Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/8d2113-3ec0-4445-8dfe-7adb40dca7bd/1/V25aWVM8ptDwtIgH0Md-FWhgTl4.mft
File:                     V25aWVM8ptDwtIgH0Md-FWhgTl4.mft (raw, json)
Hash identifier:          8vAlmPVE3NmKaS2OaemLNi6jQjzr9lmCtlnCpoKzg9A=
Subject key identifier:   F2:5F:6B:05:A3:2E:5C:0F:CE:6F:F0:B0:DE:19:35:F1:F3:D8:DC:F8
Authority key identifier: 57:6E:5A:59:53:3C:A6:D0:F0:B4:88:07:D0:C7:7E:15:68:60:4E:5E
Certificate issuer:       /CN=576e5a59533ca6d0f0b48807d0c77e1568604e5e
Certificate serial:       0195113477E82484CE3B6AB8548E625577E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V25aWVM8ptDwtIgH0Md-FWhgTl4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/8d2113-3ec0-4445-8dfe-7adb40dca7bd/1/V25aWVM8ptDwtIgH0Md-FWhgTl4.mft
Manifest number:          0497
Signing time:             Mon 17 Feb 2025 00:00:05 +0000
Manifest this update:     Mon 17 Feb 2025 00:00:05 +0000
Manifest next update:     Tue 18 Feb 2025 00:00:05 +0000
Files and hashes:         1: V25aWVM8ptDwtIgH0Md-FWhgTl4.crl (hash: 4J8P0uHTFXQDMLzekJhvAzrtePP7xxqWVh8Ztshz53M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a5/8d2113-3ec0-4445-8dfe-7adb40dca7bd/1/V25aWVM8ptDwtIgH0Md-FWhgTl4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a5/8d2113-3ec0-4445-8dfe-7adb40dca7bd/1/V25aWVM8ptDwtIgH0Md-FWhgTl4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/V25aWVM8ptDwtIgH0Md-FWhgTl4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:34:77:e8:24:84:ce:3b:6a:b8:54:8e:62:55:77:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=576e5a59533ca6d0f0b48807d0c77e1568604e5e
        Validity
            Not Before: Feb 17 00:00:05 2025 GMT
            Not After : Feb 18 00:00:05 2025 GMT
        Subject: CN=f25f6b05a32e5c0fce6ff0b0de1935f1f3d8dcf8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:1d:c6:43:93:08:88:28:a6:1e:6b:68:3c:55:
                    8e:dc:63:61:a5:c2:ae:2f:28:00:ee:c4:c3:e4:87:
                    36:1a:0b:30:bb:e9:04:a4:95:39:bb:f2:a8:6e:2c:
                    a7:f8:5c:b8:85:53:54:87:9f:e5:81:20:2d:6a:80:
                    23:9f:ff:92:c2:e1:9f:1b:5b:d1:25:53:61:c6:86:
                    7e:02:eb:75:5a:d8:0b:d4:7e:66:c1:e6:a3:2a:ca:
                    e6:32:ed:40:d9:ab:a1:96:c4:9a:63:dc:57:ef:e1:
                    9e:59:97:2a:26:7d:3c:b7:40:4c:53:09:46:cc:36:
                    8f:af:5e:95:a3:52:09:77:73:21:ff:7c:de:43:2a:
                    df:a5:3b:48:4c:3b:34:43:5e:3b:a6:80:4a:c2:c0:
                    bc:51:90:b8:56:12:2a:c1:bc:07:c0:f9:e1:e9:5c:
                    53:ed:ad:b2:a8:fb:95:e1:90:2c:88:f2:78:99:be:
                    31:2a:51:94:98:37:0b:9f:4e:94:e5:07:20:32:38:
                    45:ee:ac:c3:5e:40:e6:55:5b:de:ee:1e:b0:ff:12:
                    51:19:21:13:f4:7b:9a:2b:25:b5:1c:af:71:e0:3e:
                    73:ec:c9:55:3c:f7:3a:df:9a:dc:46:ab:86:ee:97:
                    c7:b4:e5:ab:0e:a5:57:59:8b:ac:8c:4d:97:a6:a6:
                    82:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:5F:6B:05:A3:2E:5C:0F:CE:6F:F0:B0:DE:19:35:F1:F3:D8:DC:F8
            X509v3 Authority Key Identifier:
                keyid:57:6E:5A:59:53:3C:A6:D0:F0:B4:88:07:D0:C7:7E:15:68:60:4E:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V25aWVM8ptDwtIgH0Md-FWhgTl4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/8d2113-3ec0-4445-8dfe-7adb40dca7bd/1/V25aWVM8ptDwtIgH0Md-FWhgTl4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/8d2113-3ec0-4445-8dfe-7adb40dca7bd/1/V25aWVM8ptDwtIgH0Md-FWhgTl4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:e0:ce:0a:51:92:86:59:b6:b8:08:2b:63:8f:50:29:e2:47:
         71:a7:39:d0:ed:03:51:97:c8:01:5b:5a:63:eb:60:26:10:70:
         c7:5c:47:70:52:c7:91:cf:58:aa:0c:62:9b:f3:9a:85:18:86:
         a9:9a:b6:d4:53:9a:f0:f3:e2:bf:08:50:19:9b:6a:f8:b4:45:
         0f:04:57:02:ab:be:9e:ba:82:32:68:69:56:ee:dd:20:ae:92:
         08:ab:48:6e:8c:97:87:99:47:51:ca:4d:1f:a8:ed:e4:7f:ea:
         f5:be:c2:8a:33:6b:cf:3c:eb:9e:65:cb:a9:c0:54:18:e7:08:
         ae:72:67:8b:f6:95:84:57:f2:e2:6e:c3:58:4f:56:d3:10:3a:
         2f:98:a2:14:57:00:30:6c:ea:73:5d:66:8b:4e:d2:b6:00:34:
         18:0c:0d:b5:08:66:2e:82:86:66:0e:16:02:3c:6e:ab:38:22:
         e5:7b:62:8c:05:e9:36:af:01:eb:83:37:c5:a6:49:37:96:77:
         24:f5:a8:85:8d:34:cf:c4:e3:c3:df:5b:8a:b9:bc:04:b0:f9:
         b6:f4:20:ec:47:a5:17:75:ba:ab:0d:15:fd:cb:71:ea:95:ee:
         08:34:ed:d8:98:8a:d5:12:63:17:94:9d:c8:a2:91:3d:e6:b4:
         58:bb:5a:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURNHfoJITOO2q4VI5iVXfjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NmU1YTU5NTMzY2E2ZDBmMGI0ODgwN2QwYzc3ZTE1Njg2
MDRlNWUwHhcNMjUwMjE3MDAwMDA1WhcNMjUwMjE4MDAwMDA1WjAzMTEwLwYDVQQD
EyhmMjVmNmIwNWEzMmU1YzBmY2U2ZmYwYjBkZTE5MzVmMWYzZDhkY2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAph3GQ5MIiCimHmtoPFWO3GNhpcKu
LygA7sTD5Ic2Ggswu+kEpJU5u/Kobiyn+Fy4hVNUh5/lgSAtaoAjn/+SwuGfG1vR
JVNhxoZ+Aut1WtgL1H5mweajKsrmMu1A2auhlsSaY9xX7+GeWZcqJn08t0BMUwlG
zDaPr16Vo1IJd3Mh/3zeQyrfpTtITDs0Q147poBKwsC8UZC4VhIqwbwHwPnh6VxT
7a2yqPuV4ZAsiPJ4mb4xKlGUmDcLn06U5QcgMjhF7qzDXkDmVVve7h6w/xJRGSET
9HuaKyW1HK9x4D5z7MlVPPc635rcRquG7pfHtOWrDqVXWYusjE2XpqaCfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPJfawWjLlwPzm/wsN4ZNfHz2Nz4MB8GA1UdIwQY
MBaAFFduWllTPKbQ8LSIB9DHfhVoYE5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjI1YVdWTThwdER3dElnSDBNZC1GV2hnVGw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS84ZDIxMTMtM2VjMC00NDQ1LThkZmUt
N2FkYjQwZGNhN2JkLzEvVjI1YVdWTThwdER3dElnSDBNZC1GV2hnVGw0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS84ZDIxMTMtM2VjMC00NDQ1LThkZmUtN2FkYjQwZGNhN2Jk
LzEvVjI1YVdWTThwdER3dElnSDBNZC1GV2hnVGw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS+DOClGS
hlm2uAgrY49QKeJHcac50O0DUZfIAVtaY+tgJhBwx1xHcFLHkc9Yqgxim/OahRiG
qZq21FOa8PPivwhQGZtq+LRFDwRXAqu+nrqCMmhpVu7dIK6SCKtIboyXh5lHUcpN
H6jt5H/q9b7CijNrzzzrnmXLqcBUGOcIrnJni/aVhFfy4m7DWE9W0xA6L5iiFFcA
MGzqc11mi07StgA0GAwNtQhmLoKGZg4WAjxuqzgi5XtijAXpNq8B64M3xaZJN5Z3
JPWohY00z8Tjw99birm8BLD5tvQg7EelF3W6qw0V/ctx6pXuCDTt2JiK1RJjF5Sd
yKKRPea0WLtaPg==
-----END CERTIFICATE-----