Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft
File:                     r89alhpnpvrt_v2PKluD8mg3WYQ.mft (raw, json)
Hash identifier:          aFdBcx4nJFe/HlQOe+qVlGaXRbXIKg1oIksku4GS3sI=
Subject key identifier:   C0:83:11:CD:E9:7E:1F:DD:E8:C4:03:B7:94:00:50:FF:E1:0B:4C:B7
Authority key identifier: AF:CF:5A:96:1A:67:A6:FA:ED:FE:FD:8F:2A:5B:83:F2:68:37:59:84
Certificate issuer:       /CN=afcf5a961a67a6faedfefd8f2a5b83f268375984
Certificate serial:       019579EC0A4B994B3CB6FBA7B612FD859BF9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft
Manifest number:          FE
Signing time:             Sun 09 Mar 2025 08:01:07 +0000
Manifest this update:     Sun 09 Mar 2025 08:01:07 +0000
Manifest next update:     Mon 10 Mar 2025 08:01:07 +0000
Files and hashes:         1: r89alhpnpvrt_v2PKluD8mg3WYQ.crl (hash: SL8FZ4IfVX2Zf0/mWx1i9rCmrFAjtwoP/31By6RUv6A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 10 Mar 2025 06:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:79:ec:0a:4b:99:4b:3c:b6:fb:a7:b6:12:fd:85:9b:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=afcf5a961a67a6faedfefd8f2a5b83f268375984
        Validity
            Not Before: Mar  9 08:01:07 2025 GMT
            Not After : Mar 10 08:01:07 2025 GMT
        Subject: CN=c08311cde97e1fdde8c403b7940050ffe10b4cb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:50:00:5b:f4:f6:42:ba:bc:e7:c9:57:dc:3a:
                    9b:e4:ba:f5:6f:26:1d:d1:4e:0b:a0:9d:19:ae:bb:
                    55:0d:e9:af:bc:12:1a:8d:8b:4f:5d:44:51:7a:f9:
                    52:e3:c1:56:54:56:57:f5:ad:9f:34:58:21:db:95:
                    86:f0:02:71:1d:91:81:aa:f8:f0:49:37:e6:3c:54:
                    e0:da:85:b9:c0:2e:c9:c2:c2:49:22:ff:5e:3c:9d:
                    83:16:8d:f4:d1:de:c3:a9:df:a9:fb:15:c7:f3:18:
                    e3:45:f4:f1:58:cb:7d:29:05:3e:b6:99:b7:eb:9f:
                    a2:6e:a2:dc:e8:ba:1f:ad:00:f5:d5:a3:b2:f1:b8:
                    4c:c2:95:16:a2:10:c0:01:a2:d3:34:d5:75:f7:9f:
                    a5:9d:c8:61:34:40:2d:4c:34:d7:97:2d:d1:de:22:
                    17:a7:e3:a6:51:ce:d4:22:ff:ac:e0:ad:35:c1:9e:
                    3e:7e:40:d6:8a:18:2f:4a:31:b3:c7:56:72:ea:26:
                    31:8b:84:87:57:e4:30:49:dd:96:bd:47:2f:5b:71:
                    ad:8b:86:a6:92:10:cf:15:9a:86:11:d3:08:7c:02:
                    b1:c6:b2:bd:8b:73:93:4f:45:4d:a6:65:1d:51:08:
                    fa:b1:96:c1:d7:4d:be:97:a4:95:ff:b0:61:a8:ee:
                    25:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:83:11:CD:E9:7E:1F:DD:E8:C4:03:B7:94:00:50:FF:E1:0B:4C:B7
            X509v3 Authority Key Identifier:
                keyid:AF:CF:5A:96:1A:67:A6:FA:ED:FE:FD:8F:2A:5B:83:F2:68:37:59:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:78:2c:84:02:c9:fe:65:0f:9d:00:f4:e7:1f:b6:c0:ec:4a:
         8e:51:f5:3c:93:10:fe:32:f8:4f:07:1d:e8:6c:44:f1:1f:44:
         83:4e:c5:18:5e:77:9d:59:62:31:42:da:a5:71:a5:b9:cf:76:
         90:71:94:c2:b4:35:7f:ae:6f:dc:be:49:df:6e:b9:c4:31:b2:
         d9:06:c2:d6:75:32:f8:5d:10:9c:6c:b4:79:85:7f:12:19:78:
         36:81:74:66:fd:6c:6b:23:e2:80:52:bf:46:73:64:c5:fe:08:
         1b:c9:ea:c8:3f:e0:d5:73:bc:5b:31:bd:c8:aa:d1:08:8a:f6:
         dc:83:2e:8f:62:77:63:f8:0c:47:f2:6d:36:03:7d:6c:67:34:
         b9:d4:65:25:2d:b3:0c:00:ae:3f:89:f3:e0:70:b7:49:12:73:
         10:63:62:2e:e7:16:b2:00:33:58:1c:15:0c:6b:03:03:0e:b4:
         54:70:08:43:66:30:ff:24:f1:6b:b8:27:e6:58:9d:07:a1:da:
         3b:03:76:e2:58:89:b3:b9:80:11:88:56:9c:c7:03:61:a4:d4:
         dd:b0:ff:77:34:bf:e4:5e:e2:a4:99:04:7f:46:2e:9b:d7:e3:
         ef:6e:46:96:8d:f1:8b:a3:78:30:6a:15:0f:12:30:c2:35:d6:
         be:9e:4a:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZV57ApLmUs8tvunthL9hZv5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmY2Y1YTk2MWE2N2E2ZmFlZGZlZmQ4ZjJhNWI4M2YyNjgz
NzU5ODQwHhcNMjUwMzA5MDgwMTA3WhcNMjUwMzEwMDgwMTA3WjAzMTEwLwYDVQQD
EyhjMDgzMTFjZGU5N2UxZmRkZThjNDAzYjc5NDAwNTBmZmUxMGI0Y2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFAAW/T2Qrq858lX3Dqb5Lr1byYd
0U4LoJ0ZrrtVDemvvBIajYtPXURRevlS48FWVFZX9a2fNFgh25WG8AJxHZGBqvjw
STfmPFTg2oW5wC7JwsJJIv9ePJ2DFo300d7Dqd+p+xXH8xjjRfTxWMt9KQU+tpm3
65+ibqLc6LofrQD11aOy8bhMwpUWohDAAaLTNNV195+lnchhNEAtTDTXly3R3iIX
p+OmUc7UIv+s4K01wZ4+fkDWihgvSjGzx1Zy6iYxi4SHV+QwSd2WvUcvW3Gti4am
khDPFZqGEdMIfAKxxrK9i3OTT0VNpmUdUQj6sZbB102+l6SV/7BhqO4l4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMCDEc3pfh/d6MQDt5QAUP/hC0y3MB8GA1UdIwQY
MBaAFK/PWpYaZ6b67f79jypbg/JoN1mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iMTE1ODQtMTllOS00NTNmLTg0Yzct
NTZjMmE0NGQxODc4LzEvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iMTE1ODQtMTllOS00NTNmLTg0YzctNTZjMmE0NGQxODc4
LzEvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV3gshALJ
/mUPnQD05x+2wOxKjlH1PJMQ/jL4Twcd6GxE8R9Eg07FGF53nVliMULapXGluc92
kHGUwrQ1f65v3L5J3265xDGy2QbC1nUy+F0QnGy0eYV/Ehl4NoF0Zv1sayPigFK/
RnNkxf4IG8nqyD/g1XO8WzG9yKrRCIr23IMuj2J3Y/gMR/JtNgN9bGc0udRlJS2z
DACuP4nz4HC3SRJzEGNiLucWsgAzWBwVDGsDAw60VHAIQ2Yw/yTxa7gn5lidB6Ha
OwN24liJs7mAEYhWnMcDYaTU3bD/dzS/5F7ipJkEf0Yum9fj725Glo3xi6N4MGoV
DxIwwjXWvp5K9A==
-----END CERTIFICATE-----