Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/2a7a18-8d4a-4e81-90a0-fbc026917f62/1/ghTcSLPpGeVc6BhNOpaQ0UklvL0.mft
File:                     ghTcSLPpGeVc6BhNOpaQ0UklvL0.mft (raw, json)
Hash identifier:          qeor5ouEjIaVukHryDNKsy/5LeziV9TzTraKnps59fo=
Subject key identifier:   03:F3:07:E4:A4:97:9D:D4:C4:E3:67:F3:B2:A3:F9:59:08:C3:99:40
Authority key identifier: 82:14:DC:48:B3:E9:19:E5:5C:E8:18:4D:3A:96:90:D1:49:25:BC:BD
Certificate issuer:       /CN=8214dc48b3e919e55ce8184d3a9690d14925bcbd
Certificate serial:       0194C388441ABF80239864B5EBA186EB7E23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ghTcSLPpGeVc6BhNOpaQ0UklvL0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/2a7a18-8d4a-4e81-90a0-fbc026917f62/1/ghTcSLPpGeVc6BhNOpaQ0UklvL0.mft
Manifest number:          0614
Signing time:             Sat 01 Feb 2025 22:01:14 +0000
Manifest this update:     Sat 01 Feb 2025 22:01:14 +0000
Manifest next update:     Sun 02 Feb 2025 22:01:14 +0000
Files and hashes:         1: ghTcSLPpGeVc6BhNOpaQ0UklvL0.crl (hash: nQ4OcM7jQhqtoC5avlY+Ydlr24KIIIaK2xN+vkpzwPA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/2a7a18-8d4a-4e81-90a0-fbc026917f62/1/ghTcSLPpGeVc6BhNOpaQ0UklvL0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/2a7a18-8d4a-4e81-90a0-fbc026917f62/1/ghTcSLPpGeVc6BhNOpaQ0UklvL0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ghTcSLPpGeVc6BhNOpaQ0UklvL0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:88:44:1a:bf:80:23:98:64:b5:eb:a1:86:eb:7e:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8214dc48b3e919e55ce8184d3a9690d14925bcbd
        Validity
            Not Before: Feb  1 22:01:14 2025 GMT
            Not After : Feb  2 22:01:14 2025 GMT
        Subject: CN=03f307e4a4979dd4c4e367f3b2a3f95908c39940
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:64:d9:83:25:fc:6b:f6:04:67:e0:79:dd:d9:
                    b7:71:d2:14:fa:55:da:2c:0f:31:18:dd:69:91:2f:
                    fb:3f:cd:d1:ab:53:61:8c:30:3f:40:ff:7f:a9:25:
                    a7:58:80:fa:4d:9d:d2:3d:b5:39:c3:3c:56:16:11:
                    69:4e:72:0d:be:f3:4f:93:dc:f4:8f:e3:82:0a:35:
                    bc:2a:04:e2:4e:c0:1a:3f:ea:f2:b4:e5:e9:02:33:
                    94:a0:a7:e0:c7:1a:79:66:65:f6:98:cb:63:4b:70:
                    44:81:5d:89:51:c6:6e:70:a1:43:77:44:4d:f3:19:
                    40:1d:2a:15:80:a3:48:70:df:ec:72:d0:b8:7e:97:
                    3d:b0:f4:75:2a:99:e0:e3:bd:79:54:ed:61:41:07:
                    5e:aa:3a:09:f9:3e:bf:f2:5b:79:4c:e9:08:0b:32:
                    62:fd:03:97:87:77:e8:7f:e5:4c:d5:16:f4:5d:5b:
                    a7:b2:47:f0:57:ad:c9:0b:be:c1:c9:29:c4:95:41:
                    09:32:9d:25:7d:ff:37:8c:93:e6:8c:f4:f8:6e:0a:
                    f3:7a:20:bd:df:f1:6f:c8:ea:5a:a1:d4:8c:0f:ab:
                    c5:91:db:89:08:ec:7f:09:34:16:97:eb:da:af:84:
                    68:ea:f1:d8:73:73:85:fc:8d:16:69:31:85:2f:1c:
                    35:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:F3:07:E4:A4:97:9D:D4:C4:E3:67:F3:B2:A3:F9:59:08:C3:99:40
            X509v3 Authority Key Identifier:
                keyid:82:14:DC:48:B3:E9:19:E5:5C:E8:18:4D:3A:96:90:D1:49:25:BC:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ghTcSLPpGeVc6BhNOpaQ0UklvL0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/2a7a18-8d4a-4e81-90a0-fbc026917f62/1/ghTcSLPpGeVc6BhNOpaQ0UklvL0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/2a7a18-8d4a-4e81-90a0-fbc026917f62/1/ghTcSLPpGeVc6BhNOpaQ0UklvL0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:87:b2:7a:ea:f9:99:b1:e6:58:06:3a:52:3c:5e:5e:16:54:
         c9:ec:f9:69:38:e3:d5:e8:d3:12:24:13:a2:76:3b:7e:78:25:
         c3:cb:eb:b9:7e:b2:cc:98:f4:be:a0:d4:c4:cc:b8:40:06:1c:
         44:73:85:5d:9c:01:c0:e1:90:db:aa:c6:47:c7:53:b9:db:0a:
         f4:62:54:ce:74:ea:19:b0:8e:fe:ff:a3:31:fa:fc:aa:12:ae:
         9d:97:f9:75:a4:51:ed:94:47:60:2a:b9:5c:78:d0:a4:f6:6f:
         e7:b2:40:bf:94:83:45:86:b8:0a:4c:9c:d7:7a:e6:45:fb:c1:
         2e:3c:75:85:5b:bc:dd:fd:29:9b:62:e3:58:ae:11:32:ba:ff:
         3e:4a:76:6e:fc:82:25:f0:2f:b1:c7:f2:1d:68:69:ad:f5:8e:
         7c:46:9d:80:e1:3c:04:de:74:df:ab:29:90:3d:f8:df:7f:c1:
         e6:90:f3:82:3e:b0:7b:b4:f7:0d:4b:a1:85:e1:a2:f9:e9:c4:
         1b:d5:0a:b3:c1:d4:8f:b1:04:7f:72:4f:fc:72:5d:06:58:52:
         e1:29:99:62:a9:13:6c:83:fa:a4:24:bf:3f:2c:0b:00:52:4d:
         91:47:11:fe:49:e1:91:87:37:53:cd:3e:b6:54:32:eb:f2:4d:
         50:a8:c7:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDiEQav4AjmGS166GG634jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMTRkYzQ4YjNlOTE5ZTU1Y2U4MTg0ZDNhOTY5MGQxNDky
NWJjYmQwHhcNMjUwMjAxMjIwMTE0WhcNMjUwMjAyMjIwMTE0WjAzMTEwLwYDVQQD
EygwM2YzMDdlNGE0OTc5ZGQ0YzRlMzY3ZjNiMmEzZjk1OTA4YzM5OTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmTZgyX8a/YEZ+B53dm3cdIU+lXa
LA8xGN1pkS/7P83Rq1NhjDA/QP9/qSWnWID6TZ3SPbU5wzxWFhFpTnINvvNPk9z0
j+OCCjW8KgTiTsAaP+rytOXpAjOUoKfgxxp5ZmX2mMtjS3BEgV2JUcZucKFDd0RN
8xlAHSoVgKNIcN/sctC4fpc9sPR1Kpng4715VO1hQQdeqjoJ+T6/8lt5TOkICzJi
/QOXh3fof+VM1Rb0XVunskfwV63JC77BySnElUEJMp0lff83jJPmjPT4bgrzeiC9
3/FvyOpaodSMD6vFkduJCOx/CTQWl+var4Ro6vHYc3OF/I0WaTGFLxw19wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAPzB+Skl53UxONn87Kj+VkIw5lAMB8GA1UdIwQY
MBaAFIIU3Eiz6RnlXOgYTTqWkNFJJby9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hUY1NMUHBHZVZjNkJoTk9wYVEwVWtsdkwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8yYTdhMTgtOGQ0YS00ZTgxLTkwYTAt
ZmJjMDI2OTE3ZjYyLzEvZ2hUY1NMUHBHZVZjNkJoTk9wYVEwVWtsdkwwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8yYTdhMTgtOGQ0YS00ZTgxLTkwYTAtZmJjMDI2OTE3ZjYy
LzEvZ2hUY1NMUHBHZVZjNkJoTk9wYVEwVWtsdkwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJIeyeur5
mbHmWAY6UjxeXhZUyez5aTjj1ejTEiQTonY7fnglw8vruX6yzJj0vqDUxMy4QAYc
RHOFXZwBwOGQ26rGR8dTudsK9GJUznTqGbCO/v+jMfr8qhKunZf5daRR7ZRHYCq5
XHjQpPZv57JAv5SDRYa4Ckyc13rmRfvBLjx1hVu83f0pm2LjWK4RMrr/Pkp2bvyC
JfAvscfyHWhprfWOfEadgOE8BN5036spkD3433/B5pDzgj6we7T3DUuhheGi+enE
G9UKs8HUj7EEf3JP/HJdBlhS4SmZYqkTbIP6pCS/PywLAFJNkUcR/knhkYc3U80+
tlQy6/JNUKjHqQ==
-----END CERTIFICATE-----