Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
File:                     a3tNxJzDUDQveq4ssyBbn3dfZh0.mft (raw, json)
Hash identifier:          XuciNdLL6gHlteRMsnGTz5qVr7JPw5rsvPX9Hegz3gQ=
Subject key identifier:   CB:80:97:00:77:53:7A:A1:8B:93:0C:56:EE:C2:E6:06:1C:6C:61:9B
Authority key identifier: 6B:7B:4D:C4:9C:C3:50:34:2F:7A:AE:2C:B3:20:5B:9F:77:5F:66:1D
Certificate issuer:       /CN=6b7b4dc49cc350342f7aae2cb3205b9f775f661d
Certificate serial:       019510C76F885026FF66E59DA263AF193CA4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
Manifest number:          1451
Signing time:             Sun 16 Feb 2025 22:01:00 +0000
Manifest this update:     Sun 16 Feb 2025 22:01:00 +0000
Manifest next update:     Mon 17 Feb 2025 22:01:00 +0000
Files and hashes:         1: a3tNxJzDUDQveq4ssyBbn3dfZh0.crl (hash: 4UdlEGsILbeRx9ZJRw8OqdGrRZBliCFo1BWjdu19N8o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:6f:88:50:26:ff:66:e5:9d:a2:63:af:19:3c:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b7b4dc49cc350342f7aae2cb3205b9f775f661d
        Validity
            Not Before: Feb 16 22:01:00 2025 GMT
            Not After : Feb 17 22:01:00 2025 GMT
        Subject: CN=cb80970077537aa18b930c56eec2e6061c6c619b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:70:b2:a6:ca:64:b9:e1:70:a0:78:2e:46:0f:
                    dc:f9:0b:e9:df:ef:57:01:95:2f:5d:50:c9:f9:76:
                    d7:a9:84:f5:be:15:b6:6b:58:87:46:c5:cc:4b:49:
                    ae:59:68:ad:26:b4:e3:f2:72:f0:c1:b5:5b:05:cd:
                    92:55:70:ca:bb:4c:62:f8:21:e0:b2:94:32:a1:2c:
                    6d:f6:c0:77:bd:47:cd:cd:72:fa:04:c9:18:d5:22:
                    f9:b8:bd:20:a9:a7:b9:b1:c5:19:f9:c6:ba:e7:76:
                    69:eb:68:17:9c:30:72:b2:9d:24:07:aa:78:ab:6a:
                    61:06:50:19:c8:76:88:ce:99:04:fc:0d:bb:af:38:
                    1d:c1:f9:21:98:3b:00:f5:e8:1e:7e:58:15:51:4e:
                    7d:a1:26:16:17:2b:0e:de:e9:ad:e7:78:02:fe:14:
                    ce:60:77:22:44:7a:ac:31:3d:16:a4:75:5f:b3:95:
                    7d:f1:10:6c:56:fb:8a:ef:21:10:4e:c9:a3:b8:0d:
                    a6:da:e2:e6:5a:aa:da:87:52:53:73:18:fc:76:73:
                    07:c1:97:1b:ba:44:0b:13:b5:f2:e4:52:4e:95:a3:
                    ba:86:d0:b5:60:78:47:98:77:56:84:b2:76:1e:82:
                    53:7f:d6:cf:ba:0e:e3:48:3b:17:0a:1c:89:8d:a3:
                    f3:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:80:97:00:77:53:7A:A1:8B:93:0C:56:EE:C2:E6:06:1C:6C:61:9B
            X509v3 Authority Key Identifier:
                keyid:6B:7B:4D:C4:9C:C3:50:34:2F:7A:AE:2C:B3:20:5B:9F:77:5F:66:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         e7:85:b7:d8:cd:cc:a9:8d:6f:5a:a3:17:c0:43:3f:d9:58:3e:
         a1:ef:65:51:cb:d6:9f:9b:c3:5c:17:30:d4:fb:22:a4:f3:48:
         57:a1:74:e0:88:30:2d:84:74:61:98:f7:a3:b1:b0:1e:d4:b7:
         76:08:ed:44:29:88:d1:d1:8b:6d:d4:95:b2:8b:97:58:50:e5:
         9a:ca:a9:c5:cb:78:47:f5:65:9b:e8:bc:86:c5:6a:e4:3d:2e:
         00:e3:96:8d:5a:83:7e:3e:29:e3:55:0e:44:c6:f5:54:f5:78:
         52:29:7e:1e:8b:06:be:f5:b8:75:10:68:b1:03:04:39:f5:59:
         65:42:cd:92:22:48:bd:53:f9:cd:e8:30:d4:08:07:1c:e3:15:
         b8:76:50:27:5b:83:f0:b5:fe:93:df:fc:04:d1:ce:4b:89:be:
         14:f7:db:f0:0a:ce:d3:0c:c4:dc:4d:29:99:08:3e:14:89:ef:
         80:28:b8:a4:64:db:5b:15:bb:bf:b5:2c:55:ab:8f:db:bc:b1:
         96:81:8f:8a:60:47:e7:58:12:a3:de:56:b9:91:12:0a:6f:f7:
         c7:6f:e3:39:4b:00:d6:d1:13:a1:2f:34:56:11:27:6d:d9:2f:
         59:19:fa:81:27:a7:fe:99:1d:bd:e5:8e:c9:a4:87:08:d5:d8:
         92:e1:1e:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQx2+IUCb/ZuWdomOvGTykMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiN2I0ZGM0OWNjMzUwMzQyZjdhYWUyY2IzMjA1YjlmNzc1
ZjY2MWQwHhcNMjUwMjE2MjIwMTAwWhcNMjUwMjE3MjIwMTAwWjAzMTEwLwYDVQQD
EyhjYjgwOTcwMDc3NTM3YWExOGI5MzBjNTZlZWMyZTYwNjFjNmM2MTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnCypspkueFwoHguRg/c+Qvp3+9X
AZUvXVDJ+XbXqYT1vhW2a1iHRsXMS0muWWitJrTj8nLwwbVbBc2SVXDKu0xi+CHg
spQyoSxt9sB3vUfNzXL6BMkY1SL5uL0gqae5scUZ+ca653Zp62gXnDBysp0kB6p4
q2phBlAZyHaIzpkE/A27rzgdwfkhmDsA9egeflgVUU59oSYWFysO3umt53gC/hTO
YHciRHqsMT0WpHVfs5V98RBsVvuK7yEQTsmjuA2m2uLmWqrah1JTcxj8dnMHwZcb
ukQLE7Xy5FJOlaO6htC1YHhHmHdWhLJ2HoJTf9bPug7jSDsXChyJjaPz8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMuAlwB3U3qhi5MMVu7C5gYcbGGbMB8GA1UdIwQY
MBaAFGt7TcScw1A0L3quLLMgW593X2YdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iNTI3MDktMzhhZi00NTQ1LWE4ZGIt
YzZkNGMxYTU0YTRiLzEvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iNTI3MDktMzhhZi00NTQ1LWE4ZGItYzZkNGMxYTU0YTRi
LzEvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA54W32M3M
qY1vWqMXwEM/2Vg+oe9lUcvWn5vDXBcw1PsipPNIV6F04IgwLYR0YZj3o7GwHtS3
dgjtRCmI0dGLbdSVsouXWFDlmsqpxct4R/Vlm+i8hsVq5D0uAOOWjVqDfj4p41UO
RMb1VPV4Uil+HosGvvW4dRBosQMEOfVZZULNkiJIvVP5zegw1AgHHOMVuHZQJ1uD
8LX+k9/8BNHOS4m+FPfb8ArO0wzE3E0pmQg+FInvgCi4pGTbWxW7v7UsVauP27yx
loGPimBH51gSo95WuZESCm/3x2/jOUsA1tEToS80VhEnbdkvWRn6gSen/pkdveWO
yaSHCNXYkuEexg==
-----END CERTIFICATE-----