Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
File:                     582m42RtyToNLUKV0esJR2xmvKY.mft (raw, json)
Hash identifier:          ehmNmtsv9UM1R+OeT67FHmW9t0wYtJeadLU4V+GA/sA=
Subject key identifier:   51:B4:C8:D3:96:0B:FA:FE:56:17:98:CF:A6:75:22:81:B4:09:BF:54
Authority key identifier: E7:CD:A6:E3:64:6D:C9:3A:0D:2D:42:95:D1:EB:09:47:6C:66:BC:A6
Certificate issuer:       /CN=e7cda6e3646dc93a0d2d4295d1eb09476c66bca6
Certificate serial:       019511A2F6F278386F91DEC3BAA65C56595C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
Manifest number:          017D
Signing time:             Mon 17 Feb 2025 02:00:47 +0000
Manifest this update:     Mon 17 Feb 2025 02:00:47 +0000
Manifest next update:     Tue 18 Feb 2025 02:00:47 +0000
Files and hashes:         1: 582m42RtyToNLUKV0esJR2xmvKY.crl (hash: VPDJIHCjxHk1TU15wd+YEB5Gl8mUmaGQDHEfcoo2ptA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:a2:f6:f2:78:38:6f:91:de:c3:ba:a6:5c:56:59:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7cda6e3646dc93a0d2d4295d1eb09476c66bca6
        Validity
            Not Before: Feb 17 02:00:47 2025 GMT
            Not After : Feb 18 02:00:47 2025 GMT
        Subject: CN=51b4c8d3960bfafe561798cfa6752281b409bf54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:47:cf:03:fb:c6:76:11:c7:86:d8:05:01:63:
                    86:2f:f4:2e:9a:d7:09:f2:ea:40:ee:74:9b:a3:fa:
                    21:6f:74:53:43:e0:74:fc:ea:26:74:ba:87:9e:a1:
                    35:2a:e8:65:64:72:48:64:98:98:98:73:39:78:84:
                    6b:11:5a:0a:8c:a5:3a:c7:cb:9f:e5:2d:cb:03:70:
                    5e:e0:15:0a:a4:75:73:6b:e2:7f:60:aa:4b:84:15:
                    89:d8:af:41:ce:9a:f8:67:c0:2e:04:8b:34:06:3b:
                    aa:80:c5:e4:62:ea:63:ca:08:a4:3f:5e:19:4f:9e:
                    2c:f5:a6:3f:1b:bd:df:2e:d6:4c:53:7d:43:f9:af:
                    95:0b:d9:df:49:60:32:63:5b:4c:f6:4b:a3:d5:f9:
                    21:92:1e:8a:f9:46:e4:28:77:e9:77:9a:51:80:46:
                    0f:a7:ba:50:dd:10:71:bf:52:f5:05:ae:cc:66:4c:
                    6e:8b:6b:60:7a:99:11:60:e0:72:06:75:39:38:aa:
                    dc:f8:65:d4:56:18:c9:ab:6a:48:56:e6:1f:58:fa:
                    ce:b0:6d:9f:72:fc:5f:1c:16:be:93:d5:4d:2d:6a:
                    7d:4a:8e:7e:13:a2:f1:a1:26:26:c4:a5:45:77:f3:
                    87:cc:82:c6:92:a6:1f:d0:6b:8e:f3:3a:61:05:83:
                    5d:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:B4:C8:D3:96:0B:FA:FE:56:17:98:CF:A6:75:22:81:B4:09:BF:54
            X509v3 Authority Key Identifier:
                keyid:E7:CD:A6:E3:64:6D:C9:3A:0D:2D:42:95:D1:EB:09:47:6C:66:BC:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:45:a7:03:09:e0:62:63:05:af:5c:c2:de:af:04:cb:ab:e3:
         2c:e4:f3:71:ed:de:b9:80:06:02:e2:c8:c0:f4:c7:cb:91:8a:
         7b:67:0c:d3:52:04:22:b6:89:49:61:90:50:c7:03:f9:33:93:
         53:2b:20:3a:a3:56:1e:85:07:71:ea:f7:5a:66:46:32:14:c1:
         b5:a7:9d:40:9b:9b:2d:62:e4:90:e0:4d:ac:72:30:3b:58:9a:
         c9:d4:ae:b5:c0:0a:81:48:b3:eb:db:b6:39:ff:df:6d:02:3c:
         9d:20:4e:bc:e9:7a:d7:7e:90:de:75:cb:dd:4a:bb:cf:db:31:
         ca:e2:6e:d4:a0:df:82:b1:5e:29:e1:2d:e7:84:cc:4f:5a:10:
         2f:ed:4c:43:fe:de:9f:7a:29:d7:3d:ba:ef:e3:06:bc:25:bd:
         a4:95:ed:c6:64:77:73:bf:f4:c4:60:f5:db:90:ba:d3:5e:07:
         28:97:7c:60:58:f6:b2:e6:85:5b:3c:4b:5a:11:ff:d0:4d:24:
         00:39:de:6e:ea:ed:21:ad:ef:d5:eb:c2:56:18:8b:1d:05:9c:
         77:0b:cd:36:f5:96:e4:1e:c6:e4:37:22:71:59:11:a8:e2:1b:
         31:6d:3f:c4:04:41:18:4d:59:7c:5a:4c:52:c9:be:06:aa:79:
         67:78:9c:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURovbyeDhvkd7DuqZcVllcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2RhNmUzNjQ2ZGM5M2EwZDJkNDI5NWQxZWIwOTQ3NmM2
NmJjYTYwHhcNMjUwMjE3MDIwMDQ3WhcNMjUwMjE4MDIwMDQ3WjAzMTEwLwYDVQQD
Eyg1MWI0YzhkMzk2MGJmYWZlNTYxNzk4Y2ZhNjc1MjI4MWI0MDliZjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUfPA/vGdhHHhtgFAWOGL/QumtcJ
8upA7nSbo/ohb3RTQ+B0/OomdLqHnqE1KuhlZHJIZJiYmHM5eIRrEVoKjKU6x8uf
5S3LA3Be4BUKpHVza+J/YKpLhBWJ2K9Bzpr4Z8AuBIs0BjuqgMXkYupjygikP14Z
T54s9aY/G73fLtZMU31D+a+VC9nfSWAyY1tM9kuj1fkhkh6K+UbkKHfpd5pRgEYP
p7pQ3RBxv1L1Ba7MZkxui2tgepkRYOByBnU5OKrc+GXUVhjJq2pIVuYfWPrOsG2f
cvxfHBa+k9VNLWp9So5+E6LxoSYmxKVFd/OHzILGkqYf0GuO8zphBYNd7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFG0yNOWC/r+VheYz6Z1IoG0Cb9UMB8GA1UdIwQY
MBaAFOfNpuNkbck6DS1CldHrCUdsZrymMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zYTZkMjgtMWM0My00YjhiLWI3MTMt
NTY4YzQwN2IzMGY3LzEvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8zYTZkMjgtMWM0My00YjhiLWI3MTMtNTY4YzQwN2IzMGY3
LzEvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARUWnAwng
YmMFr1zC3q8Ey6vjLOTzce3euYAGAuLIwPTHy5GKe2cM01IEIraJSWGQUMcD+TOT
UysgOqNWHoUHcer3WmZGMhTBtaedQJubLWLkkOBNrHIwO1iaydSutcAKgUiz69u2
Of/fbQI8nSBOvOl6136Q3nXL3Uq7z9sxyuJu1KDfgrFeKeEt54TMT1oQL+1MQ/7e
n3op1z267+MGvCW9pJXtxmR3c7/0xGD125C6014HKJd8YFj2suaFWzxLWhH/0E0k
ADneburtIa3v1evCVhiLHQWcdwvNNvWW5B7G5DcicVkRqOIbMW0/xARBGE1ZfFpM
Usm+Bqp5Z3icyA==
-----END CERTIFICATE-----