Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.mft
File:                     n0XrWiiMaO1g29m4fk6CBsqckz8.mft (raw, json)
Hash identifier:          t/MsAI9ircJTOn+qPcP8bK58t+bTkAuvPnNqIt8aUqc=
Subject key identifier:   2C:A1:83:0C:02:A7:C0:45:5A:87:C5:64:FF:1C:4F:C4:A3:98:C2:F5
Authority key identifier: 9F:45:EB:5A:28:8C:68:ED:60:DB:D9:B8:7E:4E:82:06:CA:9C:93:3F
Certificate issuer:       /CN=9f45eb5a288c68ed60dbd9b87e4e8206ca9c933f
Certificate serial:       019510C708530F4F8EEE3F3249474F278C2D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/n0XrWiiMaO1g29m4fk6CBsqckz8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.mft
Manifest number:          0E30
Signing time:             Sun 16 Feb 2025 22:00:34 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:34 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:34 +0000
Files and hashes:         1: n0XrWiiMaO1g29m4fk6CBsqckz8.crl (hash: R9eASJGQ/hyeb0ZoiDoERnoL2MVHIThp80tJQzGxH24=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/n0XrWiiMaO1g29m4fk6CBsqckz8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:08:53:0f:4f:8e:ee:3f:32:49:47:4f:27:8c:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f45eb5a288c68ed60dbd9b87e4e8206ca9c933f
        Validity
            Not Before: Feb 16 22:00:34 2025 GMT
            Not After : Feb 17 22:00:34 2025 GMT
        Subject: CN=2ca1830c02a7c0455a87c564ff1c4fc4a398c2f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:05:63:8a:b6:ef:5d:35:62:e9:96:2e:cb:cd:
                    ce:71:64:7f:76:ac:81:0e:df:f3:88:e5:87:cd:f0:
                    e7:ca:fa:18:fe:18:eb:c8:53:4e:a7:98:39:0d:52:
                    c1:e4:42:d3:df:28:1a:77:d8:f3:8b:79:ec:0a:9e:
                    db:25:7b:37:85:ba:f7:6b:d7:83:23:25:83:85:b4:
                    36:07:dd:53:af:4e:71:c6:d1:c3:cd:62:8d:d6:6f:
                    62:c5:cf:94:14:8d:e4:f3:61:06:48:62:08:ef:8d:
                    e7:c0:93:65:fe:65:1c:c1:39:49:1d:79:39:97:13:
                    ba:e9:0f:21:c4:05:44:7b:b8:11:6e:f3:ca:5a:12:
                    18:d0:73:e8:a6:2b:84:62:64:0b:ca:f5:ce:67:16:
                    77:7c:3b:7e:d7:67:d5:56:ea:fb:9b:2f:97:03:21:
                    4e:62:ba:d1:00:3a:53:b0:2f:eb:dc:8c:c4:6c:da:
                    1c:0c:97:c6:0c:f2:80:14:22:5e:9a:b0:53:36:b0:
                    31:ce:c7:52:f4:01:1d:c9:f3:de:55:6e:0c:3c:09:
                    ff:59:3b:25:15:58:47:2b:ff:88:7b:14:5e:3c:19:
                    ff:17:a2:8a:1f:69:70:60:07:c5:4d:76:52:99:5c:
                    4c:8a:2f:0b:8c:6a:02:17:5b:34:0a:f8:5f:bb:8f:
                    84:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:A1:83:0C:02:A7:C0:45:5A:87:C5:64:FF:1C:4F:C4:A3:98:C2:F5
            X509v3 Authority Key Identifier:
                keyid:9F:45:EB:5A:28:8C:68:ED:60:DB:D9:B8:7E:4E:82:06:CA:9C:93:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n0XrWiiMaO1g29m4fk6CBsqckz8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:63:63:03:2b:4f:ff:86:33:b2:db:37:a7:55:52:01:22:b0:
         25:1c:d6:f9:e1:17:b2:d2:80:15:92:bf:dd:06:ba:d5:2e:40:
         d7:79:83:b2:71:4a:2c:c9:ef:25:6b:a8:2f:3f:a1:0e:7c:9d:
         4e:a8:7e:9c:51:11:5f:46:a9:61:37:d2:98:c8:66:02:c6:db:
         98:2c:4a:1f:70:62:17:35:4d:8b:9e:9c:95:57:ea:2b:5a:2b:
         a9:7a:9b:e3:9c:81:98:ef:f1:a8:06:0c:ee:97:e6:e5:8b:92:
         45:3a:5b:9e:d3:d0:30:bb:19:05:d5:ca:ad:c5:12:da:6d:da:
         af:2a:91:8a:0a:04:28:0e:f6:02:0f:1b:6a:40:9d:78:b4:7c:
         df:8d:ca:a3:f9:cc:00:d9:c6:0a:10:a5:b0:b7:92:6c:5e:a8:
         ec:e3:63:f2:0d:b6:7d:56:28:50:3a:26:c4:90:45:82:5e:e1:
         0c:2d:cb:13:02:22:58:55:db:75:9b:12:bd:9e:15:ca:e6:d2:
         6d:17:a2:b7:d1:f7:ca:62:26:44:b9:5f:9a:33:7e:90:5a:85:
         34:e2:e5:56:4f:95:54:5c:4f:78:1e:94:3b:53:1c:b8:12:28:
         13:c7:8e:f6:5d:7b:91:1a:48:40:3f:df:d3:c6:ca:e6:2f:4c:
         49:37:be:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxwhTD0+O7j8ySUdPJ4wtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNDVlYjVhMjg4YzY4ZWQ2MGRiZDliODdlNGU4MjA2Y2E5
YzkzM2YwHhcNMjUwMjE2MjIwMDM0WhcNMjUwMjE3MjIwMDM0WjAzMTEwLwYDVQQD
EygyY2ExODMwYzAyYTdjMDQ1NWE4N2M1NjRmZjFjNGZjNGEzOThjMmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQVjirbvXTVi6ZYuy83OcWR/dqyB
Dt/ziOWHzfDnyvoY/hjryFNOp5g5DVLB5ELT3ygad9jzi3nsCp7bJXs3hbr3a9eD
IyWDhbQ2B91Tr05xxtHDzWKN1m9ixc+UFI3k82EGSGII743nwJNl/mUcwTlJHXk5
lxO66Q8hxAVEe7gRbvPKWhIY0HPopiuEYmQLyvXOZxZ3fDt+12fVVur7my+XAyFO
YrrRADpTsC/r3IzEbNocDJfGDPKAFCJemrBTNrAxzsdS9AEdyfPeVW4MPAn/WTsl
FVhHK/+IexRePBn/F6KKH2lwYAfFTXZSmVxMii8LjGoCF1s0Cvhfu4+EjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCyhgwwCp8BFWofFZP8cT8SjmML1MB8GA1UdIwQY
MBaAFJ9F61oojGjtYNvZuH5OggbKnJM/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjBYcldpaU1hTzFnMjltNGZrNkNCc3Fja3o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9lNDIzMzYtZWI3Ny00NTQwLWJlNDEt
NTVmZDZkYzFhMWQ4LzEvbjBYcldpaU1hTzFnMjltNGZrNkNCc3Fja3o4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9lNDIzMzYtZWI3Ny00NTQwLWJlNDEtNTVmZDZkYzFhMWQ4
LzEvbjBYcldpaU1hTzFnMjltNGZrNkNCc3Fja3o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHGNjAytP
/4Yzsts3p1VSASKwJRzW+eEXstKAFZK/3Qa61S5A13mDsnFKLMnvJWuoLz+hDnyd
Tqh+nFERX0apYTfSmMhmAsbbmCxKH3BiFzVNi56clVfqK1orqXqb45yBmO/xqAYM
7pfm5YuSRTpbntPQMLsZBdXKrcUS2m3aryqRigoEKA72Ag8bakCdeLR8343Ko/nM
ANnGChClsLeSbF6o7ONj8g22fVYoUDomxJBFgl7hDC3LEwIiWFXbdZsSvZ4VyubS
bReit9H3ymImRLlfmjN+kFqFNOLlVk+VVFxPeB6UO1McuBIoE8eO9l17kRpIQD/f
08bK5i9MSTe+jQ==
-----END CERTIFICATE-----