Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/b1acab-9a8b-423e-b0bc-f45a2a634704/1/KPpFbRwjZ4YhlU_79JOjI94sRIQ.mft
File:                     KPpFbRwjZ4YhlU_79JOjI94sRIQ.mft (raw, json)
Hash identifier:          fAcmvVYi2eCCuueAsiQH9GAsmvwkYKbbfD+IQPqVM7Q=
Subject key identifier:   84:35:72:08:F9:74:AC:74:13:26:27:B1:23:61:85:F6:8C:D8:54:3B
Authority key identifier: 28:FA:45:6D:1C:23:67:86:21:95:4F:FB:F4:93:A3:23:DE:2C:44:84
Certificate issuer:       /CN=28fa456d1c23678621954ffbf493a323de2c4484
Certificate serial:       0194C38833203AB66C75B6C08DBB1373CC08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KPpFbRwjZ4YhlU_79JOjI94sRIQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/b1acab-9a8b-423e-b0bc-f45a2a634704/1/KPpFbRwjZ4YhlU_79JOjI94sRIQ.mft
Manifest number:          0969
Signing time:             Sat 01 Feb 2025 22:01:10 +0000
Manifest this update:     Sat 01 Feb 2025 22:01:10 +0000
Manifest next update:     Sun 02 Feb 2025 22:01:10 +0000
Files and hashes:         1: KPpFbRwjZ4YhlU_79JOjI94sRIQ.crl (hash: wJBrQfKdeP0KXxwh2sNfETluLfYGpuDj1cRmzsC6YmQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/b1acab-9a8b-423e-b0bc-f45a2a634704/1/KPpFbRwjZ4YhlU_79JOjI94sRIQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/b1acab-9a8b-423e-b0bc-f45a2a634704/1/KPpFbRwjZ4YhlU_79JOjI94sRIQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KPpFbRwjZ4YhlU_79JOjI94sRIQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:88:33:20:3a:b6:6c:75:b6:c0:8d:bb:13:73:cc:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28fa456d1c23678621954ffbf493a323de2c4484
        Validity
            Not Before: Feb  1 22:01:10 2025 GMT
            Not After : Feb  2 22:01:10 2025 GMT
        Subject: CN=84357208f974ac74132627b1236185f68cd8543b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:2b:4c:2c:bc:d4:1d:2d:ab:11:17:92:07:ac:
                    c8:59:03:b7:ee:9a:b5:f2:a4:a2:ed:8d:6a:22:64:
                    fc:f8:2f:fe:7b:d2:cd:21:8f:ad:1d:36:b2:9f:47:
                    68:8b:4a:2a:ed:c2:d1:1a:ad:58:36:36:95:f1:01:
                    c7:41:03:e3:c5:39:53:6c:f4:63:29:0e:31:c4:fb:
                    35:2f:11:97:9e:21:cc:95:35:5d:66:dc:bb:ba:1f:
                    e0:80:b8:84:77:43:86:5b:a0:2b:ab:39:48:d5:bf:
                    90:54:84:8e:fa:b2:d2:9d:ce:15:d6:5f:18:ba:4e:
                    c8:2c:46:b9:27:0c:2f:85:bb:c7:0d:43:1e:80:ec:
                    f5:9d:f3:ee:6f:ed:5a:f1:4b:a1:54:b0:5e:38:10:
                    99:98:b9:cb:90:30:2b:3d:4e:63:30:af:c9:d4:5b:
                    33:78:ac:2c:94:e7:16:26:25:7a:d0:c7:7b:55:2d:
                    8b:3c:70:07:3a:e4:9a:e0:20:3c:9e:bc:3d:84:f2:
                    f7:36:34:a0:d4:a5:77:06:2a:e1:37:b8:89:87:ce:
                    78:d2:5d:3a:8a:2d:e4:84:7c:dc:a0:19:2f:cd:ec:
                    63:5e:13:cf:26:b0:9c:19:de:5b:52:68:d8:07:6b:
                    fb:8d:27:a4:a3:52:a4:57:e5:a0:c2:66:1d:78:0d:
                    7a:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:35:72:08:F9:74:AC:74:13:26:27:B1:23:61:85:F6:8C:D8:54:3B
            X509v3 Authority Key Identifier:
                keyid:28:FA:45:6D:1C:23:67:86:21:95:4F:FB:F4:93:A3:23:DE:2C:44:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KPpFbRwjZ4YhlU_79JOjI94sRIQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b1acab-9a8b-423e-b0bc-f45a2a634704/1/KPpFbRwjZ4YhlU_79JOjI94sRIQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b1acab-9a8b-423e-b0bc-f45a2a634704/1/KPpFbRwjZ4YhlU_79JOjI94sRIQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:70:7c:66:d2:fb:eb:30:e0:c0:bd:83:a9:e2:a6:10:fb:de:
         a4:ec:27:86:2c:2d:5f:a3:6a:6c:fd:a2:73:e6:7d:5d:d8:38:
         37:55:45:91:06:88:d8:94:a6:4e:7b:9f:c8:11:bd:6a:af:83:
         29:68:e8:09:16:c4:fd:75:87:c4:f3:3a:ca:b7:4a:17:47:c0:
         14:b8:11:35:ba:05:3a:3f:e2:61:54:5e:ef:1a:ec:0b:b4:87:
         b7:67:e1:c7:97:d8:87:37:a0:f0:6b:63:d3:c9:02:26:29:09:
         bf:c0:91:5c:9e:bf:ea:d4:b9:8e:96:e1:bf:a0:af:9e:bf:eb:
         31:3a:60:1c:bd:ff:82:9c:4e:71:c6:ed:fc:ca:87:cb:1b:35:
         b3:26:d5:1c:2a:c6:e0:14:4c:eb:be:51:d2:bc:c9:21:db:9e:
         c4:ef:b8:07:3a:9c:b3:1b:27:fc:99:60:f2:52:19:de:82:99:
         34:b3:a0:90:19:5c:d0:83:3f:33:06:27:82:6b:db:42:0b:92:
         42:41:98:e3:9f:3a:45:05:db:e1:56:c1:3a:dd:8c:17:a5:4f:
         23:04:44:fb:83:66:d1:35:d9:46:30:7d:da:07:e6:00:b8:47:
         2a:e4:c7:07:30:c5:31:4c:71:af:c0:6d:7f:10:80:fe:37:78:
         c7:da:18:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDiDMgOrZsdbbAjbsTc8wIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ZmE0NTZkMWMyMzY3ODYyMTk1NGZmYmY0OTNhMzIzZGUy
YzQ0ODQwHhcNMjUwMjAxMjIwMTEwWhcNMjUwMjAyMjIwMTEwWjAzMTEwLwYDVQQD
Eyg4NDM1NzIwOGY5NzRhYzc0MTMyNjI3YjEyMzYxODVmNjhjZDg1NDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzStMLLzUHS2rEReSB6zIWQO37pq1
8qSi7Y1qImT8+C/+e9LNIY+tHTayn0doi0oq7cLRGq1YNjaV8QHHQQPjxTlTbPRj
KQ4xxPs1LxGXniHMlTVdZty7uh/ggLiEd0OGW6ArqzlI1b+QVISO+rLSnc4V1l8Y
uk7ILEa5JwwvhbvHDUMegOz1nfPub+1a8UuhVLBeOBCZmLnLkDArPU5jMK/J1Fsz
eKwslOcWJiV60Md7VS2LPHAHOuSa4CA8nrw9hPL3NjSg1KV3BirhN7iJh8540l06
ii3khHzcoBkvzexjXhPPJrCcGd5bUmjYB2v7jSeko1KkV+WgwmYdeA16mQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIQ1cgj5dKx0EyYnsSNhhfaM2FQ7MB8GA1UdIwQY
MBaAFCj6RW0cI2eGIZVP+/SToyPeLESEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1BwRmJSd2paNFlobFVfNzlKT2pJOTRzUklRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iMWFjYWItOWE4Yi00MjNlLWIwYmMt
ZjQ1YTJhNjM0NzA0LzEvS1BwRmJSd2paNFlobFVfNzlKT2pJOTRzUklRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iMWFjYWItOWE4Yi00MjNlLWIwYmMtZjQ1YTJhNjM0NzA0
LzEvS1BwRmJSd2paNFlobFVfNzlKT2pJOTRzUklRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACnB8ZtL7
6zDgwL2DqeKmEPvepOwnhiwtX6NqbP2ic+Z9Xdg4N1VFkQaI2JSmTnufyBG9aq+D
KWjoCRbE/XWHxPM6yrdKF0fAFLgRNboFOj/iYVRe7xrsC7SHt2fhx5fYhzeg8Gtj
08kCJikJv8CRXJ6/6tS5jpbhv6Cvnr/rMTpgHL3/gpxOccbt/MqHyxs1sybVHCrG
4BRM675R0rzJIduexO+4Bzqcsxsn/Jlg8lIZ3oKZNLOgkBlc0IM/MwYngmvbQguS
QkGY4586RQXb4VbBOt2MF6VPIwRE+4Nm0TXZRjB92gfmALhHKuTHBzDFMUxxr8Bt
fxCA/jd4x9oYqQ==
-----END CERTIFICATE-----