Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
File:                     PHQZW9u2a2A65joVGPBm-gsRUfU.mft (raw, json)
Hash identifier:          qoIdT1KIrPxvFt583bl2exvBkS8j+O1jas5Eu25/ICQ=
Subject key identifier:   47:42:36:E2:B9:B6:9E:20:60:CE:76:4D:9E:EB:12:91:E1:F4:BB:54
Authority key identifier: 3C:74:19:5B:DB:B6:6B:60:3A:E6:3A:15:18:F0:66:FA:0B:11:51:F5
Certificate issuer:       /CN=3c74195bdbb66b603ae63a1518f066fa0b1151f5
Certificate serial:       0194C387D5C41B8FF255E3A5C9E6DE861AC4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
Manifest number:          0760
Signing time:             Sat 01 Feb 2025 22:00:46 +0000
Manifest this update:     Sat 01 Feb 2025 22:00:46 +0000
Manifest next update:     Sun 02 Feb 2025 22:00:46 +0000
Files and hashes:         1: PHQZW9u2a2A65joVGPBm-gsRUfU.crl (hash: vBMmks23T3U+wTsJPWqkUYD0+5UpOgcZzxk/21BUnGw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:87:d5:c4:1b:8f:f2:55:e3:a5:c9:e6:de:86:1a:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c74195bdbb66b603ae63a1518f066fa0b1151f5
        Validity
            Not Before: Feb  1 22:00:46 2025 GMT
            Not After : Feb  2 22:00:46 2025 GMT
        Subject: CN=474236e2b9b69e2060ce764d9eeb1291e1f4bb54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:14:f4:6b:90:df:1a:a8:5d:37:0a:f6:38:8e:
                    c9:60:bf:a9:2b:16:e0:0b:6e:8c:7c:9a:5f:2e:b1:
                    2d:57:73:2d:57:80:0f:71:58:70:df:c7:48:7b:cb:
                    13:a5:be:64:9f:51:3d:d0:71:dc:74:53:72:68:81:
                    92:74:30:e6:ff:dd:17:c4:e5:2c:53:a3:f4:07:94:
                    da:f7:5d:b1:19:bf:36:99:3b:06:8e:69:f7:c3:3d:
                    2e:c1:df:c8:12:af:bc:ed:e5:a2:e4:8f:75:69:cf:
                    b3:a5:92:fc:13:8e:07:04:87:a3:57:82:e6:50:f1:
                    21:9f:8e:26:29:1b:75:ce:c0:cc:11:89:17:82:43:
                    6d:bf:ce:64:6d:e7:a1:0c:21:d9:9b:89:2a:cc:ef:
                    fa:63:9b:8b:14:bc:b2:07:7d:e5:ab:6b:61:c8:fd:
                    98:d7:0c:68:c4:b7:ef:7b:c4:5b:2b:ee:f6:7b:29:
                    54:36:b3:41:70:02:ff:af:c8:42:48:f3:d5:d8:23:
                    35:6a:c9:58:e5:49:1b:84:82:4f:74:96:dd:46:3c:
                    e8:e5:f5:7b:08:a6:7b:5b:a3:c6:94:bb:b5:bc:7c:
                    fd:3e:ed:40:1e:51:e1:8f:2c:b5:3d:e3:01:13:5f:
                    94:6f:13:25:3f:7d:78:98:8c:d1:4d:c2:e1:9e:34:
                    be:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:42:36:E2:B9:B6:9E:20:60:CE:76:4D:9E:EB:12:91:E1:F4:BB:54
            X509v3 Authority Key Identifier:
                keyid:3C:74:19:5B:DB:B6:6B:60:3A:E6:3A:15:18:F0:66:FA:0B:11:51:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:27:53:27:38:a5:2b:97:46:66:99:bb:db:9c:74:4c:7d:81:
         66:c2:50:22:06:1b:ee:03:84:e1:19:e2:ba:fa:8d:6e:e3:02:
         46:5d:c3:2c:46:b0:3c:a7:52:5d:6e:a3:4a:68:79:32:66:40:
         30:0e:56:62:86:31:b8:9a:30:8e:12:b9:3e:71:07:e9:4f:7a:
         bb:c0:49:69:19:75:99:bc:01:fa:f9:a7:a3:61:dc:1c:cf:3b:
         06:6a:0e:87:b8:9a:0d:83:7c:09:b7:a7:c4:02:56:08:43:bc:
         7a:e3:7c:8c:ff:32:17:8d:cd:a4:ca:e3:07:ab:27:0a:e6:08:
         da:1f:fe:5c:96:bd:f7:a4:5e:99:b2:b8:8b:79:dd:a8:5c:99:
         38:6c:31:1b:da:de:65:50:16:12:ca:9a:01:40:b5:ec:45:4b:
         32:9a:ec:c9:4a:8f:58:8c:9d:f8:e1:4d:d9:6e:91:70:ee:e6:
         ce:f8:dc:2f:16:05:e5:e6:df:97:5e:be:0f:94:9e:b9:01:3d:
         7b:c4:01:0f:84:33:c8:f5:4d:a3:fe:04:ef:24:ed:b1:6e:ab:
         53:b4:d1:af:36:6c:5a:19:e9:31:31:9a:e1:6b:9e:2d:1f:19:
         c3:cf:ff:96:fb:95:cd:6f:4a:19:c6:1c:2c:89:ea:a5:a9:93:
         bc:9e:bc:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh9XEG4/yVeOlyebehhrEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNzQxOTViZGJiNjZiNjAzYWU2M2ExNTE4ZjA2NmZhMGIx
MTUxZjUwHhcNMjUwMjAxMjIwMDQ2WhcNMjUwMjAyMjIwMDQ2WjAzMTEwLwYDVQQD
Eyg0NzQyMzZlMmI5YjY5ZTIwNjBjZTc2NGQ5ZWViMTI5MWUxZjRiYjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBT0a5DfGqhdNwr2OI7JYL+pKxbg
C26MfJpfLrEtV3MtV4APcVhw38dIe8sTpb5kn1E90HHcdFNyaIGSdDDm/90XxOUs
U6P0B5Ta912xGb82mTsGjmn3wz0uwd/IEq+87eWi5I91ac+zpZL8E44HBIejV4Lm
UPEhn44mKRt1zsDMEYkXgkNtv85kbeehDCHZm4kqzO/6Y5uLFLyyB33lq2thyP2Y
1wxoxLfve8RbK+72eylUNrNBcAL/r8hCSPPV2CM1aslY5UkbhIJPdJbdRjzo5fV7
CKZ7W6PGlLu1vHz9Pu1AHlHhjyy1PeMBE1+UbxMlP314mIzRTcLhnjS+JQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEdCNuK5tp4gYM52TZ7rEpHh9LtUMB8GA1UdIwQY
MBaAFDx0GVvbtmtgOuY6FRjwZvoLEVH1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC83ODU4YTQtMmUzMy00M2M0LWIzM2Qt
MWUwNGIyMGQ4NTY3LzEvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC83ODU4YTQtMmUzMy00M2M0LWIzM2QtMWUwNGIyMGQ4NTY3
LzEvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkCdTJzil
K5dGZpm725x0TH2BZsJQIgYb7gOE4RniuvqNbuMCRl3DLEawPKdSXW6jSmh5MmZA
MA5WYoYxuJowjhK5PnEH6U96u8BJaRl1mbwB+vmno2HcHM87BmoOh7iaDYN8Cben
xAJWCEO8euN8jP8yF43NpMrjB6snCuYI2h/+XJa996RembK4i3ndqFyZOGwxG9re
ZVAWEsqaAUC17EVLMprsyUqPWIyd+OFN2W6RcO7mzvjcLxYF5ebfl16+D5SeuQE9
e8QBD4QzyPVNo/4E7yTtsW6rU7TRrzZsWhnpMTGa4WueLR8Zw8//lvuVzW9KGcYc
LInqpamTvJ68qg==
-----END CERTIFICATE-----