Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft
File:                     cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft (raw, json)
Hash identifier:          9b2E2QcNJvGKOKzapsDfdOSCKCTJS32ivg6q3cMAg0o=
Subject key identifier:   B9:E1:45:37:73:43:98:A0:AB:9F:B4:3A:10:9D:ED:4B:B5:49:D0:3D
Authority key identifier: 70:B4:13:FA:78:2A:30:42:83:0D:A2:3A:A3:F3:59:4A:7D:5E:A2:F4
Certificate issuer:       /CN=70b413fa782a3042830da23aa3f3594a7d5ea2f4
Certificate serial:       01958CCEDDAEBB2BCA06A9C541DF0E35A8B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cLQT-ngqMEKDDaI6o_NZSn1eovQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft
Manifest number:          1493
Signing time:             Thu 13 Mar 2025 00:02:02 +0000
Manifest this update:     Thu 13 Mar 2025 00:02:02 +0000
Manifest next update:     Fri 14 Mar 2025 00:02:02 +0000
Files and hashes:         1: cLQT-ngqMEKDDaI6o_NZSn1eovQ.crl (hash: vC2gLmMSxucZlRVJHYLBNeqqIQLTffTG4j5z5Ju64i0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cLQT-ngqMEKDDaI6o_NZSn1eovQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 19:14:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8c:ce:dd:ae:bb:2b:ca:06:a9:c5:41:df:0e:35:a8:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70b413fa782a3042830da23aa3f3594a7d5ea2f4
        Validity
            Not Before: Mar 13 00:02:02 2025 GMT
            Not After : Mar 14 00:02:02 2025 GMT
        Subject: CN=b9e14537734398a0ab9fb43a109ded4bb549d03d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:c0:45:04:f6:78:52:7c:cf:65:f3:09:8b:1e:
                    e3:24:f8:75:51:e5:eb:fb:20:e1:62:21:64:7a:16:
                    1c:8e:ee:d9:00:c6:28:ed:72:92:aa:2e:1d:32:fb:
                    ef:b6:a0:e8:80:e1:aa:fe:84:67:83:b5:55:c2:49:
                    64:b8:39:69:29:b7:5e:da:eb:76:3a:f6:a2:3d:0a:
                    36:15:af:d7:b9:6a:b8:7b:0d:00:71:16:b0:f9:89:
                    23:f8:a6:fb:1f:2a:72:99:ff:76:2d:92:c1:3b:70:
                    62:56:c6:00:a2:0d:16:96:2b:83:ee:e1:d8:3b:2f:
                    77:f7:c6:cc:fa:64:a5:29:53:0a:c8:b5:af:4b:c6:
                    a5:e3:1c:6e:15:0e:f9:f4:8f:96:2c:03:59:7a:b1:
                    a9:c0:8f:03:48:ad:4c:2a:9c:41:b4:d0:25:aa:fa:
                    5a:05:0a:88:df:84:a6:9e:2e:84:70:0a:c2:92:41:
                    c2:98:d6:b1:d3:6c:bc:bc:72:8c:22:6a:1e:30:a3:
                    f4:18:6f:d2:dc:ef:a0:6b:3f:ec:a3:2a:ca:11:9a:
                    74:6d:93:e6:62:6f:a1:d2:62:ea:76:2d:c2:8b:d1:
                    56:4a:ab:ea:e4:18:bb:a1:0d:a5:54:02:26:83:cb:
                    a3:e2:e7:15:8d:53:83:00:fb:9e:d7:7a:7e:ab:b9:
                    be:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:E1:45:37:73:43:98:A0:AB:9F:B4:3A:10:9D:ED:4B:B5:49:D0:3D
            X509v3 Authority Key Identifier:
                keyid:70:B4:13:FA:78:2A:30:42:83:0D:A2:3A:A3:F3:59:4A:7D:5E:A2:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cLQT-ngqMEKDDaI6o_NZSn1eovQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:ef:93:48:5b:d0:55:8c:4d:fd:d2:28:77:7e:09:6a:50:6e:
         69:de:1d:b5:03:5c:45:f1:45:32:fa:41:05:dc:6c:c7:0c:14:
         7f:b3:11:05:95:5b:92:06:b4:d1:e9:05:51:28:2e:31:e5:32:
         a0:d9:64:f0:52:97:49:c1:96:78:33:26:15:4d:cf:a9:70:02:
         c4:44:77:cc:28:fe:7c:da:64:c5:81:18:7a:09:89:50:93:2c:
         26:4a:87:d9:c0:2b:ba:14:30:ef:5f:eb:dc:9f:61:24:62:2b:
         d4:8b:9d:a9:af:f0:7b:d6:27:cd:66:d5:41:a9:5f:13:e8:21:
         e0:47:d7:d2:f2:97:b2:16:a4:fd:bd:40:39:aa:02:88:db:c1:
         72:e7:3e:3d:09:2b:99:fa:9a:3d:0c:32:e6:41:50:49:2c:5f:
         86:31:c2:b1:09:01:aa:18:99:dd:cf:fb:de:65:a7:10:18:b0:
         c0:ff:e9:a0:4e:c7:6c:e7:e8:ec:18:d5:78:cb:a6:0e:84:83:
         9b:76:52:74:5c:f8:fd:a8:e0:5e:5f:00:a8:ca:9c:ed:f4:48:
         a8:0b:5e:82:9c:f2:49:3a:fc:97:41:d6:d6:e6:3d:b7:15:cf:
         af:df:52:8b:e6:7b:ca:18:52:1c:a1:c1:2d:aa:b7:e4:f5:37:
         5e:06:6c:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWMzt2uuyvKBqnFQd8ONai1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYjQxM2ZhNzgyYTMwNDI4MzBkYTIzYWEzZjM1OTRhN2Q1
ZWEyZjQwHhcNMjUwMzEzMDAwMjAyWhcNMjUwMzE0MDAwMjAyWjAzMTEwLwYDVQQD
EyhiOWUxNDUzNzczNDM5OGEwYWI5ZmI0M2ExMDlkZWQ0YmI1NDlkMDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0sBFBPZ4UnzPZfMJix7jJPh1UeXr
+yDhYiFkehYcju7ZAMYo7XKSqi4dMvvvtqDogOGq/oRng7VVwklkuDlpKbde2ut2
OvaiPQo2Fa/XuWq4ew0AcRaw+Ykj+Kb7Hypymf92LZLBO3BiVsYAog0WliuD7uHY
Oy9398bM+mSlKVMKyLWvS8al4xxuFQ759I+WLANZerGpwI8DSK1MKpxBtNAlqvpa
BQqI34Smni6EcArCkkHCmNax02y8vHKMImoeMKP0GG/S3O+gaz/soyrKEZp0bZPm
Ym+h0mLqdi3Ci9FWSqvq5Bi7oQ2lVAImg8uj4ucVjVODAPue13p+q7m+GwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLnhRTdzQ5igq5+0OhCd7Uu1SdA9MB8GA1UdIwQY
MBaAFHC0E/p4KjBCgw2iOqPzWUp9XqL0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0xRVC1uZ3FNRUtERGFJNm9fTlpTbjFlb3ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi84Y2YxZjUtMjA5NS00OGZhLThjM2Et
YTMxMzdiYzgzZDBhLzEvY0xRVC1uZ3FNRUtERGFJNm9fTlpTbjFlb3ZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi84Y2YxZjUtMjA5NS00OGZhLThjM2EtYTMxMzdiYzgzZDBh
LzEvY0xRVC1uZ3FNRUtERGFJNm9fTlpTbjFlb3ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHO+TSFvQ
VYxN/dIod34JalBuad4dtQNcRfFFMvpBBdxsxwwUf7MRBZVbkga00ekFUSguMeUy
oNlk8FKXScGWeDMmFU3PqXACxER3zCj+fNpkxYEYegmJUJMsJkqH2cAruhQw71/r
3J9hJGIr1Iudqa/we9YnzWbVQalfE+gh4EfX0vKXshak/b1AOaoCiNvBcuc+PQkr
mfqaPQwy5kFQSSxfhjHCsQkBqhiZ3c/73mWnEBiwwP/poE7HbOfo7BjVeMumDoSD
m3ZSdFz4/ajgXl8AqMqc7fRIqAtegpzySTr8l0HW1uY9txXPr99Si+Z7yhhSHKHB
Laq35PU3XgZsOA==
-----END CERTIFICATE-----