Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/9145cb-02bd-47e6-b04b-0871152a1aa3/1/iaWq49f3LuzoOWtBSSIIrdUhhDU.mft
File:                     iaWq49f3LuzoOWtBSSIIrdUhhDU.mft (raw, json)
Hash identifier:          H1ld+tQlMVPEZrZz21+VaRfQx2fd9mYYCqDtjwNwHrw=
Subject key identifier:   84:48:A6:47:6C:33:95:6C:89:20:D1:0D:7C:45:6E:70:78:FD:AB:B0
Authority key identifier: 89:A5:AA:E3:D7:F7:2E:EC:E8:39:6B:41:49:22:08:AD:D5:21:84:35
Certificate issuer:       /CN=89a5aae3d7f72eece8396b41492208add5218435
Certificate serial:       0194C46378C81B34AD71FC0DA0A001E0032F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iaWq49f3LuzoOWtBSSIIrdUhhDU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/9145cb-02bd-47e6-b04b-0871152a1aa3/1/iaWq49f3LuzoOWtBSSIIrdUhhDU.mft
Manifest number:          131F
Signing time:             Sun 02 Feb 2025 02:00:40 +0000
Manifest this update:     Sun 02 Feb 2025 02:00:40 +0000
Manifest next update:     Mon 03 Feb 2025 02:00:40 +0000
Files and hashes:         1: iaWq49f3LuzoOWtBSSIIrdUhhDU.crl (hash: VWBeDtp9NqEwY1uoouHqC5WnEaaObFg/GW2n1LM9tQU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/9145cb-02bd-47e6-b04b-0871152a1aa3/1/iaWq49f3LuzoOWtBSSIIrdUhhDU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/9145cb-02bd-47e6-b04b-0871152a1aa3/1/iaWq49f3LuzoOWtBSSIIrdUhhDU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iaWq49f3LuzoOWtBSSIIrdUhhDU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:63:78:c8:1b:34:ad:71:fc:0d:a0:a0:01:e0:03:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89a5aae3d7f72eece8396b41492208add5218435
        Validity
            Not Before: Feb  2 02:00:40 2025 GMT
            Not After : Feb  3 02:00:40 2025 GMT
        Subject: CN=8448a6476c33956c8920d10d7c456e7078fdabb0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:95:f9:b9:dc:ea:ba:4e:80:cf:10:e4:8a:9f:
                    b9:a5:7e:4a:7e:57:aa:df:24:9b:7d:80:3a:10:dd:
                    5b:f6:45:6b:34:6a:94:73:d7:15:0d:92:da:27:15:
                    64:2f:b1:1e:08:5c:c2:a3:da:65:fe:03:6c:f5:13:
                    65:14:c8:34:28:d5:94:41:8d:a4:56:00:99:36:b4:
                    43:32:9e:f6:fb:7f:19:84:82:18:5e:f9:2c:7d:32:
                    42:6e:c2:3b:30:e5:f2:04:8e:69:4e:2d:58:35:40:
                    65:ad:a7:6d:bd:0f:76:57:b7:17:83:0e:fb:51:2e:
                    38:cb:2f:ad:13:1b:ce:d0:ae:20:9a:ba:48:f9:f2:
                    9c:bb:75:1e:23:04:db:7c:1f:ae:57:e6:9c:ed:b7:
                    d0:51:14:e6:be:35:ba:5b:85:b2:db:8d:54:31:98:
                    9d:68:d6:f1:16:66:be:9d:fc:95:5b:7b:09:9e:0d:
                    a6:ee:6e:0b:70:2a:7c:bb:1e:58:58:d0:91:44:48:
                    3e:82:fb:96:48:d3:1a:5e:2d:ee:82:f4:4f:66:d5:
                    2a:42:dc:6b:57:76:6e:b8:88:82:ae:67:25:ad:91:
                    d7:12:95:68:d8:53:3a:fd:66:9a:58:7c:83:9f:b2:
                    6e:62:97:7b:54:e1:9d:79:f1:10:ec:dd:7c:8a:72:
                    f9:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:48:A6:47:6C:33:95:6C:89:20:D1:0D:7C:45:6E:70:78:FD:AB:B0
            X509v3 Authority Key Identifier:
                keyid:89:A5:AA:E3:D7:F7:2E:EC:E8:39:6B:41:49:22:08:AD:D5:21:84:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iaWq49f3LuzoOWtBSSIIrdUhhDU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/9145cb-02bd-47e6-b04b-0871152a1aa3/1/iaWq49f3LuzoOWtBSSIIrdUhhDU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/9145cb-02bd-47e6-b04b-0871152a1aa3/1/iaWq49f3LuzoOWtBSSIIrdUhhDU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:8f:7f:f7:cb:48:29:10:14:ca:15:93:a4:a4:38:d9:0d:7e:
         e8:63:00:0f:03:8c:9a:05:80:74:bd:10:84:1d:18:a5:ba:84:
         a8:3d:96:ab:b1:21:bd:36:64:9d:a1:aa:5e:57:49:8c:eb:e8:
         b5:87:3a:9f:7e:08:7b:33:16:e2:17:f5:5f:a6:1f:0b:ad:06:
         e3:e7:59:24:ec:fc:b0:7f:d9:92:cb:b3:4d:a2:af:7f:bc:68:
         4a:02:99:eb:1b:cb:e0:99:1e:a1:28:63:4c:7b:0e:bc:c6:1c:
         01:09:9c:62:43:c2:a0:23:87:4d:49:8c:30:90:04:56:9d:fb:
         46:4b:fd:f1:0a:e8:44:03:0e:88:bb:64:b9:8d:45:ca:92:d2:
         91:af:c1:49:d0:fa:14:29:85:f2:e0:80:61:64:12:83:7f:ec:
         75:e9:22:78:df:73:d3:4a:c8:fb:3e:b8:c5:13:53:92:97:68:
         6f:64:30:32:8a:57:9f:42:6a:e8:c2:6f:82:53:b9:29:7c:95:
         c2:38:05:28:b2:93:96:51:94:04:77:83:94:ee:0b:f8:25:60:
         ed:8a:99:82:c0:7c:c0:9e:07:ad:f2:cd:cb:93:e5:46:43:79:
         d2:59:a0:80:bc:a9:b4:c1:11:24:dc:aa:d6:23:e1:34:87:6c:
         34:59:b9:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTEY3jIGzStcfwNoKAB4AMvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YTVhYWUzZDdmNzJlZWNlODM5NmI0MTQ5MjIwOGFkZDUy
MTg0MzUwHhcNMjUwMjAyMDIwMDQwWhcNMjUwMjAzMDIwMDQwWjAzMTEwLwYDVQQD
Eyg4NDQ4YTY0NzZjMzM5NTZjODkyMGQxMGQ3YzQ1NmU3MDc4ZmRhYmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJX5udzquk6AzxDkip+5pX5Kfleq
3ySbfYA6EN1b9kVrNGqUc9cVDZLaJxVkL7EeCFzCo9pl/gNs9RNlFMg0KNWUQY2k
VgCZNrRDMp72+38ZhIIYXvksfTJCbsI7MOXyBI5pTi1YNUBlradtvQ92V7cXgw77
US44yy+tExvO0K4gmrpI+fKcu3UeIwTbfB+uV+ac7bfQURTmvjW6W4Wy241UMZid
aNbxFma+nfyVW3sJng2m7m4LcCp8ux5YWNCRREg+gvuWSNMaXi3ugvRPZtUqQtxr
V3ZuuIiCrmclrZHXEpVo2FM6/WaaWHyDn7JuYpd7VOGdefEQ7N18inL5QQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIRIpkdsM5VsiSDRDXxFbnB4/auwMB8GA1UdIwQY
MBaAFImlquPX9y7s6DlrQUkiCK3VIYQ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWFXcTQ5ZjNMdXpvT1d0QlNTSUlyZFVoaERVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy85MTQ1Y2ItMDJiZC00N2U2LWIwNGIt
MDg3MTE1MmExYWEzLzEvaWFXcTQ5ZjNMdXpvT1d0QlNTSUlyZFVoaERVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy85MTQ1Y2ItMDJiZC00N2U2LWIwNGItMDg3MTE1MmExYWEz
LzEvaWFXcTQ5ZjNMdXpvT1d0QlNTSUlyZFVoaERVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOo9/98tI
KRAUyhWTpKQ42Q1+6GMADwOMmgWAdL0QhB0YpbqEqD2Wq7EhvTZknaGqXldJjOvo
tYc6n34IezMW4hf1X6YfC60G4+dZJOz8sH/ZksuzTaKvf7xoSgKZ6xvL4JkeoShj
THsOvMYcAQmcYkPCoCOHTUmMMJAEVp37Rkv98QroRAMOiLtkuY1FypLSka/BSdD6
FCmF8uCAYWQSg3/sdekieN9z00rI+z64xRNTkpdob2QwMopXn0Jq6MJvglO5KXyV
wjgFKLKTllGUBHeDlO4L+CVg7YqZgsB8wJ4HrfLNy5PlRkN50lmggLyptMERJNyq
1iPhNIdsNFm5sA==
-----END CERTIFICATE-----