Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/9d42ef-74a5-4f82-8a83-d716f4068139/1/qipweTi6Yv4Z5kdNrHh98_jP3uQ.mft
File:                     qipweTi6Yv4Z5kdNrHh98_jP3uQ.mft (raw, json)
Hash identifier:          10f6+Rv5lxzSUV7vUc+7VyotcDigMKdbJuTOISMx0Rg=
Subject key identifier:   1C:DE:4B:CD:75:BA:52:AC:76:6E:9D:D7:84:8F:23:3D:AF:1E:5B:9A
Authority key identifier: AA:2A:70:79:38:BA:62:FE:19:E6:47:4D:AC:78:7D:F3:F8:CF:DE:E4
Certificate issuer:       /CN=aa2a707938ba62fe19e6474dac787df3f8cfdee4
Certificate serial:       0194C3F55F452E1B54BBB6E1AC2AE8EBA836
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qipweTi6Yv4Z5kdNrHh98_jP3uQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/9d42ef-74a5-4f82-8a83-d716f4068139/1/qipweTi6Yv4Z5kdNrHh98_jP3uQ.mft
Manifest number:          0CB0
Signing time:             Sun 02 Feb 2025 00:00:25 +0000
Manifest this update:     Sun 02 Feb 2025 00:00:25 +0000
Manifest next update:     Mon 03 Feb 2025 00:00:25 +0000
Files and hashes:         1: qipweTi6Yv4Z5kdNrHh98_jP3uQ.crl (hash: CZ396Q1lOQonOFYEy5Pmil+Gj6CFJaQFWvNlxFCUUfo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/9d42ef-74a5-4f82-8a83-d716f4068139/1/qipweTi6Yv4Z5kdNrHh98_jP3uQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/9d42ef-74a5-4f82-8a83-d716f4068139/1/qipweTi6Yv4Z5kdNrHh98_jP3uQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qipweTi6Yv4Z5kdNrHh98_jP3uQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:f5:5f:45:2e:1b:54:bb:b6:e1:ac:2a:e8:eb:a8:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa2a707938ba62fe19e6474dac787df3f8cfdee4
        Validity
            Not Before: Feb  2 00:00:25 2025 GMT
            Not After : Feb  3 00:00:25 2025 GMT
        Subject: CN=1cde4bcd75ba52ac766e9dd7848f233daf1e5b9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:b8:60:39:1f:0c:5e:8d:1a:ea:87:48:2b:06:
                    0b:f4:9d:3b:ca:57:ab:a9:71:12:f2:45:53:e6:21:
                    b2:ba:b0:9d:8b:ee:10:a5:f2:7e:3f:78:03:f7:99:
                    e6:1d:c3:6a:88:eb:99:81:24:9c:f3:92:29:14:bf:
                    28:a3:3a:4a:9b:08:7e:01:9c:74:b2:57:62:35:8d:
                    60:86:00:d1:80:93:48:5b:f6:21:e6:76:9d:6b:95:
                    76:6c:b3:61:fb:10:df:66:a2:1c:5d:46:53:20:03:
                    9e:69:93:c1:97:8e:7a:f8:1f:a8:18:1a:8d:5a:cd:
                    76:5b:0d:19:5a:95:e0:01:63:a5:de:19:68:f2:16:
                    32:d3:f9:20:6a:4b:48:5b:1a:e4:b6:2e:6d:da:13:
                    9f:8a:3e:64:15:db:e5:2b:49:50:7a:59:8f:75:24:
                    a0:73:ab:63:01:ad:ef:35:5e:44:42:04:bc:19:a7:
                    ac:f8:a5:7c:18:d7:4c:88:d9:20:6e:76:70:74:c7:
                    04:70:1e:fa:33:84:08:1e:c9:69:49:f9:ec:12:23:
                    ab:6d:99:c2:75:21:f2:a6:f7:57:de:5c:c5:58:6d:
                    b9:99:88:1d:49:ea:53:3a:6a:17:4f:0c:61:8d:3f:
                    76:47:49:07:a9:80:70:03:0a:a6:d2:12:6c:d0:e6:
                    55:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:DE:4B:CD:75:BA:52:AC:76:6E:9D:D7:84:8F:23:3D:AF:1E:5B:9A
            X509v3 Authority Key Identifier:
                keyid:AA:2A:70:79:38:BA:62:FE:19:E6:47:4D:AC:78:7D:F3:F8:CF:DE:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qipweTi6Yv4Z5kdNrHh98_jP3uQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/9d42ef-74a5-4f82-8a83-d716f4068139/1/qipweTi6Yv4Z5kdNrHh98_jP3uQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/9d42ef-74a5-4f82-8a83-d716f4068139/1/qipweTi6Yv4Z5kdNrHh98_jP3uQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:b2:f6:6a:e6:f9:4c:cf:71:b2:32:5a:db:b5:33:9d:00:aa:
         c5:85:d4:99:db:25:c6:8d:7c:57:34:12:97:36:bb:54:ab:3c:
         34:8c:a4:74:f4:94:6f:32:b9:20:05:cd:d0:a9:46:46:b2:93:
         27:51:1b:df:bc:51:2f:0e:b6:ff:92:97:a9:ba:4b:b4:5e:c4:
         4a:dc:1c:74:a7:41:4b:e5:ab:7f:13:7d:96:a3:e4:7e:01:75:
         7a:c5:56:40:5e:48:d9:22:06:80:46:7d:b3:da:97:ec:c2:db:
         de:d1:a7:cc:1c:fc:3a:ef:de:7a:67:89:56:d3:03:16:17:c4:
         0a:3d:d6:d3:74:22:fa:b3:cb:85:a8:48:9c:73:17:bb:e1:5c:
         98:70:6f:35:ad:ad:9a:9e:68:c1:4f:d1:a0:74:6c:8b:e9:ac:
         d1:d1:ee:65:eb:8a:ce:d9:56:bf:a4:10:39:1c:45:4d:ea:67:
         8b:d7:49:d4:bb:64:ee:4e:50:fc:41:97:75:95:e1:10:c9:d8:
         b2:c2:49:f7:2a:30:2f:d8:21:c3:1e:63:fa:e3:2b:bd:8f:60:
         fb:15:1d:bb:8b:0d:68:7d:6e:73:18:1a:f3:c3:37:53:17:62:
         a3:d6:b9:50:ac:96:d0:aa:e1:4e:cb:b1:04:bb:13:e2:93:dd:
         61:5b:f7:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTD9V9FLhtUu7bhrCro66g2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMmE3MDc5MzhiYTYyZmUxOWU2NDc0ZGFjNzg3ZGYzZjhj
ZmRlZTQwHhcNMjUwMjAyMDAwMDI1WhcNMjUwMjAzMDAwMDI1WjAzMTEwLwYDVQQD
EygxY2RlNGJjZDc1YmE1MmFjNzY2ZTlkZDc4NDhmMjMzZGFmMWU1YjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7hgOR8MXo0a6odIKwYL9J07yler
qXES8kVT5iGyurCdi+4QpfJ+P3gD95nmHcNqiOuZgSSc85IpFL8oozpKmwh+AZx0
sldiNY1ghgDRgJNIW/Yh5nada5V2bLNh+xDfZqIcXUZTIAOeaZPBl456+B+oGBqN
Ws12Ww0ZWpXgAWOl3hlo8hYy0/kgaktIWxrkti5t2hOfij5kFdvlK0lQelmPdSSg
c6tjAa3vNV5EQgS8Gaes+KV8GNdMiNkgbnZwdMcEcB76M4QIHslpSfnsEiOrbZnC
dSHypvdX3lzFWG25mYgdSepTOmoXTwxhjT92R0kHqYBwAwqm0hJs0OZVuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBzeS811ulKsdm6d14SPIz2vHluaMB8GA1UdIwQY
MBaAFKoqcHk4umL+GeZHTax4ffP4z97kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWlwd2VUaTZZdjRaNWtkTnJIaDk4X2pQM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy85ZDQyZWYtNzRhNS00ZjgyLThhODMt
ZDcxNmY0MDY4MTM5LzEvcWlwd2VUaTZZdjRaNWtkTnJIaDk4X2pQM3VRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy85ZDQyZWYtNzRhNS00ZjgyLThhODMtZDcxNmY0MDY4MTM5
LzEvcWlwd2VUaTZZdjRaNWtkTnJIaDk4X2pQM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPbL2aub5
TM9xsjJa27UznQCqxYXUmdslxo18VzQSlza7VKs8NIykdPSUbzK5IAXN0KlGRrKT
J1Eb37xRLw62/5KXqbpLtF7EStwcdKdBS+WrfxN9lqPkfgF1esVWQF5I2SIGgEZ9
s9qX7MLb3tGnzBz8Ou/eemeJVtMDFhfECj3W03Qi+rPLhahInHMXu+FcmHBvNa2t
mp5owU/RoHRsi+ms0dHuZeuKztlWv6QQORxFTepni9dJ1Ltk7k5Q/EGXdZXhEMnY
ssJJ9yowL9ghwx5j+uMrvY9g+xUdu4sNaH1ucxga88M3Uxdio9a5UKyW0KrhTsux
BLsT4pPdYVv37Q==
-----END CERTIFICATE-----