Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.mft
File:                     0ol7M1OC-CJPXYkOMbOGMhxrs-0.mft (raw, json)
Hash identifier:          1cYCvruXWod3P1VlBNjZPWUHjrWPmcvqxqUHz0kax4s=
Subject key identifier:   83:74:51:1D:E8:F3:58:0B:4A:4B:BB:9A:FD:F5:B7:3B:D2:FA:5B:65
Authority key identifier: D2:89:7B:33:53:82:F8:22:4F:5D:89:0E:31:B3:86:32:1C:6B:B3:ED
Certificate issuer:       /CN=d2897b335382f8224f5d890e31b386321c6bb3ed
Certificate serial:       019510C6C9060372BC49B654DED1782D6911
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0ol7M1OC-CJPXYkOMbOGMhxrs-0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.mft
Manifest number:          0862
Signing time:             Sun 16 Feb 2025 22:00:17 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:17 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:17 +0000
Files and hashes:         1: 0ol7M1OC-CJPXYkOMbOGMhxrs-0.crl (hash: yLyUU3mbxhpKLo9xKfhVr8l5E7xI4oKSmUPjlYkxdGM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0ol7M1OC-CJPXYkOMbOGMhxrs-0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c6:c9:06:03:72:bc:49:b6:54:de:d1:78:2d:69:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2897b335382f8224f5d890e31b386321c6bb3ed
        Validity
            Not Before: Feb 16 22:00:17 2025 GMT
            Not After : Feb 17 22:00:17 2025 GMT
        Subject: CN=8374511de8f3580b4a4bbb9afdf5b73bd2fa5b65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:35:9c:29:2f:e8:c7:cb:11:fb:63:a3:41:36:
                    df:fe:f8:9b:db:33:0d:d2:2b:6e:af:2f:32:f6:c8:
                    eb:8a:8f:5e:e1:66:c9:e6:61:d5:05:57:94:8b:38:
                    cd:ec:1e:f8:42:e9:e1:dc:06:24:a9:dc:b6:2e:1a:
                    18:96:4c:8f:5c:ec:b1:79:12:71:e7:b1:9f:a2:8b:
                    b5:26:6c:18:13:7f:86:05:68:a0:3f:2f:ab:bb:24:
                    30:a4:67:61:81:67:1f:1d:23:df:79:70:88:f1:a1:
                    2d:17:dd:e6:e7:99:08:a2:83:3f:16:51:1e:f3:f0:
                    77:9f:7f:9b:23:05:60:a2:9a:47:00:c8:7d:f8:4a:
                    93:de:ff:56:c9:15:f2:0c:67:b8:2a:24:cf:0c:d4:
                    b0:3c:13:2a:6a:55:ad:2c:7a:99:35:e9:ad:41:e9:
                    80:c0:b4:76:06:96:0b:0b:a1:66:34:35:fb:68:d0:
                    af:78:fd:06:4f:c7:9a:65:13:12:ce:97:27:a2:2e:
                    d6:29:2e:25:80:4d:9e:ae:3d:02:03:7f:fe:eb:36:
                    d3:28:54:04:6c:2f:50:75:d1:c3:de:69:22:06:93:
                    62:de:76:6b:40:36:5d:e8:c8:fb:d1:7c:4b:66:5b:
                    58:44:fe:c6:f4:d7:92:90:56:35:1c:14:76:71:02:
                    76:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:74:51:1D:E8:F3:58:0B:4A:4B:BB:9A:FD:F5:B7:3B:D2:FA:5B:65
            X509v3 Authority Key Identifier:
                keyid:D2:89:7B:33:53:82:F8:22:4F:5D:89:0E:31:B3:86:32:1C:6B:B3:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0ol7M1OC-CJPXYkOMbOGMhxrs-0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:0b:a8:56:92:23:d5:86:30:21:49:f5:31:c6:bb:da:5c:b2:
         09:21:82:d4:6c:03:e2:cf:fb:fe:66:56:52:e0:55:d0:8d:19:
         a9:23:ee:c0:09:a5:ea:8d:aa:f4:83:ed:ac:7e:8c:c0:89:4b:
         f4:02:53:66:c6:9e:bd:d9:16:71:40:18:e2:b0:54:13:a3:d7:
         db:aa:df:17:de:4f:c0:df:ed:6f:35:99:a2:dd:e0:72:be:5f:
         2c:4f:6c:ea:22:7d:c1:66:91:ac:8a:2a:9a:75:46:ac:72:8b:
         6a:cc:0c:1f:58:a2:ae:1c:8c:ef:47:fb:18:2f:d3:44:e6:ee:
         86:63:96:92:7a:14:3f:71:72:60:e6:d3:d3:c6:49:39:3f:29:
         74:bf:ad:0e:70:3e:bb:f9:f7:42:f4:86:ba:23:a4:ab:67:93:
         a6:a8:d1:6c:87:f3:3d:da:7c:d3:78:40:11:79:68:20:ad:bf:
         91:d9:2b:af:71:08:5b:37:37:85:96:f4:54:0d:69:81:e6:34:
         a8:f8:c3:db:5c:12:06:53:40:84:16:42:7c:82:da:67:35:26:
         de:8f:2c:ab:e9:51:32:94:f6:da:cc:c4:31:c7:45:9d:ce:bf:
         1c:28:70:72:51:7a:55:04:bd:08:4c:9e:0b:20:04:fe:5f:1a:
         64:b8:e1:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxskGA3K8SbZU3tF4LWkRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyODk3YjMzNTM4MmY4MjI0ZjVkODkwZTMxYjM4NjMyMWM2
YmIzZWQwHhcNMjUwMjE2MjIwMDE3WhcNMjUwMjE3MjIwMDE3WjAzMTEwLwYDVQQD
Eyg4Mzc0NTExZGU4ZjM1ODBiNGE0YmJiOWFmZGY1YjczYmQyZmE1YjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTWcKS/ox8sR+2OjQTbf/vib2zMN
0itury8y9sjrio9e4WbJ5mHVBVeUizjN7B74Qunh3AYkqdy2LhoYlkyPXOyxeRJx
57Gfoou1JmwYE3+GBWigPy+ruyQwpGdhgWcfHSPfeXCI8aEtF93m55kIooM/FlEe
8/B3n3+bIwVgoppHAMh9+EqT3v9WyRXyDGe4KiTPDNSwPBMqalWtLHqZNemtQemA
wLR2BpYLC6FmNDX7aNCveP0GT8eaZRMSzpcnoi7WKS4lgE2erj0CA3/+6zbTKFQE
bC9QddHD3mkiBpNi3nZrQDZd6Mj70XxLZltYRP7G9NeSkFY1HBR2cQJ2HQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIN0UR3o81gLSku7mv31tzvS+ltlMB8GA1UdIwQY
MBaAFNKJezNTgvgiT12JDjGzhjIca7PtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG9sN00xT0MtQ0pQWFlrT01iT0dNaHhycy0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC80ZGU4MDUtZDVkYy00NmY3LWIzOTct
NWI1MzMyYWYxODUxLzEvMG9sN00xT0MtQ0pQWFlrT01iT0dNaHhycy0wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC80ZGU4MDUtZDVkYy00NmY3LWIzOTctNWI1MzMyYWYxODUx
LzEvMG9sN00xT0MtQ0pQWFlrT01iT0dNaHhycy0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqwuoVpIj
1YYwIUn1Mca72lyyCSGC1GwD4s/7/mZWUuBV0I0ZqSPuwAml6o2q9IPtrH6MwIlL
9AJTZsaevdkWcUAY4rBUE6PX26rfF95PwN/tbzWZot3gcr5fLE9s6iJ9wWaRrIoq
mnVGrHKLaswMH1iirhyM70f7GC/TRObuhmOWknoUP3FyYObT08ZJOT8pdL+tDnA+
u/n3QvSGuiOkq2eTpqjRbIfzPdp803hAEXloIK2/kdkrr3EIWzc3hZb0VA1pgeY0
qPjD21wSBlNAhBZCfILaZzUm3o8sq+lRMpT22szEMcdFnc6/HChwclF6VQS9CEye
CyAE/l8aZLjhuQ==
-----END CERTIFICATE-----