Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft
File:                     gEFPcG9s0sh68PYGstE3a4a1-mY.mft (raw, json)
Hash identifier:          nWIMmzjhOuLXDc7rBpOai9LVImfj3vmKGUnpuBq0f64=
Subject key identifier:   64:8A:A2:D0:97:B7:E0:85:26:BB:7B:CF:51:85:0B:00:F2:F7:36:23
Authority key identifier: 80:41:4F:70:6F:6C:D2:C8:7A:F0:F6:06:B2:D1:37:6B:86:B5:FA:66
Certificate issuer:       /CN=80414f706f6cd2c87af0f606b2d1376b86b5fa66
Certificate serial:       019579108E8061B2C2F6798A8D6597E4A189
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gEFPcG9s0sh68PYGstE3a4a1-mY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft
Manifest number:          1489
Signing time:             Sun 09 Mar 2025 04:01:22 +0000
Manifest this update:     Sun 09 Mar 2025 04:01:22 +0000
Manifest next update:     Mon 10 Mar 2025 04:01:22 +0000
Files and hashes:         1: gEFPcG9s0sh68PYGstE3a4a1-mY.crl (hash: nym8+xkSXVpv8MDu8mO/wvoIJpf3nho0XEQ0kPxVnPI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gEFPcG9s0sh68PYGstE3a4a1-mY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 10 Mar 2025 04:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:79:10:8e:80:61:b2:c2:f6:79:8a:8d:65:97:e4:a1:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=80414f706f6cd2c87af0f606b2d1376b86b5fa66
        Validity
            Not Before: Mar  9 04:01:22 2025 GMT
            Not After : Mar 10 04:01:22 2025 GMT
        Subject: CN=648aa2d097b7e08526bb7bcf51850b00f2f73623
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:ad:56:77:1b:76:8f:df:d7:e7:3d:45:61:23:
                    eb:db:7c:69:bd:48:64:2f:1c:ef:48:2b:a7:7f:65:
                    67:11:bb:93:4d:eb:b6:64:5e:2b:98:f6:16:b6:d0:
                    a1:75:56:98:43:88:ca:9b:f2:80:44:03:1b:ad:44:
                    c1:39:18:01:62:82:b5:c6:ca:d2:6f:b1:00:61:e7:
                    f9:8c:cd:83:96:7c:da:5e:a7:d8:9d:60:04:f7:ee:
                    61:9b:51:17:8c:34:89:65:86:0f:9f:a1:40:3a:e8:
                    d9:f5:04:db:73:f3:df:f0:be:96:b4:d3:20:6b:30:
                    4c:aa:90:1d:40:b9:e5:41:a4:b1:c4:8c:4d:35:9d:
                    4b:99:00:ec:41:01:9f:c1:6d:ca:ff:70:d1:ac:e8:
                    7a:fe:66:3d:8f:a7:6d:e8:aa:10:26:47:86:36:a6:
                    ab:76:4d:a7:01:9c:61:ef:37:8b:84:ad:76:4b:70:
                    a2:b3:e9:a5:48:cb:8c:3e:68:eb:48:57:6c:43:15:
                    8b:75:f7:76:f1:e3:d1:29:14:04:a2:c5:4c:f4:7a:
                    eb:38:ce:69:10:cb:81:52:a1:e8:6b:db:90:6b:bd:
                    97:ff:80:4d:3a:63:a5:48:48:a8:e8:c3:35:07:13:
                    51:bb:30:15:54:af:6d:5f:e9:a7:89:4d:4c:33:40:
                    b9:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:8A:A2:D0:97:B7:E0:85:26:BB:7B:CF:51:85:0B:00:F2:F7:36:23
            X509v3 Authority Key Identifier:
                keyid:80:41:4F:70:6F:6C:D2:C8:7A:F0:F6:06:B2:D1:37:6B:86:B5:FA:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gEFPcG9s0sh68PYGstE3a4a1-mY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:d1:3c:97:79:95:a7:ec:9a:76:c2:22:c9:10:ce:a4:be:d7:
         a9:c9:b7:68:d1:2f:b6:cf:b9:b4:f1:46:a0:01:12:f1:50:40:
         f7:c9:be:ac:9b:d4:02:c9:23:05:b9:1e:01:b8:0c:e2:ff:fb:
         b1:44:c0:5e:f0:33:48:78:8f:3a:73:80:bf:b8:27:c4:bc:81:
         0c:fd:8c:f8:1c:af:fd:77:de:3a:30:f5:fe:1a:f7:a0:40:4f:
         53:b5:45:2c:4e:b1:72:e6:63:50:82:5a:f2:db:e1:e4:a6:e6:
         99:6e:b9:eb:da:43:4e:2b:2c:c7:3c:8b:82:d7:18:55:95:5c:
         ae:9e:9b:26:7d:ea:29:01:ee:c0:e9:fb:68:48:c9:a3:11:1b:
         07:59:5a:3e:07:e3:a5:56:0f:ef:98:d4:8d:3a:03:f3:0a:ed:
         5e:f8:54:ab:22:89:04:cc:27:c6:e8:5b:d2:e1:b1:59:22:13:
         34:95:81:c0:80:23:e5:01:8e:ba:6a:f4:f2:de:98:5f:a1:55:
         ab:ef:6e:fb:b0:f2:e3:de:0a:46:44:83:47:91:de:6d:38:87:
         72:79:b1:29:d0:2e:c9:fa:d8:e7:85:b1:65:e3:db:f1:76:33:
         3a:49:9a:36:61:58:a2:72:5b:26:a8:06:66:bc:18:55:4a:2f:
         06:92:c8:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZV5EI6AYbLC9nmKjWWX5KGJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNDE0ZjcwNmY2Y2QyYzg3YWYwZjYwNmIyZDEzNzZiODZi
NWZhNjYwHhcNMjUwMzA5MDQwMTIyWhcNMjUwMzEwMDQwMTIyWjAzMTEwLwYDVQQD
Eyg2NDhhYTJkMDk3YjdlMDg1MjZiYjdiY2Y1MTg1MGIwMGYyZjczNjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw61Wdxt2j9/X5z1FYSPr23xpvUhk
LxzvSCunf2VnEbuTTeu2ZF4rmPYWttChdVaYQ4jKm/KARAMbrUTBORgBYoK1xsrS
b7EAYef5jM2DlnzaXqfYnWAE9+5hm1EXjDSJZYYPn6FAOujZ9QTbc/Pf8L6WtNMg
azBMqpAdQLnlQaSxxIxNNZ1LmQDsQQGfwW3K/3DRrOh6/mY9j6dt6KoQJkeGNqar
dk2nAZxh7zeLhK12S3Cis+mlSMuMPmjrSFdsQxWLdfd28ePRKRQEosVM9HrrOM5p
EMuBUqHoa9uQa72X/4BNOmOlSEio6MM1BxNRuzAVVK9tX+mniU1MM0C5PQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGSKotCXt+CFJrt7z1GFCwDy9zYjMB8GA1UdIwQY
MBaAFIBBT3BvbNLIevD2BrLRN2uGtfpmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0VGUGNHOXMwc2g2OFBZR3N0RTNhNGExLW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy84MWU1YmQtZjdhYi00Mjg3LWJiYjUt
NmQ4NTZmODRhODEzLzEvZ0VGUGNHOXMwc2g2OFBZR3N0RTNhNGExLW1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy84MWU1YmQtZjdhYi00Mjg3LWJiYjUtNmQ4NTZmODRhODEz
LzEvZ0VGUGNHOXMwc2g2OFBZR3N0RTNhNGExLW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATNE8l3mV
p+yadsIiyRDOpL7Xqcm3aNEvts+5tPFGoAES8VBA98m+rJvUAskjBbkeAbgM4v/7
sUTAXvAzSHiPOnOAv7gnxLyBDP2M+Byv/XfeOjD1/hr3oEBPU7VFLE6xcuZjUIJa
8tvh5KbmmW6569pDTissxzyLgtcYVZVcrp6bJn3qKQHuwOn7aEjJoxEbB1laPgfj
pVYP75jUjToD8wrtXvhUqyKJBMwnxuhb0uGxWSITNJWBwIAj5QGOumr08t6YX6FV
q+9u+7Dy494KRkSDR5HebTiHcnmxKdAuyfrY54WxZePb8XYzOkmaNmFYonJbJqgG
ZrwYVUovBpLIiQ==
-----END CERTIFICATE-----