Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.mft
File:                     AguJY5thIAOqgSvktlIbVnhFao4.mft (raw, json)
Hash identifier:          inyIzSImCvBE70mbbu6YoqU58C82p5szEGZq5sMLS9w=
Subject key identifier:   D4:46:B5:84:ED:BB:E1:09:0B:78:ED:AE:B0:CC:02:3E:4F:DA:64:A8
Authority key identifier: 02:0B:89:63:9B:61:20:03:AA:81:2B:E4:B6:52:1B:56:78:45:6A:8E
Certificate issuer:       /CN=020b89639b612003aa812be4b6521b5678456a8e
Certificate serial:       01951247492BB588A69C464A78985540178B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AguJY5thIAOqgSvktlIbVnhFao4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.mft
Manifest number:          01B8
Signing time:             Mon 17 Feb 2025 05:00:16 +0000
Manifest this update:     Mon 17 Feb 2025 05:00:16 +0000
Manifest next update:     Tue 18 Feb 2025 05:00:16 +0000
Files and hashes:         1: AguJY5thIAOqgSvktlIbVnhFao4.crl (hash: zZycr3FQH6p4Z+ySB4OtWDFJgagKOaafwd8EVmJdF4M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AguJY5thIAOqgSvktlIbVnhFao4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:12:47:49:2b:b5:88:a6:9c:46:4a:78:98:55:40:17:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=020b89639b612003aa812be4b6521b5678456a8e
        Validity
            Not Before: Feb 17 05:00:16 2025 GMT
            Not After : Feb 18 05:00:16 2025 GMT
        Subject: CN=d446b584edbbe1090b78edaeb0cc023e4fda64a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:42:96:16:d5:29:5e:06:8d:54:7e:c2:bf:ad:
                    59:9f:97:bc:2f:e1:94:30:e2:7f:fa:45:cb:22:2b:
                    d5:95:da:5b:33:b3:62:17:ea:84:5b:3f:0a:ec:16:
                    19:92:d8:94:1a:0a:18:18:14:80:a2:a4:ac:01:3f:
                    2f:ae:b3:31:d7:dd:03:76:23:61:e2:ac:41:e7:39:
                    a9:71:d5:74:9e:5b:25:85:91:e1:85:24:07:bf:2d:
                    fe:04:86:b8:b3:4d:ae:af:38:ee:bc:8f:a7:bc:50:
                    8f:72:6a:35:32:a6:49:ce:8e:58:7b:03:1b:40:4e:
                    1b:86:69:f0:02:97:5c:f2:80:d6:bb:0a:cd:c9:f2:
                    e5:7b:83:41:65:29:16:fb:3d:3f:81:d3:d0:40:77:
                    d7:98:04:fd:07:6d:af:f1:a0:cb:b8:f8:93:c1:1a:
                    c8:d8:59:6a:66:3a:ed:ed:c3:1f:b6:97:d2:74:b6:
                    54:9a:7c:90:ef:03:95:17:1a:60:dd:41:fe:d7:48:
                    89:76:d7:0c:54:8c:84:54:dc:22:4c:a1:56:85:ed:
                    75:da:da:ac:18:84:c8:4b:6b:8a:9b:6b:bc:10:6c:
                    78:a6:db:4a:a4:cf:3c:6e:fe:42:49:94:7a:8b:d3:
                    76:b7:b7:57:d9:1c:c4:02:5c:45:a5:9f:0a:19:59:
                    91:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:46:B5:84:ED:BB:E1:09:0B:78:ED:AE:B0:CC:02:3E:4F:DA:64:A8
            X509v3 Authority Key Identifier:
                keyid:02:0B:89:63:9B:61:20:03:AA:81:2B:E4:B6:52:1B:56:78:45:6A:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AguJY5thIAOqgSvktlIbVnhFao4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:72:b1:81:54:71:81:d7:b0:96:4d:63:94:b0:ba:d7:5a:6b:
         1a:29:8d:5a:5b:fd:32:b5:fb:e4:32:a6:03:43:f0:d0:75:5e:
         ae:8a:ec:53:c1:72:29:ee:28:de:b1:bb:87:fb:64:ec:0f:cd:
         d3:fd:09:ba:93:05:34:29:7c:1f:08:54:4b:04:fc:49:48:78:
         b6:77:f8:bf:25:61:46:06:11:92:fd:55:9b:f6:ad:7c:4c:bb:
         79:b5:c2:2c:e6:80:ce:33:00:33:bd:7c:34:7d:b1:6b:71:1b:
         46:5f:c4:e5:a1:e1:2f:40:04:a2:f1:e3:96:55:a5:75:9e:e5:
         8f:0c:c2:be:ec:79:10:a3:f9:08:7c:b6:a9:01:71:75:5b:6a:
         e7:7d:e3:a9:ff:2f:db:32:36:1b:41:51:6e:9d:21:b3:c4:34:
         5b:a2:d9:62:bb:6f:bf:cb:26:2d:e1:a0:78:42:b9:f7:a1:f5:
         ed:8b:c9:a4:0a:3e:cf:fc:04:4a:f5:99:15:52:7d:b7:2a:a7:
         bb:64:b2:d9:06:47:7e:79:d8:00:09:c5:46:93:1b:37:d7:c6:
         04:43:83:5b:7b:87:42:f5:d6:c9:57:09:09:cd:d9:1d:9f:85:
         82:14:b9:ce:d8:92:57:3d:15:c2:8b:47:7a:94:48:0f:7e:5a:
         a0:11:5f:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSR0krtYimnEZKeJhVQBeLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMGI4OTYzOWI2MTIwMDNhYTgxMmJlNGI2NTIxYjU2Nzg0
NTZhOGUwHhcNMjUwMjE3MDUwMDE2WhcNMjUwMjE4MDUwMDE2WjAzMTEwLwYDVQQD
EyhkNDQ2YjU4NGVkYmJlMTA5MGI3OGVkYWViMGNjMDIzZTRmZGE2NGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUKWFtUpXgaNVH7Cv61Zn5e8L+GU
MOJ/+kXLIivVldpbM7NiF+qEWz8K7BYZktiUGgoYGBSAoqSsAT8vrrMx190DdiNh
4qxB5zmpcdV0nlslhZHhhSQHvy3+BIa4s02urzjuvI+nvFCPcmo1MqZJzo5YewMb
QE4bhmnwApdc8oDWuwrNyfLle4NBZSkW+z0/gdPQQHfXmAT9B22v8aDLuPiTwRrI
2FlqZjrt7cMftpfSdLZUmnyQ7wOVFxpg3UH+10iJdtcMVIyEVNwiTKFWhe112tqs
GITIS2uKm2u8EGx4pttKpM88bv5CSZR6i9N2t7dX2RzEAlxFpZ8KGVmR1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNRGtYTtu+EJC3jtrrDMAj5P2mSoMB8GA1UdIwQY
MBaAFAILiWObYSADqoEr5LZSG1Z4RWqOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWd1Slk1dGhJQU9xZ1N2a3RsSWJWbmhGYW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi83N2U5YzUtYWJjMi00YzM5LWI1MDIt
ZWJmMzI5ZTk2ODQ2LzEvQWd1Slk1dGhJQU9xZ1N2a3RsSWJWbmhGYW80Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi83N2U5YzUtYWJjMi00YzM5LWI1MDItZWJmMzI5ZTk2ODQ2
LzEvQWd1Slk1dGhJQU9xZ1N2a3RsSWJWbmhGYW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEHKxgVRx
gdewlk1jlLC611prGimNWlv9MrX75DKmA0Pw0HVerorsU8FyKe4o3rG7h/tk7A/N
0/0JupMFNCl8HwhUSwT8SUh4tnf4vyVhRgYRkv1Vm/atfEy7ebXCLOaAzjMAM718
NH2xa3EbRl/E5aHhL0AEovHjllWldZ7ljwzCvux5EKP5CHy2qQFxdVtq533jqf8v
2zI2G0FRbp0hs8Q0W6LZYrtvv8smLeGgeEK596H17YvJpAo+z/wESvWZFVJ9tyqn
u2Sy2QZHfnnYAAnFRpMbN9fGBEODW3uHQvXWyVcJCc3ZHZ+FghS5ztiSVz0VwotH
epRID35aoBFfRQ==
-----END CERTIFICATE-----