Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/2ab62d-070c-4b06-b38a-73a7a4736038/1/aomTYnatLRhxB9-3QAeTADrBSac.mft
File:                     aomTYnatLRhxB9-3QAeTADrBSac.mft (raw, json)
Hash identifier:          +hy/p+p+tlsC3dRhcP80wPeBVNaPs46Us65cHGfebbc=
Subject key identifier:   9A:71:22:9F:AF:E9:F9:12:E6:9C:F0:77:8D:6E:71:8F:92:E2:EE:A1
Authority key identifier: 6A:89:93:62:76:AD:2D:18:71:07:DF:B7:40:07:93:00:3A:C1:49:A7
Certificate issuer:       /CN=6a89936276ad2d187107dfb7400793003ac149a7
Certificate serial:       019512109514B82484524F5F0A29A7612B03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aomTYnatLRhxB9-3QAeTADrBSac.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/2ab62d-070c-4b06-b38a-73a7a4736038/1/aomTYnatLRhxB9-3QAeTADrBSac.mft
Manifest number:          13E5
Signing time:             Mon 17 Feb 2025 04:00:31 +0000
Manifest this update:     Mon 17 Feb 2025 04:00:31 +0000
Manifest next update:     Tue 18 Feb 2025 04:00:31 +0000
Files and hashes:         1: aomTYnatLRhxB9-3QAeTADrBSac.crl (hash: QAePBRcLZA+bVnDKwUwWV5m6rRlEOfVld3OxTzYojrU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/2ab62d-070c-4b06-b38a-73a7a4736038/1/aomTYnatLRhxB9-3QAeTADrBSac.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/2ab62d-070c-4b06-b38a-73a7a4736038/1/aomTYnatLRhxB9-3QAeTADrBSac.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aomTYnatLRhxB9-3QAeTADrBSac.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:12:10:95:14:b8:24:84:52:4f:5f:0a:29:a7:61:2b:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a89936276ad2d187107dfb7400793003ac149a7
        Validity
            Not Before: Feb 17 04:00:31 2025 GMT
            Not After : Feb 18 04:00:31 2025 GMT
        Subject: CN=9a71229fafe9f912e69cf0778d6e718f92e2eea1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:57:aa:1d:2b:51:66:05:22:be:59:27:bc:a7:
                    35:38:a9:0d:a1:bc:d3:12:07:71:4a:ba:16:44:6b:
                    f3:5c:66:61:37:d9:d3:9a:25:06:5a:38:d7:55:26:
                    7a:77:89:db:fa:32:cc:4a:9a:30:33:9d:ca:c8:37:
                    07:3a:05:95:ad:1c:63:1e:c3:66:b2:28:42:da:e1:
                    95:55:ce:4f:8a:2b:a2:b5:e3:24:31:c6:a0:a3:a1:
                    7c:a4:6a:11:10:cf:f2:f3:50:0b:94:00:0c:26:f7:
                    40:07:ad:42:e4:a3:b8:fa:48:d3:2d:f7:a0:20:c5:
                    46:15:08:b4:25:e2:82:62:86:f5:89:73:7e:b0:95:
                    3c:09:d8:49:1d:cd:fe:e9:61:cf:3b:fe:a9:2b:3c:
                    51:8e:16:7f:0d:01:46:55:b1:9b:39:e5:04:9e:f9:
                    2d:96:c4:7b:1b:ca:71:7e:bd:da:cb:b7:52:c4:e7:
                    87:c0:77:b0:72:9d:4c:2d:c7:f8:c7:18:2d:12:2e:
                    95:38:56:b3:17:dd:68:cd:3d:b9:0b:2e:eb:3d:c2:
                    f7:57:26:5c:7b:6d:fb:71:31:86:03:df:f8:63:8d:
                    3f:44:a5:e7:24:2a:8b:7e:67:aa:ec:42:e3:88:b4:
                    60:16:73:bf:f1:06:90:90:94:45:36:96:61:03:73:
                    45:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:71:22:9F:AF:E9:F9:12:E6:9C:F0:77:8D:6E:71:8F:92:E2:EE:A1
            X509v3 Authority Key Identifier:
                keyid:6A:89:93:62:76:AD:2D:18:71:07:DF:B7:40:07:93:00:3A:C1:49:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aomTYnatLRhxB9-3QAeTADrBSac.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/2ab62d-070c-4b06-b38a-73a7a4736038/1/aomTYnatLRhxB9-3QAeTADrBSac.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/2ab62d-070c-4b06-b38a-73a7a4736038/1/aomTYnatLRhxB9-3QAeTADrBSac.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:cb:6c:1e:8c:04:cc:69:dc:e1:67:fd:0c:5b:01:4e:f2:9e:
         20:55:e6:89:a2:7d:b7:88:53:40:e8:89:9a:5d:fe:6b:30:d6:
         51:5d:68:9d:09:86:8b:3f:41:d9:cb:3b:b6:60:48:13:f6:9b:
         8a:bd:24:4f:9a:d2:2b:18:29:68:8b:8c:d7:b8:a8:40:80:1a:
         85:28:24:2c:6d:14:0b:da:5a:ca:07:2c:32:69:47:1f:24:f1:
         4d:df:a8:3f:de:bc:25:1b:29:d5:28:dc:14:72:54:0c:ec:ea:
         34:fc:2d:2d:6e:f0:b7:cf:d8:0b:ae:91:48:70:43:76:99:12:
         a0:80:63:07:de:bf:8b:4c:76:37:27:bc:02:09:2c:97:b5:e3:
         9e:62:f9:bd:5b:d5:87:9f:ff:3d:06:2d:79:5f:3b:2c:92:20:
         2b:3b:75:1b:c6:0c:f7:a5:77:09:9f:19:cc:b6:46:b3:6a:ff:
         68:c0:fc:40:f2:33:e5:f7:87:f4:e7:32:00:8d:fa:3d:e0:1b:
         e9:da:31:42:78:ac:ee:ba:44:44:4b:eb:55:ee:19:36:d1:43:
         9b:90:bb:76:0d:29:ca:f7:2f:47:1c:a4:99:c8:5f:2e:36:f2:
         50:9f:a0:50:41:3b:5a:13:26:19:46:65:55:84:df:d1:ae:c3:
         67:0c:e9:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSEJUUuCSEUk9fCimnYSsDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhODk5MzYyNzZhZDJkMTg3MTA3ZGZiNzQwMDc5MzAwM2Fj
MTQ5YTcwHhcNMjUwMjE3MDQwMDMxWhcNMjUwMjE4MDQwMDMxWjAzMTEwLwYDVQQD
Eyg5YTcxMjI5ZmFmZTlmOTEyZTY5Y2YwNzc4ZDZlNzE4ZjkyZTJlZWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVeqHStRZgUivlknvKc1OKkNobzT
EgdxSroWRGvzXGZhN9nTmiUGWjjXVSZ6d4nb+jLMSpowM53KyDcHOgWVrRxjHsNm
sihC2uGVVc5PiiuiteMkMcago6F8pGoREM/y81ALlAAMJvdAB61C5KO4+kjTLfeg
IMVGFQi0JeKCYob1iXN+sJU8CdhJHc3+6WHPO/6pKzxRjhZ/DQFGVbGbOeUEnvkt
lsR7G8pxfr3ay7dSxOeHwHewcp1MLcf4xxgtEi6VOFazF91ozT25Cy7rPcL3VyZc
e237cTGGA9/4Y40/RKXnJCqLfmeq7ELjiLRgFnO/8QaQkJRFNpZhA3NFhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJpxIp+v6fkS5pzwd41ucY+S4u6hMB8GA1UdIwQY
MBaAFGqJk2J2rS0YcQfft0AHkwA6wUmnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW9tVFluYXRMUmh4QjktM1FBZVRBRHJCU2FjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi8yYWI2MmQtMDcwYy00YjA2LWIzOGEt
NzNhN2E0NzM2MDM4LzEvYW9tVFluYXRMUmh4QjktM1FBZVRBRHJCU2FjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi8yYWI2MmQtMDcwYy00YjA2LWIzOGEtNzNhN2E0NzM2MDM4
LzEvYW9tVFluYXRMUmh4QjktM1FBZVRBRHJCU2FjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKstsHowE
zGnc4Wf9DFsBTvKeIFXmiaJ9t4hTQOiJml3+azDWUV1onQmGiz9B2cs7tmBIE/ab
ir0kT5rSKxgpaIuM17ioQIAahSgkLG0UC9paygcsMmlHHyTxTd+oP968JRsp1Sjc
FHJUDOzqNPwtLW7wt8/YC66RSHBDdpkSoIBjB96/i0x2Nye8Agksl7XjnmL5vVvV
h5//PQYteV87LJIgKzt1G8YM96V3CZ8ZzLZGs2r/aMD8QPIz5feH9OcyAI36PeAb
6doxQnis7rpEREvrVe4ZNtFDm5C7dg0pyvcvRxykmchfLjbyUJ+gUEE7WhMmGUZl
VYTf0a7DZwzpsg==
-----END CERTIFICATE-----