Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft
File:                     uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft (raw, json)
Hash identifier:          v6NQVkb0DnV6I7zyr6MmbAG0Pc+yWmBwgV4x5L+KBmI=
Subject key identifier:   B2:22:95:6D:C6:71:F5:46:20:00:4C:05:82:C8:0E:38:10:D0:52:F6
Authority key identifier: BA:AF:6C:08:BC:A3:08:C1:C7:8B:0E:ED:8E:F3:0B:4A:04:68:11:8E
Certificate issuer:       /CN=baaf6c08bca308c1c78b0eed8ef30b4a0468118e
Certificate serial:       0194C49A5FB28775DD81E13D6EB914675D3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uq9sCLyjCMHHiw7tjvMLSgRoEY4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft
Manifest number:          03B0
Signing time:             Sun 02 Feb 2025 03:00:38 +0000
Manifest this update:     Sun 02 Feb 2025 03:00:38 +0000
Manifest next update:     Mon 03 Feb 2025 03:00:38 +0000
Files and hashes:         1: uq9sCLyjCMHHiw7tjvMLSgRoEY4.crl (hash: tB+2Dqql5h51aMkV0n8HsHhdvSE4rT9h4tHmXqf1Q2s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uq9sCLyjCMHHiw7tjvMLSgRoEY4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:9a:5f:b2:87:75:dd:81:e1:3d:6e:b9:14:67:5d:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=baaf6c08bca308c1c78b0eed8ef30b4a0468118e
        Validity
            Not Before: Feb  2 03:00:38 2025 GMT
            Not After : Feb  3 03:00:38 2025 GMT
        Subject: CN=b222956dc671f54620004c0582c80e3810d052f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:95:99:fc:eb:93:82:3c:8e:e9:dc:cf:60:8e:
                    3d:bd:33:fb:42:d4:8b:f3:35:74:41:f9:8d:47:e7:
                    bb:d9:9c:59:44:38:16:a6:0c:ca:3b:ed:94:d8:ed:
                    64:af:c1:5d:1c:fa:16:cd:23:33:6d:cb:80:e2:9b:
                    58:92:12:df:a2:9d:4d:2e:13:d1:d2:10:a8:7a:bf:
                    f9:a7:b5:42:55:b4:3b:56:fd:1f:4c:38:0e:48:b7:
                    f4:27:63:03:03:27:b9:72:3b:07:3f:c5:8e:22:db:
                    9e:73:16:36:15:58:be:2b:04:38:61:52:50:bf:bf:
                    e3:c7:4e:23:e8:ca:26:e4:24:56:0e:a1:c2:68:0a:
                    62:71:41:06:5e:32:fa:d9:f3:79:82:9d:eb:73:3c:
                    74:82:44:a0:97:d8:f4:5a:f6:50:6d:2b:3f:5d:28:
                    f5:a4:24:87:58:ec:34:9c:2e:4c:ea:03:84:9b:9b:
                    48:ea:89:43:21:56:45:89:da:e1:a3:d6:07:b6:87:
                    3e:24:6c:e1:b8:46:a9:da:70:06:bc:73:da:e9:0a:
                    cc:8f:f3:9a:e0:0c:cd:14:7c:49:ec:90:4c:4d:87:
                    a2:a0:3e:01:a8:ea:89:26:f5:59:8a:0c:68:bb:2f:
                    82:58:df:96:1e:78:d0:1e:23:b8:f1:8d:e2:c5:7c:
                    e6:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:22:95:6D:C6:71:F5:46:20:00:4C:05:82:C8:0E:38:10:D0:52:F6
            X509v3 Authority Key Identifier:
                keyid:BA:AF:6C:08:BC:A3:08:C1:C7:8B:0E:ED:8E:F3:0B:4A:04:68:11:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uq9sCLyjCMHHiw7tjvMLSgRoEY4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:10:1e:5e:fb:e6:ab:62:e4:80:69:da:cb:37:30:6a:35:28:
         2a:71:10:2d:76:c8:e1:47:01:4d:38:ff:da:04:b8:c5:32:8d:
         3c:78:3d:7e:e6:86:ae:ca:1d:8f:90:7c:f3:3c:01:49:3c:66:
         a9:0e:fe:30:c4:f2:43:e2:a1:65:bc:55:fc:6c:bc:56:dc:a9:
         b3:68:62:b4:d4:d5:7c:7e:9a:a9:6c:ed:d0:f0:51:e2:38:ad:
         7b:df:21:95:19:0b:d3:6f:3b:7a:3b:89:8b:ee:09:44:3f:d3:
         d5:5f:6a:73:b1:66:40:42:a4:24:11:97:60:c2:91:11:df:fb:
         79:5f:1a:a0:69:c3:03:01:17:9c:e3:41:48:1a:3f:24:34:37:
         b5:5c:a1:c7:d9:b3:dd:4b:1d:5e:85:38:a8:d0:ad:dd:54:97:
         32:d7:54:a2:30:13:ef:c0:fc:0c:61:15:fe:db:ed:e6:c8:6c:
         df:6f:5a:c4:04:09:a5:0b:2a:f8:c1:db:35:e8:00:0f:f0:4b:
         f5:bf:01:96:8f:ae:1e:d8:3c:bf:b3:77:4e:3d:89:8b:f6:35:
         8e:cf:93:64:e9:b1:95:78:33:72:bc:30:63:ec:ee:e6:e6:5b:
         b1:7f:25:37:ae:a1:70:b1:74:ff:0c:34:ce:d4:fc:05:37:d7:
         e5:55:4a:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTEml+yh3XdgeE9brkUZ109MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYWY2YzA4YmNhMzA4YzFjNzhiMGVlZDhlZjMwYjRhMDQ2
ODExOGUwHhcNMjUwMjAyMDMwMDM4WhcNMjUwMjAzMDMwMDM4WjAzMTEwLwYDVQQD
EyhiMjIyOTU2ZGM2NzFmNTQ2MjAwMDRjMDU4MmM4MGUzODEwZDA1MmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpWZ/OuTgjyO6dzPYI49vTP7QtSL
8zV0QfmNR+e72ZxZRDgWpgzKO+2U2O1kr8FdHPoWzSMzbcuA4ptYkhLfop1NLhPR
0hCoer/5p7VCVbQ7Vv0fTDgOSLf0J2MDAye5cjsHP8WOItuecxY2FVi+KwQ4YVJQ
v7/jx04j6Mom5CRWDqHCaApicUEGXjL62fN5gp3rczx0gkSgl9j0WvZQbSs/XSj1
pCSHWOw0nC5M6gOEm5tI6olDIVZFidrho9YHtoc+JGzhuEap2nAGvHPa6QrMj/Oa
4AzNFHxJ7JBMTYeioD4BqOqJJvVZigxouy+CWN+WHnjQHiO48Y3ixXzmWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLIilW3GcfVGIABMBYLIDjgQ0FL2MB8GA1UdIwQY
MBaAFLqvbAi8owjBx4sO7Y7zC0oEaBGOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXE5c0NMeWpDTUhIaXc3dGp2TUxTZ1JvRVk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS80YWE1NzAtNTVmZS00Yjk0LWJjNTkt
YjQ5OTNiMjMyZTZjLzEvdXE5c0NMeWpDTUhIaXc3dGp2TUxTZ1JvRVk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS80YWE1NzAtNTVmZS00Yjk0LWJjNTktYjQ5OTNiMjMyZTZj
LzEvdXE5c0NMeWpDTUhIaXc3dGp2TUxTZ1JvRVk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVBAeXvvm
q2LkgGnayzcwajUoKnEQLXbI4UcBTTj/2gS4xTKNPHg9fuaGrsodj5B88zwBSTxm
qQ7+MMTyQ+KhZbxV/Gy8Vtyps2hitNTVfH6aqWzt0PBR4jite98hlRkL0287ejuJ
i+4JRD/T1V9qc7FmQEKkJBGXYMKREd/7eV8aoGnDAwEXnONBSBo/JDQ3tVyhx9mz
3UsdXoU4qNCt3VSXMtdUojAT78D8DGEV/tvt5shs329axAQJpQsq+MHbNegAD/BL
9b8Blo+uHtg8v7N3Tj2Ji/Y1js+TZOmxlXgzcrwwY+zu5uZbsX8lN66hcLF0/ww0
ztT8BTfX5VVK1Q==
-----END CERTIFICATE-----