Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.mft
File:                     hTq7t9e8xKXFbpEu76wbC7BFUCE.mft (raw, json)
Hash identifier:          IMJO277F18NQhOuvZoR7tqPKGIrjuAvhn4yaJdKmsH8=
Subject key identifier:   94:FC:7B:03:1D:23:29:9D:AB:EB:4C:FF:59:84:4F:73:70:78:9C:BD
Authority key identifier: 85:3A:BB:B7:D7:BC:C4:A5:C5:6E:91:2E:EF:AC:1B:0B:B0:45:50:21
Certificate issuer:       /CN=853abbb7d7bcc4a5c56e912eefac1b0bb0455021
Certificate serial:       019511D9527A4698C077E26FDD5D7EF52CF9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hTq7t9e8xKXFbpEu76wbC7BFUCE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.mft
Manifest number:          03A2
Signing time:             Mon 17 Feb 2025 03:00:09 +0000
Manifest this update:     Mon 17 Feb 2025 03:00:09 +0000
Manifest next update:     Tue 18 Feb 2025 03:00:09 +0000
Files and hashes:         1: hTq7t9e8xKXFbpEu76wbC7BFUCE.crl (hash: J/KAj3BiRPhL1D7fk2LoB2V2yqBiuCTWjDupJtksDHo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hTq7t9e8xKXFbpEu76wbC7BFUCE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:d9:52:7a:46:98:c0:77:e2:6f:dd:5d:7e:f5:2c:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=853abbb7d7bcc4a5c56e912eefac1b0bb0455021
        Validity
            Not Before: Feb 17 03:00:09 2025 GMT
            Not After : Feb 18 03:00:09 2025 GMT
        Subject: CN=94fc7b031d23299dabeb4cff59844f7370789cbd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:41:36:21:4d:93:34:5d:45:2b:a4:18:86:83:
                    2d:fc:92:62:ad:2f:70:67:15:11:0f:d9:65:d6:34:
                    47:7e:21:c3:d0:f6:9c:69:55:08:09:9a:19:c5:20:
                    9e:68:b2:b8:1b:d1:80:19:c9:54:02:3c:d9:a6:7e:
                    fd:a4:99:f9:cf:65:04:d9:38:ef:ae:49:45:bb:0c:
                    26:d3:1c:b6:ad:e7:b5:74:21:bc:00:81:29:f9:67:
                    cd:67:0e:0e:f9:ca:17:57:a5:3c:ea:d4:83:2a:ad:
                    f1:f3:04:8f:08:e2:0d:d2:4f:04:53:9a:22:40:0f:
                    61:9a:28:81:c6:a9:1d:66:96:05:40:bb:20:b3:e4:
                    93:ee:99:57:1d:bf:c9:ec:05:94:07:2e:55:42:04:
                    2a:94:e1:1c:f9:a9:67:d2:bb:39:f0:00:b9:a9:37:
                    3d:30:6d:34:a1:36:4a:d3:6f:45:5b:0c:d4:b5:bc:
                    ac:18:03:4f:e4:31:ea:38:b3:75:b8:6c:5b:b5:d0:
                    88:93:13:62:32:ac:01:33:52:b5:73:a8:f3:d9:f8:
                    91:6e:a3:2a:b0:00:bd:b9:35:b5:16:b5:d8:7a:fd:
                    36:54:e8:bd:e8:d3:c9:c8:48:ce:b2:ea:d7:53:46:
                    24:77:83:2b:71:de:ae:e5:57:17:0a:67:87:a6:13:
                    78:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:FC:7B:03:1D:23:29:9D:AB:EB:4C:FF:59:84:4F:73:70:78:9C:BD
            X509v3 Authority Key Identifier:
                keyid:85:3A:BB:B7:D7:BC:C4:A5:C5:6E:91:2E:EF:AC:1B:0B:B0:45:50:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTq7t9e8xKXFbpEu76wbC7BFUCE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:7f:a7:38:23:d4:c5:2d:a7:1c:53:f1:3a:4d:2b:66:5a:4e:
         7f:6b:f8:74:67:13:4f:57:13:79:cb:9a:7c:d7:61:5a:82:ea:
         7c:a8:44:de:5f:90:e6:97:99:5c:cc:13:db:81:17:cc:c3:72:
         fb:ca:93:f9:d1:54:8d:12:40:f2:6c:fb:82:20:ee:14:5b:9a:
         a6:c9:a6:04:45:87:5f:34:bb:d1:b7:eb:b4:ac:a4:4b:9a:12:
         24:1a:2e:43:38:f2:07:ae:22:88:bc:a4:8c:7c:b3:41:f9:b6:
         39:0b:d7:c4:30:ff:58:51:77:17:d3:f2:3a:15:71:b4:18:d2:
         50:1d:e1:04:42:96:60:14:30:0d:37:ca:66:e4:9f:77:3a:de:
         1b:47:73:4b:c0:49:0e:9d:c6:64:d6:59:da:3c:f4:29:20:ec:
         27:77:e2:9f:a6:1a:2e:aa:d4:f2:61:ad:b4:a5:f3:38:20:a3:
         d7:cf:47:57:5d:5b:09:88:1e:67:35:c2:bd:ec:0c:14:a7:2f:
         eb:df:8f:59:a3:d8:8f:ff:29:26:e9:d4:f8:1b:13:7c:bf:13:
         3b:1b:77:33:d9:26:8f:80:e0:13:e3:8f:3d:2f:53:d5:d1:11:
         5a:6c:db:31:8e:b5:78:1c:c6:10:d8:82:db:8d:51:e7:7b:1d:
         4f:36:7f:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUR2VJ6RpjAd+Jv3V1+9Sz5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1M2FiYmI3ZDdiY2M0YTVjNTZlOTEyZWVmYWMxYjBiYjA0
NTUwMjEwHhcNMjUwMjE3MDMwMDA5WhcNMjUwMjE4MDMwMDA5WjAzMTEwLwYDVQQD
Eyg5NGZjN2IwMzFkMjMyOTlkYWJlYjRjZmY1OTg0NGY3MzcwNzg5Y2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUE2IU2TNF1FK6QYhoMt/JJirS9w
ZxURD9ll1jRHfiHD0PacaVUICZoZxSCeaLK4G9GAGclUAjzZpn79pJn5z2UE2Tjv
rklFuwwm0xy2ree1dCG8AIEp+WfNZw4O+coXV6U86tSDKq3x8wSPCOIN0k8EU5oi
QA9hmiiBxqkdZpYFQLsgs+ST7plXHb/J7AWUBy5VQgQqlOEc+aln0rs58AC5qTc9
MG00oTZK029FWwzUtbysGANP5DHqOLN1uGxbtdCIkxNiMqwBM1K1c6jz2fiRbqMq
sAC9uTW1FrXYev02VOi96NPJyEjOsurXU0Ykd4Mrcd6u5VcXCmeHphN4kwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJT8ewMdIymdq+tM/1mET3NweJy9MB8GA1UdIwQY
MBaAFIU6u7fXvMSlxW6RLu+sGwuwRVAhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRxN3Q5ZTh4S1hGYnBFdTc2d2JDN0JGVUNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS80MjM4YWUtYTcyZi00NzFjLWE5YTkt
NTgyM2Y4NzAxNDFiLzEvaFRxN3Q5ZTh4S1hGYnBFdTc2d2JDN0JGVUNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS80MjM4YWUtYTcyZi00NzFjLWE5YTktNTgyM2Y4NzAxNDFi
LzEvaFRxN3Q5ZTh4S1hGYnBFdTc2d2JDN0JGVUNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfn+nOCPU
xS2nHFPxOk0rZlpOf2v4dGcTT1cTecuafNdhWoLqfKhE3l+Q5peZXMwT24EXzMNy
+8qT+dFUjRJA8mz7giDuFFuapsmmBEWHXzS70bfrtKykS5oSJBouQzjyB64iiLyk
jHyzQfm2OQvXxDD/WFF3F9PyOhVxtBjSUB3hBEKWYBQwDTfKZuSfdzreG0dzS8BJ
Dp3GZNZZ2jz0KSDsJ3fin6YaLqrU8mGttKXzOCCj189HV11bCYgeZzXCvewMFKcv
69+PWaPYj/8pJunU+BsTfL8TOxt3M9kmj4DgE+OPPS9T1dERWmzbMY61eBzGENiC
241R53sdTzZ/Tw==
-----END CERTIFICATE-----