Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft
File:                     IPdQab1W78UXA4PtMcrSJGT98DA.mft (raw, json)
Hash identifier:          JfVdgvqPHPup4ZicDeCeIw1m1dDqjLlNK5RgpY1vb/E=
Subject key identifier:   87:0E:CE:DB:FE:80:9D:D7:0F:52:EB:A9:EF:B8:61:68:06:0D:B0:EA
Authority key identifier: 20:F7:50:69:BD:56:EF:C5:17:03:83:ED:31:CA:D2:24:64:FD:F0:30
Certificate issuer:       /CN=20f75069bd56efc5170383ed31cad22464fdf030
Certificate serial:       0195116B980369BA92054E8F9FE8A0B42477
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IPdQab1W78UXA4PtMcrSJGT98DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft
Manifest number:          0205
Signing time:             Mon 17 Feb 2025 01:00:18 +0000
Manifest this update:     Mon 17 Feb 2025 01:00:18 +0000
Manifest next update:     Tue 18 Feb 2025 01:00:18 +0000
Files and hashes:         1: IPdQab1W78UXA4PtMcrSJGT98DA.crl (hash: 18yaI4DNLPzlX9KLy5u73r6i1wQVNMqLCriO/+YQuJ8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IPdQab1W78UXA4PtMcrSJGT98DA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:6b:98:03:69:ba:92:05:4e:8f:9f:e8:a0:b4:24:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20f75069bd56efc5170383ed31cad22464fdf030
        Validity
            Not Before: Feb 17 01:00:18 2025 GMT
            Not After : Feb 18 01:00:18 2025 GMT
        Subject: CN=870ecedbfe809dd70f52eba9efb86168060db0ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:00:6a:43:49:e9:b2:e3:2b:68:f7:b1:b9:3c:
                    0c:43:fe:3e:57:62:2b:c9:c8:70:d6:fc:86:c0:f4:
                    08:09:c3:0e:38:c0:c2:dc:3f:b3:1b:ce:85:83:e2:
                    6b:ef:84:0f:e0:7e:bf:62:76:75:df:06:39:a7:a2:
                    62:da:ab:cb:05:75:e3:99:5f:3b:72:8f:84:41:41:
                    6a:9f:7c:42:77:46:23:36:06:6b:53:6c:41:e8:a9:
                    90:6f:85:c2:b4:cc:bc:29:28:54:87:97:41:06:a4:
                    b6:d6:77:0a:c3:5e:0c:d5:22:c6:39:8a:e2:dc:1a:
                    45:1d:05:2b:af:e1:2c:62:19:e8:58:04:8d:ef:1f:
                    14:0c:75:47:3d:23:82:2b:1c:00:51:8f:99:3d:8d:
                    a3:22:71:25:a6:18:84:13:e6:c8:7b:f0:6d:ec:25:
                    67:0a:eb:a3:de:ec:30:ea:03:a0:7e:80:59:30:93:
                    da:c3:50:b4:d0:03:aa:f6:9c:a1:a9:41:2a:95:e6:
                    e5:b4:24:9e:1c:f3:fd:fa:b0:94:14:9c:8d:c0:15:
                    6d:14:e7:f3:2e:8c:36:99:b6:96:de:92:de:84:b5:
                    4a:17:3e:88:8b:25:03:f3:63:1d:7e:8c:59:9c:c0:
                    19:e1:ca:9f:8b:50:da:c8:fa:5f:c1:57:f4:28:48:
                    0b:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:0E:CE:DB:FE:80:9D:D7:0F:52:EB:A9:EF:B8:61:68:06:0D:B0:EA
            X509v3 Authority Key Identifier:
                keyid:20:F7:50:69:BD:56:EF:C5:17:03:83:ED:31:CA:D2:24:64:FD:F0:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IPdQab1W78UXA4PtMcrSJGT98DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:55:69:37:2e:14:3d:07:8c:b3:45:43:ea:53:7e:f4:d5:c6:
         16:84:bb:cc:f9:af:0c:30:8f:41:39:63:1c:13:53:be:74:38:
         43:c0:aa:6b:39:22:00:cc:5b:e9:06:a2:3d:fa:8f:fa:f2:b1:
         56:b8:8c:75:b3:12:c1:f4:66:fd:d4:b2:ff:e3:e8:b0:eb:b6:
         4f:11:81:b7:d1:46:b2:81:41:bb:e4:a7:28:64:3c:9c:e4:64:
         e5:d6:26:64:10:d8:e7:ba:d1:63:2d:d2:a8:42:be:36:17:8f:
         28:39:42:0a:7d:db:7c:02:55:eb:b5:c3:9b:81:f5:6a:6e:1b:
         0a:ed:2c:bc:83:f0:71:c8:6c:4f:4f:63:0c:e3:e4:eb:05:f2:
         e8:c2:c0:cf:bf:e3:93:b4:49:e2:be:6c:30:fe:7f:27:85:77:
         c1:3a:b5:24:a9:f3:28:c2:b5:d3:c9:5f:e9:0c:55:6f:aa:a3:
         08:f4:b3:47:9a:58:81:e8:17:08:2d:68:16:99:55:a5:c1:66:
         21:e4:d1:f2:5d:77:a9:6c:fd:0a:75:21:89:0d:b7:32:f2:a9:
         cb:f7:3a:a2:ba:89:ad:10:a5:99:41:62:ef:91:01:ef:7f:92:
         27:56:47:91:a7:54:43:ea:31:ab:e1:bd:af:f4:69:db:07:a7:
         f8:0a:24:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURa5gDabqSBU6Pn+igtCR3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZjc1MDY5YmQ1NmVmYzUxNzAzODNlZDMxY2FkMjI0NjRm
ZGYwMzAwHhcNMjUwMjE3MDEwMDE4WhcNMjUwMjE4MDEwMDE4WjAzMTEwLwYDVQQD
Eyg4NzBlY2VkYmZlODA5ZGQ3MGY1MmViYTllZmI4NjE2ODA2MGRiMGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgBqQ0npsuMraPexuTwMQ/4+V2Ir
ychw1vyGwPQICcMOOMDC3D+zG86Fg+Jr74QP4H6/YnZ13wY5p6Ji2qvLBXXjmV87
co+EQUFqn3xCd0YjNgZrU2xB6KmQb4XCtMy8KShUh5dBBqS21ncKw14M1SLGOYri
3BpFHQUrr+EsYhnoWASN7x8UDHVHPSOCKxwAUY+ZPY2jInElphiEE+bIe/Bt7CVn
Cuuj3uww6gOgfoBZMJPaw1C00AOq9pyhqUEqlebltCSeHPP9+rCUFJyNwBVtFOfz
Low2mbaW3pLehLVKFz6IiyUD82MdfoxZnMAZ4cqfi1DayPpfwVf0KEgLZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIcOztv+gJ3XD1Lrqe+4YWgGDbDqMB8GA1UdIwQY
MBaAFCD3UGm9Vu/FFwOD7THK0iRk/fAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVBkUWFiMVc3OFVYQTRQdE1jclNKR1Q5OERBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC85NWNkNzAtNTBjZC00NmJkLThlMDYt
Yjk3MDVkN2QzNTc5LzEvSVBkUWFiMVc3OFVYQTRQdE1jclNKR1Q5OERBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC85NWNkNzAtNTBjZC00NmJkLThlMDYtYjk3MDVkN2QzNTc5
LzEvSVBkUWFiMVc3OFVYQTRQdE1jclNKR1Q5OERBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUFVpNy4U
PQeMs0VD6lN+9NXGFoS7zPmvDDCPQTljHBNTvnQ4Q8CqazkiAMxb6QaiPfqP+vKx
VriMdbMSwfRm/dSy/+PosOu2TxGBt9FGsoFBu+SnKGQ8nORk5dYmZBDY57rRYy3S
qEK+NhePKDlCCn3bfAJV67XDm4H1am4bCu0svIPwcchsT09jDOPk6wXy6MLAz7/j
k7RJ4r5sMP5/J4V3wTq1JKnzKMK108lf6QxVb6qjCPSzR5pYgegXCC1oFplVpcFm
IeTR8l13qWz9CnUhiQ23MvKpy/c6orqJrRClmUFi75EB73+SJ1ZHkadUQ+oxq+G9
r/Rp2wen+Aokzw==
-----END CERTIFICATE-----