Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
File:                     0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft (raw, json)
Hash identifier:          0Lny25zfw9aaj/FjNtT8SmsEgaX9r+USkb/wKI1267g=
Subject key identifier:   49:11:31:39:72:B5:2B:8D:EF:1A:98:2C:7C:3E:8A:8B:D3:6F:27:51
Authority key identifier: D1:DB:4A:7D:1E:6A:BF:FB:CD:A7:8B:FC:33:12:50:DD:16:BE:3D:E0
Certificate issuer:       /CN=d1db4a7d1e6abffbcda78bfc331250dd16be3de0
Certificate serial:       019511349522466C8BE515BA71133CB9D8A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
Manifest number:          0B00
Signing time:             Mon 17 Feb 2025 00:00:13 +0000
Manifest this update:     Mon 17 Feb 2025 00:00:13 +0000
Manifest next update:     Tue 18 Feb 2025 00:00:13 +0000
Files and hashes:         1: 0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl (hash: z3XxW//UQp80NtXjpfqxXoXA5MwXkvfX7mYIwo9B/Ck=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:34:95:22:46:6c:8b:e5:15:ba:71:13:3c:b9:d8:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1db4a7d1e6abffbcda78bfc331250dd16be3de0
        Validity
            Not Before: Feb 17 00:00:13 2025 GMT
            Not After : Feb 18 00:00:13 2025 GMT
        Subject: CN=4911313972b52b8def1a982c7c3e8a8bd36f2751
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:68:f3:19:b5:91:b2:84:40:23:86:18:74:90:
                    d6:2c:1e:ef:7c:fc:b7:8b:56:48:40:96:5b:f6:1c:
                    c4:0b:b4:e7:3c:4e:4d:93:52:51:40:2e:15:33:65:
                    1f:d3:bb:8b:c8:d8:9e:be:42:76:fc:3e:02:22:b2:
                    38:e3:9a:fd:93:ee:2d:2b:39:9a:3c:b0:70:e3:44:
                    75:17:da:40:28:87:3d:8a:f5:92:67:a8:be:f2:fe:
                    c4:66:15:dc:e1:fa:56:c0:62:38:ae:88:a2:bc:b7:
                    d3:a4:19:1c:58:82:53:93:9b:0c:a4:6b:e3:fb:49:
                    a7:13:14:ea:46:40:ac:47:d1:b6:2e:b4:64:46:3d:
                    fc:93:83:cb:36:8a:93:6a:f6:03:32:33:11:10:88:
                    d3:5b:53:c1:e5:84:eb:da:65:9a:ae:02:77:4a:c3:
                    91:dc:ca:13:04:c2:e6:ae:26:81:07:8d:28:06:74:
                    ac:4e:cc:eb:7b:c4:1c:19:9c:27:fb:04:02:68:5e:
                    ff:84:85:49:f1:3d:a1:61:17:35:68:ad:26:db:80:
                    9e:bb:67:e2:7f:08:2f:9a:f1:a5:42:45:4c:86:00:
                    85:69:6a:32:2f:66:13:28:15:5a:8f:53:4a:5d:12:
                    92:b5:67:7e:0e:ce:31:e2:c8:a2:a2:45:a3:06:1e:
                    16:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:11:31:39:72:B5:2B:8D:EF:1A:98:2C:7C:3E:8A:8B:D3:6F:27:51
            X509v3 Authority Key Identifier:
                keyid:D1:DB:4A:7D:1E:6A:BF:FB:CD:A7:8B:FC:33:12:50:DD:16:BE:3D:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:ed:f2:60:a7:71:54:4e:a7:47:62:eb:6f:0f:bb:02:d4:a6:
         5c:87:82:03:11:53:1f:9c:a3:70:d4:a8:a3:f8:58:80:f7:2e:
         ee:a6:a2:7a:28:ff:3e:5c:ef:48:3a:7b:9a:1c:31:4c:82:a6:
         80:28:e3:62:2d:15:ab:f2:1d:6d:73:90:f6:0c:11:fa:fb:19:
         df:d1:a9:a9:4c:e5:41:36:98:67:6b:2e:4c:20:77:3f:cb:5c:
         ca:b7:70:62:24:95:c1:18:0e:ac:36:5c:53:b7:cd:0d:c6:0c:
         ab:d2:89:fb:6a:64:09:8c:9d:93:4d:72:ee:da:70:0e:c0:30:
         aa:53:ac:7b:a6:c5:c2:45:c7:59:6b:03:4d:99:c0:97:0a:79:
         ef:30:55:56:da:c1:e1:65:05:f7:cd:f1:86:90:00:92:a7:74:
         79:ec:fd:f4:99:0a:05:fc:c7:d5:c3:11:fa:96:46:cc:18:ab:
         21:70:d4:68:89:6b:1f:85:ed:6d:69:d2:70:c0:1c:13:1a:97:
         3d:82:c2:4b:0a:e3:2f:8c:bb:4c:f4:19:a3:d9:1b:f6:2c:8f:
         f4:b8:7f:dd:e7:bd:d9:5d:14:61:50:ac:9e:e6:da:70:94:87:
         03:cc:f2:09:c5:d0:65:6c:8a:83:5e:6d:73:55:07:b4:e5:e7:
         62:d6:80:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURNJUiRmyL5RW6cRM8udinMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZGI0YTdkMWU2YWJmZmJjZGE3OGJmYzMzMTI1MGRkMTZi
ZTNkZTAwHhcNMjUwMjE3MDAwMDEzWhcNMjUwMjE4MDAwMDEzWjAzMTEwLwYDVQQD
Eyg0OTExMzEzOTcyYjUyYjhkZWYxYTk4MmM3YzNlOGE4YmQzNmYyNzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWjzGbWRsoRAI4YYdJDWLB7vfPy3
i1ZIQJZb9hzEC7TnPE5Nk1JRQC4VM2Uf07uLyNievkJ2/D4CIrI445r9k+4tKzma
PLBw40R1F9pAKIc9ivWSZ6i+8v7EZhXc4fpWwGI4roiivLfTpBkcWIJTk5sMpGvj
+0mnExTqRkCsR9G2LrRkRj38k4PLNoqTavYDMjMREIjTW1PB5YTr2mWargJ3SsOR
3MoTBMLmriaBB40oBnSsTszre8QcGZwn+wQCaF7/hIVJ8T2hYRc1aK0m24Ceu2fi
fwgvmvGlQkVMhgCFaWoyL2YTKBVaj1NKXRKStWd+Ds4x4siiokWjBh4WfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEkRMTlytSuN7xqYLHw+iovTbydRMB8GA1UdIwQY
MBaAFNHbSn0ear/7zaeL/DMSUN0Wvj3gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8xNWFkMDgtMGZkMC00MDAwLTk2NjIt
Y2M3OGFmNGU4MDE2LzEvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8xNWFkMDgtMGZkMC00MDAwLTk2NjItY2M3OGFmNGU4MDE2
LzEvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE+3yYKdx
VE6nR2Lrbw+7AtSmXIeCAxFTH5yjcNSoo/hYgPcu7qaieij/PlzvSDp7mhwxTIKm
gCjjYi0Vq/IdbXOQ9gwR+vsZ39GpqUzlQTaYZ2suTCB3P8tcyrdwYiSVwRgOrDZc
U7fNDcYMq9KJ+2pkCYydk01y7tpwDsAwqlOse6bFwkXHWWsDTZnAlwp57zBVVtrB
4WUF983xhpAAkqd0eez99JkKBfzH1cMR+pZGzBirIXDUaIlrH4XtbWnScMAcExqX
PYLCSwrjL4y7TPQZo9kb9iyP9Lh/3ee92V0UYVCsnubacJSHA8zyCcXQZWyKg15t
c1UHtOXnYtaAuw==
-----END CERTIFICATE-----