Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/3ed902-a05d-49ac-a476-174fa26fd4b6/1/AhXKBUNIfztxz4FP4NjWb6lREVs.mft
File:                     AhXKBUNIfztxz4FP4NjWb6lREVs.mft (raw, json)
Hash identifier:          E1J8bTw3Md/iPboj6p9T5jsu5oE5ZtnlyDXL/kpwRWw=
Subject key identifier:   2C:CA:9C:A3:DF:9F:2B:35:28:4B:31:DC:0A:2B:4B:46:C4:C8:A5:D4
Authority key identifier: 02:15:CA:05:43:48:7F:3B:71:CF:81:4F:E0:D8:D6:6F:A9:51:11:5B
Certificate issuer:       /CN=0215ca0543487f3b71cf814fe0d8d66fa951115b
Certificate serial:       0195124716B30EEBE59A4E00911021169591
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AhXKBUNIfztxz4FP4NjWb6lREVs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/3ed902-a05d-49ac-a476-174fa26fd4b6/1/AhXKBUNIfztxz4FP4NjWb6lREVs.mft
Manifest number:          027B
Signing time:             Mon 17 Feb 2025 05:00:03 +0000
Manifest this update:     Mon 17 Feb 2025 05:00:03 +0000
Manifest next update:     Tue 18 Feb 2025 05:00:03 +0000
Files and hashes:         1: AhXKBUNIfztxz4FP4NjWb6lREVs.crl (hash: UD286ULCD4EwP8nj/fVZwDnfKL2uFqpY88truvAlg1w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/3ed902-a05d-49ac-a476-174fa26fd4b6/1/AhXKBUNIfztxz4FP4NjWb6lREVs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/3ed902-a05d-49ac-a476-174fa26fd4b6/1/AhXKBUNIfztxz4FP4NjWb6lREVs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AhXKBUNIfztxz4FP4NjWb6lREVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:12:47:16:b3:0e:eb:e5:9a:4e:00:91:10:21:16:95:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0215ca0543487f3b71cf814fe0d8d66fa951115b
        Validity
            Not Before: Feb 17 05:00:03 2025 GMT
            Not After : Feb 18 05:00:03 2025 GMT
        Subject: CN=2cca9ca3df9f2b35284b31dc0a2b4b46c4c8a5d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:be:2e:a0:bd:44:0a:10:e0:30:67:3d:ef:47:
                    1f:5f:ac:10:ee:b8:f1:f6:a2:97:14:71:a5:cb:39:
                    88:6c:fd:69:8b:e3:db:37:87:1a:d9:69:5b:04:69:
                    ba:bf:6b:d5:26:3c:90:6d:7e:d1:56:ae:d5:4a:02:
                    c3:9e:05:50:51:d8:a9:e2:8b:1e:5b:cb:a1:63:e1:
                    5e:77:ed:11:cc:c0:c7:65:46:c3:2f:ff:a8:95:50:
                    39:f2:a4:e4:e9:0f:20:59:01:f5:01:6b:55:88:86:
                    7c:dc:ca:69:e5:6b:1d:e6:43:07:4e:cc:fa:24:ae:
                    fe:cf:26:77:37:6d:87:18:83:6c:21:14:02:67:46:
                    5c:93:c0:a0:33:68:bc:03:c6:4b:1a:48:1a:b6:f5:
                    86:3f:cc:e9:76:4a:19:81:45:56:96:51:54:46:07:
                    72:64:d9:e5:32:83:1c:d5:62:9a:76:ce:e7:55:50:
                    27:ab:05:08:3c:46:f1:a4:7b:9a:2d:c3:1a:a6:a6:
                    55:1f:85:14:a1:87:35:e6:ba:74:6c:ef:3b:de:27:
                    f2:7f:08:8d:11:bc:8b:f5:33:b5:67:cb:62:45:68:
                    1c:28:35:ff:34:f6:8f:60:0f:d5:15:a1:09:ba:e7:
                    2b:8b:d0:34:7e:6d:cd:85:8c:30:74:d0:5f:4d:dc:
                    02:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:CA:9C:A3:DF:9F:2B:35:28:4B:31:DC:0A:2B:4B:46:C4:C8:A5:D4
            X509v3 Authority Key Identifier:
                keyid:02:15:CA:05:43:48:7F:3B:71:CF:81:4F:E0:D8:D6:6F:A9:51:11:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AhXKBUNIfztxz4FP4NjWb6lREVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3ed902-a05d-49ac-a476-174fa26fd4b6/1/AhXKBUNIfztxz4FP4NjWb6lREVs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3ed902-a05d-49ac-a476-174fa26fd4b6/1/AhXKBUNIfztxz4FP4NjWb6lREVs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ba:60:9e:5f:cc:c2:4a:bb:7a:9e:92:2f:13:c7:d7:e9:e2:11:
         f8:fa:e2:bc:bf:57:92:c8:01:77:30:80:e5:29:ec:cc:2a:8d:
         ad:fa:91:d0:39:2e:0c:94:4f:7f:8f:1d:91:2a:64:9b:0d:57:
         b6:23:31:98:5a:f5:2f:af:19:d7:8e:eb:de:83:06:89:37:4a:
         42:0e:d1:02:eb:39:4c:a3:04:29:bb:80:44:3a:e8:a5:0c:e5:
         a2:7e:af:b7:ea:6f:25:3b:5d:f6:e7:01:cb:ca:6c:a2:f6:50:
         11:b1:83:8e:94:7d:99:91:0b:d4:9b:e5:9a:01:3c:b0:c0:eb:
         ef:7f:2b:9d:4e:ae:bf:28:ce:5c:24:e4:16:cd:fe:3b:b5:98:
         4c:e4:4c:6b:84:6c:03:73:c4:f6:54:d6:9c:41:b8:60:ba:01:
         59:57:e1:ab:61:7e:e4:16:1f:27:4d:4e:53:d4:51:77:fc:14:
         56:79:82:14:cf:6b:70:91:8e:7c:15:d7:5b:43:41:a1:cf:17:
         c8:fd:29:60:1c:00:cf:f7:9a:3c:0a:21:78:72:38:d9:85:cf:
         31:1a:85:2c:cf:d0:3f:68:a3:0d:b7:40:49:f5:23:75:3d:c6:
         59:82:1d:80:ba:79:c7:b4:cf:e9:aa:af:50:38:26:12:5b:3e:
         d1:bd:e3:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSRxazDuvlmk4AkRAhFpWRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMTVjYTA1NDM0ODdmM2I3MWNmODE0ZmUwZDhkNjZmYTk1
MTExNWIwHhcNMjUwMjE3MDUwMDAzWhcNMjUwMjE4MDUwMDAzWjAzMTEwLwYDVQQD
EygyY2NhOWNhM2RmOWYyYjM1Mjg0YjMxZGMwYTJiNGI0NmM0YzhhNWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz74uoL1EChDgMGc970cfX6wQ7rjx
9qKXFHGlyzmIbP1pi+PbN4ca2WlbBGm6v2vVJjyQbX7RVq7VSgLDngVQUdip4ose
W8uhY+Fed+0RzMDHZUbDL/+olVA58qTk6Q8gWQH1AWtViIZ83Mpp5Wsd5kMHTsz6
JK7+zyZ3N22HGINsIRQCZ0Zck8CgM2i8A8ZLGkgatvWGP8zpdkoZgUVWllFURgdy
ZNnlMoMc1WKads7nVVAnqwUIPEbxpHuaLcMapqZVH4UUoYc15rp0bO873ifyfwiN
EbyL9TO1Z8tiRWgcKDX/NPaPYA/VFaEJuucri9A0fm3NhYwwdNBfTdwCzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCzKnKPfnys1KEsx3AorS0bEyKXUMB8GA1UdIwQY
MBaAFAIVygVDSH87cc+BT+DY1m+pURFbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWhYS0JVTklmenR4ejRGUDROaldiNmxSRVZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zZWQ5MDItYTA1ZC00OWFjLWE0NzYt
MTc0ZmEyNmZkNGI2LzEvQWhYS0JVTklmenR4ejRGUDROaldiNmxSRVZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8zZWQ5MDItYTA1ZC00OWFjLWE0NzYtMTc0ZmEyNmZkNGI2
LzEvQWhYS0JVTklmenR4ejRGUDROaldiNmxSRVZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAumCeX8zC
Srt6npIvE8fX6eIR+PrivL9XksgBdzCA5SnszCqNrfqR0DkuDJRPf48dkSpkmw1X
tiMxmFr1L68Z147r3oMGiTdKQg7RAus5TKMEKbuARDropQzlon6vt+pvJTtd9ucB
y8psovZQEbGDjpR9mZEL1JvlmgE8sMDr738rnU6uvyjOXCTkFs3+O7WYTORMa4Rs
A3PE9lTWnEG4YLoBWVfhq2F+5BYfJ01OU9RRd/wUVnmCFM9rcJGOfBXXW0NBoc8X
yP0pYBwAz/eaPAoheHI42YXPMRqFLM/QP2ijDbdASfUjdT3GWYIdgLp5x7TP6aqv
UDgmEls+0b3jDg==
-----END CERTIFICATE-----