Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/a071aa-550b-4e18-99ed-0508a2bb47ac/1/sfW7qgUZgL1IEbZlWg-V2zYSeAk.mft
File:                     sfW7qgUZgL1IEbZlWg-V2zYSeAk.mft (raw, json)
Hash identifier:          HPVXK2HScNCyV6jN+/8s8Ys2Ti6KyQVOThpIIOlo8ZI=
Subject key identifier:   23:EB:F9:3D:73:40:05:19:61:64:CC:38:F2:9D:B8:78:F5:BD:F1:81
Authority key identifier: B1:F5:BB:AA:05:19:80:BD:48:11:B6:65:5A:0F:95:DB:36:12:78:09
Certificate issuer:       /CN=b1f5bbaa051980bd4811b6655a0f95db36127809
Certificate serial:       0194BBCE88CC90DDC691F881C39CF0C66FB0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sfW7qgUZgL1IEbZlWg-V2zYSeAk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/a071aa-550b-4e18-99ed-0508a2bb47ac/1/sfW7qgUZgL1IEbZlWg-V2zYSeAk.mft
Manifest number:          0DB9
Signing time:             Fri 31 Jan 2025 10:01:02 +0000
Manifest this update:     Fri 31 Jan 2025 10:01:02 +0000
Manifest next update:     Sat 01 Feb 2025 10:01:02 +0000
Files and hashes:         1: sfW7qgUZgL1IEbZlWg-V2zYSeAk.crl (hash: r/AI2vuZwShZYgsPoxp/vzGpEz00b5IKG+oT3r1oFkU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/a071aa-550b-4e18-99ed-0508a2bb47ac/1/sfW7qgUZgL1IEbZlWg-V2zYSeAk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/a071aa-550b-4e18-99ed-0508a2bb47ac/1/sfW7qgUZgL1IEbZlWg-V2zYSeAk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sfW7qgUZgL1IEbZlWg-V2zYSeAk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 10:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:bb:ce:88:cc:90:dd:c6:91:f8:81:c3:9c:f0:c6:6f:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1f5bbaa051980bd4811b6655a0f95db36127809
        Validity
            Not Before: Jan 31 10:01:02 2025 GMT
            Not After : Feb  1 10:01:02 2025 GMT
        Subject: CN=23ebf93d734005196164cc38f29db878f5bdf181
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:28:fa:53:87:0c:e0:88:d9:10:3f:b0:86:ef:
                    08:2b:99:5a:64:07:0b:80:83:a3:34:4d:73:6a:f9:
                    c4:4b:25:fa:98:69:49:fe:cb:22:76:61:d1:f3:eb:
                    6d:b6:bf:d1:c5:02:54:28:5d:f2:43:f6:98:35:95:
                    b7:34:8e:ad:af:dc:b0:d4:3a:0a:e2:0d:3a:32:a3:
                    5d:fc:22:00:46:3a:83:6f:ac:08:c2:f5:6d:5a:4b:
                    8d:1e:a0:a2:83:09:6c:95:1c:75:9e:0a:72:0e:e8:
                    e2:d4:89:b9:5e:79:35:6e:bc:d5:7f:23:e4:40:22:
                    24:23:e4:6e:68:a9:55:d8:4f:30:cd:95:da:08:ad:
                    81:cc:b2:7e:9f:a6:2f:a8:a4:1b:b5:03:86:ba:ac:
                    dc:37:71:05:e3:2c:6a:c3:ef:94:5f:4b:8f:20:82:
                    2d:ba:84:86:6f:58:67:f1:86:6c:b9:74:47:d6:fc:
                    f3:0c:00:93:da:af:f5:96:8c:d2:9e:89:24:fb:5b:
                    5e:73:95:48:04:e7:65:bf:9c:fc:5a:d0:d3:6b:29:
                    a4:c9:82:c9:b3:25:28:ff:0b:08:ef:ad:b3:ba:3a:
                    28:06:02:55:bb:62:55:23:9c:b1:08:9e:44:21:54:
                    97:9a:cd:74:91:78:4e:06:76:cc:dd:cc:1e:68:4f:
                    38:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:EB:F9:3D:73:40:05:19:61:64:CC:38:F2:9D:B8:78:F5:BD:F1:81
            X509v3 Authority Key Identifier:
                keyid:B1:F5:BB:AA:05:19:80:BD:48:11:B6:65:5A:0F:95:DB:36:12:78:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sfW7qgUZgL1IEbZlWg-V2zYSeAk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/a071aa-550b-4e18-99ed-0508a2bb47ac/1/sfW7qgUZgL1IEbZlWg-V2zYSeAk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/a071aa-550b-4e18-99ed-0508a2bb47ac/1/sfW7qgUZgL1IEbZlWg-V2zYSeAk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:bc:6c:54:3c:3c:bf:fc:af:e2:22:91:68:86:41:09:33:a4:
         5c:1d:3e:10:cd:fb:98:97:1e:09:e8:9f:37:bd:ea:ee:f0:bd:
         dc:08:d1:af:6b:50:0d:39:e4:0a:2d:b5:77:26:22:d8:09:41:
         40:97:ec:f0:20:6c:29:6e:eb:8d:5f:7d:39:47:b6:44:10:7b:
         d6:5e:f8:f9:3b:c7:1f:9c:aa:4d:c6:07:2b:3e:13:e9:52:d1:
         68:64:3f:9e:69:29:e7:47:f4:c7:fe:49:ca:6d:46:4b:e6:0a:
         e0:e6:4f:a2:bb:23:58:ed:d0:8f:a0:14:6b:94:fa:89:b6:46:
         9c:d2:53:de:08:72:42:9a:03:1a:f5:6e:8b:d0:2b:f8:e1:bc:
         f7:c3:f5:4e:8b:d8:49:f5:61:81:ec:da:df:6a:72:64:94:75:
         b5:7b:da:da:c0:1e:e3:9e:49:24:8a:2b:81:7a:17:ac:9c:39:
         ed:d9:a7:f4:01:4b:0e:5e:06:4c:98:f8:ee:d1:48:32:aa:1c:
         25:d4:8e:81:b5:7d:f4:d0:61:58:f8:bd:2e:b3:6e:ab:87:ce:
         07:6d:5b:08:d6:53:36:df:d3:42:53:88:22:52:7b:bd:53:3f:
         a9:f7:e3:9f:b4:9c:37:cc:9d:cd:84:c1:8b:24:7c:19:62:c6:
         ad:b7:34:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS7zojMkN3GkfiBw5zwxm+wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZjViYmFhMDUxOTgwYmQ0ODExYjY2NTVhMGY5NWRiMzYx
Mjc4MDkwHhcNMjUwMTMxMTAwMTAyWhcNMjUwMjAxMTAwMTAyWjAzMTEwLwYDVQQD
EygyM2ViZjkzZDczNDAwNTE5NjE2NGNjMzhmMjlkYjg3OGY1YmRmMTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryj6U4cM4IjZED+whu8IK5laZAcL
gIOjNE1zavnESyX6mGlJ/ssidmHR8+tttr/RxQJUKF3yQ/aYNZW3NI6tr9yw1DoK
4g06MqNd/CIARjqDb6wIwvVtWkuNHqCigwlslRx1ngpyDuji1Im5Xnk1brzVfyPk
QCIkI+RuaKlV2E8wzZXaCK2BzLJ+n6YvqKQbtQOGuqzcN3EF4yxqw++UX0uPIIIt
uoSGb1hn8YZsuXRH1vzzDACT2q/1lozSnokk+1tec5VIBOdlv5z8WtDTaymkyYLJ
syUo/wsI762zujooBgJVu2JVI5yxCJ5EIVSXms10kXhOBnbM3cweaE849wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCPr+T1zQAUZYWTMOPKduHj1vfGBMB8GA1UdIwQY
MBaAFLH1u6oFGYC9SBG2ZVoPlds2EngJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2ZXN3FnVVpnTDFJRWJabFdnLVYyellTZUFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9hMDcxYWEtNTUwYi00ZTE4LTk5ZWQt
MDUwOGEyYmI0N2FjLzEvc2ZXN3FnVVpnTDFJRWJabFdnLVYyellTZUFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9hMDcxYWEtNTUwYi00ZTE4LTk5ZWQtMDUwOGEyYmI0N2Fj
LzEvc2ZXN3FnVVpnTDFJRWJabFdnLVYyellTZUFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACrxsVDw8
v/yv4iKRaIZBCTOkXB0+EM37mJceCeifN73q7vC93AjRr2tQDTnkCi21dyYi2AlB
QJfs8CBsKW7rjV99OUe2RBB71l74+TvHH5yqTcYHKz4T6VLRaGQ/nmkp50f0x/5J
ym1GS+YK4OZPorsjWO3Qj6AUa5T6ibZGnNJT3ghyQpoDGvVui9Ar+OG898P1TovY
SfVhgeza32pyZJR1tXva2sAe455JJIorgXoXrJw57dmn9AFLDl4GTJj47tFIMqoc
JdSOgbV99NBhWPi9LrNuq4fOB21bCNZTNt/TQlOIIlJ7vVM/qffjn7ScN8ydzYTB
iyR8GWLGrbc03g==
-----END CERTIFICATE-----