Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/3ace88-7021-4c39-9dd9-b893bb07fe50/1/mhU_Od12IydNhl3LiFChYTKkIgY.mft
File:                     mhU_Od12IydNhl3LiFChYTKkIgY.mft (raw, json)
Hash identifier:          +wzLoDwZwyl/3GkAvuQQnPfWraCXC7/Md9OwL+GJEFE=
Subject key identifier:   77:4D:18:8C:D1:E7:60:4D:B2:58:10:AA:24:D0:02:5D:DF:93:77:D2
Authority key identifier: 9A:15:3F:39:DD:76:23:27:4D:86:5D:CB:88:50:A1:61:32:A4:22:06
Certificate issuer:       /CN=9a153f39dd7623274d865dcb8850a16132a42206
Certificate serial:       0194C5083513B03D456C64183F311D0CB1BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mhU_Od12IydNhl3LiFChYTKkIgY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/3ace88-7021-4c39-9dd9-b893bb07fe50/1/mhU_Od12IydNhl3LiFChYTKkIgY.mft
Manifest number:          01B9
Signing time:             Sun 02 Feb 2025 05:00:36 +0000
Manifest this update:     Sun 02 Feb 2025 05:00:36 +0000
Manifest next update:     Mon 03 Feb 2025 05:00:36 +0000
Files and hashes:         1: mhU_Od12IydNhl3LiFChYTKkIgY.crl (hash: DpOD0FAM14DokjFO4eYhfeRGIkEaVGE/A7STi7qfobw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/3ace88-7021-4c39-9dd9-b893bb07fe50/1/mhU_Od12IydNhl3LiFChYTKkIgY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/3ace88-7021-4c39-9dd9-b893bb07fe50/1/mhU_Od12IydNhl3LiFChYTKkIgY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mhU_Od12IydNhl3LiFChYTKkIgY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c5:08:35:13:b0:3d:45:6c:64:18:3f:31:1d:0c:b1:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a153f39dd7623274d865dcb8850a16132a42206
        Validity
            Not Before: Feb  2 05:00:36 2025 GMT
            Not After : Feb  3 05:00:36 2025 GMT
        Subject: CN=774d188cd1e7604db25810aa24d0025ddf9377d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:f4:38:61:03:30:a6:1a:a3:9d:72:b0:d8:d5:
                    bd:94:04:d3:83:cf:d7:99:a3:8a:72:ff:72:5d:8e:
                    10:99:20:1a:fb:55:1a:3e:22:ff:3d:67:9f:ea:74:
                    e6:67:0d:cf:ae:0a:f3:41:00:e0:10:57:e6:98:d6:
                    ba:51:73:9f:a8:64:33:ca:8f:7a:10:54:cc:a9:ce:
                    58:3c:e3:aa:21:77:e4:53:ed:ea:6f:bb:16:3b:09:
                    68:c0:ef:da:9c:0e:32:e5:f7:d7:28:19:58:5c:2a:
                    18:77:56:80:42:fb:6c:b4:a8:dc:a9:a9:b1:f0:26:
                    9a:7a:0e:70:ac:e5:bd:1c:02:53:1f:d7:23:30:33:
                    dc:d6:13:a1:6e:e9:54:71:2d:88:d3:3e:4e:7e:d0:
                    81:d2:ec:ff:33:d7:80:a9:4a:f7:95:16:ed:7a:a1:
                    c8:e1:31:b1:68:14:2e:fd:e7:52:8f:a4:9c:0b:97:
                    59:35:37:a3:31:ea:a3:fc:53:b3:61:f3:65:61:1e:
                    37:a3:24:2f:88:00:55:07:60:95:69:30:f5:b9:f0:
                    a2:f6:52:f5:00:3f:e0:95:4e:62:65:14:de:c1:3e:
                    95:8a:8c:28:68:51:4f:da:fc:86:89:89:68:0c:93:
                    2b:08:b1:7e:94:7d:93:2a:15:78:fe:c1:2b:e5:84:
                    61:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:4D:18:8C:D1:E7:60:4D:B2:58:10:AA:24:D0:02:5D:DF:93:77:D2
            X509v3 Authority Key Identifier:
                keyid:9A:15:3F:39:DD:76:23:27:4D:86:5D:CB:88:50:A1:61:32:A4:22:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mhU_Od12IydNhl3LiFChYTKkIgY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/3ace88-7021-4c39-9dd9-b893bb07fe50/1/mhU_Od12IydNhl3LiFChYTKkIgY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/3ace88-7021-4c39-9dd9-b893bb07fe50/1/mhU_Od12IydNhl3LiFChYTKkIgY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:dd:d7:85:93:33:d8:e1:bb:72:06:da:62:e1:fd:18:38:c3:
         88:ac:65:03:cf:9c:4d:ea:49:be:26:94:95:02:ca:53:57:49:
         5d:48:26:1a:3b:0d:a5:41:d1:7d:47:e5:11:1b:84:1d:ad:20:
         43:2e:75:80:75:23:55:2f:0f:22:3d:41:55:ad:db:20:ce:d1:
         e9:85:da:e1:4b:b1:fb:45:a3:0c:c9:b4:5f:c6:6e:ca:84:cf:
         f8:e9:4a:8b:2c:28:0e:ca:21:db:65:e8:3a:c9:9a:9d:b1:2f:
         af:6d:d7:fc:75:f4:6e:ea:75:56:4b:4b:b1:92:7e:20:84:56:
         3f:83:26:53:b2:da:74:bc:d1:85:a4:74:e6:ce:ee:a1:5c:ce:
         00:1a:a7:14:d1:f4:47:6f:c9:78:52:55:d6:02:9c:56:6c:e2:
         27:e8:bc:b6:f4:d6:0f:47:6d:cb:92:ab:71:36:9b:ff:57:b8:
         2e:74:b8:67:9d:07:1c:25:be:9b:e9:01:23:8a:74:54:c6:ef:
         5d:0e:5d:fa:aa:44:67:2e:78:38:85:16:5b:6d:69:67:56:08:
         3a:39:1a:fa:c3:32:bf:20:5e:04:9c:14:7c:e7:00:97:5a:19:
         89:de:49:74:5e:d2:b6:5b:b8:81:47:f5:f2:bf:f9:40:93:3c:
         fa:3d:9d:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTFCDUTsD1FbGQYPzEdDLG/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMTUzZjM5ZGQ3NjIzMjc0ZDg2NWRjYjg4NTBhMTYxMzJh
NDIyMDYwHhcNMjUwMjAyMDUwMDM2WhcNMjUwMjAzMDUwMDM2WjAzMTEwLwYDVQQD
Eyg3NzRkMTg4Y2QxZTc2MDRkYjI1ODEwYWEyNGQwMDI1ZGRmOTM3N2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzfQ4YQMwphqjnXKw2NW9lATTg8/X
maOKcv9yXY4QmSAa+1UaPiL/PWef6nTmZw3PrgrzQQDgEFfmmNa6UXOfqGQzyo96
EFTMqc5YPOOqIXfkU+3qb7sWOwlowO/anA4y5ffXKBlYXCoYd1aAQvtstKjcqamx
8Caaeg5wrOW9HAJTH9cjMDPc1hOhbulUcS2I0z5OftCB0uz/M9eAqUr3lRbteqHI
4TGxaBQu/edSj6ScC5dZNTejMeqj/FOzYfNlYR43oyQviABVB2CVaTD1ufCi9lL1
AD/glU5iZRTewT6ViowoaFFP2vyGiYloDJMrCLF+lH2TKhV4/sEr5YRhhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHdNGIzR52BNslgQqiTQAl3fk3fSMB8GA1UdIwQY
MBaAFJoVPznddiMnTYZdy4hQoWEypCIGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWhVX09kMTJJeWROaGwzTGlGQ2hZVEtrSWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8zYWNlODgtNzAyMS00YzM5LTlkZDkt
Yjg5M2JiMDdmZTUwLzEvbWhVX09kMTJJeWROaGwzTGlGQ2hZVEtrSWdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8zYWNlODgtNzAyMS00YzM5LTlkZDktYjg5M2JiMDdmZTUw
LzEvbWhVX09kMTJJeWROaGwzTGlGQ2hZVEtrSWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXd3XhZMz
2OG7cgbaYuH9GDjDiKxlA8+cTepJviaUlQLKU1dJXUgmGjsNpUHRfUflERuEHa0g
Qy51gHUjVS8PIj1BVa3bIM7R6YXa4Uux+0WjDMm0X8ZuyoTP+OlKiywoDsoh22Xo
OsmanbEvr23X/HX0bup1VktLsZJ+IIRWP4MmU7LadLzRhaR05s7uoVzOABqnFNH0
R2/JeFJV1gKcVmziJ+i8tvTWD0dty5KrcTab/1e4LnS4Z50HHCW+m+kBI4p0VMbv
XQ5d+qpEZy54OIUWW21pZ1YIOjka+sMyvyBeBJwUfOcAl1oZid5JdF7Stlu4gUf1
8r/5QJM8+j2d2A==
-----END CERTIFICATE-----