Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft
File:                     PRf0av89iyHwD-6PY16uNKf0pNc.mft (raw, json)
Hash identifier:          e7EX6MoJWdbfuRJZn5J3za4GyB/bfRGrHE9HJrO9SnY=
Subject key identifier:   DF:FF:42:BE:A9:10:F8:6A:0F:5F:16:74:7E:18:9F:C2:86:18:8A:9A
Authority key identifier: 3D:17:F4:6A:FF:3D:8B:21:F0:0F:EE:8F:63:5E:AE:34:A7:F4:A4:D7
Certificate issuer:       /CN=3d17f46aff3d8b21f00fee8f635eae34a7f4a4d7
Certificate serial:       0194C3878E470D793F6F544044392C4FF31C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PRf0av89iyHwD-6PY16uNKf0pNc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft
Manifest number:          091C
Signing time:             Sat 01 Feb 2025 22:00:28 +0000
Manifest this update:     Sat 01 Feb 2025 22:00:28 +0000
Manifest next update:     Sun 02 Feb 2025 22:00:28 +0000
Files and hashes:         1: PRf0av89iyHwD-6PY16uNKf0pNc.crl (hash: OFBhDBQCGsfnfyeSmbMWCd3Wy8nZ1BWY+QR9VMdhxGI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PRf0av89iyHwD-6PY16uNKf0pNc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:87:8e:47:0d:79:3f:6f:54:40:44:39:2c:4f:f3:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d17f46aff3d8b21f00fee8f635eae34a7f4a4d7
        Validity
            Not Before: Feb  1 22:00:28 2025 GMT
            Not After : Feb  2 22:00:28 2025 GMT
        Subject: CN=dfff42bea910f86a0f5f16747e189fc286188a9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:3e:d0:12:7d:a3:48:d1:39:3e:28:56:2c:5f:
                    7b:0d:de:bd:a8:93:ef:3e:16:dd:e4:bc:76:3d:cb:
                    d8:f6:c1:fd:4a:e3:80:84:88:fb:7b:c0:e6:00:73:
                    8a:fb:17:68:03:1f:2e:f7:22:26:e9:53:f4:49:4b:
                    7a:5b:57:a9:e4:09:77:5e:21:99:95:af:63:60:53:
                    0d:32:53:c9:3c:1e:7a:67:1b:6e:a4:ab:d0:b6:95:
                    51:f5:29:10:9a:b0:fa:02:46:a3:6e:56:bc:5f:c7:
                    71:e1:c3:73:3f:81:e9:40:41:7f:78:39:01:06:7e:
                    a9:bf:5e:bf:65:7e:4d:0c:6a:45:0e:d5:5c:fb:36:
                    d7:2c:27:72:3b:25:f7:bb:df:92:27:53:f9:6a:f7:
                    b6:87:cc:b8:26:d0:bf:34:d1:40:2c:aa:34:50:02:
                    78:af:f5:08:8d:7a:f9:fd:ca:f6:0b:17:ca:32:dd:
                    2c:72:05:f8:f1:14:9f:d3:5e:91:07:d1:74:64:a2:
                    2a:df:e6:c6:99:6e:35:31:07:b1:9b:93:a1:ee:c6:
                    b0:90:f1:b0:1f:ff:d1:53:d3:32:54:f8:f9:45:c6:
                    d9:aa:c8:87:54:2c:2d:ec:3a:e0:0f:d4:97:3d:08:
                    61:83:60:d9:ef:91:13:f1:33:61:6b:96:5b:35:67:
                    28:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:FF:42:BE:A9:10:F8:6A:0F:5F:16:74:7E:18:9F:C2:86:18:8A:9A
            X509v3 Authority Key Identifier:
                keyid:3D:17:F4:6A:FF:3D:8B:21:F0:0F:EE:8F:63:5E:AE:34:A7:F4:A4:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PRf0av89iyHwD-6PY16uNKf0pNc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b3:d7:05:6b:50:d0:79:d2:d6:9f:6a:c0:88:0e:60:be:47:8b:
         c6:fe:c6:8d:90:e7:cb:a2:45:fa:b2:b0:b9:1f:ae:94:2a:06:
         44:29:1a:6c:81:d7:17:36:a7:d0:cc:21:1f:ea:df:b6:a2:cc:
         98:ab:c7:2e:37:15:19:a7:ea:19:e6:c3:c3:7d:5d:47:bd:27:
         34:0a:c4:fa:df:2b:01:63:ec:c6:f7:20:fe:14:a0:3e:53:15:
         01:eb:67:81:f9:c3:aa:92:23:61:92:64:e6:c3:83:d3:41:22:
         7b:73:89:90:d4:ae:8c:52:73:57:e0:1b:2b:81:61:24:12:a7:
         69:87:c0:ed:fa:17:ba:ad:77:ad:68:75:23:f0:48:e7:b8:14:
         2f:89:8d:b2:12:f8:ad:46:3c:54:4f:4a:14:d6:e8:6e:e6:62:
         2c:33:92:d1:7d:c7:c2:cd:b6:0b:ce:fb:69:1f:1f:1e:e7:be:
         91:92:58:23:9e:5f:01:e4:4a:af:b6:5b:39:6d:0e:fd:1f:ca:
         bd:4f:63:3d:3d:a9:09:22:b1:7f:06:94:af:ce:68:22:69:a3:
         5e:8b:a9:90:f8:74:ee:a3:06:67:86:7b:aa:e2:6f:ab:45:fa:
         3c:7e:b8:cd:b7:87:6d:a0:3e:d9:02:74:80:e0:63:6b:94:01:
         47:eb:98:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh45HDXk/b1RARDksT/McMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMTdmNDZhZmYzZDhiMjFmMDBmZWU4ZjYzNWVhZTM0YTdm
NGE0ZDcwHhcNMjUwMjAxMjIwMDI4WhcNMjUwMjAyMjIwMDI4WjAzMTEwLwYDVQQD
EyhkZmZmNDJiZWE5MTBmODZhMGY1ZjE2NzQ3ZTE4OWZjMjg2MTg4YTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArz7QEn2jSNE5PihWLF97Dd69qJPv
Phbd5Lx2PcvY9sH9SuOAhIj7e8DmAHOK+xdoAx8u9yIm6VP0SUt6W1ep5Al3XiGZ
la9jYFMNMlPJPB56ZxtupKvQtpVR9SkQmrD6Akajbla8X8dx4cNzP4HpQEF/eDkB
Bn6pv16/ZX5NDGpFDtVc+zbXLCdyOyX3u9+SJ1P5ave2h8y4JtC/NNFALKo0UAJ4
r/UIjXr5/cr2CxfKMt0scgX48RSf016RB9F0ZKIq3+bGmW41MQexm5Oh7sawkPGw
H//RU9MyVPj5RcbZqsiHVCwt7DrgD9SXPQhhg2DZ75ET8TNha5ZbNWcobQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN//Qr6pEPhqD18WdH4Yn8KGGIqaMB8GA1UdIwQY
MBaAFD0X9Gr/PYsh8A/uj2NerjSn9KTXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFJmMGF2ODlpeUh3RC02UFkxNnVOS2YwcE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9iMjgxYzctY2Q5YS00Mzc1LWI4NGEt
ODUxZWQ1MjlmMjIyLzEvUFJmMGF2ODlpeUh3RC02UFkxNnVOS2YwcE5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9iMjgxYzctY2Q5YS00Mzc1LWI4NGEtODUxZWQ1MjlmMjIy
LzEvUFJmMGF2ODlpeUh3RC02UFkxNnVOS2YwcE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs9cFa1DQ
edLWn2rAiA5gvkeLxv7GjZDny6JF+rKwuR+ulCoGRCkabIHXFzan0MwhH+rftqLM
mKvHLjcVGafqGebDw31dR70nNArE+t8rAWPsxvcg/hSgPlMVAetngfnDqpIjYZJk
5sOD00Eie3OJkNSujFJzV+AbK4FhJBKnaYfA7foXuq13rWh1I/BI57gUL4mNshL4
rUY8VE9KFNbobuZiLDOS0X3Hws22C877aR8fHue+kZJYI55fAeRKr7ZbOW0O/R/K
vU9jPT2pCSKxfwaUr85oImmjXoupkPh07qMGZ4Z7quJvq0X6PH64zbeHbaA+2QJ0
gOBja5QBR+uYEQ==
-----END CERTIFICATE-----