Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft
File:                     a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft (raw, json)
Hash identifier:          3umDWajfGLantIHbUJLJ4+FzobfQC/h34uqTh2tJvyY=
Subject key identifier:   8C:60:51:A5:20:E4:99:67:EE:68:E6:DF:5C:34:22:15:7B:68:DD:84
Authority key identifier: 6B:6A:35:CC:30:EC:31:16:42:0C:0F:F0:4C:59:E4:79:3E:91:93:FB
Certificate issuer:       /CN=6b6a35cc30ec3116420c0ff04c59e4793e9193fb
Certificate serial:       0194C387F17AF62C787EC06FE4D8102ACE2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft
Manifest number:          33
Signing time:             Sat 01 Feb 2025 22:00:53 +0000
Manifest this update:     Sat 01 Feb 2025 22:00:53 +0000
Manifest next update:     Sun 02 Feb 2025 22:00:53 +0000
Files and hashes:         1: a2o1zDDsMRZCDA_wTFnkeT6Rk_s.crl (hash: Z694sZNLP4mN/K74dpiUX1v4ExBajXF8v0CaPxX4WJE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:87:f1:7a:f6:2c:78:7e:c0:6f:e4:d8:10:2a:ce:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b6a35cc30ec3116420c0ff04c59e4793e9193fb
        Validity
            Not Before: Feb  1 22:00:53 2025 GMT
            Not After : Feb  2 22:00:53 2025 GMT
        Subject: CN=8c6051a520e49967ee68e6df5c3422157b68dd84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:71:08:19:b1:1d:f7:9c:67:a7:78:d3:9c:b0:
                    14:58:db:e9:5e:66:5b:a8:e7:fc:74:bb:4d:f0:91:
                    4a:26:0a:c8:80:56:c3:8f:8f:7b:34:a9:9d:a9:4d:
                    8d:5e:a0:50:1d:11:04:e3:42:ad:45:52:aa:f0:ca:
                    a8:c9:74:91:6f:1d:9e:64:0b:99:7c:1c:2a:11:f6:
                    2d:b1:0d:09:f8:36:5d:8f:aa:3b:62:84:6a:98:b8:
                    19:d4:70:61:04:83:91:82:0a:96:1c:8a:40:b9:ca:
                    af:3a:73:6f:65:a0:99:21:1e:2f:3d:d6:32:e6:94:
                    eb:1c:d7:66:81:ca:ff:50:b8:89:89:5a:79:4d:1f:
                    12:83:17:e4:c9:48:ac:40:73:31:df:f4:6d:a6:fe:
                    b8:d1:a1:2c:43:75:26:8a:e3:1c:0d:60:f8:4a:83:
                    55:ff:44:ea:2b:23:d4:72:ce:e8:d7:84:7e:60:0a:
                    e8:c1:3d:73:a3:70:df:cc:8c:a5:bf:2a:0e:bc:e8:
                    3e:61:20:70:bb:6f:c6:3e:00:71:2f:65:e6:33:65:
                    09:cf:78:85:be:38:b3:df:f6:2f:de:e1:08:0d:55:
                    93:27:3a:00:0d:8c:44:17:d8:70:7e:e1:a8:27:4d:
                    0a:3d:f6:f1:2d:05:c9:e2:2f:89:75:3d:6c:92:d5:
                    d1:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:60:51:A5:20:E4:99:67:EE:68:E6:DF:5C:34:22:15:7B:68:DD:84
            X509v3 Authority Key Identifier:
                keyid:6B:6A:35:CC:30:EC:31:16:42:0C:0F:F0:4C:59:E4:79:3E:91:93:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:76:8d:a8:d6:36:58:b5:9a:1c:e9:75:89:a8:12:fc:b5:79:
         57:07:d5:c1:c0:72:8c:28:de:7f:24:d1:41:42:e1:60:2c:d1:
         8f:fe:4a:a9:fc:0e:1d:95:c3:da:1c:e2:75:2d:a4:73:4e:4c:
         bb:e2:40:1c:13:42:e1:3c:1b:9d:68:a1:c9:dc:fb:ba:9e:40:
         a8:65:81:80:4a:bb:2e:31:0c:54:f7:64:66:f4:02:a9:1b:b6:
         11:06:20:7c:9d:13:90:e6:04:ae:d6:ad:0b:ce:d4:e4:8d:39:
         cb:ed:d4:cd:e3:db:c7:c1:23:ec:3a:20:81:88:2b:46:a5:1a:
         4a:a4:38:f4:f6:e4:e8:65:8d:31:a0:de:ad:fe:7e:40:d4:e6:
         b6:24:46:3a:7b:e3:98:c2:14:00:2b:80:43:2e:80:0c:6e:c9:
         32:20:a6:d6:02:9b:94:55:25:08:2a:4a:cd:4f:91:48:c8:cc:
         19:2a:d1:51:b9:45:3e:14:b7:e9:ed:5a:99:2d:c3:0e:dc:38:
         1c:ff:d5:8a:fb:71:cf:f1:1b:3a:fa:1f:ca:9d:8e:4f:01:9a:
         c8:9e:7b:c8:38:98:03:88:b5:80:a9:aa:f7:2b:db:0c:8c:9e:
         56:ed:2a:09:f8:8a:ed:81:f5:69:41:04:bb:6a:3a:26:af:24:
         5a:31:59:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh/F69ix4fsBv5NgQKs4rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNmEzNWNjMzBlYzMxMTY0MjBjMGZmMDRjNTllNDc5M2U5
MTkzZmIwHhcNMjUwMjAxMjIwMDUzWhcNMjUwMjAyMjIwMDUzWjAzMTEwLwYDVQQD
Eyg4YzYwNTFhNTIwZTQ5OTY3ZWU2OGU2ZGY1YzM0MjIxNTdiNjhkZDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3EIGbEd95xnp3jTnLAUWNvpXmZb
qOf8dLtN8JFKJgrIgFbDj497NKmdqU2NXqBQHREE40KtRVKq8MqoyXSRbx2eZAuZ
fBwqEfYtsQ0J+DZdj6o7YoRqmLgZ1HBhBIORggqWHIpAucqvOnNvZaCZIR4vPdYy
5pTrHNdmgcr/ULiJiVp5TR8SgxfkyUisQHMx3/Rtpv640aEsQ3UmiuMcDWD4SoNV
/0TqKyPUcs7o14R+YArowT1zo3DfzIylvyoOvOg+YSBwu2/GPgBxL2XmM2UJz3iF
vjiz3/Yv3uEIDVWTJzoADYxEF9hwfuGoJ00KPfbxLQXJ4i+JdT1sktXREwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIxgUaUg5Jln7mjm31w0IhV7aN2EMB8GA1UdIwQY
MBaAFGtqNcww7DEWQgwP8ExZ5Hk+kZP7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTJvMXpERHNNUlpDREFfd1RGbmtlVDZSa19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC84OTIyNmQtMWZlZS00NTcxLTgxMDYt
NTFmYjgyZWZmM2Q2LzEvYTJvMXpERHNNUlpDREFfd1RGbmtlVDZSa19zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC84OTIyNmQtMWZlZS00NTcxLTgxMDYtNTFmYjgyZWZmM2Q2
LzEvYTJvMXpERHNNUlpDREFfd1RGbmtlVDZSa19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmHaNqNY2
WLWaHOl1iagS/LV5VwfVwcByjCjefyTRQULhYCzRj/5KqfwOHZXD2hzidS2kc05M
u+JAHBNC4TwbnWihydz7up5AqGWBgEq7LjEMVPdkZvQCqRu2EQYgfJ0TkOYErtat
C87U5I05y+3UzePbx8Ej7DoggYgrRqUaSqQ49Pbk6GWNMaDerf5+QNTmtiRGOnvj
mMIUACuAQy6ADG7JMiCm1gKblFUlCCpKzU+RSMjMGSrRUblFPhS36e1amS3DDtw4
HP/Vivtxz/EbOvofyp2OTwGayJ57yDiYA4i1gKmq9yvbDIyeVu0qCfiK7YH1aUEE
u2o6Jq8kWjFZkQ==
-----END CERTIFICATE-----