Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft
File:                     1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft (raw, json)
Hash identifier:          QnGH2C0hTSBiLlk7XUedkJ+1AyyWFudmNHemY581dfE=
Subject key identifier:   C3:A2:43:E6:6C:23:31:56:A2:49:FA:99:68:C1:DF:F8:B4:0B:10:B9
Authority key identifier: D6:0C:E3:44:38:60:A7:F7:0D:43:35:07:76:90:9A:48:10:A4:86:21
Certificate issuer:       /CN=d60ce3443860a7f70d43350776909a4810a48621
Certificate serial:       019510C7FF3F9300CD2C4DCDB3AEC3E51F00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1gzjRDhgp_cNQzUHdpCaSBCkhiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft
Manifest number:          099B
Signing time:             Sun 16 Feb 2025 22:01:37 +0000
Manifest this update:     Sun 16 Feb 2025 22:01:37 +0000
Manifest next update:     Mon 17 Feb 2025 22:01:37 +0000
Files and hashes:         1: 1gzjRDhgp_cNQzUHdpCaSBCkhiE.crl (hash: 8cgyXpgF9EjzdVN7AEGo2rQ22bdeGPYmCTJgkRF289o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1gzjRDhgp_cNQzUHdpCaSBCkhiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:01:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:ff:3f:93:00:cd:2c:4d:cd:b3:ae:c3:e5:1f:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d60ce3443860a7f70d43350776909a4810a48621
        Validity
            Not Before: Feb 16 22:01:37 2025 GMT
            Not After : Feb 17 22:01:37 2025 GMT
        Subject: CN=c3a243e66c233156a249fa9968c1dff8b40b10b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:ad:92:b1:75:d2:fd:7b:44:9a:53:c7:6e:47:
                    15:56:eb:4c:d8:fd:b3:5f:a1:1e:fc:cc:a5:b7:d7:
                    3a:7c:5c:43:0a:77:80:0e:f2:52:b1:36:b7:97:9e:
                    3e:45:15:24:32:8f:91:3a:f4:10:23:c4:a4:e0:dd:
                    7c:d0:fd:b2:3d:c1:88:86:30:c2:a6:6c:6d:62:47:
                    0f:5a:d7:bc:48:cf:af:96:15:ab:52:ad:eb:90:bd:
                    74:cf:88:2a:7a:b6:e3:c4:ae:02:b7:ef:33:d3:3b:
                    55:94:48:ee:88:b9:d9:e4:a6:bb:30:13:e5:1b:65:
                    75:70:33:27:6e:03:f0:3a:1b:24:01:f1:7d:51:26:
                    d1:42:aa:39:b8:c3:3a:5c:81:a4:0c:b2:5f:c6:59:
                    fc:8b:de:e6:d8:e7:85:bd:93:50:34:dc:c4:a0:d8:
                    d7:2b:49:e5:ac:b4:1f:90:6a:90:c1:a4:5b:49:35:
                    21:36:58:3d:1c:39:27:e4:41:32:19:1e:13:60:50:
                    82:a7:61:5d:95:a7:b9:f8:37:0a:f8:62:d4:0a:28:
                    91:2f:9b:16:d8:82:45:a4:25:b5:b3:e5:89:1c:e5:
                    10:25:c7:c2:ab:c7:61:22:4b:35:62:76:cc:ce:7b:
                    29:25:0f:60:8d:91:2e:ad:c6:01:c7:31:d0:c5:a3:
                    1c:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:A2:43:E6:6C:23:31:56:A2:49:FA:99:68:C1:DF:F8:B4:0B:10:B9
            X509v3 Authority Key Identifier:
                keyid:D6:0C:E3:44:38:60:A7:F7:0D:43:35:07:76:90:9A:48:10:A4:86:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gzjRDhgp_cNQzUHdpCaSBCkhiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:4e:e5:68:af:aa:51:65:10:f1:99:48:81:00:ec:f2:e7:ca:
         bc:0e:92:c6:8c:02:c7:6a:92:07:cf:f5:5e:91:e6:0e:06:3c:
         3d:48:30:f3:94:df:85:fd:e5:8e:86:47:e2:61:9a:90:6a:e5:
         c7:d1:09:41:b1:83:d2:a3:c4:2c:3a:90:f4:d2:bf:b2:c2:5c:
         86:07:37:1d:40:3d:4c:2a:95:99:55:7d:cb:6d:50:a0:73:ae:
         f0:86:4e:fa:89:b8:4c:fe:ac:27:9b:24:f1:8c:28:35:3d:3b:
         91:3a:a0:91:98:ab:11:db:0d:e0:6d:3b:f3:ec:37:e8:66:a3:
         94:e6:2e:6e:18:74:d1:f4:1a:31:03:7b:61:20:07:49:ca:5b:
         1a:fa:38:08:42:3b:9d:f6:51:fa:44:7e:99:d1:6c:d7:8f:56:
         1c:e5:3e:28:7d:ff:0a:52:3b:94:55:39:5f:d0:f8:1e:4d:4c:
         42:c7:03:5b:28:17:78:b6:0d:c3:88:bc:bd:ed:7a:3e:af:44:
         82:12:50:20:71:7a:58:f8:17:81:20:11:de:37:5d:0e:28:0d:
         5c:18:64:10:58:8a:00:1a:9b:58:d0:42:9f:b2:ec:41:1d:89:
         a7:78:62:df:54:03:16:c5:bc:be:39:97:48:11:3e:78:46:69:
         fc:37:30:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQx/8/kwDNLE3Ns67D5R8AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MGNlMzQ0Mzg2MGE3ZjcwZDQzMzUwNzc2OTA5YTQ4MTBh
NDg2MjEwHhcNMjUwMjE2MjIwMTM3WhcNMjUwMjE3MjIwMTM3WjAzMTEwLwYDVQQD
EyhjM2EyNDNlNjZjMjMzMTU2YTI0OWZhOTk2OGMxZGZmOGI0MGIxMGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz62SsXXS/XtEmlPHbkcVVutM2P2z
X6Ee/Mylt9c6fFxDCneADvJSsTa3l54+RRUkMo+ROvQQI8Sk4N180P2yPcGIhjDC
pmxtYkcPWte8SM+vlhWrUq3rkL10z4gqerbjxK4Ct+8z0ztVlEjuiLnZ5Ka7MBPl
G2V1cDMnbgPwOhskAfF9USbRQqo5uMM6XIGkDLJfxln8i97m2OeFvZNQNNzEoNjX
K0nlrLQfkGqQwaRbSTUhNlg9HDkn5EEyGR4TYFCCp2Fdlae5+DcK+GLUCiiRL5sW
2IJFpCW1s+WJHOUQJcfCq8dhIks1YnbMznspJQ9gjZEurcYBxzHQxaMcrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMOiQ+ZsIzFWokn6mWjB3/i0CxC5MB8GA1UdIwQY
MBaAFNYM40Q4YKf3DUM1B3aQmkgQpIYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWd6alJEaGdwX2NOUXpVSGRwQ2FTQkNraGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8wODY0YzMtODYwYi00MWMwLTk0MTct
ZGFmZmU1MmI5ZjBkLzEvMWd6alJEaGdwX2NOUXpVSGRwQ2FTQkNraGlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8wODY0YzMtODYwYi00MWMwLTk0MTctZGFmZmU1MmI5ZjBk
LzEvMWd6alJEaGdwX2NOUXpVSGRwQ2FTQkNraGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiE7laK+q
UWUQ8ZlIgQDs8ufKvA6SxowCx2qSB8/1XpHmDgY8PUgw85Tfhf3ljoZH4mGakGrl
x9EJQbGD0qPELDqQ9NK/ssJchgc3HUA9TCqVmVV9y21QoHOu8IZO+om4TP6sJ5sk
8YwoNT07kTqgkZirEdsN4G078+w36GajlOYubhh00fQaMQN7YSAHScpbGvo4CEI7
nfZR+kR+mdFs149WHOU+KH3/ClI7lFU5X9D4Hk1MQscDWygXeLYNw4i8ve16Pq9E
ghJQIHF6WPgXgSAR3jddDigNXBhkEFiKABqbWNBCn7LsQR2Jp3hi31QDFsW8vjmX
SBE+eEZp/DcwMQ==
-----END CERTIFICATE-----