Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/9b9703-3929-4a4e-93b7-a1bf42c58494/1/4SFHcEtsZk3PIjSS7mHV5fkXxek.mft
File:                     4SFHcEtsZk3PIjSS7mHV5fkXxek.mft (raw, json)
Hash identifier:          N6yhJF5cbdgbmMzL5YC/JtKHv60lHUxP/ENedHqijdI=
Subject key identifier:   DE:5E:A8:B3:5A:16:59:1D:5E:FD:08:F3:F4:56:C5:6A:3E:D9:0C:6C
Authority key identifier: E1:21:47:70:4B:6C:66:4D:CF:22:34:92:EE:61:D5:E5:F9:17:C5:E9
Certificate issuer:       /CN=e12147704b6c664dcf223492ee61d5e5f917c5e9
Certificate serial:       0195116B916DB19952EA5B613D431899177E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4SFHcEtsZk3PIjSS7mHV5fkXxek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/9b9703-3929-4a4e-93b7-a1bf42c58494/1/4SFHcEtsZk3PIjSS7mHV5fkXxek.mft
Manifest number:          0194
Signing time:             Mon 17 Feb 2025 01:00:17 +0000
Manifest this update:     Mon 17 Feb 2025 01:00:17 +0000
Manifest next update:     Tue 18 Feb 2025 01:00:17 +0000
Files and hashes:         1: 4SFHcEtsZk3PIjSS7mHV5fkXxek.crl (hash: NToCfsjrL2i62F+SAxcpune/2YP1WFNTlHa/Tw7BA9Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/9b9703-3929-4a4e-93b7-a1bf42c58494/1/4SFHcEtsZk3PIjSS7mHV5fkXxek.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/9b9703-3929-4a4e-93b7-a1bf42c58494/1/4SFHcEtsZk3PIjSS7mHV5fkXxek.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4SFHcEtsZk3PIjSS7mHV5fkXxek.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:6b:91:6d:b1:99:52:ea:5b:61:3d:43:18:99:17:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e12147704b6c664dcf223492ee61d5e5f917c5e9
        Validity
            Not Before: Feb 17 01:00:17 2025 GMT
            Not After : Feb 18 01:00:17 2025 GMT
        Subject: CN=de5ea8b35a16591d5efd08f3f456c56a3ed90c6c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:77:c4:2a:76:a4:48:af:17:fe:5c:51:28:c6:
                    b3:10:71:f0:9f:aa:26:12:f6:d0:6a:e8:c6:f4:12:
                    1a:c2:40:22:1f:27:c2:be:61:8e:e9:ea:0c:d4:3c:
                    fa:e9:05:27:23:e2:f6:59:6b:77:7b:10:eb:fe:62:
                    94:d4:a7:ed:d2:a7:fb:ee:c9:14:41:42:94:0e:57:
                    33:58:10:87:90:63:63:ac:17:be:9f:9f:49:62:cb:
                    87:5d:ca:40:e1:bb:d5:7e:ec:24:6e:93:a1:10:e5:
                    8a:5b:77:1d:34:47:a9:b3:0c:03:ed:fc:f0:74:7c:
                    d6:38:a3:aa:ba:cd:cd:23:eb:7b:3b:84:01:c7:7a:
                    c7:2a:1f:12:b1:73:b8:e3:0b:da:0f:4b:d4:7b:3c:
                    6a:38:b8:2a:29:c5:df:61:47:cf:52:43:6d:bf:44:
                    72:1f:4e:03:13:dd:ce:64:aa:cc:8e:9a:a9:78:4b:
                    a9:c6:04:ea:30:fd:01:60:8b:f0:6b:fd:4e:e3:99:
                    e6:6b:12:4a:ee:40:ae:8c:10:d9:4a:51:76:06:6a:
                    35:58:98:f5:e0:b9:e6:24:a6:11:64:0e:80:f8:c1:
                    2c:aa:39:76:cb:8e:72:b8:fc:c7:cd:85:f8:4f:5c:
                    86:b0:c6:55:ec:56:b5:2a:0c:df:61:44:de:a4:92:
                    e5:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:5E:A8:B3:5A:16:59:1D:5E:FD:08:F3:F4:56:C5:6A:3E:D9:0C:6C
            X509v3 Authority Key Identifier:
                keyid:E1:21:47:70:4B:6C:66:4D:CF:22:34:92:EE:61:D5:E5:F9:17:C5:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4SFHcEtsZk3PIjSS7mHV5fkXxek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/9b9703-3929-4a4e-93b7-a1bf42c58494/1/4SFHcEtsZk3PIjSS7mHV5fkXxek.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/9b9703-3929-4a4e-93b7-a1bf42c58494/1/4SFHcEtsZk3PIjSS7mHV5fkXxek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:53:e3:b2:91:c9:80:8b:ec:31:7a:1d:c1:82:ad:17:f8:e8:
         c1:a2:94:db:2c:a1:d5:1c:0b:3b:93:01:d2:47:a3:9b:03:8c:
         42:93:0e:91:4f:39:24:a9:6f:63:5f:19:69:12:34:e1:31:61:
         ef:ef:b4:1c:6a:ad:17:ca:05:a2:37:6c:c2:c6:15:41:26:5e:
         df:ee:0f:29:56:ca:47:2d:ba:ce:cc:f8:d9:d7:b9:27:a6:73:
         56:66:3a:c3:29:68:44:91:aa:8b:fa:d7:6c:fe:b4:92:82:e8:
         5e:31:39:ca:c3:da:31:a1:1e:ac:76:c9:00:ab:b4:1a:62:4a:
         0a:80:3b:d3:a1:75:d4:a4:52:1b:b8:1e:2b:63:0c:cb:5a:b5:
         8e:f5:93:f2:81:47:d3:82:95:6c:05:11:5a:bc:07:2a:7f:48:
         45:d0:c2:59:71:5c:b7:e4:cc:3a:75:6d:0d:af:a7:5f:77:b7:
         3f:26:56:7c:bd:bf:f8:a2:04:d4:74:d1:df:19:2f:f8:7e:11:
         de:50:fd:0d:7b:d3:63:c6:21:9f:48:81:d6:3c:22:2f:d7:a5:
         97:4c:f8:ca:fb:99:8e:de:72:22:9c:e3:92:80:56:db:62:56:
         f4:ec:c7:85:9b:bd:69:50:f8:0e:06:03:e5:31:79:6f:0d:87:
         81:11:ea:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURa5FtsZlS6lthPUMYmRd+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMjE0NzcwNGI2YzY2NGRjZjIyMzQ5MmVlNjFkNWU1Zjkx
N2M1ZTkwHhcNMjUwMjE3MDEwMDE3WhcNMjUwMjE4MDEwMDE3WjAzMTEwLwYDVQQD
EyhkZTVlYThiMzVhMTY1OTFkNWVmZDA4ZjNmNDU2YzU2YTNlZDkwYzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHfEKnakSK8X/lxRKMazEHHwn6om
EvbQaujG9BIawkAiHyfCvmGO6eoM1Dz66QUnI+L2WWt3exDr/mKU1Kft0qf77skU
QUKUDlczWBCHkGNjrBe+n59JYsuHXcpA4bvVfuwkbpOhEOWKW3cdNEepswwD7fzw
dHzWOKOqus3NI+t7O4QBx3rHKh8SsXO44wvaD0vUezxqOLgqKcXfYUfPUkNtv0Ry
H04DE93OZKrMjpqpeEupxgTqMP0BYIvwa/1O45nmaxJK7kCujBDZSlF2Bmo1WJj1
4LnmJKYRZA6A+MEsqjl2y45yuPzHzYX4T1yGsMZV7Fa1KgzfYUTepJLlewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN5eqLNaFlkdXv0I8/RWxWo+2QxsMB8GA1UdIwQY
MBaAFOEhR3BLbGZNzyI0ku5h1eX5F8XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFNGSGNFdHNaazNQSWpTUzdtSFY1ZmtYeGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy85Yjk3MDMtMzkyOS00YTRlLTkzYjct
YTFiZjQyYzU4NDk0LzEvNFNGSGNFdHNaazNQSWpTUzdtSFY1ZmtYeGVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy85Yjk3MDMtMzkyOS00YTRlLTkzYjctYTFiZjQyYzU4NDk0
LzEvNFNGSGNFdHNaazNQSWpTUzdtSFY1ZmtYeGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALVPjspHJ
gIvsMXodwYKtF/jowaKU2yyh1RwLO5MB0kejmwOMQpMOkU85JKlvY18ZaRI04TFh
7++0HGqtF8oFojdswsYVQSZe3+4PKVbKRy26zsz42de5J6ZzVmY6wyloRJGqi/rX
bP60koLoXjE5ysPaMaEerHbJAKu0GmJKCoA706F11KRSG7geK2MMy1q1jvWT8oFH
04KVbAURWrwHKn9IRdDCWXFct+TMOnVtDa+nX3e3PyZWfL2/+KIE1HTR3xkv+H4R
3lD9DXvTY8Yhn0iB1jwiL9ell0z4yvuZjt5yIpzjkoBW22JW9OzHhZu9aVD4DgYD
5TF5bw2HgRHqWg==
-----END CERTIFICATE-----