Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/18705b-48ac-484c-97bd-ec1a4b9a37b2/1/MFOQl41XlfFI4eYK6c_XKDNIEiw.mft
File:                     MFOQl41XlfFI4eYK6c_XKDNIEiw.mft (raw, json)
Hash identifier:          l3C04B9sQOURH85srb46OET7w8v+aWEraqQd7XNiT9I=
Subject key identifier:   84:19:A3:13:BA:F0:57:DB:F9:40:CB:FA:92:13:0F:0F:86:BD:3B:DA
Authority key identifier: 30:53:90:97:8D:57:95:F1:48:E1:E6:0A:E9:CF:D7:28:33:48:12:2C
Certificate issuer:       /CN=305390978d5795f148e1e60ae9cfd7283348122c
Certificate serial:       019511A26A099BD7F2E736EB59F2462FB43E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MFOQl41XlfFI4eYK6c_XKDNIEiw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/18705b-48ac-484c-97bd-ec1a4b9a37b2/1/MFOQl41XlfFI4eYK6c_XKDNIEiw.mft
Manifest number:          0AFB
Signing time:             Mon 17 Feb 2025 02:00:11 +0000
Manifest this update:     Mon 17 Feb 2025 02:00:11 +0000
Manifest next update:     Tue 18 Feb 2025 02:00:11 +0000
Files and hashes:         1: MFOQl41XlfFI4eYK6c_XKDNIEiw.crl (hash: J85nTRjVeYKhslAf+SywSwzP3CLsI3ty7dVWL5RZ5e4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/18705b-48ac-484c-97bd-ec1a4b9a37b2/1/MFOQl41XlfFI4eYK6c_XKDNIEiw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/18705b-48ac-484c-97bd-ec1a4b9a37b2/1/MFOQl41XlfFI4eYK6c_XKDNIEiw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MFOQl41XlfFI4eYK6c_XKDNIEiw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:a2:6a:09:9b:d7:f2:e7:36:eb:59:f2:46:2f:b4:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=305390978d5795f148e1e60ae9cfd7283348122c
        Validity
            Not Before: Feb 17 02:00:11 2025 GMT
            Not After : Feb 18 02:00:11 2025 GMT
        Subject: CN=8419a313baf057dbf940cbfa92130f0f86bd3bda
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:f7:af:70:48:48:36:df:9a:d7:fa:95:06:00:
                    cc:90:1b:8c:58:49:e4:a4:c0:c4:63:69:d8:97:da:
                    73:3f:bb:77:46:dc:f4:19:69:8f:74:a8:88:6a:8d:
                    6e:6b:f4:60:9c:4b:14:b0:30:aa:14:48:e0:a7:b3:
                    7a:10:37:83:f0:82:2b:74:de:39:46:59:9c:c2:bc:
                    92:63:98:b4:e7:ee:21:25:3f:e2:00:41:e1:a7:e2:
                    35:89:63:38:49:77:db:23:d5:93:ca:bd:c3:6b:bc:
                    0e:76:4d:bf:04:8c:36:96:c2:b7:c2:f6:78:44:3a:
                    5f:29:80:3e:f0:26:e7:4b:98:00:7a:6c:c1:ea:7b:
                    14:e1:bf:83:64:3b:aa:74:64:89:e8:58:f7:8f:9c:
                    46:dd:ff:c9:88:34:e2:e8:b9:6f:74:47:b1:9e:0a:
                    b2:d2:82:ed:81:3f:c5:16:b5:60:04:3d:e9:c3:ca:
                    22:76:26:40:f9:22:19:53:65:6f:2a:2d:4f:67:69:
                    a0:79:59:07:a5:2e:57:dd:d6:e7:7a:be:13:96:07:
                    9f:28:2b:d0:48:82:e9:1e:83:6e:1a:a6:da:9a:7c:
                    fa:ae:78:5c:12:93:c6:e8:08:e4:d7:fa:c8:04:54:
                    ec:0d:a3:0b:b0:75:af:29:9f:ef:8d:40:f8:59:6f:
                    28:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:19:A3:13:BA:F0:57:DB:F9:40:CB:FA:92:13:0F:0F:86:BD:3B:DA
            X509v3 Authority Key Identifier:
                keyid:30:53:90:97:8D:57:95:F1:48:E1:E6:0A:E9:CF:D7:28:33:48:12:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MFOQl41XlfFI4eYK6c_XKDNIEiw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/18705b-48ac-484c-97bd-ec1a4b9a37b2/1/MFOQl41XlfFI4eYK6c_XKDNIEiw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/18705b-48ac-484c-97bd-ec1a4b9a37b2/1/MFOQl41XlfFI4eYK6c_XKDNIEiw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:a9:76:e5:d1:0b:a1:3a:af:cf:6a:94:e7:3d:9e:cf:7e:af:
         10:8d:57:78:af:a5:44:5f:ff:2b:1a:7e:6c:73:9a:b8:f3:4c:
         8f:d3:c6:c3:23:dd:c3:6c:b7:e3:1e:9e:22:13:3b:9c:cd:33:
         38:a0:25:a4:c7:e7:54:d7:6c:d2:bc:11:9b:ba:db:f4:0b:4e:
         80:f0:a2:01:1c:1a:23:5b:b2:b4:9f:42:ff:c6:93:74:14:5a:
         cc:3a:84:af:4b:15:cb:41:52:73:d7:2b:67:a1:48:7c:fe:6a:
         38:ff:3b:07:66:c2:72:f2:31:aa:ae:e9:48:d6:31:68:ab:1d:
         64:1a:ab:9d:b3:62:74:7f:d0:38:51:75:60:bd:22:5c:0f:3f:
         7f:87:ee:7e:1e:1d:86:d7:ca:4c:4c:c1:00:0d:84:c5:ce:85:
         88:7f:66:48:68:23:22:dd:12:dc:b7:8a:bb:8d:72:ef:70:36:
         58:42:5c:d9:c8:bf:50:ec:18:bf:8f:76:f6:3b:09:c8:2b:7b:
         4b:d7:a5:70:f8:62:db:59:ec:e4:a6:10:41:1c:64:ce:d5:41:
         fc:38:3f:3c:82:0a:d8:d6:a4:5b:77:92:e3:a1:b0:97:3e:f8:
         e9:fe:f0:6c:f1:1d:78:43:6a:bb:7a:2e:b0:96:11:4d:0e:4b:
         c3:d5:fd:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURomoJm9fy5zbrWfJGL7Q+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNTM5MDk3OGQ1Nzk1ZjE0OGUxZTYwYWU5Y2ZkNzI4MzM0
ODEyMmMwHhcNMjUwMjE3MDIwMDExWhcNMjUwMjE4MDIwMDExWjAzMTEwLwYDVQQD
Eyg4NDE5YTMxM2JhZjA1N2RiZjk0MGNiZmE5MjEzMGYwZjg2YmQzYmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfevcEhINt+a1/qVBgDMkBuMWEnk
pMDEY2nYl9pzP7t3Rtz0GWmPdKiIao1ua/RgnEsUsDCqFEjgp7N6EDeD8IIrdN45
RlmcwrySY5i05+4hJT/iAEHhp+I1iWM4SXfbI9WTyr3Da7wOdk2/BIw2lsK3wvZ4
RDpfKYA+8CbnS5gAemzB6nsU4b+DZDuqdGSJ6Fj3j5xG3f/JiDTi6LlvdEexngqy
0oLtgT/FFrVgBD3pw8oidiZA+SIZU2VvKi1PZ2mgeVkHpS5X3dbner4TlgefKCvQ
SILpHoNuGqbamnz6rnhcEpPG6Ajk1/rIBFTsDaMLsHWvKZ/vjUD4WW8obwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIQZoxO68Ffb+UDL+pITDw+GvTvaMB8GA1UdIwQY
MBaAFDBTkJeNV5XxSOHmCunP1ygzSBIsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUZPUWw0MVhsZkZJNGVZSzZjX1hLRE5JRWl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8xODcwNWItNDhhYy00ODRjLTk3YmQt
ZWMxYTRiOWEzN2IyLzEvTUZPUWw0MVhsZkZJNGVZSzZjX1hLRE5JRWl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8xODcwNWItNDhhYy00ODRjLTk3YmQtZWMxYTRiOWEzN2Iy
LzEvTUZPUWw0MVhsZkZJNGVZSzZjX1hLRE5JRWl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADql25dEL
oTqvz2qU5z2ez36vEI1XeK+lRF//Kxp+bHOauPNMj9PGwyPdw2y34x6eIhM7nM0z
OKAlpMfnVNds0rwRm7rb9AtOgPCiARwaI1uytJ9C/8aTdBRazDqEr0sVy0FSc9cr
Z6FIfP5qOP87B2bCcvIxqq7pSNYxaKsdZBqrnbNidH/QOFF1YL0iXA8/f4fufh4d
htfKTEzBAA2Exc6FiH9mSGgjIt0S3LeKu41y73A2WEJc2ci/UOwYv4929jsJyCt7
S9elcPhi21ns5KYQQRxkztVB/Dg/PIIK2NakW3eS46Gwlz746f7wbPEdeENqu3ou
sJYRTQ5Lw9X9IQ==
-----END CERTIFICATE-----