Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/ba6634-e915-4036-a997-6d521bc474f4/1/gSdW6ySj41K9bonR9aoISIlhpnQ.mft
File:                     gSdW6ySj41K9bonR9aoISIlhpnQ.mft (raw, json)
Hash identifier:          bTcaA5FazsjmdX+VD1N+NQfGbld4NwaeEyRz3puTG/4=
Subject key identifier:   E4:37:EA:EC:CA:3E:E6:48:C6:4F:FB:91:2C:2E:F5:FF:0B:B6:35:E6
Authority key identifier: 81:27:56:EB:24:A3:E3:52:BD:6E:89:D1:F5:AA:08:48:89:61:A6:74
Certificate issuer:       /CN=812756eb24a3e352bd6e89d1f5aa08488961a674
Certificate serial:       019510C6FF8EA82884D68FB684869B2A3F96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gSdW6ySj41K9bonR9aoISIlhpnQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/ba6634-e915-4036-a997-6d521bc474f4/1/gSdW6ySj41K9bonR9aoISIlhpnQ.mft
Manifest number:          076D
Signing time:             Sun 16 Feb 2025 22:00:31 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:31 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:31 +0000
Files and hashes:         1: gSdW6ySj41K9bonR9aoISIlhpnQ.crl (hash: DdVKxZkOTGdklCkTZwk7n2rm7Am+d3rvNjvQ0QPoC5A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/ba6634-e915-4036-a997-6d521bc474f4/1/gSdW6ySj41K9bonR9aoISIlhpnQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/ba6634-e915-4036-a997-6d521bc474f4/1/gSdW6ySj41K9bonR9aoISIlhpnQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gSdW6ySj41K9bonR9aoISIlhpnQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c6:ff:8e:a8:28:84:d6:8f:b6:84:86:9b:2a:3f:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=812756eb24a3e352bd6e89d1f5aa08488961a674
        Validity
            Not Before: Feb 16 22:00:31 2025 GMT
            Not After : Feb 17 22:00:31 2025 GMT
        Subject: CN=e437eaecca3ee648c64ffb912c2ef5ff0bb635e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:ef:b9:bb:26:42:a3:7f:fc:4d:73:e2:72:35:
                    1d:ce:be:9a:14:2d:79:2b:9c:a2:63:8f:76:78:4d:
                    ad:06:4d:79:40:54:97:25:51:c6:eb:e1:70:e1:38:
                    f1:9e:8d:49:94:2b:ff:7f:22:92:a2:4a:25:7b:a0:
                    76:a6:2e:50:d5:ec:f2:39:b1:c8:93:bd:7a:47:2c:
                    8f:76:ca:34:08:22:d7:8f:64:2f:38:f4:58:1e:ef:
                    3b:71:75:47:28:00:dd:a3:28:c7:09:09:66:c2:a1:
                    c9:a7:4c:29:b7:79:15:e0:a1:01:be:96:fe:b4:36:
                    da:05:02:9c:cc:69:be:61:31:0c:f1:3b:5b:b6:57:
                    3d:01:01:0f:5d:74:1e:fc:aa:ff:fc:a4:ee:c3:17:
                    69:c9:6d:0d:da:d5:bd:b3:3b:45:2c:c8:93:c4:f5:
                    2a:4e:0f:1f:4a:bb:ef:32:4d:4a:bf:f2:da:ec:d8:
                    2f:17:d7:f7:72:da:b3:ae:17:f6:08:28:f2:5f:0c:
                    67:5c:31:ec:23:b3:89:cd:4b:70:50:76:20:f0:82:
                    90:90:b2:f8:87:0a:7d:8a:f3:4f:f4:a3:3f:ab:6f:
                    60:17:97:42:96:a0:b9:e7:45:e8:48:e9:60:da:8a:
                    59:87:af:b3:7e:ed:1a:51:26:cd:24:36:0b:79:0d:
                    f4:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:37:EA:EC:CA:3E:E6:48:C6:4F:FB:91:2C:2E:F5:FF:0B:B6:35:E6
            X509v3 Authority Key Identifier:
                keyid:81:27:56:EB:24:A3:E3:52:BD:6E:89:D1:F5:AA:08:48:89:61:A6:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gSdW6ySj41K9bonR9aoISIlhpnQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/ba6634-e915-4036-a997-6d521bc474f4/1/gSdW6ySj41K9bonR9aoISIlhpnQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/ba6634-e915-4036-a997-6d521bc474f4/1/gSdW6ySj41K9bonR9aoISIlhpnQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:53:be:3f:b5:1c:99:a6:21:f9:1e:87:84:e8:29:6c:10:4a:
         e7:24:9a:24:7a:4e:a9:0b:1a:48:7a:41:07:20:29:68:d2:8c:
         05:83:91:eb:f7:b7:42:d2:0f:a7:69:c2:f2:f2:6d:f6:25:cf:
         e1:45:78:49:2c:94:28:05:6a:85:e9:89:64:23:40:f7:3d:7d:
         08:04:45:9b:24:7a:b1:a2:7b:ff:95:49:04:7d:54:26:71:51:
         b3:95:a7:ad:95:19:72:6f:81:5f:e2:e6:b5:25:3d:d9:d8:56:
         e7:ae:ad:0f:07:e8:3b:59:5b:5f:fb:ce:96:ca:f8:4f:27:a3:
         bf:c5:e1:88:35:28:16:bd:7b:d2:1b:b9:97:12:9c:2a:50:ec:
         64:05:55:46:72:1b:5c:6e:18:cd:4a:f0:b6:bd:20:de:44:9d:
         9a:8b:fc:18:0c:d8:78:79:aa:c2:f2:a2:c1:68:4f:26:15:5d:
         30:91:5b:c0:9a:c7:25:88:64:91:24:f8:b9:a1:a9:b9:b9:ab:
         5f:46:c5:74:df:ad:61:0d:2c:4b:20:89:72:70:75:df:ae:b0:
         e5:9d:fb:f7:33:03:20:23:1f:a0:a0:fc:62:44:ff:15:e8:3d:
         48:4d:0d:68:c7:28:47:8a:65:67:9f:2d:fb:6e:b2:c2:47:1e:
         5f:50:0f:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxv+OqCiE1o+2hIabKj+WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxMjc1NmViMjRhM2UzNTJiZDZlODlkMWY1YWEwODQ4ODk2
MWE2NzQwHhcNMjUwMjE2MjIwMDMxWhcNMjUwMjE3MjIwMDMxWjAzMTEwLwYDVQQD
EyhlNDM3ZWFlY2NhM2VlNjQ4YzY0ZmZiOTEyYzJlZjVmZjBiYjYzNWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx++5uyZCo3/8TXPicjUdzr6aFC15
K5yiY492eE2tBk15QFSXJVHG6+Fw4Tjxno1JlCv/fyKSokole6B2pi5Q1ezyObHI
k716RyyPdso0CCLXj2QvOPRYHu87cXVHKADdoyjHCQlmwqHJp0wpt3kV4KEBvpb+
tDbaBQKczGm+YTEM8Ttbtlc9AQEPXXQe/Kr//KTuwxdpyW0N2tW9sztFLMiTxPUq
Tg8fSrvvMk1Kv/La7NgvF9f3ctqzrhf2CCjyXwxnXDHsI7OJzUtwUHYg8IKQkLL4
hwp9ivNP9KM/q29gF5dClqC550XoSOlg2opZh6+zfu0aUSbNJDYLeQ30AwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOQ36uzKPuZIxk/7kSwu9f8LtjXmMB8GA1UdIwQY
MBaAFIEnVusko+NSvW6J0fWqCEiJYaZ0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1NkVzZ5U2o0MUs5Ym9uUjlhb0lTSWxocG5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9iYTY2MzQtZTkxNS00MDM2LWE5OTct
NmQ1MjFiYzQ3NGY0LzEvZ1NkVzZ5U2o0MUs5Ym9uUjlhb0lTSWxocG5RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9iYTY2MzQtZTkxNS00MDM2LWE5OTctNmQ1MjFiYzQ3NGY0
LzEvZ1NkVzZ5U2o0MUs5Ym9uUjlhb0lTSWxocG5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqVO+P7Uc
maYh+R6HhOgpbBBK5ySaJHpOqQsaSHpBByApaNKMBYOR6/e3QtIPp2nC8vJt9iXP
4UV4SSyUKAVqhemJZCNA9z19CARFmyR6saJ7/5VJBH1UJnFRs5WnrZUZcm+BX+Lm
tSU92dhW566tDwfoO1lbX/vOlsr4Tyejv8XhiDUoFr170hu5lxKcKlDsZAVVRnIb
XG4YzUrwtr0g3kSdmov8GAzYeHmqwvKiwWhPJhVdMJFbwJrHJYhkkST4uaGpubmr
X0bFdN+tYQ0sSyCJcnB1366w5Z379zMDICMfoKD8YkT/Feg9SE0NaMcoR4plZ58t
+26ywkceX1AP/g==
-----END CERTIFICATE-----