Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
File:                     oHEAJhaNhq-46ZnPsqjonFct0vk.mft (raw, json)
Hash identifier:          p9P6jRBCSm4WZFXgYeRb0q8U+OJAZ3GYajHPxy63+oA=
Subject key identifier:   9D:91:72:06:5E:BE:C3:F8:29:39:AD:9D:B0:E2:F4:DC:E3:12:5A:D6
Authority key identifier: A0:71:00:26:16:8D:86:AF:B8:E9:99:CF:B2:A8:E8:9C:57:2D:D2:F9
Certificate issuer:       /CN=a0710026168d86afb8e999cfb2a8e89c572dd2f9
Certificate serial:       0194C3F555F3DA3F4FAEF613163B52B616D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
Manifest number:          1179
Signing time:             Sun 02 Feb 2025 00:00:22 +0000
Manifest this update:     Sun 02 Feb 2025 00:00:22 +0000
Manifest next update:     Mon 03 Feb 2025 00:00:22 +0000
Files and hashes:         1: oHEAJhaNhq-46ZnPsqjonFct0vk.crl (hash: 6d3HJhWOHGOaGH2w+8r2Npw/aN0TOwJ3/+f5toPtfOY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:f5:55:f3:da:3f:4f:ae:f6:13:16:3b:52:b6:16:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0710026168d86afb8e999cfb2a8e89c572dd2f9
        Validity
            Not Before: Feb  2 00:00:22 2025 GMT
            Not After : Feb  3 00:00:22 2025 GMT
        Subject: CN=9d9172065ebec3f82939ad9db0e2f4dce3125ad6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:bb:7c:15:b1:d8:92:75:87:88:0b:fb:7a:d0:
                    1c:01:fb:9b:89:a0:ae:fc:dd:fe:c3:b0:02:c7:5f:
                    41:e2:08:9d:44:ee:59:19:6b:d4:57:a4:af:a0:aa:
                    49:2a:93:7e:04:2e:8f:d4:53:3b:86:8b:07:26:a1:
                    b7:0b:29:62:4d:e4:85:2d:19:69:07:fc:00:fb:e3:
                    11:a7:84:d2:d4:61:dd:ea:41:99:7e:a4:2f:89:20:
                    ce:00:8f:4c:12:e2:4e:d7:22:25:d5:fd:2d:ad:f6:
                    b4:e6:af:f6:72:72:2b:04:8f:bf:9c:7a:1e:d6:7a:
                    55:4c:4c:f0:4e:9c:27:70:f1:e0:7f:66:97:c4:9f:
                    90:d0:c6:ee:e6:9d:c0:6d:29:06:81:d6:01:e1:b8:
                    13:12:31:e9:3d:ac:34:96:ec:87:56:02:67:6e:b5:
                    2a:05:21:f1:d2:0b:6b:ce:fd:d6:97:e2:fa:6a:ed:
                    b0:85:d2:f6:b8:49:7c:ae:a5:79:f5:c8:56:23:32:
                    1a:b0:ef:3c:33:0f:48:6a:90:39:3e:64:79:b2:cd:
                    ca:96:59:fe:16:d6:1c:b8:c8:2c:31:70:96:59:ec:
                    7f:ce:35:fe:d2:a1:4f:76:a2:7a:6e:c0:1c:3c:35:
                    66:85:b7:39:b2:8b:d4:5d:93:c6:36:60:d1:34:56:
                    53:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:91:72:06:5E:BE:C3:F8:29:39:AD:9D:B0:E2:F4:DC:E3:12:5A:D6
            X509v3 Authority Key Identifier:
                keyid:A0:71:00:26:16:8D:86:AF:B8:E9:99:CF:B2:A8:E8:9C:57:2D:D2:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:3c:26:96:1b:7f:ab:c5:f1:99:43:5b:61:5b:78:31:37:07:
         41:b7:78:29:eb:c7:54:b2:be:b7:c0:84:70:4d:f8:e3:a8:1a:
         e0:65:0a:4e:66:53:57:bf:b2:da:37:29:f2:8f:c3:19:ba:ad:
         54:82:68:86:32:43:a5:8e:27:cc:48:39:a0:ed:1f:80:4f:0e:
         07:a1:92:42:ac:e6:9f:78:ff:02:a9:b8:8d:53:b8:f9:2d:31:
         a8:f9:fd:c6:3f:72:13:46:50:4d:98:cd:de:9c:40:7b:43:92:
         d7:ff:08:a8:f0:51:4c:b6:2c:be:a7:8c:f6:11:71:96:b8:22:
         03:53:bc:db:43:39:24:5a:14:bb:bc:5d:20:18:19:a2:86:46:
         02:eb:72:fe:31:4c:de:1f:1e:91:74:54:03:41:a4:13:39:7c:
         96:1d:bb:04:20:7f:ac:1d:3e:1a:d2:65:99:a5:a5:f4:ea:f9:
         56:71:ef:cb:23:4f:38:32:57:f7:33:ad:83:c8:a4:cc:ad:41:
         38:d3:77:45:b4:96:3f:46:9d:b8:5e:65:4e:87:e9:ac:3f:b0:
         15:83:3b:97:1c:05:23:74:9d:2b:08:3f:ef:e1:45:0e:0c:f9:
         52:18:81:7d:35:55:24:ad:5f:42:a7:6e:f4:4e:45:e2:92:73:
         0e:17:8c:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTD9VXz2j9PrvYTFjtSthbQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNzEwMDI2MTY4ZDg2YWZiOGU5OTljZmIyYThlODljNTcy
ZGQyZjkwHhcNMjUwMjAyMDAwMDIyWhcNMjUwMjAzMDAwMDIyWjAzMTEwLwYDVQQD
Eyg5ZDkxNzIwNjVlYmVjM2Y4MjkzOWFkOWRiMGUyZjRkY2UzMTI1YWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7t8FbHYknWHiAv7etAcAfubiaCu
/N3+w7ACx19B4gidRO5ZGWvUV6SvoKpJKpN+BC6P1FM7hosHJqG3CyliTeSFLRlp
B/wA++MRp4TS1GHd6kGZfqQviSDOAI9MEuJO1yIl1f0trfa05q/2cnIrBI+/nHoe
1npVTEzwTpwncPHgf2aXxJ+Q0Mbu5p3AbSkGgdYB4bgTEjHpPaw0luyHVgJnbrUq
BSHx0gtrzv3Wl+L6au2whdL2uEl8rqV59chWIzIasO88Mw9IapA5PmR5ss3Klln+
FtYcuMgsMXCWWex/zjX+0qFPdqJ6bsAcPDVmhbc5sovUXZPGNmDRNFZTlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ2RcgZevsP4KTmtnbDi9NzjElrWMB8GA1UdIwQY
MBaAFKBxACYWjYavuOmZz7Ko6JxXLdL5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi81NzcyMTItMDhiMC00M2VkLTg5YzYt
YTlhNmJmNjVlNjNhLzEvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi81NzcyMTItMDhiMC00M2VkLTg5YzYtYTlhNmJmNjVlNjNh
LzEvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcjwmlht/
q8XxmUNbYVt4MTcHQbd4KevHVLK+t8CEcE3446ga4GUKTmZTV7+y2jcp8o/DGbqt
VIJohjJDpY4nzEg5oO0fgE8OB6GSQqzmn3j/Aqm4jVO4+S0xqPn9xj9yE0ZQTZjN
3pxAe0OS1/8IqPBRTLYsvqeM9hFxlrgiA1O820M5JFoUu7xdIBgZooZGAuty/jFM
3h8ekXRUA0GkEzl8lh27BCB/rB0+GtJlmaWl9Or5VnHvyyNPODJX9zOtg8ikzK1B
ONN3RbSWP0aduF5lTofprD+wFYM7lxwFI3SdKwg/7+FFDgz5UhiBfTVVJK1fQqdu
9E5F4pJzDheMqw==
-----END CERTIFICATE-----