Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/549744-bdde-42e8-87a8-051cd30cbcf1/1/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.mft
File:                     NaVV4Ua-SuX3zP5aPBLT8qJUOwU.mft (raw, json)
Hash identifier:          3s7RFJmXeoCbP/37VDdnQjTvnCRhX4YyIJKG/cL/7vo=
Subject key identifier:   62:11:DB:E9:23:EB:7D:0D:3C:47:41:62:4C:12:D2:0F:6E:31:E3:3E
Authority key identifier: 35:A5:55:E1:46:BE:4A:E5:F7:CC:FE:5A:3C:12:D3:F2:A2:54:3B:05
Certificate issuer:       /CN=35a555e146be4ae5f7ccfe5a3c12d3f2a2543b05
Certificate serial:       0194C4D14C6FE20C3E54EC5EA6A43A502566
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/549744-bdde-42e8-87a8-051cd30cbcf1/1/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.mft
Manifest number:          07DB
Signing time:             Sun 02 Feb 2025 04:00:38 +0000
Manifest this update:     Sun 02 Feb 2025 04:00:38 +0000
Manifest next update:     Mon 03 Feb 2025 04:00:38 +0000
Files and hashes:         1: NaVV4Ua-SuX3zP5aPBLT8qJUOwU.crl (hash: 6ggcMyoE88eFLzvInDQJFR/cbsYQafsJ/qwne8UNI18=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/549744-bdde-42e8-87a8-051cd30cbcf1/1/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/549744-bdde-42e8-87a8-051cd30cbcf1/1/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:d1:4c:6f:e2:0c:3e:54:ec:5e:a6:a4:3a:50:25:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35a555e146be4ae5f7ccfe5a3c12d3f2a2543b05
        Validity
            Not Before: Feb  2 04:00:38 2025 GMT
            Not After : Feb  3 04:00:38 2025 GMT
        Subject: CN=6211dbe923eb7d0d3c4741624c12d20f6e31e33e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:3d:04:db:12:bd:21:38:f4:d9:59:ae:e3:cd:
                    85:e0:3a:a2:5d:60:d9:be:24:b5:5f:9c:77:22:1b:
                    41:b6:69:b0:83:d0:0d:01:a2:58:88:81:a0:3d:dd:
                    a3:47:67:3b:3a:dc:70:cd:ef:f7:56:3d:f3:b2:06:
                    3c:43:4c:b6:b9:45:84:0d:ce:6b:3a:1f:de:94:77:
                    3d:c6:01:06:11:11:56:fb:95:a5:34:57:04:34:fa:
                    f6:06:2b:b8:15:3b:7f:9d:6d:33:66:33:7e:87:94:
                    50:41:d9:dc:27:c8:c4:fe:1a:17:ce:2b:93:10:e2:
                    81:c9:5a:5f:3f:94:85:a3:d0:95:38:8a:aa:63:e3:
                    35:5e:13:be:37:b3:35:62:30:92:73:17:32:ad:28:
                    94:87:9e:68:49:d7:a1:3c:ab:bf:03:b1:e3:b8:73:
                    d2:10:b9:1d:c4:3b:9b:3b:5d:a8:a0:ed:4c:d2:25:
                    88:48:63:18:53:7a:6a:ad:38:01:0a:71:d1:0e:a9:
                    97:dd:3d:79:1e:af:ba:d3:89:31:50:1b:33:ff:59:
                    65:ef:9a:9f:0d:d1:83:8b:45:8c:9f:0e:a3:0e:4c:
                    cd:3a:c8:80:7e:36:49:99:0c:eb:76:99:f4:8f:0b:
                    a7:8c:92:9a:58:b9:c9:ea:d5:a4:df:27:81:a7:68:
                    df:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:11:DB:E9:23:EB:7D:0D:3C:47:41:62:4C:12:D2:0F:6E:31:E3:3E
            X509v3 Authority Key Identifier:
                keyid:35:A5:55:E1:46:BE:4A:E5:F7:CC:FE:5A:3C:12:D3:F2:A2:54:3B:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/549744-bdde-42e8-87a8-051cd30cbcf1/1/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/549744-bdde-42e8-87a8-051cd30cbcf1/1/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:3a:b0:4e:2d:3a:03:4f:95:18:2e:88:a6:bd:cc:ed:eb:4c:
         16:f4:fd:f0:da:20:02:ea:9c:ab:43:a3:5e:db:18:00:ce:ee:
         f0:65:7f:37:40:3b:3c:03:60:61:26:a9:df:c4:28:c3:d5:b1:
         52:a4:3f:7d:42:6f:17:16:7c:24:c5:d0:3d:4b:21:95:7b:cf:
         1c:7c:63:48:f0:ac:36:6a:e9:20:00:1d:91:c7:eb:17:9a:c4:
         c6:8b:7e:9d:b5:40:18:b5:77:02:3a:3d:0a:ac:f4:ef:8d:55:
         ef:94:db:c5:fb:c6:65:cc:4c:0a:86:e8:44:a1:34:72:bc:6a:
         37:22:0f:66:24:5e:ab:2e:d5:d0:ae:8c:50:e8:42:ec:f9:df:
         fa:33:e7:a3:11:c1:cc:dc:1c:d3:17:39:91:c5:bb:ee:61:27:
         f0:80:6a:a4:36:20:c2:51:38:15:a1:af:24:5d:58:4f:87:1b:
         6d:3e:d5:64:e4:9c:58:7e:85:3f:ec:0b:6c:94:3e:74:ab:23:
         cb:1e:96:ca:93:1f:fb:03:e7:10:77:1e:0e:a8:37:bc:75:60:
         f7:e1:55:3e:50:92:35:db:a6:20:e1:ad:54:71:18:a9:cd:26:
         50:82:c3:db:9c:b7:07:a0:5b:8a:b3:aa:54:48:fa:bf:27:b9:
         4f:49:7a:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTE0Uxv4gw+VOxepqQ6UCVmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1YTU1NWUxNDZiZTRhZTVmN2NjZmU1YTNjMTJkM2YyYTI1
NDNiMDUwHhcNMjUwMjAyMDQwMDM4WhcNMjUwMjAzMDQwMDM4WjAzMTEwLwYDVQQD
Eyg2MjExZGJlOTIzZWI3ZDBkM2M0NzQxNjI0YzEyZDIwZjZlMzFlMzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApD0E2xK9ITj02Vmu482F4DqiXWDZ
viS1X5x3IhtBtmmwg9ANAaJYiIGgPd2jR2c7Otxwze/3Vj3zsgY8Q0y2uUWEDc5r
Oh/elHc9xgEGERFW+5WlNFcENPr2Biu4FTt/nW0zZjN+h5RQQdncJ8jE/hoXziuT
EOKByVpfP5SFo9CVOIqqY+M1XhO+N7M1YjCScxcyrSiUh55oSdehPKu/A7HjuHPS
ELkdxDubO12ooO1M0iWISGMYU3pqrTgBCnHRDqmX3T15Hq+604kxUBsz/1ll75qf
DdGDi0WMnw6jDkzNOsiAfjZJmQzrdpn0jwunjJKaWLnJ6tWk3yeBp2jffwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGIR2+kj630NPEdBYkwS0g9uMeM+MB8GA1UdIwQY
MBaAFDWlVeFGvkrl98z+WjwS0/KiVDsFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmFWVjRVYS1TdVgzelA1YVBCTFQ4cUpVT3dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC81NDk3NDQtYmRkZS00MmU4LTg3YTgt
MDUxY2QzMGNiY2YxLzEvTmFWVjRVYS1TdVgzelA1YVBCTFQ4cUpVT3dVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC81NDk3NDQtYmRkZS00MmU4LTg3YTgtMDUxY2QzMGNiY2Yx
LzEvTmFWVjRVYS1TdVgzelA1YVBCTFQ4cUpVT3dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALDqwTi06
A0+VGC6Ipr3M7etMFvT98NogAuqcq0OjXtsYAM7u8GV/N0A7PANgYSap38Qow9Wx
UqQ/fUJvFxZ8JMXQPUshlXvPHHxjSPCsNmrpIAAdkcfrF5rExot+nbVAGLV3Ajo9
Cqz0741V75TbxfvGZcxMCoboRKE0crxqNyIPZiReqy7V0K6MUOhC7Pnf+jPnoxHB
zNwc0xc5kcW77mEn8IBqpDYgwlE4FaGvJF1YT4cbbT7VZOScWH6FP+wLbJQ+dKsj
yx6WypMf+wPnEHceDqg3vHVg9+FVPlCSNdumIOGtVHEYqc0mUILD25y3B6BbirOq
VEj6vye5T0l64g==
-----END CERTIFICATE-----