Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/a6dda1-1b87-4ec3-938f-dd5ddd05db0b/1/Dj8xyerObwpezNuN8rAcc1FWhoY.mft
File:                     Dj8xyerObwpezNuN8rAcc1FWhoY.mft (raw, json)
Hash identifier:          O6dF8lyAfkB+P4sqy1BAYszb6Tm+1gH88un7mTtcP7c=
Subject key identifier:   97:5F:32:7C:8F:6E:88:8E:6A:F2:37:30:E3:9B:A1:97:68:3E:9E:7D
Authority key identifier: 0E:3F:31:C9:EA:CE:6F:0A:5E:CC:DB:8D:F2:B0:1C:73:51:56:86:86
Certificate issuer:       /CN=0e3f31c9eace6f0a5eccdb8df2b01c7351568686
Certificate serial:       019510C72AE0E2B639D4729E8C24BE8E273F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Dj8xyerObwpezNuN8rAcc1FWhoY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/a6dda1-1b87-4ec3-938f-dd5ddd05db0b/1/Dj8xyerObwpezNuN8rAcc1FWhoY.mft
Manifest number:          1410
Signing time:             Sun 16 Feb 2025 22:00:42 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:42 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:42 +0000
Files and hashes:         1: Dj8xyerObwpezNuN8rAcc1FWhoY.crl (hash: DIT59qguqcvknJA7o5/vZdGRKzQ0LfdPEspZ5Kvkfmo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/a6dda1-1b87-4ec3-938f-dd5ddd05db0b/1/Dj8xyerObwpezNuN8rAcc1FWhoY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/a6dda1-1b87-4ec3-938f-dd5ddd05db0b/1/Dj8xyerObwpezNuN8rAcc1FWhoY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Dj8xyerObwpezNuN8rAcc1FWhoY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:2a:e0:e2:b6:39:d4:72:9e:8c:24:be:8e:27:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e3f31c9eace6f0a5eccdb8df2b01c7351568686
        Validity
            Not Before: Feb 16 22:00:42 2025 GMT
            Not After : Feb 17 22:00:42 2025 GMT
        Subject: CN=975f327c8f6e888e6af23730e39ba197683e9e7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:13:28:2a:f8:b1:da:c2:82:5a:e2:de:8c:34:
                    73:41:48:9c:ee:a7:54:c5:a9:1e:0b:b2:41:ec:6c:
                    e4:de:d9:cd:21:59:97:dc:36:2c:4b:18:76:0b:12:
                    bf:76:d4:8c:6a:68:2d:1c:bd:77:3d:d4:d7:3c:69:
                    7a:04:d1:3e:c3:da:08:71:96:ca:f8:57:14:1e:4f:
                    bb:c1:5f:21:c6:a2:04:97:ac:e5:ff:67:8d:db:31:
                    91:5a:e5:be:f7:cf:29:8f:ca:d9:28:0b:cb:ec:27:
                    76:de:f3:e4:b0:7f:90:e5:8b:f8:67:5b:2a:d5:05:
                    9a:73:fe:91:8d:69:4b:dc:8c:c4:35:28:37:ab:2b:
                    b0:df:6f:76:c4:92:44:85:67:fd:34:5a:f2:9b:fe:
                    26:c5:03:3f:da:26:ca:1c:f3:02:87:79:48:cf:85:
                    1e:58:7e:5a:77:4a:83:ee:a7:0d:bc:71:91:03:9c:
                    81:ef:36:99:38:58:fe:74:c2:fd:04:bc:19:a4:0e:
                    6d:97:4d:f6:82:70:79:39:f5:b9:cd:d4:f0:aa:e8:
                    1a:f1:53:e9:07:44:04:a5:30:25:d7:2f:b7:89:6c:
                    42:62:96:46:8f:fb:c3:93:bb:1d:14:68:26:73:22:
                    a6:91:b0:28:7d:46:1c:28:7a:e9:64:99:06:99:a1:
                    35:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:5F:32:7C:8F:6E:88:8E:6A:F2:37:30:E3:9B:A1:97:68:3E:9E:7D
            X509v3 Authority Key Identifier:
                keyid:0E:3F:31:C9:EA:CE:6F:0A:5E:CC:DB:8D:F2:B0:1C:73:51:56:86:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dj8xyerObwpezNuN8rAcc1FWhoY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/a6dda1-1b87-4ec3-938f-dd5ddd05db0b/1/Dj8xyerObwpezNuN8rAcc1FWhoY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/a6dda1-1b87-4ec3-938f-dd5ddd05db0b/1/Dj8xyerObwpezNuN8rAcc1FWhoY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:37:fe:78:ba:13:d2:5b:dd:c0:ac:04:f9:cc:13:b7:71:f6:
         43:df:fe:2a:4c:a7:60:af:9f:38:76:e7:c6:b7:10:c8:77:4c:
         15:2c:1d:b3:0d:8c:f6:27:4a:42:8c:5e:bb:69:aa:35:ab:c0:
         40:05:33:48:61:3a:94:96:9f:56:49:bb:1f:23:83:27:f8:3f:
         08:ee:61:71:52:8e:33:96:44:f2:66:39:1f:a1:9d:7c:56:b4:
         6e:b8:88:55:ce:57:d8:27:a8:c3:d8:99:06:e8:52:f5:e1:7c:
         77:1e:01:a5:f5:b6:3d:82:a9:08:17:bd:b3:2c:5f:79:5a:85:
         08:dd:e9:e3:fd:5b:5d:18:03:9c:1f:2a:06:e6:e8:2c:dc:75:
         cb:e5:4c:73:1d:11:f5:e9:0a:05:29:b0:41:34:2e:4b:85:33:
         12:9c:e9:9c:be:10:68:7c:fb:13:b0:c4:06:fb:c0:c7:79:34:
         d9:37:4c:86:9b:05:95:ed:64:a2:56:70:58:ee:5a:33:5d:65:
         f4:28:d6:eb:e3:e5:bf:f1:f0:fd:04:86:79:39:c4:98:af:3b:
         c1:e9:ab:e5:d6:a6:6a:76:c2:00:05:3e:72:ff:c7:f7:89:e4:
         2e:4d:11:81:31:ed:78:4e:e0:a0:4d:13:1a:7f:c2:fb:9b:0e:
         35:03:d0:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxyrg4rY51HKejCS+jic/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlM2YzMWM5ZWFjZTZmMGE1ZWNjZGI4ZGYyYjAxYzczNTE1
Njg2ODYwHhcNMjUwMjE2MjIwMDQyWhcNMjUwMjE3MjIwMDQyWjAzMTEwLwYDVQQD
Eyg5NzVmMzI3YzhmNmU4ODhlNmFmMjM3MzBlMzliYTE5NzY4M2U5ZTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhMoKvix2sKCWuLejDRzQUic7qdU
xakeC7JB7Gzk3tnNIVmX3DYsSxh2CxK/dtSMamgtHL13PdTXPGl6BNE+w9oIcZbK
+FcUHk+7wV8hxqIEl6zl/2eN2zGRWuW+988pj8rZKAvL7Cd23vPksH+Q5Yv4Z1sq
1QWac/6RjWlL3IzENSg3qyuw3292xJJEhWf9NFrym/4mxQM/2ibKHPMCh3lIz4Ue
WH5ad0qD7qcNvHGRA5yB7zaZOFj+dML9BLwZpA5tl032gnB5OfW5zdTwquga8VPp
B0QEpTAl1y+3iWxCYpZGj/vDk7sdFGgmcyKmkbAofUYcKHrpZJkGmaE1EQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJdfMnyPboiOavI3MOOboZdoPp59MB8GA1UdIwQY
MBaAFA4/Mcnqzm8KXszbjfKwHHNRVoaGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGo4eHllck9id3Blek51TjhyQWNjMUZXaG9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9hNmRkYTEtMWI4Ny00ZWMzLTkzOGYt
ZGQ1ZGRkMDVkYjBiLzEvRGo4eHllck9id3Blek51TjhyQWNjMUZXaG9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9hNmRkYTEtMWI4Ny00ZWMzLTkzOGYtZGQ1ZGRkMDVkYjBi
LzEvRGo4eHllck9id3Blek51TjhyQWNjMUZXaG9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAjf+eLoT
0lvdwKwE+cwTt3H2Q9/+KkynYK+fOHbnxrcQyHdMFSwdsw2M9idKQoxeu2mqNavA
QAUzSGE6lJafVkm7HyODJ/g/CO5hcVKOM5ZE8mY5H6GdfFa0briIVc5X2Ceow9iZ
BuhS9eF8dx4BpfW2PYKpCBe9syxfeVqFCN3p4/1bXRgDnB8qBuboLNx1y+VMcx0R
9ekKBSmwQTQuS4UzEpzpnL4QaHz7E7DEBvvAx3k02TdMhpsFle1kolZwWO5aM11l
9CjW6+Plv/Hw/QSGeTnEmK87wemr5damanbCAAU+cv/H94nkLk0RgTHteE7goE0T
Gn/C+5sONQPQ9Q==
-----END CERTIFICATE-----