Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/f50320-fb81-4d72-892a-84afea8ebe5a/1/qSLK1G6tETX2TAWVGAe29y9xrfI.mft
File:                     qSLK1G6tETX2TAWVGAe29y9xrfI.mft (raw, json)
Hash identifier:          9G05/3Pr3QqutUo5WB0k5jJyIiYutKdhYKASeJhbcgs=
Subject key identifier:   71:EE:0D:DC:EE:7B:97:76:B4:1C:32:E3:03:93:A8:EB:51:30:05:CF
Authority key identifier: A9:22:CA:D4:6E:AD:11:35:F6:4C:05:95:18:07:B6:F7:2F:71:AD:F2
Certificate issuer:       /CN=a922cad46ead1135f64c05951807b6f72f71adf2
Certificate serial:       0194C388486A4B582112B77B829D3F210F39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qSLK1G6tETX2TAWVGAe29y9xrfI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/f50320-fb81-4d72-892a-84afea8ebe5a/1/qSLK1G6tETX2TAWVGAe29y9xrfI.mft
Manifest number:          1017
Signing time:             Sat 01 Feb 2025 22:01:15 +0000
Manifest this update:     Sat 01 Feb 2025 22:01:15 +0000
Manifest next update:     Sun 02 Feb 2025 22:01:15 +0000
Files and hashes:         1: qSLK1G6tETX2TAWVGAe29y9xrfI.crl (hash: p1rd5WGbI+kvInejV1xaPytE0MMix3wL5t0xei3Xd4Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/f50320-fb81-4d72-892a-84afea8ebe5a/1/qSLK1G6tETX2TAWVGAe29y9xrfI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/f50320-fb81-4d72-892a-84afea8ebe5a/1/qSLK1G6tETX2TAWVGAe29y9xrfI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qSLK1G6tETX2TAWVGAe29y9xrfI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:88:48:6a:4b:58:21:12:b7:7b:82:9d:3f:21:0f:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a922cad46ead1135f64c05951807b6f72f71adf2
        Validity
            Not Before: Feb  1 22:01:15 2025 GMT
            Not After : Feb  2 22:01:15 2025 GMT
        Subject: CN=71ee0ddcee7b9776b41c32e30393a8eb513005cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:c8:0b:9c:76:f1:f2:8d:e2:58:0c:8e:be:88:
                    07:1c:e6:52:cb:59:33:37:54:37:3a:60:9e:f7:b5:
                    f3:22:15:97:5b:a2:bb:9f:79:4a:dc:89:ab:0d:de:
                    46:30:cd:c1:75:5f:b9:e2:82:46:ab:d7:27:e9:47:
                    01:56:49:31:45:96:fe:92:f3:1f:05:f1:10:3d:18:
                    ec:c4:63:22:88:5b:2f:dc:1b:c3:d9:65:b3:72:60:
                    d9:5d:b1:82:ff:79:e6:a1:d9:27:67:86:01:48:5b:
                    e1:49:f9:e4:fd:51:e2:ad:59:1f:16:76:dc:21:b3:
                    9e:4e:97:57:7e:20:d2:4f:ff:bd:0f:51:d9:37:36:
                    6a:d3:33:d6:a0:1a:1f:16:80:39:51:d7:76:c8:ad:
                    78:cd:2a:76:04:f8:80:4e:f2:50:b9:8f:15:4f:01:
                    29:30:d4:7e:a3:b4:a6:d2:96:55:c9:23:72:7e:8a:
                    39:cb:9d:3e:a7:b3:da:5b:4e:0a:67:e7:2b:22:00:
                    47:5d:0c:b9:96:11:55:30:27:8f:be:c4:26:9f:38:
                    53:67:c7:8c:27:66:17:e1:9d:ce:18:4c:e0:e0:25:
                    e5:79:8b:e8:7b:05:7e:c3:44:92:ae:1e:26:35:ab:
                    c3:ff:d6:e1:f7:3d:7e:01:4c:8f:43:a0:2c:d1:51:
                    d4:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:EE:0D:DC:EE:7B:97:76:B4:1C:32:E3:03:93:A8:EB:51:30:05:CF
            X509v3 Authority Key Identifier:
                keyid:A9:22:CA:D4:6E:AD:11:35:F6:4C:05:95:18:07:B6:F7:2F:71:AD:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qSLK1G6tETX2TAWVGAe29y9xrfI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/f50320-fb81-4d72-892a-84afea8ebe5a/1/qSLK1G6tETX2TAWVGAe29y9xrfI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/f50320-fb81-4d72-892a-84afea8ebe5a/1/qSLK1G6tETX2TAWVGAe29y9xrfI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:68:a4:7b:3f:12:19:98:ed:d5:a0:3d:55:a6:bd:3a:aa:97:
         78:7a:25:e7:7c:ba:62:49:93:dd:91:4e:97:6f:57:c0:3a:b7:
         f7:fa:e1:db:a8:19:08:55:95:8e:2d:4c:67:2c:a6:4f:bb:5c:
         70:f7:ff:90:90:b5:84:2b:44:05:05:78:84:ec:94:44:70:24:
         70:36:2a:96:90:d9:52:00:08:26:9a:ae:85:48:86:27:c3:7a:
         84:50:74:f5:22:e3:40:83:a9:00:53:54:cb:19:92:02:f2:98:
         9d:d7:e6:63:99:7c:f2:0b:79:da:6f:cb:8b:94:95:3f:21:49:
         dc:0e:b0:2c:38:00:db:64:c0:e4:de:99:30:81:aa:af:1d:a9:
         a8:ce:10:3b:d1:25:42:31:26:29:20:6d:26:2c:61:07:56:97:
         8c:2d:b2:28:ae:19:40:ac:cf:d6:aa:74:24:bc:40:24:6e:b4:
         d4:4f:0b:1f:da:48:40:9d:cf:9f:7b:e1:87:96:c7:1f:a8:ea:
         96:22:9c:c9:4f:fa:ed:6f:29:0f:3c:cc:63:48:a7:da:9d:e4:
         0f:bc:0f:2e:e5:4b:8d:f6:d8:98:2f:33:01:f4:d5:05:94:d5:
         8c:82:e4:bf:4a:e6:4a:a6:55:ad:53:5d:4c:d3:e0:8a:fa:05:
         e9:c8:05:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDiEhqS1ghErd7gp0/IQ85MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5MjJjYWQ0NmVhZDExMzVmNjRjMDU5NTE4MDdiNmY3MmY3
MWFkZjIwHhcNMjUwMjAxMjIwMTE1WhcNMjUwMjAyMjIwMTE1WjAzMTEwLwYDVQQD
Eyg3MWVlMGRkY2VlN2I5Nzc2YjQxYzMyZTMwMzkzYThlYjUxMzAwNWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMgLnHbx8o3iWAyOvogHHOZSy1kz
N1Q3OmCe97XzIhWXW6K7n3lK3ImrDd5GMM3BdV+54oJGq9cn6UcBVkkxRZb+kvMf
BfEQPRjsxGMiiFsv3BvD2WWzcmDZXbGC/3nmodknZ4YBSFvhSfnk/VHirVkfFnbc
IbOeTpdXfiDST/+9D1HZNzZq0zPWoBofFoA5Udd2yK14zSp2BPiATvJQuY8VTwEp
MNR+o7Sm0pZVySNyfoo5y50+p7PaW04KZ+crIgBHXQy5lhFVMCePvsQmnzhTZ8eM
J2YX4Z3OGEzg4CXleYvoewV+w0SSrh4mNavD/9bh9z1+AUyPQ6As0VHUCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHHuDdzue5d2tBwy4wOTqOtRMAXPMB8GA1UdIwQY
MBaAFKkiytRurRE19kwFlRgHtvcvca3yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVNMSzFHNnRFVFgyVEFXVkdBZTI5eTl4cmZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9mNTAzMjAtZmI4MS00ZDcyLTg5MmEt
ODRhZmVhOGViZTVhLzEvcVNMSzFHNnRFVFgyVEFXVkdBZTI5eTl4cmZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9mNTAzMjAtZmI4MS00ZDcyLTg5MmEtODRhZmVhOGViZTVh
LzEvcVNMSzFHNnRFVFgyVEFXVkdBZTI5eTl4cmZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr2ikez8S
GZjt1aA9Vaa9OqqXeHol53y6YkmT3ZFOl29XwDq39/rh26gZCFWVji1MZyymT7tc
cPf/kJC1hCtEBQV4hOyURHAkcDYqlpDZUgAIJpquhUiGJ8N6hFB09SLjQIOpAFNU
yxmSAvKYndfmY5l88gt52m/Li5SVPyFJ3A6wLDgA22TA5N6ZMIGqrx2pqM4QO9El
QjEmKSBtJixhB1aXjC2yKK4ZQKzP1qp0JLxAJG601E8LH9pIQJ3Pn3vhh5bHH6jq
liKcyU/67W8pDzzMY0in2p3kD7wPLuVLjfbYmC8zAfTVBZTVjILkv0rmSqZVrVNd
TNPgivoF6cgFEw==
-----END CERTIFICATE-----