Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft
File:                     veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft (raw, json)
Hash identifier:          R0xRlKPAWyq+Jcs7JHmJAQEiN1WiIVFCp/3D2FsVXbY=
Subject key identifier:   A3:14:0A:26:54:78:D7:87:D1:B7:78:01:2F:FE:23:F3:A4:66:AA:50
Authority key identifier: BD:E3:A4:FB:26:81:DB:28:B5:C3:F5:F1:D4:6A:2D:35:99:60:FA:A4
Certificate issuer:       /CN=bde3a4fb2681db28b5c3f5f1d46a2d359960faa4
Certificate serial:       019511354E6F1A84BD10B2D6529E8574A3FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/veOk-yaB2yi1w_Xx1GotNZlg-qQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft
Manifest number:          10A7
Signing time:             Mon 17 Feb 2025 00:01:00 +0000
Manifest this update:     Mon 17 Feb 2025 00:01:00 +0000
Manifest next update:     Tue 18 Feb 2025 00:01:00 +0000
Files and hashes:         1: veOk-yaB2yi1w_Xx1GotNZlg-qQ.crl (hash: kFS3b7tzSz7URrYUAb5FdjIaa6nWvtk1x/NGhG+SC34=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/veOk-yaB2yi1w_Xx1GotNZlg-qQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:35:4e:6f:1a:84:bd:10:b2:d6:52:9e:85:74:a3:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bde3a4fb2681db28b5c3f5f1d46a2d359960faa4
        Validity
            Not Before: Feb 17 00:01:00 2025 GMT
            Not After : Feb 18 00:01:00 2025 GMT
        Subject: CN=a3140a265478d787d1b778012ffe23f3a466aa50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:91:e1:10:dc:46:73:50:fe:96:05:46:66:4f:
                    98:4f:7f:60:8e:5c:be:fd:71:9e:94:9f:fd:49:ef:
                    ac:f9:94:6a:91:cf:1f:4b:b6:73:b3:ad:10:d8:61:
                    f4:89:e8:24:12:40:dd:74:26:e0:33:39:68:39:4a:
                    2e:c0:04:4d:51:dd:3a:0f:aa:5e:32:bc:0d:bb:2c:
                    49:e1:0a:f8:16:ed:aa:f5:2a:be:d2:58:06:88:a8:
                    09:72:72:2f:c2:fe:c8:21:3c:66:23:33:e4:86:72:
                    ae:a5:0e:1f:f2:95:81:2f:8b:3d:ca:2c:5f:a9:ca:
                    c7:0a:dc:1d:26:e2:b5:d5:30:5b:7e:da:ec:bf:d2:
                    6f:9c:65:20:ba:2a:1a:8a:75:4b:17:72:0a:61:5f:
                    47:e3:41:a4:9f:ed:58:85:1b:6d:10:e1:23:2f:54:
                    18:68:5e:79:1c:73:d3:31:cd:a3:fb:0c:af:b3:d7:
                    24:4d:87:98:27:6b:d8:5b:52:ee:62:ed:2d:1c:34:
                    13:76:95:ce:9c:05:39:37:66:cf:a3:4f:8d:28:fd:
                    dc:24:c2:bd:99:d9:1c:3c:10:cd:86:ee:55:b9:97:
                    10:29:19:f0:f1:64:43:ac:d1:46:37:12:54:ef:e3:
                    c0:e6:ce:5c:e7:5e:ef:37:d0:5e:2d:7b:c2:7b:1f:
                    59:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:14:0A:26:54:78:D7:87:D1:B7:78:01:2F:FE:23:F3:A4:66:AA:50
            X509v3 Authority Key Identifier:
                keyid:BD:E3:A4:FB:26:81:DB:28:B5:C3:F5:F1:D4:6A:2D:35:99:60:FA:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/veOk-yaB2yi1w_Xx1GotNZlg-qQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:88:a1:ff:6c:de:62:38:f0:5c:e8:99:45:00:84:93:ea:8d:
         ac:a4:40:c5:5b:da:e7:a4:23:5a:94:85:28:ec:af:ad:a9:4a:
         2d:44:19:04:5f:ac:fb:8f:83:eb:17:54:bc:97:e4:39:d1:83:
         9a:98:52:3f:4a:dc:11:90:93:64:66:e2:a6:01:9d:3e:cf:52:
         02:62:d3:c1:58:5f:df:63:b8:77:b3:2f:d0:55:2b:96:df:cd:
         77:98:b1:d5:7a:1b:4a:18:c7:2a:f7:be:df:cd:01:ef:7b:f1:
         e2:9b:53:36:86:ad:f3:68:32:a1:a9:2d:f2:1f:3d:f3:23:bb:
         6e:87:e6:31:70:24:4c:9c:6b:82:f9:74:8b:2e:71:b4:39:31:
         27:a8:d1:59:8f:91:f8:fa:5b:b2:aa:76:2d:1b:17:31:aa:2a:
         42:6d:7e:8a:d0:69:c3:ea:c3:2d:52:ee:9e:76:b5:db:c6:25:
         37:e1:11:0b:45:09:6b:82:0c:6d:2a:64:7a:09:52:04:a1:5a:
         86:fb:b5:f8:68:96:9c:dd:fc:0e:8e:11:db:06:01:93:52:52:
         6f:19:24:5f:5a:d7:10:2f:d4:2c:0a:07:f0:92:03:57:d6:c8:
         b0:76:31:22:f2:48:0b:d8:85:e1:64:d2:4c:86:a3:fc:1b:da:
         ed:17:29:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURNU5vGoS9ELLWUp6FdKP7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZTNhNGZiMjY4MWRiMjhiNWMzZjVmMWQ0NmEyZDM1OTk2
MGZhYTQwHhcNMjUwMjE3MDAwMTAwWhcNMjUwMjE4MDAwMTAwWjAzMTEwLwYDVQQD
EyhhMzE0MGEyNjU0NzhkNzg3ZDFiNzc4MDEyZmZlMjNmM2E0NjZhYTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspHhENxGc1D+lgVGZk+YT39gjly+
/XGelJ/9Se+s+ZRqkc8fS7Zzs60Q2GH0iegkEkDddCbgMzloOUouwARNUd06D6pe
MrwNuyxJ4Qr4Fu2q9Sq+0lgGiKgJcnIvwv7IITxmIzPkhnKupQ4f8pWBL4s9yixf
qcrHCtwdJuK11TBbftrsv9JvnGUguioainVLF3IKYV9H40Gkn+1YhRttEOEjL1QY
aF55HHPTMc2j+wyvs9ckTYeYJ2vYW1LuYu0tHDQTdpXOnAU5N2bPo0+NKP3cJMK9
mdkcPBDNhu5VuZcQKRnw8WRDrNFGNxJU7+PA5s5c517vN9BeLXvCex9ZtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKMUCiZUeNeH0bd4AS/+I/OkZqpQMB8GA1UdIwQY
MBaAFL3jpPsmgdsotcP18dRqLTWZYPqkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmVPay15YUIyeWkxd19YeDFHb3ROWmxnLXFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi8yMWRlNjctNDk3NS00N2E4LTg0NmMt
ODA4ZmVhYWY5ODdkLzEvdmVPay15YUIyeWkxd19YeDFHb3ROWmxnLXFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi8yMWRlNjctNDk3NS00N2E4LTg0NmMtODA4ZmVhYWY5ODdk
LzEvdmVPay15YUIyeWkxd19YeDFHb3ROWmxnLXFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsoih/2ze
YjjwXOiZRQCEk+qNrKRAxVva56QjWpSFKOyvralKLUQZBF+s+4+D6xdUvJfkOdGD
mphSP0rcEZCTZGbipgGdPs9SAmLTwVhf32O4d7Mv0FUrlt/Nd5ix1XobShjHKve+
380B73vx4ptTNoat82gyoakt8h898yO7bofmMXAkTJxrgvl0iy5xtDkxJ6jRWY+R
+Ppbsqp2LRsXMaoqQm1+itBpw+rDLVLunna128YlN+ERC0UJa4IMbSpkeglSBKFa
hvu1+GiWnN38Do4R2wYBk1JSbxkkX1rXEC/ULAoH8JIDV9bIsHYxIvJIC9iF4WTS
TIaj/Bva7Rcp5A==
-----END CERTIFICATE-----