Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft
File:                     Kf5mFpV0HYXP7c9v-890aZlZVp8.mft (raw, json)
Hash identifier:          AEbr2x+NxRsmBBw8l19PVTXEPOIBV9FAW+3zXcgYze0=
Subject key identifier:   FB:84:29:C1:DC:47:6F:3B:EE:F4:27:D1:86:58:29:02:F4:40:86:49
Authority key identifier: 29:FE:66:16:95:74:1D:85:CF:ED:CF:6F:FB:CF:74:69:99:59:56:9F
Certificate issuer:       /CN=29fe661695741d85cfedcf6ffbcf74699959569f
Certificate serial:       0194C387B8B1E7ABAC945744FD26DA3E42C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kf5mFpV0HYXP7c9v-890aZlZVp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft
Manifest number:          142C
Signing time:             Sat 01 Feb 2025 22:00:39 +0000
Manifest this update:     Sat 01 Feb 2025 22:00:39 +0000
Manifest next update:     Sun 02 Feb 2025 22:00:39 +0000
Files and hashes:         1: Kf5mFpV0HYXP7c9v-890aZlZVp8.crl (hash: zfORk6/LbMckTZLlwnK5Vmn3xzasHmbUKXPs/GBr6pE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Kf5mFpV0HYXP7c9v-890aZlZVp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:87:b8:b1:e7:ab:ac:94:57:44:fd:26:da:3e:42:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29fe661695741d85cfedcf6ffbcf74699959569f
        Validity
            Not Before: Feb  1 22:00:39 2025 GMT
            Not After : Feb  2 22:00:39 2025 GMT
        Subject: CN=fb8429c1dc476f3beef427d186582902f4408649
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:a3:e5:67:20:17:25:41:4a:a4:71:8b:7d:ad:
                    52:40:82:9f:4d:2f:7c:b5:8b:bb:15:28:e0:ff:68:
                    3a:b9:a1:e3:05:16:2d:c4:2a:97:92:5d:95:b3:42:
                    68:1f:01:32:67:e1:a9:02:d2:49:5b:ea:2f:0b:56:
                    3f:7e:fa:36:54:1a:7d:7e:54:38:9d:95:3d:28:f8:
                    ce:36:fa:8b:1d:db:0e:25:60:64:10:26:30:70:b3:
                    e1:a8:b7:4c:e8:b7:f7:0c:43:55:47:86:34:24:cb:
                    b6:f5:ea:99:35:08:76:63:5e:a9:87:a6:3a:f6:7a:
                    c0:78:d8:55:6a:8e:16:12:a0:8b:a8:ae:02:19:6a:
                    57:f6:9d:5d:8f:10:b5:b5:59:75:25:38:69:15:b6:
                    e1:88:7b:e4:58:c9:80:bb:8a:e5:8e:02:14:c4:41:
                    4b:c9:47:f2:11:b2:da:2f:ed:59:74:d5:0e:0f:31:
                    cb:d5:88:e9:b2:41:6b:16:12:91:6f:17:24:1a:c5:
                    41:46:1f:2e:f0:1e:81:3d:23:b0:1b:45:62:98:b5:
                    1e:b9:49:d9:f5:2d:f3:72:8a:43:e1:7c:24:f4:30:
                    7e:eb:22:28:1a:89:81:e5:c1:21:da:7c:41:3e:d1:
                    27:a8:1f:05:82:ac:49:14:37:05:31:de:6e:d7:a4:
                    70:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:84:29:C1:DC:47:6F:3B:EE:F4:27:D1:86:58:29:02:F4:40:86:49
            X509v3 Authority Key Identifier:
                keyid:29:FE:66:16:95:74:1D:85:CF:ED:CF:6F:FB:CF:74:69:99:59:56:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kf5mFpV0HYXP7c9v-890aZlZVp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:3f:20:70:79:c4:bc:34:f5:78:dc:e5:3d:d5:31:f4:08:fc:
         96:7d:41:02:14:7a:b9:57:b5:ab:a0:24:d0:f1:59:85:25:09:
         dc:f8:76:61:31:08:5b:71:4f:69:cc:5f:a6:f6:b8:1d:94:53:
         aa:da:50:b9:81:00:a2:dc:81:53:be:c9:e8:16:6e:cc:72:ab:
         e4:07:a0:8e:4a:db:dd:95:73:08:0c:21:b4:0d:ff:21:4c:40:
         1b:63:e4:aa:a8:78:a5:c5:7c:ad:ef:a7:ea:1e:ba:45:28:c1:
         cc:13:4f:5b:25:aa:72:57:36:cf:06:cd:33:d1:f0:71:5b:1d:
         70:6b:38:3d:be:b2:8b:a8:82:22:9b:74:d7:c4:4c:2d:81:65:
         8b:5e:f3:94:7f:37:6a:eb:6e:65:e1:84:79:d1:c5:09:85:a6:
         2b:7a:6d:af:da:7e:d7:f6:87:db:05:6f:7b:ec:9d:63:9d:1e:
         e9:ff:4f:4d:b6:bf:e3:cf:56:21:9f:df:e9:00:90:e6:ed:e1:
         1b:8c:30:2e:71:2c:a4:3f:13:ef:9e:66:18:32:95:31:63:3f:
         12:73:7f:aa:55:4f:49:1c:99:11:23:dc:85:80:87:66:cd:78:
         03:24:a6:9a:66:cd:56:77:d0:2d:ab:af:38:59:c9:5a:40:59:
         c4:71:cb:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh7ix56uslFdE/SbaPkLCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZmU2NjE2OTU3NDFkODVjZmVkY2Y2ZmZiY2Y3NDY5OTk1
OTU2OWYwHhcNMjUwMjAxMjIwMDM5WhcNMjUwMjAyMjIwMDM5WjAzMTEwLwYDVQQD
EyhmYjg0MjljMWRjNDc2ZjNiZWVmNDI3ZDE4NjU4MjkwMmY0NDA4NjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx6PlZyAXJUFKpHGLfa1SQIKfTS98
tYu7FSjg/2g6uaHjBRYtxCqXkl2Vs0JoHwEyZ+GpAtJJW+ovC1Y/fvo2VBp9flQ4
nZU9KPjONvqLHdsOJWBkECYwcLPhqLdM6Lf3DENVR4Y0JMu29eqZNQh2Y16ph6Y6
9nrAeNhVao4WEqCLqK4CGWpX9p1djxC1tVl1JThpFbbhiHvkWMmAu4rljgIUxEFL
yUfyEbLaL+1ZdNUODzHL1YjpskFrFhKRbxckGsVBRh8u8B6BPSOwG0VimLUeuUnZ
9S3zcopD4Xwk9DB+6yIoGomB5cEh2nxBPtEnqB8FgqxJFDcFMd5u16Rw5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPuEKcHcR2877vQn0YZYKQL0QIZJMB8GA1UdIwQY
MBaAFCn+ZhaVdB2Fz+3Pb/vPdGmZWVafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2Y1bUZwVjBIWVhQN2M5di04OTBhWmxaVnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi81MWVjYzktNTY4MS00YjAyLTlkYjgt
MmU4ODBhN2E4MmNhLzEvS2Y1bUZwVjBIWVhQN2M5di04OTBhWmxaVnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi81MWVjYzktNTY4MS00YjAyLTlkYjgtMmU4ODBhN2E4MmNh
LzEvS2Y1bUZwVjBIWVhQN2M5di04OTBhWmxaVnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAj8gcHnE
vDT1eNzlPdUx9Aj8ln1BAhR6uVe1q6Ak0PFZhSUJ3Ph2YTEIW3FPacxfpva4HZRT
qtpQuYEAotyBU77J6BZuzHKr5Aegjkrb3ZVzCAwhtA3/IUxAG2Pkqqh4pcV8re+n
6h66RSjBzBNPWyWqclc2zwbNM9HwcVsdcGs4Pb6yi6iCIpt018RMLYFli17zlH83
autuZeGEedHFCYWmK3ptr9p+1/aH2wVve+ydY50e6f9PTba/489WIZ/f6QCQ5u3h
G4wwLnEspD8T755mGDKVMWM/EnN/qlVPSRyZESPchYCHZs14AySmmmbNVnfQLauv
OFnJWkBZxHHLig==
-----END CERTIFICATE-----