Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft
File:                     oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft (raw, json)
Hash identifier:          0VJM8Hg9Yk/MggRYUiKc+aqZBZNBcbljRl32E1VEH9I=
Subject key identifier:   6F:C8:BD:53:D9:51:1A:12:39:31:2E:AC:4D:23:3A:13:97:2D:2C:21
Authority key identifier: A1:18:AA:FD:BB:CA:8D:4E:00:63:C3:11:95:FA:6C:19:4C:39:43:CB
Certificate issuer:       /CN=a118aafdbbca8d4e0063c31195fa6c194c3943cb
Certificate serial:       019512104019BA52A46F0656A6256EF5B00C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft
Manifest number:          0376
Signing time:             Mon 17 Feb 2025 04:00:09 +0000
Manifest this update:     Mon 17 Feb 2025 04:00:09 +0000
Manifest next update:     Tue 18 Feb 2025 04:00:09 +0000
Files and hashes:         1: oRiq_bvKjU4AY8MRlfpsGUw5Q8s.crl (hash: CyTAF0XVCkX2Ie7j9uHzpNuskwqchjneGd/phpao2Oo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:12:10:40:19:ba:52:a4:6f:06:56:a6:25:6e:f5:b0:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a118aafdbbca8d4e0063c31195fa6c194c3943cb
        Validity
            Not Before: Feb 17 04:00:09 2025 GMT
            Not After : Feb 18 04:00:09 2025 GMT
        Subject: CN=6fc8bd53d9511a1239312eac4d233a13972d2c21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:29:73:a5:72:19:0b:5e:90:01:db:7e:1d:86:
                    c8:a4:32:bd:17:61:06:9c:c1:a1:75:d2:60:f0:dd:
                    1b:c1:e5:3b:34:1f:9f:46:6c:66:5a:08:3d:8e:01:
                    b1:7a:f6:10:ac:a6:a1:44:d9:c9:b3:dd:64:7a:cf:
                    47:9e:e8:a4:55:4a:3e:11:ec:83:96:4a:3b:c0:b1:
                    3d:59:a2:8a:0a:f1:dc:3c:8c:d0:ea:16:c3:ea:64:
                    fd:d5:8c:ea:b8:8f:2a:a3:5f:d0:15:a6:9a:e2:ea:
                    c6:1a:cc:44:c6:a4:3d:36:44:5d:9a:5d:ce:42:9a:
                    74:1b:fb:96:ea:36:ab:cb:c2:da:87:bd:d1:52:b4:
                    2a:0b:6f:01:c4:6d:83:3a:13:1b:fd:31:25:4e:db:
                    ee:17:be:81:17:87:29:58:27:de:99:8a:e5:aa:c3:
                    46:57:9d:48:9f:37:5f:dc:7d:84:0c:26:7f:ee:98:
                    c9:fd:33:cc:11:0c:72:38:19:90:1c:6d:39:bc:2f:
                    aa:85:b2:8a:b4:76:db:23:b5:10:5c:11:b7:18:b8:
                    a9:f6:2b:de:00:00:64:d3:4c:59:da:99:1b:f3:4e:
                    67:87:6b:f9:e9:2f:20:fd:e0:33:62:84:d4:c5:6c:
                    aa:3a:fd:97:12:f0:0a:50:80:60:49:27:80:25:79:
                    22:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:C8:BD:53:D9:51:1A:12:39:31:2E:AC:4D:23:3A:13:97:2D:2C:21
            X509v3 Authority Key Identifier:
                keyid:A1:18:AA:FD:BB:CA:8D:4E:00:63:C3:11:95:FA:6C:19:4C:39:43:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:ab:c1:7e:d8:f8:a1:83:1e:e7:d1:87:cd:a3:dd:81:65:1c:
         73:e7:0d:11:db:d5:08:18:28:81:92:18:b6:17:47:c5:87:b7:
         23:39:8a:a8:f3:28:f0:fd:3c:b6:11:75:18:13:bc:29:43:20:
         c5:46:e1:48:cc:79:fc:34:2b:60:de:20:96:94:bd:21:40:a7:
         fc:45:f2:b1:c1:23:1c:43:ee:4e:6c:6b:fc:a7:05:47:9e:5c:
         52:b2:e5:ea:06:02:5c:8f:83:1d:57:12:f9:8a:13:7c:96:d4:
         53:81:47:03:75:88:8c:eb:90:4a:ae:e7:23:62:fd:43:e7:da:
         a5:54:b9:15:d6:eb:3e:16:50:3d:90:fc:02:61:33:ee:77:f0:
         96:a9:1c:89:5a:8e:20:78:c4:62:1a:95:ee:f2:44:72:43:a5:
         d9:32:5d:b8:d9:79:84:e0:62:3e:bf:78:11:c0:00:1c:68:b2:
         07:90:c8:1a:e7:07:5d:5f:d6:a1:d0:8e:e8:a5:85:ac:16:32:
         00:ff:9e:e5:65:d2:2a:a8:5a:28:06:ff:b2:cf:3e:b8:e7:30:
         4b:86:0f:be:52:7b:e5:9c:d5:b1:80:e0:1b:16:de:4f:0b:4f:
         f7:9f:16:1c:84:81:76:81:a9:65:5b:33:d6:69:27:15:43:81:
         a6:67:02:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSEEAZulKkbwZWpiVu9bAMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMThhYWZkYmJjYThkNGUwMDYzYzMxMTk1ZmE2YzE5NGMz
OTQzY2IwHhcNMjUwMjE3MDQwMDA5WhcNMjUwMjE4MDQwMDA5WjAzMTEwLwYDVQQD
Eyg2ZmM4YmQ1M2Q5NTExYTEyMzkzMTJlYWM0ZDIzM2ExMzk3MmQyYzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiClzpXIZC16QAdt+HYbIpDK9F2EG
nMGhddJg8N0bweU7NB+fRmxmWgg9jgGxevYQrKahRNnJs91kes9HnuikVUo+EeyD
lko7wLE9WaKKCvHcPIzQ6hbD6mT91YzquI8qo1/QFaaa4urGGsxExqQ9NkRdml3O
Qpp0G/uW6jary8Lah73RUrQqC28BxG2DOhMb/TElTtvuF76BF4cpWCfemYrlqsNG
V51Inzdf3H2EDCZ/7pjJ/TPMEQxyOBmQHG05vC+qhbKKtHbbI7UQXBG3GLip9ive
AABk00xZ2pkb805nh2v56S8g/eAzYoTUxWyqOv2XEvAKUIBgSSeAJXki8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG/IvVPZURoSOTEurE0jOhOXLSwhMB8GA1UdIwQY
MBaAFKEYqv27yo1OAGPDEZX6bBlMOUPLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1JpcV9idktqVTRBWThNUmxmcHNHVXc1UThzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC80NjVjNTEtNzhlNC00MTc4LTg1ODUt
NzJmMjFlNjQ2ZThlLzEvb1JpcV9idktqVTRBWThNUmxmcHNHVXc1UThzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC80NjVjNTEtNzhlNC00MTc4LTg1ODUtNzJmMjFlNjQ2ZThl
LzEvb1JpcV9idktqVTRBWThNUmxmcHNHVXc1UThzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqqvBftj4
oYMe59GHzaPdgWUcc+cNEdvVCBgogZIYthdHxYe3IzmKqPMo8P08thF1GBO8KUMg
xUbhSMx5/DQrYN4glpS9IUCn/EXyscEjHEPuTmxr/KcFR55cUrLl6gYCXI+DHVcS
+YoTfJbUU4FHA3WIjOuQSq7nI2L9Q+fapVS5FdbrPhZQPZD8AmEz7nfwlqkciVqO
IHjEYhqV7vJEckOl2TJduNl5hOBiPr94EcAAHGiyB5DIGucHXV/WodCO6KWFrBYy
AP+e5WXSKqhaKAb/ss8+uOcwS4YPvlJ75ZzVsYDgGxbeTwtP958WHISBdoGpZVsz
1mknFUOBpmcCWA==
-----END CERTIFICATE-----