Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/627987-235d-4194-96b1-af8c75a93cd1/1/r_HNv5fWyiB-XciFq8_2ccwVyRA.mft
File:                     r_HNv5fWyiB-XciFq8_2ccwVyRA.mft (raw, json)
Hash identifier:          s6SjKZzoSyxL2SiBcHHHlrRrlA5dLTL9Z5S1Qfqmm80=
Subject key identifier:   01:48:86:97:51:04:31:15:73:4C:FB:D9:04:69:5F:AB:C2:0E:AB:8A
Authority key identifier: AF:F1:CD:BF:97:D6:CA:20:7E:5D:C8:85:AB:CF:F6:71:CC:15:C9:10
Certificate issuer:       /CN=aff1cdbf97d6ca207e5dc885abcff671cc15c910
Certificate serial:       019510C6E7327AC8DB2961DA5C5877FA300C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r_HNv5fWyiB-XciFq8_2ccwVyRA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/627987-235d-4194-96b1-af8c75a93cd1/1/r_HNv5fWyiB-XciFq8_2ccwVyRA.mft
Manifest number:          094B
Signing time:             Sun 16 Feb 2025 22:00:25 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:25 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:25 +0000
Files and hashes:         1: r_HNv5fWyiB-XciFq8_2ccwVyRA.crl (hash: 3PXia2KcvbCQPSw+qcZoxdBrxWrOLRNQKNjeEx8R8tE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/627987-235d-4194-96b1-af8c75a93cd1/1/r_HNv5fWyiB-XciFq8_2ccwVyRA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/627987-235d-4194-96b1-af8c75a93cd1/1/r_HNv5fWyiB-XciFq8_2ccwVyRA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r_HNv5fWyiB-XciFq8_2ccwVyRA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c6:e7:32:7a:c8:db:29:61:da:5c:58:77:fa:30:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aff1cdbf97d6ca207e5dc885abcff671cc15c910
        Validity
            Not Before: Feb 16 22:00:25 2025 GMT
            Not After : Feb 17 22:00:25 2025 GMT
        Subject: CN=0148869751043115734cfbd904695fabc20eab8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:81:36:90:72:e3:c3:78:5e:fa:4c:26:9d:8b:
                    e1:6c:3e:7d:14:c6:c9:ad:9f:14:17:fc:41:24:c1:
                    50:62:36:2f:df:da:26:5c:1a:de:97:26:f1:d2:0e:
                    96:2d:b1:e0:93:a4:16:fb:21:f0:2e:b7:ec:29:0f:
                    08:cd:d5:96:bc:e9:13:c8:50:4e:33:31:e5:a3:a8:
                    dc:f5:27:2a:62:fe:1a:08:a3:96:56:4d:20:78:3a:
                    8e:66:bf:66:00:fe:4a:0c:b0:35:29:29:b8:35:10:
                    da:de:1c:11:d1:ab:7a:94:e6:66:50:d0:4f:8f:bf:
                    8c:56:65:25:e8:2c:96:eb:c3:6e:7d:3b:2e:31:32:
                    c9:0f:44:9d:0d:ff:45:d8:a4:5c:37:b0:18:3b:de:
                    a6:71:b7:33:24:c0:98:16:29:df:20:46:9a:50:1b:
                    7a:38:cf:30:e5:c9:2b:53:3e:98:a2:78:4e:ba:f8:
                    80:c7:2d:ad:2c:00:5c:50:9e:9b:85:31:09:e9:f8:
                    3b:2e:23:e5:fb:23:d9:71:44:70:d9:96:e7:a7:f4:
                    af:0b:89:b6:de:b6:fb:3a:7c:cf:62:52:40:4a:a9:
                    68:9f:80:9e:62:49:4e:35:96:2e:6f:71:1c:9d:0f:
                    58:cb:b7:8a:77:5c:e7:5c:13:05:ac:61:27:5d:d1:
                    d1:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:48:86:97:51:04:31:15:73:4C:FB:D9:04:69:5F:AB:C2:0E:AB:8A
            X509v3 Authority Key Identifier:
                keyid:AF:F1:CD:BF:97:D6:CA:20:7E:5D:C8:85:AB:CF:F6:71:CC:15:C9:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_HNv5fWyiB-XciFq8_2ccwVyRA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/627987-235d-4194-96b1-af8c75a93cd1/1/r_HNv5fWyiB-XciFq8_2ccwVyRA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/627987-235d-4194-96b1-af8c75a93cd1/1/r_HNv5fWyiB-XciFq8_2ccwVyRA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b9:0a:b6:61:ce:60:43:f7:13:ba:b3:2d:5a:cd:f7:b1:a1:c3:
         dc:92:4e:3d:75:75:de:76:56:25:cd:41:b1:44:d7:ce:0d:b8:
         00:9d:e2:d2:ec:d1:6c:2d:d2:dc:5a:94:a6:0d:ec:ef:b8:18:
         4c:8a:e8:3f:bb:dc:84:25:34:a8:32:c1:3b:9a:bf:dc:da:b3:
         c8:5d:41:1b:90:55:eb:d7:25:aa:c4:36:8c:99:0e:8b:ce:d6:
         60:b7:36:79:c0:59:c3:c6:1e:fb:01:a0:6c:bb:9f:da:40:aa:
         44:4c:13:25:2d:42:ce:f9:35:d2:e5:ab:11:5a:1e:22:0b:9b:
         46:13:70:6e:d1:65:51:68:70:6f:19:9c:a5:d7:d2:98:47:c2:
         b0:37:7b:c4:d1:3a:fb:ef:a8:97:82:b3:18:30:af:e3:1e:c6:
         b8:1f:d6:64:9c:85:af:00:af:0b:fd:da:8d:ad:78:79:04:6d:
         ab:64:c7:17:97:ab:4c:bc:b7:0c:cc:f0:a6:f1:c1:63:a4:b0:
         28:f0:d9:3a:c3:3b:8c:0f:2d:95:df:77:8a:57:49:f7:65:69:
         90:3d:25:8a:44:63:d3:ef:d2:86:a9:15:9a:c5:55:09:1a:22:
         87:08:e2:9e:4a:4b:9d:2c:6c:5c:21:87:0d:d9:58:3c:0d:0c:
         c0:19:b9:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxucyesjbKWHaXFh3+jAMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZjFjZGJmOTdkNmNhMjA3ZTVkYzg4NWFiY2ZmNjcxY2Mx
NWM5MTAwHhcNMjUwMjE2MjIwMDI1WhcNMjUwMjE3MjIwMDI1WjAzMTEwLwYDVQQD
EygwMTQ4ODY5NzUxMDQzMTE1NzM0Y2ZiZDkwNDY5NWZhYmMyMGVhYjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIE2kHLjw3he+kwmnYvhbD59FMbJ
rZ8UF/xBJMFQYjYv39omXBrelybx0g6WLbHgk6QW+yHwLrfsKQ8IzdWWvOkTyFBO
MzHlo6jc9ScqYv4aCKOWVk0geDqOZr9mAP5KDLA1KSm4NRDa3hwR0at6lOZmUNBP
j7+MVmUl6CyW68NufTsuMTLJD0SdDf9F2KRcN7AYO96mcbczJMCYFinfIEaaUBt6
OM8w5ckrUz6YonhOuviAxy2tLABcUJ6bhTEJ6fg7LiPl+yPZcURw2Zbnp/SvC4m2
3rb7OnzPYlJASqlon4CeYklONZYub3EcnQ9Yy7eKd1znXBMFrGEnXdHRowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAFIhpdRBDEVc0z72QRpX6vCDquKMB8GA1UdIwQY
MBaAFK/xzb+X1sogfl3IhavP9nHMFckQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcl9ITnY1Zld5aUItWGNpRnE4XzJjY3dWeVJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82Mjc5ODctMjM1ZC00MTk0LTk2YjEt
YWY4Yzc1YTkzY2QxLzEvcl9ITnY1Zld5aUItWGNpRnE4XzJjY3dWeVJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82Mjc5ODctMjM1ZC00MTk0LTk2YjEtYWY4Yzc1YTkzY2Qx
LzEvcl9ITnY1Zld5aUItWGNpRnE4XzJjY3dWeVJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuQq2Yc5g
Q/cTurMtWs33saHD3JJOPXV13nZWJc1BsUTXzg24AJ3i0uzRbC3S3FqUpg3s77gY
TIroP7vchCU0qDLBO5q/3NqzyF1BG5BV69clqsQ2jJkOi87WYLc2ecBZw8Ye+wGg
bLuf2kCqREwTJS1Czvk10uWrEVoeIgubRhNwbtFlUWhwbxmcpdfSmEfCsDd7xNE6
+++ol4KzGDCv4x7GuB/WZJyFrwCvC/3aja14eQRtq2THF5erTLy3DMzwpvHBY6Sw
KPDZOsM7jA8tld93ildJ92VpkD0likRj0+/ShqkVmsVVCRoihwjinkpLnSxsXCGH
DdlYPA0MwBm5ag==
-----END CERTIFICATE-----