Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/ab8055-389c-43ed-abde-bf0de2bb1c3c/1/eH0Q8i5f-ksg99W3goxVuVCal1k.mft
File:                     eH0Q8i5f-ksg99W3goxVuVCal1k.mft (raw, json)
Hash identifier:          Jh9cviclyeiU1GX3Q1s6DjeWVUK9WoP2YW+qZ/NP8Bo=
Subject key identifier:   BA:86:F2:DE:A1:BD:65:F0:E3:B2:38:42:71:95:4C:D8:93:90:27:AD
Authority key identifier: 78:7D:10:F2:2E:5F:FA:4B:20:F7:D5:B7:82:8C:55:B9:50:9A:97:59
Certificate issuer:       /CN=787d10f22e5ffa4b20f7d5b7828c55b9509a9759
Certificate serial:       0194C42CA84BE8891767C7C7C81072A2736D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eH0Q8i5f-ksg99W3goxVuVCal1k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/ab8055-389c-43ed-abde-bf0de2bb1c3c/1/eH0Q8i5f-ksg99W3goxVuVCal1k.mft
Manifest number:          142C
Signing time:             Sun 02 Feb 2025 01:00:48 +0000
Manifest this update:     Sun 02 Feb 2025 01:00:48 +0000
Manifest next update:     Mon 03 Feb 2025 01:00:48 +0000
Files and hashes:         1: eH0Q8i5f-ksg99W3goxVuVCal1k.crl (hash: 4Zg0q11RQRdWfuvL2zDUR1r+Y5aynKk2OPtMMlU4JIk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/ab8055-389c-43ed-abde-bf0de2bb1c3c/1/eH0Q8i5f-ksg99W3goxVuVCal1k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/ab8055-389c-43ed-abde-bf0de2bb1c3c/1/eH0Q8i5f-ksg99W3goxVuVCal1k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eH0Q8i5f-ksg99W3goxVuVCal1k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:2c:a8:4b:e8:89:17:67:c7:c7:c8:10:72:a2:73:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=787d10f22e5ffa4b20f7d5b7828c55b9509a9759
        Validity
            Not Before: Feb  2 01:00:48 2025 GMT
            Not After : Feb  3 01:00:48 2025 GMT
        Subject: CN=ba86f2dea1bd65f0e3b2384271954cd8939027ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:9f:bb:3d:3a:3a:aa:19:ab:3a:33:91:38:44:
                    85:5a:33:aa:e1:28:81:a2:f8:7f:09:92:79:a7:90:
                    7b:5f:68:fb:bf:66:80:ae:68:dc:1d:0b:77:a0:6a:
                    1a:ae:a2:d5:32:ef:64:33:f6:82:74:f4:9f:af:7f:
                    b6:fb:67:dd:c2:d9:1c:95:57:e1:1e:32:a2:e6:1d:
                    31:d5:a5:b7:f4:a6:19:96:04:7c:c7:30:0a:b2:b4:
                    84:2d:04:ed:f7:5c:8b:99:fb:b3:b0:98:b7:51:ac:
                    b9:4a:6c:73:ad:59:bb:b6:1b:48:85:06:db:46:f0:
                    97:40:61:de:4b:18:5d:8b:9e:66:aa:fb:89:a3:e1:
                    8d:64:4e:36:c9:b1:e5:96:87:59:f8:bc:12:1a:d0:
                    0d:c7:71:2d:18:23:bd:bc:2e:d3:54:88:aa:b4:d4:
                    4e:05:6e:87:30:26:c6:3d:59:91:a8:16:25:3c:21:
                    09:bd:f0:bb:82:80:e1:45:2f:a9:2d:63:4e:a4:4a:
                    27:e1:2a:42:2a:e5:c3:b4:3e:76:3a:3b:21:cb:7d:
                    91:b7:b4:7f:6c:63:1e:ff:ae:19:8b:36:91:cc:a9:
                    c3:37:f9:14:f5:08:8b:45:e0:82:57:f5:7b:5b:27:
                    c0:c4:66:01:af:e1:47:e7:59:db:6e:6f:60:4a:9d:
                    ae:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:86:F2:DE:A1:BD:65:F0:E3:B2:38:42:71:95:4C:D8:93:90:27:AD
            X509v3 Authority Key Identifier:
                keyid:78:7D:10:F2:2E:5F:FA:4B:20:F7:D5:B7:82:8C:55:B9:50:9A:97:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eH0Q8i5f-ksg99W3goxVuVCal1k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/ab8055-389c-43ed-abde-bf0de2bb1c3c/1/eH0Q8i5f-ksg99W3goxVuVCal1k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/ab8055-389c-43ed-abde-bf0de2bb1c3c/1/eH0Q8i5f-ksg99W3goxVuVCal1k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:3b:64:78:07:1d:c5:cd:34:a0:52:b6:01:9a:d5:d4:45:9b:
         c9:e1:f8:99:0e:9a:4d:fd:b7:1f:eb:61:8b:52:f3:bc:84:d6:
         82:73:8e:5d:68:04:03:33:16:83:d3:41:2e:88:ae:b9:7a:66:
         ea:8b:61:11:47:6a:1d:cc:ee:cd:2e:e3:9d:05:95:cf:82:69:
         a4:26:11:ef:48:c1:db:f0:8c:36:b6:5b:b2:2e:66:c3:58:2e:
         ab:76:d2:bd:c4:70:e4:9b:a1:6a:a3:8e:f9:e8:29:bb:ab:9f:
         c6:54:8e:77:06:ab:b4:23:8c:6d:97:38:a9:e8:79:ae:36:d5:
         fe:1b:83:cd:e0:5b:16:c0:ff:b1:19:af:89:cc:15:38:bb:e7:
         9c:83:96:77:cd:39:c9:d5:99:84:5b:ee:ed:28:a0:d9:4c:07:
         f7:64:70:2f:da:b0:a4:52:33:13:19:08:64:56:37:12:91:8c:
         47:a2:d1:5c:09:cf:e6:ae:0b:43:6d:37:a5:c0:80:b8:9d:b2:
         1a:28:b4:3c:de:7b:cf:28:94:05:a0:c1:08:8b:86:4f:1f:29:
         cb:b0:04:94:9c:2a:26:46:b9:15:c7:88:e7:b9:11:cf:03:15:
         84:6e:55:21:79:c1:36:59:f0:36:35:c3:46:51:bc:0c:01:2a:
         3b:8a:e6:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTELKhL6IkXZ8fHyBByonNtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4N2QxMGYyMmU1ZmZhNGIyMGY3ZDViNzgyOGM1NWI5NTA5
YTk3NTkwHhcNMjUwMjAyMDEwMDQ4WhcNMjUwMjAzMDEwMDQ4WjAzMTEwLwYDVQQD
EyhiYTg2ZjJkZWExYmQ2NWYwZTNiMjM4NDI3MTk1NGNkODkzOTAyN2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJ+7PTo6qhmrOjOROESFWjOq4SiB
ovh/CZJ5p5B7X2j7v2aArmjcHQt3oGoarqLVMu9kM/aCdPSfr3+2+2fdwtkclVfh
HjKi5h0x1aW39KYZlgR8xzAKsrSELQTt91yLmfuzsJi3Uay5SmxzrVm7thtIhQbb
RvCXQGHeSxhdi55mqvuJo+GNZE42ybHllodZ+LwSGtANx3EtGCO9vC7TVIiqtNRO
BW6HMCbGPVmRqBYlPCEJvfC7goDhRS+pLWNOpEon4SpCKuXDtD52Ojshy32Rt7R/
bGMe/64ZizaRzKnDN/kU9QiLReCCV/V7WyfAxGYBr+FH51nbbm9gSp2uaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLqG8t6hvWXw47I4QnGVTNiTkCetMB8GA1UdIwQY
MBaAFHh9EPIuX/pLIPfVt4KMVblQmpdZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUgwUThpNWYta3NnOTlXM2dveFZ1VkNhbDFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9hYjgwNTUtMzg5Yy00M2VkLWFiZGUt
YmYwZGUyYmIxYzNjLzEvZUgwUThpNWYta3NnOTlXM2dveFZ1VkNhbDFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9hYjgwNTUtMzg5Yy00M2VkLWFiZGUtYmYwZGUyYmIxYzNj
LzEvZUgwUThpNWYta3NnOTlXM2dveFZ1VkNhbDFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAejtkeAcd
xc00oFK2AZrV1EWbyeH4mQ6aTf23H+thi1LzvITWgnOOXWgEAzMWg9NBLoiuuXpm
6othEUdqHczuzS7jnQWVz4JppCYR70jB2/CMNrZbsi5mw1guq3bSvcRw5JuhaqOO
+egpu6ufxlSOdwartCOMbZc4qeh5rjbV/huDzeBbFsD/sRmvicwVOLvnnIOWd805
ydWZhFvu7Sig2UwH92RwL9qwpFIzExkIZFY3EpGMR6LRXAnP5q4LQ203pcCAuJ2y
Gii0PN57zyiUBaDBCIuGTx8py7AElJwqJka5FceI57kRzwMVhG5VIXnBNlnwNjXD
RlG8DAEqO4rmqg==
-----END CERTIFICATE-----