZtKjMB8GA1UdIwQY
MBaAFKt98H8hBDdpL3fuw0abmkgrltGqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTMzd2Z5RUVOMmt2ZC03RFJwdWFTQ3VXMGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8yODc4NzAtMGUxYi00Y2QyLThmMjQt
NjcxMGU5NmExYjZmLzEvcTMzd2Z5RUVOMmt2ZC03RFJwdWFTQ3VXMGFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8yODc4NzAtMGUxYi00Y2QyLThmMjQtNjcxMGU5NmExYjZm
LzEvcTMzd2Z5RUVOMmt2ZC03RFJwdWFTQ3VXMGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIGfUf5LT
6COaN/EmdFF4iNW+1hnGyuZeSU+OZVpmhToUvzd8/S4F4ik1jSewIePhI4mJyqF5
klVVUOv1gNSc8rPk6O0w/G+lcy7yHn4xbmwipU2lyDkGhRCVTx1n/6orHiueAs5f
4eWCu6sfhFiG5am9RdPGqVzwdzF66AEhUvvbv3J26QDO/cSmUHmJ+qvGt07QSGfB
Nueq1WBgiUwofXm+MDbl+6W4dUcdTfPUf7ZhsorkhvR14FhulGTH/ZVX8eL4MLw0
beleDiuP3hejZyt28DfhF03YTp8214k2kG0gh+GSsLBhcH9Ms55w21A0AP1b0q4Q
1hrfnAVWzIzjmw==
-----END CERTIFICATE-----