Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/01e232-4551-4ce8-8cd8-7d8b1c91ec7b/1/2JkZ-1GnBREdaZbuww_8RC3pei8.mft
File:                     2JkZ-1GnBREdaZbuww_8RC3pei8.mft (raw, json)
Hash identifier:          /j3YYhRjMfxNlPubxgZ4c5sosfCixGXo7WlM+66n2+0=
Subject key identifier:   20:CC:D5:6E:2D:E5:96:F7:F1:47:F6:D6:CB:4E:44:CD:56:D0:19:A3
Authority key identifier: D8:99:19:FB:51:A7:05:11:1D:69:96:EE:C3:0F:FC:44:2D:E9:7A:2F
Certificate issuer:       /CN=d89919fb51a705111d6996eec30ffc442de97a2f
Certificate serial:       0194BB29973FD3AE3FBAC1F172F5970B2415
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2JkZ-1GnBREdaZbuww_8RC3pei8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/01e232-4551-4ce8-8cd8-7d8b1c91ec7b/1/2JkZ-1GnBREdaZbuww_8RC3pei8.mft
Manifest number:          1426
Signing time:             Fri 31 Jan 2025 07:00:52 +0000
Manifest this update:     Fri 31 Jan 2025 07:00:52 +0000
Manifest next update:     Sat 01 Feb 2025 07:00:52 +0000
Files and hashes:         1: 2JkZ-1GnBREdaZbuww_8RC3pei8.crl (hash: 08lLp2GuL9sg9cvt5M+SCdrDWpkZSNYXp9qiLHjad8Q=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/01e232-4551-4ce8-8cd8-7d8b1c91ec7b/1/2JkZ-1GnBREdaZbuww_8RC3pei8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/01e232-4551-4ce8-8cd8-7d8b1c91ec7b/1/2JkZ-1GnBREdaZbuww_8RC3pei8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2JkZ-1GnBREdaZbuww_8RC3pei8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 07:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:bb:29:97:3f:d3:ae:3f:ba:c1:f1:72:f5:97:0b:24:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d89919fb51a705111d6996eec30ffc442de97a2f
        Validity
            Not Before: Jan 31 07:00:52 2025 GMT
            Not After : Feb  1 07:00:52 2025 GMT
        Subject: CN=20ccd56e2de596f7f147f6d6cb4e44cd56d019a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:b4:67:af:f1:f2:ca:fe:0a:a0:4b:fa:d4:c0:
                    4d:4b:79:52:ff:c6:6c:ef:57:f6:d4:cd:05:4e:ee:
                    b6:ac:d9:f2:44:4f:90:31:93:4b:83:f5:73:c0:ed:
                    f9:7a:46:54:60:8e:f3:63:ff:5b:05:0f:e1:50:5c:
                    54:5f:4c:df:35:af:ce:f3:0e:5c:77:b7:99:da:f3:
                    92:29:48:81:e7:d9:db:ea:10:d5:ec:c5:69:86:8f:
                    b1:a9:ae:b9:a1:bd:c8:80:5a:68:17:eb:d9:56:4d:
                    cf:dd:53:56:e5:0a:c7:85:fd:c6:13:a5:1d:af:66:
                    0a:6c:6a:36:0a:9b:66:90:da:2f:b3:fa:9e:90:28:
                    6f:05:11:a5:c9:94:51:5f:b1:55:f3:66:99:b0:87:
                    a2:f3:61:b4:cf:67:7e:6b:4e:4f:5a:c1:3d:6f:90:
                    93:0b:21:0d:a0:87:f7:79:2a:b9:1f:a1:2c:06:94:
                    f3:56:4b:e0:82:3a:35:6a:10:0b:bd:73:fe:a5:8c:
                    cd:f0:f0:bc:4f:a7:4f:c7:3c:ce:85:97:34:30:1e:
                    dc:a1:f1:60:b6:4e:78:e0:09:3c:09:ff:16:17:6b:
                    63:84:ef:53:46:79:d8:58:0b:ef:1d:fb:20:73:d8:
                    a0:66:e6:aa:ea:28:44:46:83:d7:47:b4:99:00:db:
                    ee:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:CC:D5:6E:2D:E5:96:F7:F1:47:F6:D6:CB:4E:44:CD:56:D0:19:A3
            X509v3 Authority Key Identifier:
                keyid:D8:99:19:FB:51:A7:05:11:1D:69:96:EE:C3:0F:FC:44:2D:E9:7A:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2JkZ-1GnBREdaZbuww_8RC3pei8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/01e232-4551-4ce8-8cd8-7d8b1c91ec7b/1/2JkZ-1GnBREdaZbuww_8RC3pei8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/01e232-4551-4ce8-8cd8-7d8b1c91ec7b/1/2JkZ-1GnBREdaZbuww_8RC3pei8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:38:3c:24:0d:09:f5:74:f5:03:0a:68:a4:60:a3:c7:8d:90:
         40:e9:37:4f:32:23:3f:31:60:39:72:4d:d8:57:26:45:2f:06:
         38:b7:24:99:8c:fa:26:bb:f3:5a:66:6b:65:74:05:a9:34:bf:
         f1:aa:91:f2:c2:95:ae:aa:97:82:e0:39:13:d3:22:45:89:a1:
         dc:99:7d:87:5f:df:02:b0:aa:da:09:d2:da:39:7e:44:cd:12:
         e0:25:65:89:1f:03:73:35:48:a2:ff:5c:13:45:07:c1:7c:97:
         77:e9:51:77:1e:bc:d2:3f:c4:56:c6:3f:2f:64:05:fb:e0:75:
         9b:e3:c8:bc:e6:bf:45:4e:60:37:26:e0:09:db:ce:f7:5f:0f:
         da:17:59:4c:1f:5b:2a:f6:1f:d2:a7:1c:b0:32:3d:39:47:e1:
         36:ae:60:5d:e5:ea:49:e9:65:7f:e9:9a:fa:cb:5e:d0:0c:7c:
         a3:9e:82:e0:af:cd:df:41:b4:36:0f:eb:90:1f:c7:c4:07:0a:
         f1:d7:f0:3c:6c:5f:a5:75:c7:92:8b:3e:88:42:d4:1d:c2:71:
         d1:a9:ac:bf:e6:28:33:ef:5a:ff:35:e6:11:9a:c1:1b:b8:99:
         70:ad:5f:3a:5f:72:45:bc:2e:4f:08:84:70:61:a8:f8:d9:d3:
         e8:fb:0f:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS7KZc/064/usHxcvWXCyQVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4OTkxOWZiNTFhNzA1MTExZDY5OTZlZWMzMGZmYzQ0MmRl
OTdhMmYwHhcNMjUwMTMxMDcwMDUyWhcNMjUwMjAxMDcwMDUyWjAzMTEwLwYDVQQD
EygyMGNjZDU2ZTJkZTU5NmY3ZjE0N2Y2ZDZjYjRlNDRjZDU2ZDAxOWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrRnr/Hyyv4KoEv61MBNS3lS/8Zs
71f21M0FTu62rNnyRE+QMZNLg/VzwO35ekZUYI7zY/9bBQ/hUFxUX0zfNa/O8w5c
d7eZ2vOSKUiB59nb6hDV7MVpho+xqa65ob3IgFpoF+vZVk3P3VNW5QrHhf3GE6Ud
r2YKbGo2CptmkNovs/qekChvBRGlyZRRX7FV82aZsIei82G0z2d+a05PWsE9b5CT
CyENoIf3eSq5H6EsBpTzVkvggjo1ahALvXP+pYzN8PC8T6dPxzzOhZc0MB7cofFg
tk544Ak8Cf8WF2tjhO9TRnnYWAvvHfsgc9igZuaq6ihERoPXR7SZANvuHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCDM1W4t5Zb38Uf21stORM1W0BmjMB8GA1UdIwQY
MBaAFNiZGftRpwURHWmW7sMP/EQt6XovMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkprWi0xR25CUkVkYVpidXd3XzhSQzNwZWk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8wMWUyMzItNDU1MS00Y2U4LThjZDgt
N2Q4YjFjOTFlYzdiLzEvMkprWi0xR25CUkVkYVpidXd3XzhSQzNwZWk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8wMWUyMzItNDU1MS00Y2U4LThjZDgtN2Q4YjFjOTFlYzdi
LzEvMkprWi0xR25CUkVkYVpidXd3XzhSQzNwZWk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmDg8JA0J
9XT1AwpopGCjx42QQOk3TzIjPzFgOXJN2FcmRS8GOLckmYz6JrvzWmZrZXQFqTS/
8aqR8sKVrqqXguA5E9MiRYmh3Jl9h1/fArCq2gnS2jl+RM0S4CVliR8DczVIov9c
E0UHwXyXd+lRdx680j/EVsY/L2QF++B1m+PIvOa/RU5gNybgCdvO918P2hdZTB9b
KvYf0qccsDI9OUfhNq5gXeXqSellf+ma+ste0Ax8o56C4K/N30G0Ng/rkB/HxAcK
8dfwPGxfpXXHkos+iELUHcJx0amsv+YoM+9a/zXmEZrBG7iZcK1fOl9yRbwuTwiE
cGGo+NnT6PsPjg==
-----END CERTIFICATE-----