Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft
File:                     MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft (raw, json)
Hash identifier:          aulD8xiJcgJgPaOMOHJk4lSPtrQ4OTVMbtHwylIssiI=
Subject key identifier:   2A:80:05:5B:4D:F4:A4:48:73:6C:07:BF:2F:3D:74:C6:7B:A6:E6:21
Authority key identifier: 30:AA:B0:2B:65:4E:91:5C:AD:CA:33:92:92:E2:8C:15:C4:7D:F8:58
Certificate issuer:       /CN=30aab02b654e915cadca339292e28c15c47df858
Certificate serial:       019579B4FDB63DAD5B53502D49CC4020FD59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MKqwK2VOkVytyjOSkuKMFcR9-Fg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft
Manifest number:          02EE
Signing time:             Sun 09 Mar 2025 07:00:59 +0000
Manifest this update:     Sun 09 Mar 2025 07:00:59 +0000
Manifest next update:     Mon 10 Mar 2025 07:00:59 +0000
Files and hashes:         1: MKqwK2VOkVytyjOSkuKMFcR9-Fg.crl (hash: jkv9xX7N07X44FaFUKl22UV/ksOFXo3Fzo1uTScjHS0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MKqwK2VOkVytyjOSkuKMFcR9-Fg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 10 Mar 2025 02:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:79:b4:fd:b6:3d:ad:5b:53:50:2d:49:cc:40:20:fd:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30aab02b654e915cadca339292e28c15c47df858
        Validity
            Not Before: Mar  9 07:00:59 2025 GMT
            Not After : Mar 10 07:00:59 2025 GMT
        Subject: CN=2a80055b4df4a448736c07bf2f3d74c67ba6e621
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:93:79:7c:d4:f4:51:d3:24:f3:34:ec:f8:09:
                    28:60:4a:de:41:7e:22:57:c0:e3:3a:c6:0b:43:bd:
                    f7:c2:3f:a1:9c:fa:03:e0:97:5e:4b:24:ab:1a:70:
                    75:22:94:08:9d:51:e6:45:ad:3c:d1:35:22:bb:46:
                    7f:0d:f2:5f:44:a3:8c:d7:54:6a:58:a4:13:24:2d:
                    65:f8:96:ec:c7:18:c8:9d:e8:64:40:4e:8f:f5:11:
                    b0:5a:20:14:94:74:22:ee:ef:b6:7a:8e:f2:92:21:
                    c9:ed:15:dd:c8:cc:c2:e8:c8:09:48:1e:f9:83:fe:
                    fd:1e:af:4a:ed:b9:01:db:2b:fd:4d:86:95:f6:e7:
                    14:b1:22:01:a8:8d:fa:db:89:02:45:aa:bc:1d:25:
                    85:a8:a5:38:6c:e2:51:4c:43:12:be:99:48:1e:11:
                    72:6d:f0:d9:32:12:4b:af:d5:71:2e:e0:99:f8:b3:
                    04:ad:fd:35:02:92:d4:d7:ca:48:f7:64:68:f9:93:
                    40:98:13:22:7c:d9:21:be:84:f0:e4:df:58:81:2c:
                    b2:fe:db:e1:0c:2b:2a:28:24:c0:08:f8:30:e2:11:
                    60:1f:af:58:c0:60:1b:7f:e0:6d:1b:9e:6a:21:04:
                    5b:cf:36:7a:a3:45:4a:36:dd:cd:6a:2e:6e:17:aa:
                    70:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:80:05:5B:4D:F4:A4:48:73:6C:07:BF:2F:3D:74:C6:7B:A6:E6:21
            X509v3 Authority Key Identifier:
                keyid:30:AA:B0:2B:65:4E:91:5C:AD:CA:33:92:92:E2:8C:15:C4:7D:F8:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MKqwK2VOkVytyjOSkuKMFcR9-Fg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b7:88:9c:24:26:7f:cb:32:c4:9b:35:8d:55:4d:2a:3a:f5:2a:
         3c:ce:fd:57:9e:a9:07:9e:7b:2a:d6:f9:38:6a:a1:e5:38:7a:
         ac:71:97:9e:92:cc:3c:bc:0c:a5:34:e5:d2:64:69:de:6a:cf:
         d9:fe:75:47:ac:40:eb:22:60:16:4e:df:a0:83:cc:1b:6d:7f:
         e4:8b:f6:f0:c6:e1:4d:10:35:90:db:63:2a:4f:2e:ae:00:fe:
         18:75:0b:73:0f:ae:d1:be:8e:33:72:97:39:74:c3:9b:dd:2a:
         9e:05:9e:1a:be:12:08:a1:21:f6:68:4d:59:19:3a:7f:26:67:
         6b:f1:01:87:9a:91:26:4f:8d:99:c3:79:88:17:70:a9:0f:03:
         a5:87:d4:ea:71:5c:62:8d:df:c7:0d:71:45:8e:68:4f:ab:60:
         da:c8:ec:4d:69:88:95:a3:58:3d:3b:b7:21:cd:bc:6e:1c:9a:
         15:e7:99:9d:3d:65:6d:97:a1:50:90:c5:03:73:1b:22:5e:3a:
         95:bc:7b:0f:5a:08:8c:22:78:4f:05:ef:e4:44:1a:0f:86:0a:
         93:58:bd:d8:eb:1e:e4:98:14:34:da:80:c3:18:15:e0:e7:f8:
         38:93:65:66:ba:e8:8f:3d:1a:84:75:b8:a3:3e:d0:64:53:eb:
         67:8b:73:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZV5tP22Pa1bU1AtScxAIP1ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYWFiMDJiNjU0ZTkxNWNhZGNhMzM5MjkyZTI4YzE1YzQ3
ZGY4NTgwHhcNMjUwMzA5MDcwMDU5WhcNMjUwMzEwMDcwMDU5WjAzMTEwLwYDVQQD
EygyYTgwMDU1YjRkZjRhNDQ4NzM2YzA3YmYyZjNkNzRjNjdiYTZlNjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5N5fNT0UdMk8zTs+AkoYEreQX4i
V8DjOsYLQ733wj+hnPoD4JdeSySrGnB1IpQInVHmRa080TUiu0Z/DfJfRKOM11Rq
WKQTJC1l+JbsxxjInehkQE6P9RGwWiAUlHQi7u+2eo7ykiHJ7RXdyMzC6MgJSB75
g/79Hq9K7bkB2yv9TYaV9ucUsSIBqI3624kCRaq8HSWFqKU4bOJRTEMSvplIHhFy
bfDZMhJLr9VxLuCZ+LMErf01ApLU18pI92Ro+ZNAmBMifNkhvoTw5N9YgSyy/tvh
DCsqKCTACPgw4hFgH69YwGAbf+BtG55qIQRbzzZ6o0VKNt3Nai5uF6pwTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCqABVtN9KRIc2wHvy89dMZ7puYhMB8GA1UdIwQY
MBaAFDCqsCtlTpFcrcozkpLijBXEffhYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUtxd0syVk9rVnl0eWpPU2t1S01GY1I5LUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS85YWZmNTQtNTk3MS00MDJmLWFiNjkt
YTQxOTY3MGQxN2UxLzEvTUtxd0syVk9rVnl0eWpPU2t1S01GY1I5LUZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS85YWZmNTQtNTk3MS00MDJmLWFiNjktYTQxOTY3MGQxN2Ux
LzEvTUtxd0syVk9rVnl0eWpPU2t1S01GY1I5LUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAt4icJCZ/
yzLEmzWNVU0qOvUqPM79V56pB557Ktb5OGqh5Th6rHGXnpLMPLwMpTTl0mRp3mrP
2f51R6xA6yJgFk7foIPMG21/5Iv28MbhTRA1kNtjKk8urgD+GHULcw+u0b6OM3KX
OXTDm90qngWeGr4SCKEh9mhNWRk6fyZna/EBh5qRJk+NmcN5iBdwqQ8DpYfU6nFc
Yo3fxw1xRY5oT6tg2sjsTWmIlaNYPTu3Ic28bhyaFeeZnT1lbZehUJDFA3MbIl46
lbx7D1oIjCJ4TwXv5EQaD4YKk1i92Ose5JgUNNqAwxgV4Of4OJNlZrrojz0ahHW4
oz7QZFPrZ4tz0g==
-----END CERTIFICATE-----