Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
File:                     898KdcnvaBuNIzZ9vo7a0FPzvZU.mft (raw, json)
Hash identifier:          e6FD2Ui1JhPVAgx5v/8Cahi/AEGZx2scezYXluolmhg=
Subject key identifier:   12:9B:97:0D:41:5C:8E:F2:50:DC:61:19:09:5D:87:3F:81:72:82:A5
Authority key identifier: F3:DF:0A:75:C9:EF:68:1B:8D:23:36:7D:BE:8E:DA:D0:53:F3:BD:95
Certificate issuer:       /CN=f3df0a75c9ef681b8d23367dbe8edad053f3bd95
Certificate serial:       019510C7EFA92B0B26EA59FAC05E7DDF7AE1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
Manifest number:          1454
Signing time:             Sun 16 Feb 2025 22:01:33 +0000
Manifest this update:     Sun 16 Feb 2025 22:01:33 +0000
Manifest next update:     Mon 17 Feb 2025 22:01:33 +0000
Files and hashes:         1: 898KdcnvaBuNIzZ9vo7a0FPzvZU.crl (hash: V0G1YUumLsqSz5coR6vtwj9w0MpMNohmZxw9c57y+i8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:01:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:ef:a9:2b:0b:26:ea:59:fa:c0:5e:7d:df:7a:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f3df0a75c9ef681b8d23367dbe8edad053f3bd95
        Validity
            Not Before: Feb 16 22:01:33 2025 GMT
            Not After : Feb 17 22:01:33 2025 GMT
        Subject: CN=129b970d415c8ef250dc6119095d873f817282a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:88:de:f4:a9:46:1d:fc:2a:67:9c:a2:52:3b:
                    aa:0e:9b:7e:b7:34:29:30:62:c1:cb:c7:c8:a3:bf:
                    20:72:e1:4c:33:a4:14:c5:ae:d4:d9:df:5e:03:8f:
                    28:4e:93:c4:a8:11:4a:59:c7:0a:a6:c3:8a:3a:85:
                    d0:4b:7a:04:93:bb:b8:a6:a6:1e:3c:8f:86:de:41:
                    b0:8f:ff:81:de:a5:e0:e1:f0:01:29:6e:76:2f:14:
                    b7:84:41:81:22:51:bf:15:4d:41:bf:47:fe:49:54:
                    fd:55:fc:02:a1:a9:d9:16:b3:a6:a5:43:ed:bc:f4:
                    33:81:ad:5b:0b:49:99:c8:96:3a:ab:a6:cf:97:5c:
                    26:da:80:e9:96:15:b9:c3:c6:55:5c:5a:62:ba:f7:
                    ea:b2:92:89:c7:6a:4d:0a:f8:82:21:61:3d:19:4e:
                    fc:2f:70:9f:66:eb:84:7c:00:17:c6:97:3c:ad:52:
                    ba:d2:b7:1f:18:0b:b0:e8:2d:f4:d8:1f:84:82:14:
                    a0:5a:82:c5:2d:df:7f:2a:12:c2:27:fa:07:a7:68:
                    d0:11:63:58:55:e9:ab:de:96:7f:61:8d:2d:bc:49:
                    0e:eb:9b:3d:e6:d0:86:0c:f2:4e:be:85:fc:a0:37:
                    4e:85:bb:a6:59:e2:f3:dd:50:bf:d9:c6:a9:7a:b5:
                    af:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:9B:97:0D:41:5C:8E:F2:50:DC:61:19:09:5D:87:3F:81:72:82:A5
            X509v3 Authority Key Identifier:
                keyid:F3:DF:0A:75:C9:EF:68:1B:8D:23:36:7D:BE:8E:DA:D0:53:F3:BD:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:cb:6a:4b:b5:80:c9:bc:bf:b4:48:bb:26:7a:6b:c2:4f:81:
         84:cd:b3:e9:63:21:9b:5c:da:3d:64:ef:3c:2b:22:5d:8c:91:
         a5:5f:39:17:fa:70:08:f4:2d:44:b1:8b:f2:66:45:c7:80:4d:
         87:fc:f2:fe:75:22:fc:7c:5c:e4:7f:c4:e0:9e:b0:c9:bd:b4:
         a4:42:2b:e7:9d:23:0e:41:09:c9:d8:0a:0d:42:59:86:8f:97:
         94:0d:a1:4a:24:97:d5:bf:64:70:be:9b:b6:48:22:67:08:e2:
         49:c6:2b:3c:3a:5f:98:df:99:3a:c3:30:58:00:9b:8d:ff:ac:
         dd:ed:61:14:48:be:7c:78:3e:83:0e:77:c5:b5:b5:54:71:50:
         51:78:d3:a1:c2:bb:d7:c3:c3:3a:3e:4a:ad:55:92:fc:03:b6:
         c8:2b:6d:4e:b9:38:f2:31:30:9c:07:26:90:03:96:ad:e7:1f:
         37:36:0d:0f:83:29:cd:c7:7d:a2:97:20:20:d1:a8:96:fc:06:
         24:ee:e4:03:01:22:62:7e:e0:46:67:2a:7c:bc:4e:3f:58:df:
         ce:24:73:4c:b5:fa:79:42:ec:6e:2b:7d:7a:8f:19:52:47:b0:
         3d:d5:db:8b:a7:0d:b0:d6:30:7e:fe:f9:32:e4:bf:b7:c2:0a:
         13:05:ea:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQx++pKwsm6ln6wF5933rhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzZGYwYTc1YzllZjY4MWI4ZDIzMzY3ZGJlOGVkYWQwNTNm
M2JkOTUwHhcNMjUwMjE2MjIwMTMzWhcNMjUwMjE3MjIwMTMzWjAzMTEwLwYDVQQD
EygxMjliOTcwZDQxNWM4ZWYyNTBkYzYxMTkwOTVkODczZjgxNzI4MmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYje9KlGHfwqZ5yiUjuqDpt+tzQp
MGLBy8fIo78gcuFMM6QUxa7U2d9eA48oTpPEqBFKWccKpsOKOoXQS3oEk7u4pqYe
PI+G3kGwj/+B3qXg4fABKW52LxS3hEGBIlG/FU1Bv0f+SVT9VfwCoanZFrOmpUPt
vPQzga1bC0mZyJY6q6bPl1wm2oDplhW5w8ZVXFpiuvfqspKJx2pNCviCIWE9GU78
L3CfZuuEfAAXxpc8rVK60rcfGAuw6C302B+EghSgWoLFLd9/KhLCJ/oHp2jQEWNY
Vemr3pZ/YY0tvEkO65s95tCGDPJOvoX8oDdOhbumWeLz3VC/2caperWv4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBKblw1BXI7yUNxhGQldhz+BcoKlMB8GA1UdIwQY
MBaAFPPfCnXJ72gbjSM2fb6O2tBT872VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80Y2I3MmItM2Y4Mi00NmQyLWJmMjUt
YWI4YWJjYzY5MDE2LzEvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80Y2I3MmItM2Y4Mi00NmQyLWJmMjUtYWI4YWJjYzY5MDE2
LzEvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiMtqS7WA
yby/tEi7Jnprwk+BhM2z6WMhm1zaPWTvPCsiXYyRpV85F/pwCPQtRLGL8mZFx4BN
h/zy/nUi/Hxc5H/E4J6wyb20pEIr550jDkEJydgKDUJZho+XlA2hSiSX1b9kcL6b
tkgiZwjiScYrPDpfmN+ZOsMwWACbjf+s3e1hFEi+fHg+gw53xbW1VHFQUXjTocK7
18PDOj5KrVWS/AO2yCttTrk48jEwnAcmkAOWrecfNzYND4Mpzcd9opcgINGolvwG
JO7kAwEiYn7gRmcqfLxOP1jfziRzTLX6eULsbit9eo8ZUkewPdXbi6cNsNYwfv75
MuS/t8IKEwXqqQ==
-----END CERTIFICATE-----