Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/8f5e59-7f71-4cf2-a619-3f0295eee951/1/fgdwhBDMdkNEuM-k8-NopeJStlA.mft
File:                     fgdwhBDMdkNEuM-k8-NopeJStlA.mft (raw, json)
Hash identifier:          Q3fiu+zqYxc6RvkJeaYfRtme/k3ehpF+6DGIedvAH54=
Subject key identifier:   82:04:9C:FD:20:DD:68:76:9D:27:5C:A2:EB:5A:1A:14:E2:B8:8B:66
Authority key identifier: 7E:07:70:84:10:CC:76:43:44:B8:CF:A4:F3:E3:68:A5:E2:52:B6:50
Certificate issuer:       /CN=7e07708410cc764344b8cfa4f3e368a5e252b650
Certificate serial:       019511A2B2A73851E1D3125D86FBBA57FE13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fgdwhBDMdkNEuM-k8-NopeJStlA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/8f5e59-7f71-4cf2-a619-3f0295eee951/1/fgdwhBDMdkNEuM-k8-NopeJStlA.mft
Manifest number:          087D
Signing time:             Mon 17 Feb 2025 02:00:29 +0000
Manifest this update:     Mon 17 Feb 2025 02:00:29 +0000
Manifest next update:     Tue 18 Feb 2025 02:00:29 +0000
Files and hashes:         1: fgdwhBDMdkNEuM-k8-NopeJStlA.crl (hash: eGInjI19UwO6DgjvNgiNT4t7HliHpH6BBx2INWq0pZA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ee/8f5e59-7f71-4cf2-a619-3f0295eee951/1/fgdwhBDMdkNEuM-k8-NopeJStlA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ee/8f5e59-7f71-4cf2-a619-3f0295eee951/1/fgdwhBDMdkNEuM-k8-NopeJStlA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fgdwhBDMdkNEuM-k8-NopeJStlA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:a2:b2:a7:38:51:e1:d3:12:5d:86:fb:ba:57:fe:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7e07708410cc764344b8cfa4f3e368a5e252b650
        Validity
            Not Before: Feb 17 02:00:29 2025 GMT
            Not After : Feb 18 02:00:29 2025 GMT
        Subject: CN=82049cfd20dd68769d275ca2eb5a1a14e2b88b66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:37:07:e5:f6:34:2d:3d:3d:4c:4c:cf:20:b3:
                    b1:a4:c3:b1:ae:b8:b1:3a:fc:a0:58:50:a5:b0:82:
                    07:50:ed:fb:67:aa:8d:60:0d:38:ce:ef:fb:ea:42:
                    3d:9c:54:83:9a:1d:40:c8:df:8f:54:98:dc:e0:dd:
                    0d:aa:e6:1a:66:c2:fd:bc:0c:b1:8b:bd:42:c5:76:
                    a3:d2:d5:50:71:1e:ef:65:43:b1:27:12:9e:ad:23:
                    e9:61:5b:10:a0:d4:56:8a:d6:a9:70:0a:98:e3:7d:
                    01:ee:8b:f1:c1:f2:2d:47:c9:bb:4e:ea:3a:3f:58:
                    3e:21:f8:b1:c2:9d:8a:35:ba:ae:e9:0c:54:fc:b4:
                    ee:e7:1f:b9:c6:ba:ca:01:fc:d5:43:27:8b:c8:28:
                    ad:81:b8:0c:7c:d3:5e:bd:1b:93:d0:75:41:2b:48:
                    5d:b9:31:d2:1e:2b:97:bd:ac:90:1e:84:7c:2e:80:
                    38:f4:b5:88:17:01:1f:b9:86:f5:2e:af:a9:ae:94:
                    ef:55:bf:04:f3:83:61:31:d1:fe:20:19:10:77:c4:
                    cd:34:98:ff:4c:a8:60:8e:ba:9b:56:da:b8:9d:f3:
                    6e:37:98:b1:d5:64:1c:bf:a3:e5:59:a6:e2:01:03:
                    3f:64:4b:77:45:83:9f:19:13:7c:bd:17:29:12:69:
                    c5:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:04:9C:FD:20:DD:68:76:9D:27:5C:A2:EB:5A:1A:14:E2:B8:8B:66
            X509v3 Authority Key Identifier:
                keyid:7E:07:70:84:10:CC:76:43:44:B8:CF:A4:F3:E3:68:A5:E2:52:B6:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fgdwhBDMdkNEuM-k8-NopeJStlA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/8f5e59-7f71-4cf2-a619-3f0295eee951/1/fgdwhBDMdkNEuM-k8-NopeJStlA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/8f5e59-7f71-4cf2-a619-3f0295eee951/1/fgdwhBDMdkNEuM-k8-NopeJStlA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         f5:fe:cc:73:16:09:87:ec:1d:db:ce:49:81:6e:00:d0:f1:64:
         97:ca:22:5d:b5:1c:87:cb:8e:b4:96:9f:40:2e:4f:1e:6d:d6:
         19:ed:e0:50:c8:36:2a:2f:f6:c1:d4:b5:3d:af:d8:4a:89:9b:
         da:b3:f7:f7:30:9f:af:5b:19:d9:ef:50:4e:4c:9d:d9:cc:76:
         63:8c:59:b3:33:cb:b5:ef:bd:63:18:02:eb:06:c1:85:71:f8:
         5b:20:07:90:34:0e:c6:d3:d5:61:31:18:46:71:a3:66:38:3f:
         a0:bc:28:b7:39:43:86:b3:63:a9:f1:3b:41:6d:21:9d:9b:04:
         8f:3f:b2:e4:65:cd:84:52:33:f7:8e:1e:79:d6:09:a4:0a:c5:
         a5:ab:c6:4e:ac:30:38:0d:49:a0:da:77:ed:52:b2:32:d7:67:
         7a:87:00:d5:03:cd:b8:b9:6a:c5:5a:6d:b0:c5:57:06:15:ef:
         10:ee:e9:bc:99:21:5a:d7:a3:b7:0e:d9:db:42:08:91:01:11:
         9d:34:51:8f:00:68:d4:ec:40:b1:1d:7d:da:42:6f:d6:26:37:
         aa:31:67:3b:17:c3:2a:18:2f:58:ba:a6:5b:b1:01:a9:7f:25:
         1f:24:ef:d6:0a:95:a9:68:a7:18:a2:d8:f5:7b:c7:87:ce:ce:
         32:14:db:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURorKnOFHh0xJdhvu6V/4TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMDc3MDg0MTBjYzc2NDM0NGI4Y2ZhNGYzZTM2OGE1ZTI1
MmI2NTAwHhcNMjUwMjE3MDIwMDI5WhcNMjUwMjE4MDIwMDI5WjAzMTEwLwYDVQQD
Eyg4MjA0OWNmZDIwZGQ2ODc2OWQyNzVjYTJlYjVhMWExNGUyYjg4YjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDcH5fY0LT09TEzPILOxpMOxrrix
OvygWFClsIIHUO37Z6qNYA04zu/76kI9nFSDmh1AyN+PVJjc4N0NquYaZsL9vAyx
i71CxXaj0tVQcR7vZUOxJxKerSPpYVsQoNRWitapcAqY430B7ovxwfItR8m7Tuo6
P1g+Ifixwp2KNbqu6QxU/LTu5x+5xrrKAfzVQyeLyCitgbgMfNNevRuT0HVBK0hd
uTHSHiuXvayQHoR8LoA49LWIFwEfuYb1Lq+prpTvVb8E84NhMdH+IBkQd8TNNJj/
TKhgjrqbVtq4nfNuN5ix1WQcv6PlWabiAQM/ZEt3RYOfGRN8vRcpEmnFJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIIEnP0g3Wh2nSdcoutaGhTiuItmMB8GA1UdIwQY
MBaAFH4HcIQQzHZDRLjPpPPjaKXiUrZQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmdkd2hCRE1ka05FdU0tazgtTm9wZUpTdGxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS84ZjVlNTktN2Y3MS00Y2YyLWE2MTkt
M2YwMjk1ZWVlOTUxLzEvZmdkd2hCRE1ka05FdU0tazgtTm9wZUpTdGxBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS84ZjVlNTktN2Y3MS00Y2YyLWE2MTktM2YwMjk1ZWVlOTUx
LzEvZmdkd2hCRE1ka05FdU0tazgtTm9wZUpTdGxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA9f7McxYJ
h+wd285JgW4A0PFkl8oiXbUch8uOtJafQC5PHm3WGe3gUMg2Ki/2wdS1Pa/YSomb
2rP39zCfr1sZ2e9QTkyd2cx2Y4xZszPLte+9YxgC6wbBhXH4WyAHkDQOxtPVYTEY
RnGjZjg/oLwotzlDhrNjqfE7QW0hnZsEjz+y5GXNhFIz944eedYJpArFpavGTqww
OA1JoNp37VKyMtdneocA1QPNuLlqxVptsMVXBhXvEO7pvJkhWtejtw7Z20IIkQER
nTRRjwBo1OxAsR192kJv1iY3qjFnOxfDKhgvWLqmW7EBqX8lHyTv1gqVqWinGKLY
9XvHh87OMhTbJg==
-----END CERTIFICATE-----