Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/233d82-938e-4f35-aa48-d4e9cf26ee10/1/mpVYgYJyucVAD8XaGIE6zOkXWI0.mft
File:                     mpVYgYJyucVAD8XaGIE6zOkXWI0.mft (raw, json)
Hash identifier:          mVI0YUw4/v2IxsRenMkmb8ducjsf5V1KKH7EShNsTK4=
Subject key identifier:   88:CD:30:61:C2:FE:75:94:68:E3:06:46:9B:8D:41:E2:DC:B9:B2:25
Authority key identifier: 9A:95:58:81:82:72:B9:C5:40:0F:C5:DA:18:81:3A:CC:E9:17:58:8D
Certificate issuer:       /CN=9a9558818272b9c5400fc5da18813acce917588d
Certificate serial:       019510C7A2E1A07CF8E30B022276B5E07395
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mpVYgYJyucVAD8XaGIE6zOkXWI0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/233d82-938e-4f35-aa48-d4e9cf26ee10/1/mpVYgYJyucVAD8XaGIE6zOkXWI0.mft
Manifest number:          1452
Signing time:             Sun 16 Feb 2025 22:01:13 +0000
Manifest this update:     Sun 16 Feb 2025 22:01:13 +0000
Manifest next update:     Mon 17 Feb 2025 22:01:13 +0000
Files and hashes:         1: mpVYgYJyucVAD8XaGIE6zOkXWI0.crl (hash: 3VJZmyKzONJKVHmmz8fY90sJrQKCmlZvWeKMXkQAovY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/be/233d82-938e-4f35-aa48-d4e9cf26ee10/1/mpVYgYJyucVAD8XaGIE6zOkXWI0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/be/233d82-938e-4f35-aa48-d4e9cf26ee10/1/mpVYgYJyucVAD8XaGIE6zOkXWI0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mpVYgYJyucVAD8XaGIE6zOkXWI0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:a2:e1:a0:7c:f8:e3:0b:02:22:76:b5:e0:73:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a9558818272b9c5400fc5da18813acce917588d
        Validity
            Not Before: Feb 16 22:01:13 2025 GMT
            Not After : Feb 17 22:01:13 2025 GMT
        Subject: CN=88cd3061c2fe759468e306469b8d41e2dcb9b225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:77:69:8e:10:dd:3f:84:09:f0:f6:46:3f:0d:
                    70:90:71:c6:66:77:04:ff:0f:e3:5f:6e:bd:8c:39:
                    bb:76:98:ff:db:6a:49:64:85:77:9a:85:72:23:ee:
                    10:d0:7a:36:51:e2:77:b9:1c:f5:e0:2d:d1:9b:1c:
                    35:4a:5f:06:7d:8b:a2:e9:44:3f:ba:b8:b0:43:f0:
                    d9:0c:14:03:4a:23:0d:04:2d:cc:7e:71:cd:e8:60:
                    f5:55:94:61:9b:99:b7:27:f9:f8:fa:29:80:1f:6b:
                    d6:7f:79:36:42:df:31:d4:da:ea:c8:c2:f2:2a:0d:
                    31:40:cc:b2:45:02:09:d5:86:7e:f5:ed:6c:36:83:
                    9b:ad:97:d7:0b:23:51:20:b3:63:ad:0e:0e:92:fa:
                    c1:65:0b:e5:78:d4:db:68:e6:58:5d:7e:f6:a2:9f:
                    70:e7:1f:aa:d1:b7:d4:d1:6d:92:dc:33:97:08:4c:
                    c6:70:3f:a8:85:a0:9d:c0:fa:5b:6d:c7:e1:9e:30:
                    c8:85:cf:95:d4:87:e5:ea:01:5e:08:be:19:0b:19:
                    57:aa:a2:eb:dd:76:d9:03:a3:ff:c6:b0:a1:c3:27:
                    eb:31:11:82:21:05:04:44:d2:c9:7e:df:99:33:8e:
                    1e:b1:a6:42:04:4c:70:50:27:9f:20:27:17:a2:e3:
                    83:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:CD:30:61:C2:FE:75:94:68:E3:06:46:9B:8D:41:E2:DC:B9:B2:25
            X509v3 Authority Key Identifier:
                keyid:9A:95:58:81:82:72:B9:C5:40:0F:C5:DA:18:81:3A:CC:E9:17:58:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mpVYgYJyucVAD8XaGIE6zOkXWI0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/233d82-938e-4f35-aa48-d4e9cf26ee10/1/mpVYgYJyucVAD8XaGIE6zOkXWI0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/233d82-938e-4f35-aa48-d4e9cf26ee10/1/mpVYgYJyucVAD8XaGIE6zOkXWI0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:9c:51:ca:09:c1:da:22:c0:53:68:2b:ac:51:11:13:e4:5b:
         0a:b6:9e:a3:c3:6a:ed:61:ee:5b:53:16:04:b1:c2:0f:09:3b:
         47:1c:58:aa:3d:98:53:d9:5a:6d:53:08:c3:c1:4b:bc:91:bf:
         19:c2:81:c7:39:3e:ed:59:d3:ff:46:ff:e4:5c:04:e6:78:e6:
         ba:e2:70:6a:e3:ba:ea:04:fa:ad:19:3c:c6:9a:e3:a2:4e:d6:
         0c:7b:37:73:b2:bd:5a:f6:d9:6c:5a:1d:2a:b7:01:7e:c0:9f:
         c0:00:fd:11:fa:cd:b0:6f:99:3a:34:6c:9d:ff:a0:e6:e5:9c:
         32:94:f4:ad:ca:6c:40:bc:7e:aa:b4:f4:55:b8:5f:41:ed:66:
         3c:24:37:de:29:ef:32:c5:37:96:4e:e5:49:5c:55:07:d8:7d:
         e1:3a:c9:2c:e8:e4:c4:40:8b:b9:a2:24:0e:65:0f:e4:7d:e4:
         db:b5:19:d4:9d:50:10:18:a3:4e:fe:51:d1:02:2f:53:4f:87:
         e5:00:10:41:bd:a3:bc:0e:e7:78:bf:fe:b8:98:5f:36:df:0c:
         1e:ad:8c:31:6f:ee:fb:fb:6d:03:6b:90:94:4e:ba:15:a3:e8:
         26:c2:94:3c:ff:88:fa:81:ff:b6:5c:f0:bb:7e:35:5b:6d:0b:
         16:5d:fa:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQx6LhoHz44wsCIna14HOVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhOTU1ODgxODI3MmI5YzU0MDBmYzVkYTE4ODEzYWNjZTkx
NzU4OGQwHhcNMjUwMjE2MjIwMTEzWhcNMjUwMjE3MjIwMTEzWjAzMTEwLwYDVQQD
Eyg4OGNkMzA2MWMyZmU3NTk0NjhlMzA2NDY5YjhkNDFlMmRjYjliMjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApndpjhDdP4QJ8PZGPw1wkHHGZncE
/w/jX269jDm7dpj/22pJZIV3moVyI+4Q0Ho2UeJ3uRz14C3Rmxw1Sl8GfYui6UQ/
uriwQ/DZDBQDSiMNBC3MfnHN6GD1VZRhm5m3J/n4+imAH2vWf3k2Qt8x1NrqyMLy
Kg0xQMyyRQIJ1YZ+9e1sNoObrZfXCyNRILNjrQ4OkvrBZQvleNTbaOZYXX72op9w
5x+q0bfU0W2S3DOXCEzGcD+ohaCdwPpbbcfhnjDIhc+V1Ifl6gFeCL4ZCxlXqqLr
3XbZA6P/xrChwyfrMRGCIQUERNLJft+ZM44esaZCBExwUCefICcXouODsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIjNMGHC/nWUaOMGRpuNQeLcubIlMB8GA1UdIwQY
MBaAFJqVWIGCcrnFQA/F2hiBOszpF1iNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXBWWWdZSnl1Y1ZBRDhYYUdJRTZ6T2tYV0kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8yMzNkODItOTM4ZS00ZjM1LWFhNDgt
ZDRlOWNmMjZlZTEwLzEvbXBWWWdZSnl1Y1ZBRDhYYUdJRTZ6T2tYV0kwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8yMzNkODItOTM4ZS00ZjM1LWFhNDgtZDRlOWNmMjZlZTEw
LzEvbXBWWWdZSnl1Y1ZBRDhYYUdJRTZ6T2tYV0kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgZxRygnB
2iLAU2grrFERE+RbCraeo8Nq7WHuW1MWBLHCDwk7RxxYqj2YU9labVMIw8FLvJG/
GcKBxzk+7VnT/0b/5FwE5njmuuJwauO66gT6rRk8xprjok7WDHs3c7K9WvbZbFod
KrcBfsCfwAD9EfrNsG+ZOjRsnf+g5uWcMpT0rcpsQLx+qrT0VbhfQe1mPCQ33inv
MsU3lk7lSVxVB9h94TrJLOjkxECLuaIkDmUP5H3k27UZ1J1QEBijTv5R0QIvU0+H
5QAQQb2jvA7neL/+uJhfNt8MHq2MMW/u+/ttA2uQlE66FaPoJsKUPP+I+oH/tlzw
u341W20LFl362g==
-----END CERTIFICATE-----