Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.mft
File:                     ScKchYIxItOsfH9IBdWyQocNLeI.mft (raw, json)
Hash identifier:          G1DU/eRbb1D9vd5FuDW70sWW5a8R02vj9JA9or9TuGw=
Subject key identifier:   0F:8E:73:25:84:87:4E:A9:4C:8C:6F:CB:B7:6B:38:EB:35:F0:83:39
Authority key identifier: 49:C2:9C:85:82:31:22:D3:AC:7C:7F:48:05:D5:B2:42:87:0D:2D:E2
Certificate issuer:       /CN=49c29c85823122d3ac7c7f4805d5b242870d2de2
Certificate serial:       019510C7128F2A8FF4C6E30EA8F5DF8640EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ScKchYIxItOsfH9IBdWyQocNLeI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.mft
Manifest number:          11EB
Signing time:             Sun 16 Feb 2025 22:00:36 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:36 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:36 +0000
Files and hashes:         1: ScKchYIxItOsfH9IBdWyQocNLeI.crl (hash: 45rSnOJHcpqAgetA7bJ3ZVF3uqgVnMddnDcfQGTVCew=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ScKchYIxItOsfH9IBdWyQocNLeI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:12:8f:2a:8f:f4:c6:e3:0e:a8:f5:df:86:40:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49c29c85823122d3ac7c7f4805d5b242870d2de2
        Validity
            Not Before: Feb 16 22:00:36 2025 GMT
            Not After : Feb 17 22:00:36 2025 GMT
        Subject: CN=0f8e732584874ea94c8c6fcbb76b38eb35f08339
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:94:ad:0c:ed:b6:70:b2:71:a0:ce:a8:a1:74:
                    33:b1:94:2f:0a:5e:d3:dd:04:b9:1c:c9:95:1c:21:
                    ff:55:1f:ff:cb:01:d0:78:63:22:a1:61:17:a3:88:
                    30:87:f8:23:22:56:91:07:6a:e2:37:1b:86:38:7d:
                    e7:1c:18:90:ba:c0:38:59:07:fe:a8:49:64:34:eb:
                    c9:e4:66:9e:99:fb:0e:36:55:c2:7d:f0:7b:ae:aa:
                    e2:20:18:ac:87:6d:3c:c3:05:2c:42:5e:8e:62:d6:
                    82:3c:84:ad:26:23:7d:c4:26:7d:85:7f:e6:57:0b:
                    06:0d:3d:7a:e0:bf:5b:74:9f:54:7d:80:f4:85:9c:
                    7b:50:b5:06:07:1d:9b:4e:f5:22:1b:f6:02:8c:8e:
                    c9:e6:66:f1:12:1e:1e:d2:03:8f:2e:1d:d3:e2:5d:
                    f3:de:54:c8:5c:3a:7d:0d:a8:ee:d2:bc:5e:44:f3:
                    fe:8b:31:67:a8:d3:ed:53:ed:28:40:cf:9c:95:84:
                    68:b1:b6:fe:9f:af:f1:69:9d:5f:8b:ae:fc:99:65:
                    35:82:44:ff:a0:a6:91:df:75:b3:2d:63:ab:74:d2:
                    45:f7:a0:35:26:32:39:31:87:b0:96:db:2b:21:5b:
                    55:df:f6:2f:0f:6d:08:b3:82:d2:30:60:78:38:27:
                    1d:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:8E:73:25:84:87:4E:A9:4C:8C:6F:CB:B7:6B:38:EB:35:F0:83:39
            X509v3 Authority Key Identifier:
                keyid:49:C2:9C:85:82:31:22:D3:AC:7C:7F:48:05:D5:B2:42:87:0D:2D:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ScKchYIxItOsfH9IBdWyQocNLeI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:c2:14:4f:35:ab:ff:f1:0e:93:fa:91:bb:88:7d:8b:bc:44:
         11:d1:18:de:da:67:cb:77:07:5a:60:b7:b1:69:b9:03:03:15:
         a1:9d:b6:48:ce:bd:05:68:25:44:a2:9b:b9:92:f3:65:7d:9f:
         1b:df:13:df:ca:b2:bf:9f:b4:6f:cf:cf:b9:2e:a0:2b:f8:4a:
         85:07:ed:98:51:f9:6e:ce:6b:60:d6:d5:b3:71:de:88:d0:4f:
         9a:ef:bd:6d:42:d2:ec:3f:18:6d:5d:fe:b4:ea:09:96:66:f3:
         b5:02:56:cc:5e:77:ca:33:e0:35:0c:3f:55:7f:72:54:ac:06:
         cd:99:b4:c5:fe:d7:00:61:2c:29:de:ae:f7:4a:3e:fe:48:ac:
         50:22:b2:5d:63:ba:e0:4d:e4:5b:32:db:86:5c:24:0a:3f:60:
         9d:5e:a5:a5:a7:8f:20:a5:58:2a:1b:06:c4:5d:73:ed:7a:d8:
         de:b8:b4:5a:56:c8:4d:b3:b4:70:b4:8e:b7:cd:79:c0:1f:78:
         14:1c:4e:56:94:52:68:9a:e6:9a:29:3e:a2:53:a2:0c:2d:e3:
         f5:d6:a1:02:61:c6:89:06:f9:f7:de:0c:0b:d8:57:b1:a3:6d:
         a6:f3:e1:0c:aa:a2:f3:7a:1f:53:61:10:ab:24:4d:5e:5f:2e:
         65:c7:db:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxxKPKo/0xuMOqPXfhkDqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5YzI5Yzg1ODIzMTIyZDNhYzdjN2Y0ODA1ZDViMjQyODcw
ZDJkZTIwHhcNMjUwMjE2MjIwMDM2WhcNMjUwMjE3MjIwMDM2WjAzMTEwLwYDVQQD
EygwZjhlNzMyNTg0ODc0ZWE5NGM4YzZmY2JiNzZiMzhlYjM1ZjA4MzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJStDO22cLJxoM6ooXQzsZQvCl7T
3QS5HMmVHCH/VR//ywHQeGMioWEXo4gwh/gjIlaRB2riNxuGOH3nHBiQusA4WQf+
qElkNOvJ5GaemfsONlXCffB7rqriIBish208wwUsQl6OYtaCPIStJiN9xCZ9hX/m
VwsGDT164L9bdJ9UfYD0hZx7ULUGBx2bTvUiG/YCjI7J5mbxEh4e0gOPLh3T4l3z
3lTIXDp9Daju0rxeRPP+izFnqNPtU+0oQM+clYRosbb+n6/xaZ1fi678mWU1gkT/
oKaR33WzLWOrdNJF96A1JjI5MYewltsrIVtV3/YvD20Is4LSMGB4OCcd1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA+OcyWEh06pTIxvy7drOOs18IM5MB8GA1UdIwQY
MBaAFEnCnIWCMSLTrHx/SAXVskKHDS3iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2NLY2hZSXhJdE9zZkg5SUJkV3lRb2NOTGVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hNTdhNjMtYTZiNC00MTY1LTllNWUt
OWMyZDA0NGRkNGFmLzEvU2NLY2hZSXhJdE9zZkg5SUJkV3lRb2NOTGVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hNTdhNjMtYTZiNC00MTY1LTllNWUtOWMyZDA0NGRkNGFm
LzEvU2NLY2hZSXhJdE9zZkg5SUJkV3lRb2NOTGVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACMIUTzWr
//EOk/qRu4h9i7xEEdEY3tpny3cHWmC3sWm5AwMVoZ22SM69BWglRKKbuZLzZX2f
G98T38qyv5+0b8/PuS6gK/hKhQftmFH5bs5rYNbVs3HeiNBPmu+9bULS7D8YbV3+
tOoJlmbztQJWzF53yjPgNQw/VX9yVKwGzZm0xf7XAGEsKd6u90o+/kisUCKyXWO6
4E3kWzLbhlwkCj9gnV6lpaePIKVYKhsGxF1z7XrY3ri0WlbITbO0cLSOt815wB94
FBxOVpRSaJrmmik+olOiDC3j9dahAmHGiQb5994MC9hXsaNtpvPhDKqi83ofU2EQ
qyRNXl8uZcfb1A==
-----END CERTIFICATE-----