Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2891f6-7861-4037-8008-52cf0195838b/1/dBkW6TW7TmhYsdIjYVrONp7SaB4.mft
File:                     dBkW6TW7TmhYsdIjYVrONp7SaB4.mft (raw, json)
Hash identifier:          5iVhruobQgQA2FLLv9ZUx+yEQtuHuX4/X9W6yrdzIo8=
Subject key identifier:   42:B5:99:A4:55:B9:10:EE:84:80:C1:95:2D:5C:D3:A1:02:2F:47:A5
Authority key identifier: 74:19:16:E9:35:BB:4E:68:58:B1:D2:23:61:5A:CE:36:9E:D2:68:1E
Certificate issuer:       /CN=741916e935bb4e6858b1d223615ace369ed2681e
Certificate serial:       0194C4636B83963A5A8774B67D45F1A0A472
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dBkW6TW7TmhYsdIjYVrONp7SaB4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/2891f6-7861-4037-8008-52cf0195838b/1/dBkW6TW7TmhYsdIjYVrONp7SaB4.mft
Manifest number:          142C
Signing time:             Sun 02 Feb 2025 02:00:37 +0000
Manifest this update:     Sun 02 Feb 2025 02:00:37 +0000
Manifest next update:     Mon 03 Feb 2025 02:00:37 +0000
Files and hashes:         1: dBkW6TW7TmhYsdIjYVrONp7SaB4.crl (hash: pDqGJu6thhRB2MclPKDsrWpmRzqsZgz9uBOgU4hvbe8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/2891f6-7861-4037-8008-52cf0195838b/1/dBkW6TW7TmhYsdIjYVrONp7SaB4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/2891f6-7861-4037-8008-52cf0195838b/1/dBkW6TW7TmhYsdIjYVrONp7SaB4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dBkW6TW7TmhYsdIjYVrONp7SaB4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:63:6b:83:96:3a:5a:87:74:b6:7d:45:f1:a0:a4:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=741916e935bb4e6858b1d223615ace369ed2681e
        Validity
            Not Before: Feb  2 02:00:37 2025 GMT
            Not After : Feb  3 02:00:37 2025 GMT
        Subject: CN=42b599a455b910ee8480c1952d5cd3a1022f47a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:9c:52:1f:92:32:0e:41:47:8b:de:d2:09:d1:
                    59:50:3b:0d:0e:cd:86:f0:50:67:84:29:af:1e:e8:
                    9e:3a:66:e8:66:5f:a4:4f:1c:80:10:6d:9b:ea:1b:
                    ef:1a:67:9d:03:db:f0:e1:32:b3:4b:6f:5d:69:83:
                    c4:0f:b1:74:32:2d:50:8e:94:c4:48:f0:6f:40:62:
                    03:85:c6:e6:02:0b:18:9b:3d:92:42:d2:9d:5c:f0:
                    7a:a2:e3:22:a3:51:f8:02:bf:fd:56:2d:b6:c7:e7:
                    e2:7a:bd:94:78:b0:5b:c8:48:b1:4a:67:57:3e:03:
                    33:c9:35:d7:72:75:c6:f6:a8:42:11:fa:00:4b:d7:
                    ad:0a:98:17:a5:a9:dc:eb:d5:09:a9:94:8f:f8:ff:
                    fe:2a:91:a8:b4:13:aa:11:c3:c0:f2:f5:31:d3:40:
                    49:0a:1b:f7:d5:ce:2f:95:2a:9c:a9:c2:6b:bc:d0:
                    bf:e8:a2:a5:dc:37:3a:ee:8e:0b:d3:82:56:a1:f0:
                    e0:f0:24:b0:45:87:da:74:e2:e4:f4:9f:23:68:11:
                    40:ce:d0:0b:b1:d1:4f:c7:11:03:3d:e0:48:ae:b2:
                    14:81:84:aa:35:a8:2e:2b:da:aa:2c:b1:e9:39:d5:
                    6d:bc:26:f9:56:8b:97:7e:45:85:b4:1c:cb:81:80:
                    7f:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:B5:99:A4:55:B9:10:EE:84:80:C1:95:2D:5C:D3:A1:02:2F:47:A5
            X509v3 Authority Key Identifier:
                keyid:74:19:16:E9:35:BB:4E:68:58:B1:D2:23:61:5A:CE:36:9E:D2:68:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dBkW6TW7TmhYsdIjYVrONp7SaB4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2891f6-7861-4037-8008-52cf0195838b/1/dBkW6TW7TmhYsdIjYVrONp7SaB4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2891f6-7861-4037-8008-52cf0195838b/1/dBkW6TW7TmhYsdIjYVrONp7SaB4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:59:f7:a6:46:a6:c5:a2:5e:25:5c:71:68:93:97:88:8b:10:
         f7:8d:75:f6:44:37:05:51:a0:43:96:bc:fb:0c:f4:1c:a8:39:
         bc:ce:e9:ab:8c:16:d5:7a:49:8d:33:fe:12:13:64:6e:bb:98:
         bf:11:e4:72:d7:db:f2:a3:52:e5:93:f0:8d:d3:91:71:12:52:
         9f:ba:b6:7f:08:7b:64:84:c7:4e:9f:d6:28:3f:5b:51:36:27:
         d3:16:15:a4:50:3d:01:db:34:5b:97:f8:0e:7e:35:52:80:73:
         2d:8d:24:c6:c0:b5:a9:dd:f7:e3:64:45:71:6e:41:01:bf:e6:
         21:b7:2d:61:d4:9a:9c:18:1f:ab:f1:d3:68:24:14:2b:78:16:
         a7:78:25:d1:62:60:1d:40:39:c6:ca:a3:4f:58:9a:cd:29:9a:
         89:71:f9:56:73:6b:2f:61:fa:bd:4a:bf:c8:8d:c3:f9:93:cf:
         19:24:54:5b:2b:a6:0e:27:32:e9:80:80:07:34:ef:0e:d5:6d:
         bb:d4:90:08:a6:80:f4:8b:f9:b7:45:03:e5:da:bf:6f:22:5d:
         34:6d:9c:28:a2:93:cc:f7:6c:c1:e4:96:28:44:68:d4:54:5a:
         64:18:bd:c1:5b:b9:21:8a:79:8e:9d:df:79:85:44:91:84:8a:
         f9:d8:10:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTEY2uDljpah3S2fUXxoKRyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MTkxNmU5MzViYjRlNjg1OGIxZDIyMzYxNWFjZTM2OWVk
MjY4MWUwHhcNMjUwMjAyMDIwMDM3WhcNMjUwMjAzMDIwMDM3WjAzMTEwLwYDVQQD
Eyg0MmI1OTlhNDU1YjkxMGVlODQ4MGMxOTUyZDVjZDNhMTAyMmY0N2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAypxSH5IyDkFHi97SCdFZUDsNDs2G
8FBnhCmvHuieOmboZl+kTxyAEG2b6hvvGmedA9vw4TKzS29daYPED7F0Mi1QjpTE
SPBvQGIDhcbmAgsYmz2SQtKdXPB6ouMio1H4Ar/9Vi22x+fier2UeLBbyEixSmdX
PgMzyTXXcnXG9qhCEfoAS9etCpgXpanc69UJqZSP+P/+KpGotBOqEcPA8vUx00BJ
Chv31c4vlSqcqcJrvNC/6KKl3Dc67o4L04JWofDg8CSwRYfadOLk9J8jaBFAztAL
sdFPxxEDPeBIrrIUgYSqNaguK9qqLLHpOdVtvCb5VouXfkWFtBzLgYB/awIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEK1maRVuRDuhIDBlS1c06ECL0elMB8GA1UdIwQY
MBaAFHQZFuk1u05oWLHSI2Fazjae0mgeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEJrVzZUVzdUbWhZc2RJallWck9OcDdTYUI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yODkxZjYtNzg2MS00MDM3LTgwMDgt
NTJjZjAxOTU4MzhiLzEvZEJrVzZUVzdUbWhZc2RJallWck9OcDdTYUI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yODkxZjYtNzg2MS00MDM3LTgwMDgtNTJjZjAxOTU4Mzhi
LzEvZEJrVzZUVzdUbWhZc2RJallWck9OcDdTYUI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmln3pkam
xaJeJVxxaJOXiIsQ94119kQ3BVGgQ5a8+wz0HKg5vM7pq4wW1XpJjTP+EhNkbruY
vxHkctfb8qNS5ZPwjdORcRJSn7q2fwh7ZITHTp/WKD9bUTYn0xYVpFA9Ads0W5f4
Dn41UoBzLY0kxsC1qd3342RFcW5BAb/mIbctYdSanBgfq/HTaCQUK3gWp3gl0WJg
HUA5xsqjT1iazSmaiXH5VnNrL2H6vUq/yI3D+ZPPGSRUWyumDicy6YCABzTvDtVt
u9SQCKaA9Iv5t0UD5dq/byJdNG2cKKKTzPdsweSWKERo1FRaZBi9wVu5IYp5jp3f
eYVEkYSK+dgQ9g==
-----END CERTIFICATE-----