Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/807e35-88f7-435b-84a8-d14bd3d77822/1/rK67C7Ozijz0QMgf97PhaTMqpm0.mft
File:                     rK67C7Ozijz0QMgf97PhaTMqpm0.mft (raw, json)
Hash identifier:          OFxwjpnHYXDf9ee29JQoANqObkcVNfCCCFhxlujOpZM=
Subject key identifier:   B2:29:5F:B8:0A:D1:09:36:2F:C1:AB:F0:4F:66:CB:46:64:EF:75:7D
Authority key identifier: AC:AE:BB:0B:B3:B3:8A:3C:F4:40:C8:1F:F7:B3:E1:69:33:2A:A6:6D
Certificate issuer:       /CN=acaebb0bb3b38a3cf440c81ff7b3e169332aa66d
Certificate serial:       0194C38814608188F3CFB694A2EDA120A526
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rK67C7Ozijz0QMgf97PhaTMqpm0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/807e35-88f7-435b-84a8-d14bd3d77822/1/rK67C7Ozijz0QMgf97PhaTMqpm0.mft
Manifest number:          1035
Signing time:             Sat 01 Feb 2025 22:01:02 +0000
Manifest this update:     Sat 01 Feb 2025 22:01:02 +0000
Manifest next update:     Sun 02 Feb 2025 22:01:02 +0000
Files and hashes:         1: rK67C7Ozijz0QMgf97PhaTMqpm0.crl (hash: IWhbcVXfTZNwFveyWRz1ybf7+cxwLcquWLDbUTqgmpQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/807e35-88f7-435b-84a8-d14bd3d77822/1/rK67C7Ozijz0QMgf97PhaTMqpm0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/807e35-88f7-435b-84a8-d14bd3d77822/1/rK67C7Ozijz0QMgf97PhaTMqpm0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rK67C7Ozijz0QMgf97PhaTMqpm0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:88:14:60:81:88:f3:cf:b6:94:a2:ed:a1:20:a5:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=acaebb0bb3b38a3cf440c81ff7b3e169332aa66d
        Validity
            Not Before: Feb  1 22:01:02 2025 GMT
            Not After : Feb  2 22:01:02 2025 GMT
        Subject: CN=b2295fb80ad109362fc1abf04f66cb4664ef757d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:16:76:b5:42:64:43:bc:84:43:ac:df:b7:87:
                    90:3b:b5:1f:cd:ff:0c:0f:d7:7f:38:01:3e:14:06:
                    7f:a3:34:d4:bb:40:96:f9:b2:65:6e:e3:29:aa:4d:
                    e3:e2:0f:90:51:7f:86:88:ff:96:bf:16:f8:16:d3:
                    98:ec:9d:63:59:1f:61:c5:27:aa:49:48:67:b8:f1:
                    e0:4d:94:2d:f9:34:ca:58:ef:0c:f7:ed:a7:18:c4:
                    c9:9f:72:ff:3f:eb:6f:30:9c:92:33:10:42:52:d7:
                    54:07:c6:b6:a8:4b:7d:0b:28:ba:af:ef:f6:fb:49:
                    fc:4d:f4:6e:27:dc:bf:f1:c4:6c:54:60:4d:4e:8f:
                    39:d1:ef:41:33:e1:bf:1c:55:2d:a9:a2:06:a6:31:
                    7d:25:34:ba:4b:e7:5a:c0:bf:f7:09:ed:2a:3e:91:
                    09:80:cc:ff:83:af:b1:5b:9b:11:77:66:1c:10:a2:
                    40:63:b3:e1:06:9d:29:fa:29:f9:79:1c:bf:87:56:
                    21:e1:a0:0f:f5:5c:48:ec:c1:8f:47:a4:2f:97:63:
                    2c:eb:ab:24:d9:7c:69:b1:be:c0:cc:cb:5b:a3:e7:
                    57:45:0f:01:05:db:66:01:c8:bb:de:c5:b4:87:59:
                    d0:68:27:57:cc:08:94:4e:72:8e:c3:dd:77:7a:eb:
                    c2:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:29:5F:B8:0A:D1:09:36:2F:C1:AB:F0:4F:66:CB:46:64:EF:75:7D
            X509v3 Authority Key Identifier:
                keyid:AC:AE:BB:0B:B3:B3:8A:3C:F4:40:C8:1F:F7:B3:E1:69:33:2A:A6:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rK67C7Ozijz0QMgf97PhaTMqpm0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/807e35-88f7-435b-84a8-d14bd3d77822/1/rK67C7Ozijz0QMgf97PhaTMqpm0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/807e35-88f7-435b-84a8-d14bd3d77822/1/rK67C7Ozijz0QMgf97PhaTMqpm0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:71:cd:d8:35:43:c1:fd:cf:8d:61:96:89:3a:62:40:1d:af:
         08:d7:ad:1d:9d:b1:0c:e4:86:32:f8:ba:b1:02:41:c2:93:fa:
         b6:cf:58:a2:5b:ca:5f:ef:d1:cc:46:f0:ea:c7:eb:30:26:ce:
         e1:7a:2b:08:7c:b3:ba:24:cc:22:01:c5:97:6b:bd:fb:37:b9:
         be:b3:7e:98:44:0e:26:46:45:35:64:6d:68:b5:de:14:64:78:
         c7:1b:c9:62:6b:c7:65:df:df:c5:03:87:1b:55:6d:4c:22:42:
         e4:74:9a:1e:40:a5:01:c5:1e:e3:58:10:2c:19:cf:86:c5:37:
         47:b2:dd:bb:cd:72:93:a0:0c:18:0d:fd:37:7a:fb:5e:0c:66:
         12:de:4e:65:32:54:b6:89:67:c6:bc:f6:7b:ef:8f:9f:49:79:
         38:e1:f2:2f:34:b2:49:6d:fd:3a:18:a8:7c:97:88:36:6d:44:
         5e:e7:e5:23:ba:ec:97:17:17:ce:b9:1e:e8:36:53:2d:a6:87:
         2c:91:05:af:a5:fe:70:52:93:1a:de:8f:39:04:be:de:00:f5:
         7b:b3:d0:e9:b5:84:c7:bb:57:7b:07:5d:d4:1b:0b:a0:31:fe:
         cc:73:af:c3:57:71:5d:f3:c8:fd:a5:36:12:ef:13:80:ca:49:
         1d:d8:7b:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDiBRggYjzz7aUou2hIKUmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYWViYjBiYjNiMzhhM2NmNDQwYzgxZmY3YjNlMTY5MzMy
YWE2NmQwHhcNMjUwMjAxMjIwMTAyWhcNMjUwMjAyMjIwMTAyWjAzMTEwLwYDVQQD
EyhiMjI5NWZiODBhZDEwOTM2MmZjMWFiZjA0ZjY2Y2I0NjY0ZWY3NTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRZ2tUJkQ7yEQ6zft4eQO7Ufzf8M
D9d/OAE+FAZ/ozTUu0CW+bJlbuMpqk3j4g+QUX+GiP+Wvxb4FtOY7J1jWR9hxSeq
SUhnuPHgTZQt+TTKWO8M9+2nGMTJn3L/P+tvMJySMxBCUtdUB8a2qEt9Cyi6r+/2
+0n8TfRuJ9y/8cRsVGBNTo850e9BM+G/HFUtqaIGpjF9JTS6S+dawL/3Ce0qPpEJ
gMz/g6+xW5sRd2YcEKJAY7PhBp0p+in5eRy/h1Yh4aAP9VxI7MGPR6Qvl2Ms66sk
2Xxpsb7AzMtbo+dXRQ8BBdtmAci73sW0h1nQaCdXzAiUTnKOw913euvChQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLIpX7gK0Qk2L8Gr8E9my0Zk73V9MB8GA1UdIwQY
MBaAFKyuuwuzs4o89EDIH/ez4WkzKqZtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcks2N0M3T3ppanowUU1nZjk3UGhhVE1xcG0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS84MDdlMzUtODhmNy00MzViLTg0YTgt
ZDE0YmQzZDc3ODIyLzEvcks2N0M3T3ppanowUU1nZjk3UGhhVE1xcG0wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS84MDdlMzUtODhmNy00MzViLTg0YTgtZDE0YmQzZDc3ODIy
LzEvcks2N0M3T3ppanowUU1nZjk3UGhhVE1xcG0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZXHN2DVD
wf3PjWGWiTpiQB2vCNetHZ2xDOSGMvi6sQJBwpP6ts9YolvKX+/RzEbw6sfrMCbO
4XorCHyzuiTMIgHFl2u9+ze5vrN+mEQOJkZFNWRtaLXeFGR4xxvJYmvHZd/fxQOH
G1VtTCJC5HSaHkClAcUe41gQLBnPhsU3R7Ldu81yk6AMGA39N3r7XgxmEt5OZTJU
tolnxrz2e++Pn0l5OOHyLzSySW39OhiofJeINm1EXuflI7rslxcXzrke6DZTLaaH
LJEFr6X+cFKTGt6POQS+3gD1e7PQ6bWEx7tXewdd1BsLoDH+zHOvw1dxXfPI/aU2
Eu8TgMpJHdh7rA==
-----END CERTIFICATE-----