Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/5bf30d-69eb-41a4-a90d-21b9f12d22f3/1/ZpT1sPq1_tLflTXiqcAp8YfVVAQ.mft
File:                     ZpT1sPq1_tLflTXiqcAp8YfVVAQ.mft (raw, json)
Hash identifier:          CucmN69tdrx1xwKC7AR3EAOHv61Bnet6f/6wMTq8fYM=
Subject key identifier:   C9:D9:EA:26:61:75:E6:B1:4D:92:E8:2A:BF:C9:04:08:DD:A6:F8:A6
Authority key identifier: 66:94:F5:B0:FA:B5:FE:D2:DF:95:35:E2:A9:C0:29:F1:87:D5:54:04
Certificate issuer:       /CN=6694f5b0fab5fed2df9535e2a9c029f187d55404
Certificate serial:       0194C3885E409539EBDE85DA7F4426EA0DFA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZpT1sPq1_tLflTXiqcAp8YfVVAQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/5bf30d-69eb-41a4-a90d-21b9f12d22f3/1/ZpT1sPq1_tLflTXiqcAp8YfVVAQ.mft
Manifest number:          054D
Signing time:             Sat 01 Feb 2025 22:01:21 +0000
Manifest this update:     Sat 01 Feb 2025 22:01:21 +0000
Manifest next update:     Sun 02 Feb 2025 22:01:21 +0000
Files and hashes:         1: ZpT1sPq1_tLflTXiqcAp8YfVVAQ.crl (hash: ekYhiJTunc4SdB8f73QJNpxtB5xw9j0V02fLmpOKYtE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/5bf30d-69eb-41a4-a90d-21b9f12d22f3/1/ZpT1sPq1_tLflTXiqcAp8YfVVAQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/5bf30d-69eb-41a4-a90d-21b9f12d22f3/1/ZpT1sPq1_tLflTXiqcAp8YfVVAQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZpT1sPq1_tLflTXiqcAp8YfVVAQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:88:5e:40:95:39:eb:de:85:da:7f:44:26:ea:0d:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6694f5b0fab5fed2df9535e2a9c029f187d55404
        Validity
            Not Before: Feb  1 22:01:21 2025 GMT
            Not After : Feb  2 22:01:21 2025 GMT
        Subject: CN=c9d9ea266175e6b14d92e82abfc90408dda6f8a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:39:40:19:8e:be:32:c1:9a:da:8f:5a:c8:4f:
                    9c:8d:75:78:2b:bc:f1:7d:ce:2c:7b:9b:08:7d:97:
                    64:fb:9f:ec:cd:54:08:09:dc:44:8d:82:99:4f:88:
                    f3:2e:b0:20:6f:b3:7b:ae:9e:22:06:b8:3c:00:de:
                    84:ff:4f:fb:95:dc:37:f5:61:42:e5:14:74:d7:8f:
                    1f:1c:57:2c:cd:e5:7c:22:f9:c8:71:6f:c9:58:55:
                    8d:90:89:b3:d3:2c:53:db:84:82:da:05:6b:a8:0b:
                    8f:79:9d:c0:e9:35:67:8d:b5:06:41:82:69:45:85:
                    f8:ad:86:3a:02:71:70:0e:05:5b:df:0c:42:14:54:
                    51:06:7c:15:d4:48:e0:46:ea:5e:9d:42:d9:e6:c5:
                    8d:df:4c:c1:4b:80:b5:e0:91:22:f4:54:69:36:23:
                    7e:a1:9d:07:9a:11:7c:75:76:97:02:a9:66:3f:41:
                    79:5f:a9:1c:9b:e4:fe:ad:a0:54:b6:3e:5c:62:34:
                    a4:1c:b0:51:c0:29:f2:3f:ee:0c:15:37:bb:d8:c6:
                    87:5e:99:16:e4:30:79:43:54:14:6f:53:36:62:36:
                    e5:4c:9b:a1:e3:f8:5b:d2:54:75:59:d7:3d:f7:a4:
                    d8:ac:e8:f0:d8:58:57:70:8f:65:34:55:a3:fa:5a:
                    8e:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:D9:EA:26:61:75:E6:B1:4D:92:E8:2A:BF:C9:04:08:DD:A6:F8:A6
            X509v3 Authority Key Identifier:
                keyid:66:94:F5:B0:FA:B5:FE:D2:DF:95:35:E2:A9:C0:29:F1:87:D5:54:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZpT1sPq1_tLflTXiqcAp8YfVVAQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/5bf30d-69eb-41a4-a90d-21b9f12d22f3/1/ZpT1sPq1_tLflTXiqcAp8YfVVAQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/5bf30d-69eb-41a4-a90d-21b9f12d22f3/1/ZpT1sPq1_tLflTXiqcAp8YfVVAQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:27:1e:45:95:ee:ad:c7:d4:ca:8b:fc:50:53:88:9c:6c:5d:
         94:c2:05:86:42:d1:e7:e3:4d:a0:f9:a5:1e:13:0c:cd:d6:2b:
         b7:be:ee:8d:95:ef:8e:77:25:77:7d:8f:59:76:be:62:2f:55:
         b3:ff:ae:bf:1c:88:06:7d:1b:af:0f:fa:e7:b0:68:39:cc:10:
         14:be:de:04:2d:aa:b7:65:8e:21:1d:e5:88:6b:87:6a:bb:fa:
         95:fd:3d:32:d3:66:e1:f5:a4:63:ec:0d:ab:b7:da:10:87:c7:
         8a:c8:00:89:96:ad:e7:92:59:64:0d:92:4d:a7:80:3a:97:16:
         15:52:1d:7b:22:38:ed:fa:51:df:45:8a:17:f3:5a:ce:5c:ee:
         38:e6:b9:7f:19:90:1e:a2:81:f8:ff:e4:46:39:13:7a:0f:fb:
         6c:17:49:60:10:c5:04:e3:d1:99:cf:2e:be:25:9e:85:9a:59:
         ef:69:8b:e9:69:a2:7f:eb:79:29:cb:84:3f:5d:b7:29:b8:b7:
         c7:79:9f:7d:87:ff:db:0e:8f:e7:53:55:32:6d:a2:50:c1:bf:
         98:55:d2:18:41:28:9a:38:a1:cf:35:e1:eb:ac:ba:3a:63:f2:
         88:d2:f7:e7:e4:58:48:98:22:68:12:68:a5:d1:e4:7a:fc:e6:
         6c:03:c6:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDiF5AlTnr3oXaf0Qm6g36MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OTRmNWIwZmFiNWZlZDJkZjk1MzVlMmE5YzAyOWYxODdk
NTU0MDQwHhcNMjUwMjAxMjIwMTIxWhcNMjUwMjAyMjIwMTIxWjAzMTEwLwYDVQQD
EyhjOWQ5ZWEyNjYxNzVlNmIxNGQ5MmU4MmFiZmM5MDQwOGRkYTZmOGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTlAGY6+MsGa2o9ayE+cjXV4K7zx
fc4se5sIfZdk+5/szVQICdxEjYKZT4jzLrAgb7N7rp4iBrg8AN6E/0/7ldw39WFC
5RR0148fHFcszeV8IvnIcW/JWFWNkImz0yxT24SC2gVrqAuPeZ3A6TVnjbUGQYJp
RYX4rYY6AnFwDgVb3wxCFFRRBnwV1EjgRupenULZ5sWN30zBS4C14JEi9FRpNiN+
oZ0HmhF8dXaXAqlmP0F5X6kcm+T+raBUtj5cYjSkHLBRwCnyP+4MFTe72MaHXpkW
5DB5Q1QUb1M2YjblTJuh4/hb0lR1Wdc996TYrOjw2FhXcI9lNFWj+lqO1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMnZ6iZhdeaxTZLoKr/JBAjdpvimMB8GA1UdIwQY
MBaAFGaU9bD6tf7S35U14qnAKfGH1VQEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnBUMXNQcTFfdExmbFRYaXFjQXA4WWZWVkFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi81YmYzMGQtNjllYi00MWE0LWE5MGQt
MjFiOWYxMmQyMmYzLzEvWnBUMXNQcTFfdExmbFRYaXFjQXA4WWZWVkFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi81YmYzMGQtNjllYi00MWE0LWE5MGQtMjFiOWYxMmQyMmYz
LzEvWnBUMXNQcTFfdExmbFRYaXFjQXA4WWZWVkFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbiceRZXu
rcfUyov8UFOInGxdlMIFhkLR5+NNoPmlHhMMzdYrt77ujZXvjncld32PWXa+Yi9V
s/+uvxyIBn0brw/657BoOcwQFL7eBC2qt2WOIR3liGuHarv6lf09MtNm4fWkY+wN
q7faEIfHisgAiZat55JZZA2STaeAOpcWFVIdeyI47fpR30WKF/NazlzuOOa5fxmQ
HqKB+P/kRjkTeg/7bBdJYBDFBOPRmc8uviWehZpZ72mL6Wmif+t5KcuEP123Kbi3
x3mffYf/2w6P51NVMm2iUMG/mFXSGEEomjihzzXh66y6OmPyiNL35+RYSJgiaBJo
pdHkevzmbAPG4A==
-----END CERTIFICATE-----