Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.mft
File:                     4tY8oFQoMuZCZPOssVYZki_s-Ds.mft (raw, json)
Hash identifier:          cklYnYLrdgc82NNKY7NL7quXsP7mvXuI8YF7fgEuZS4=
Subject key identifier:   7B:76:6D:FF:AB:87:82:FA:C3:85:EB:C5:A1:7F:4A:1E:9A:77:C8:24
Authority key identifier: E2:D6:3C:A0:54:28:32:E6:42:64:F3:AC:B1:56:19:92:2F:EC:F8:3B
Certificate issuer:       /CN=e2d63ca0542832e64264f3acb15619922fecf83b
Certificate serial:       0194BABBC1827F4FD670BEA7927B5C70367E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4tY8oFQoMuZCZPOssVYZki_s-Ds.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.mft
Manifest number:          0D02
Signing time:             Fri 31 Jan 2025 05:00:54 +0000
Manifest this update:     Fri 31 Jan 2025 05:00:54 +0000
Manifest next update:     Sat 01 Feb 2025 05:00:54 +0000
Files and hashes:         1: 4tY8oFQoMuZCZPOssVYZki_s-Ds.crl (hash: VNi4f1F10cNyNRe9Su1e+b4vDcUumlORTLkrgiXl9GA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4tY8oFQoMuZCZPOssVYZki_s-Ds.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 05:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:ba:bb:c1:82:7f:4f:d6:70:be:a7:92:7b:5c:70:36:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2d63ca0542832e64264f3acb15619922fecf83b
        Validity
            Not Before: Jan 31 05:00:54 2025 GMT
            Not After : Feb  1 05:00:54 2025 GMT
        Subject: CN=7b766dffab8782fac385ebc5a17f4a1e9a77c824
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:b5:70:e3:3a:97:eb:9e:82:be:a0:18:57:f5:
                    18:26:ba:b7:6f:66:f1:04:d2:7b:64:ec:11:e3:5b:
                    76:e9:45:3c:e9:59:af:07:8b:d7:4d:07:eb:b8:b9:
                    7c:f2:98:68:0a:8c:cf:eb:f5:10:62:1f:af:0a:2a:
                    4c:fa:ca:50:64:10:f6:d3:9b:fe:81:bd:d7:2c:c9:
                    82:0d:a9:a3:bf:a7:86:23:a0:37:3b:bd:9f:b0:08:
                    76:b2:60:2c:33:2f:87:85:bc:6c:2e:bb:ba:fd:90:
                    e0:27:18:d2:0e:30:b3:9a:80:f5:42:83:76:4b:52:
                    4b:50:a6:12:ca:5d:fc:ff:d2:55:4c:40:13:a2:da:
                    a7:87:69:c6:1f:b9:2c:a6:ec:cc:cc:27:ae:72:5a:
                    92:1e:48:51:5a:df:bd:04:26:c5:5d:68:32:b2:52:
                    75:30:3f:4c:1b:f5:f3:80:96:f1:02:c2:57:92:86:
                    16:a2:e4:f3:ba:51:3a:4f:d0:f1:09:96:2d:49:fc:
                    32:f2:0b:ec:c4:f2:02:d9:22:86:40:af:cf:09:4b:
                    58:2e:5c:b1:c2:aa:58:6b:6e:37:c2:9f:b1:d1:11:
                    ec:27:31:39:f0:bb:b8:de:67:40:7c:70:01:46:80:
                    87:f3:75:70:85:f7:b6:b2:bb:44:1e:c5:c2:6c:67:
                    9c:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:76:6D:FF:AB:87:82:FA:C3:85:EB:C5:A1:7F:4A:1E:9A:77:C8:24
            X509v3 Authority Key Identifier:
                keyid:E2:D6:3C:A0:54:28:32:E6:42:64:F3:AC:B1:56:19:92:2F:EC:F8:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tY8oFQoMuZCZPOssVYZki_s-Ds.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:ef:d6:13:04:06:59:c4:80:d1:96:03:b8:8c:90:98:ec:54:
         e1:de:77:5a:c9:fb:01:8c:3f:aa:10:f1:60:46:b3:36:24:ff:
         f3:c9:19:16:9b:ad:55:39:5d:eb:09:09:8b:9a:05:2f:69:0f:
         a1:eb:59:7f:93:f9:a7:b0:a6:84:a2:64:ef:1e:be:30:9e:f1:
         0c:fc:05:e9:1f:02:e8:2d:c3:aa:f6:b5:67:10:03:24:26:f5:
         0a:24:39:41:bd:1d:82:ba:97:cf:d7:66:8d:15:6a:1f:94:c9:
         c0:59:ac:5c:e0:41:98:99:ab:b0:34:52:51:a7:d8:48:8f:e1:
         e2:e8:6b:c0:bd:69:13:bd:f3:1b:fe:62:13:ff:3f:25:91:78:
         b1:82:d8:1f:19:34:e5:36:16:ea:62:1b:4e:e7:56:00:c0:b4:
         ef:85:4d:b7:d6:5a:6f:c5:15:bb:85:10:93:81:2f:1e:63:eb:
         b9:b8:0c:dd:a3:5c:9a:9c:cb:b8:d8:f9:c8:ce:a8:11:73:fa:
         8f:cb:27:3d:e4:ff:01:34:a4:3b:84:5c:c0:86:e9:de:02:6f:
         90:dd:81:b0:37:7e:23:a9:a8:6b:fe:75:a0:0d:a5:5e:10:de:
         2e:b0:03:58:59:aa:99:26:08:38:4b:28:68:f2:59:8b:28:a2:
         ce:02:73:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS6u8GCf0/WcL6nkntccDZ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDYzY2EwNTQyODMyZTY0MjY0ZjNhY2IxNTYxOTkyMmZl
Y2Y4M2IwHhcNMjUwMTMxMDUwMDU0WhcNMjUwMjAxMDUwMDU0WjAzMTEwLwYDVQQD
Eyg3Yjc2NmRmZmFiODc4MmZhYzM4NWViYzVhMTdmNGExZTlhNzdjODI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbVw4zqX656CvqAYV/UYJrq3b2bx
BNJ7ZOwR41t26UU86VmvB4vXTQfruLl88phoCozP6/UQYh+vCipM+spQZBD205v+
gb3XLMmCDamjv6eGI6A3O72fsAh2smAsMy+HhbxsLru6/ZDgJxjSDjCzmoD1QoN2
S1JLUKYSyl38/9JVTEATotqnh2nGH7kspuzMzCeuclqSHkhRWt+9BCbFXWgyslJ1
MD9MG/XzgJbxAsJXkoYWouTzulE6T9DxCZYtSfwy8gvsxPIC2SKGQK/PCUtYLlyx
wqpYa243wp+x0RHsJzE58Lu43mdAfHABRoCH83Vwhfe2srtEHsXCbGecWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHt2bf+rh4L6w4XrxaF/Sh6ad8gkMB8GA1UdIwQY
MBaAFOLWPKBUKDLmQmTzrLFWGZIv7Pg7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRZOG9GUW9NdVpDWlBPc3NWWVpraV9zLURzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9hYmE5ZDMtOTkxMi00ZjVlLTk4ZGEt
YzViMDBjYjhkOTE0LzEvNHRZOG9GUW9NdVpDWlBPc3NWWVpraV9zLURzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9hYmE5ZDMtOTkxMi00ZjVlLTk4ZGEtYzViMDBjYjhkOTE0
LzEvNHRZOG9GUW9NdVpDWlBPc3NWWVpraV9zLURzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP+/WEwQG
WcSA0ZYDuIyQmOxU4d53Wsn7AYw/qhDxYEazNiT/88kZFputVTld6wkJi5oFL2kP
oetZf5P5p7CmhKJk7x6+MJ7xDPwF6R8C6C3Dqva1ZxADJCb1CiQ5Qb0dgrqXz9dm
jRVqH5TJwFmsXOBBmJmrsDRSUafYSI/h4uhrwL1pE73zG/5iE/8/JZF4sYLYHxk0
5TYW6mIbTudWAMC074VNt9Zab8UVu4UQk4EvHmPrubgM3aNcmpzLuNj5yM6oEXP6
j8snPeT/ATSkO4RcwIbp3gJvkN2BsDd+I6moa/51oA2lXhDeLrADWFmqmSYIOEso
aPJZiyiizgJzAA==
-----END CERTIFICATE-----