Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/ea37f1-ce1a-4816-bcb6-4412defede73/1/y4P7_Bds1I6-Lyzen0wB7SU7uy0.mft
File:                     y4P7_Bds1I6-Lyzen0wB7SU7uy0.mft (raw, json)
Hash identifier:          GOJv7FtYEuFwzJMnkJnpIJtWhA5Isl0sW8wiBymeNlg=
Subject key identifier:   EF:12:48:EE:2D:DE:40:70:03:56:1A:C8:86:F9:3C:C9:B6:08:2C:47
Authority key identifier: CB:83:FB:FC:17:6C:D4:8E:BE:2F:2C:DE:9F:4C:01:ED:25:3B:BB:2D
Certificate issuer:       /CN=cb83fbfc176cd48ebe2f2cde9f4c01ed253bbb2d
Certificate serial:       0194C3884926A73F3C55C1CD0F7AA264FEE2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y4P7_Bds1I6-Lyzen0wB7SU7uy0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/ea37f1-ce1a-4816-bcb6-4412defede73/1/y4P7_Bds1I6-Lyzen0wB7SU7uy0.mft
Manifest number:          142D
Signing time:             Sat 01 Feb 2025 22:01:16 +0000
Manifest this update:     Sat 01 Feb 2025 22:01:16 +0000
Manifest next update:     Sun 02 Feb 2025 22:01:16 +0000
Files and hashes:         1: y4P7_Bds1I6-Lyzen0wB7SU7uy0.crl (hash: vvn7uE3KPAyundehyLU4M9grLGMmiD5EpFknqRmgYx4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/08/ea37f1-ce1a-4816-bcb6-4412defede73/1/y4P7_Bds1I6-Lyzen0wB7SU7uy0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/08/ea37f1-ce1a-4816-bcb6-4412defede73/1/y4P7_Bds1I6-Lyzen0wB7SU7uy0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y4P7_Bds1I6-Lyzen0wB7SU7uy0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:88:49:26:a7:3f:3c:55:c1:cd:0f:7a:a2:64:fe:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb83fbfc176cd48ebe2f2cde9f4c01ed253bbb2d
        Validity
            Not Before: Feb  1 22:01:16 2025 GMT
            Not After : Feb  2 22:01:16 2025 GMT
        Subject: CN=ef1248ee2dde407003561ac886f93cc9b6082c47
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:8f:f5:26:c0:22:68:7b:da:c5:61:5e:8c:56:
                    b6:f4:51:9d:84:a7:62:d0:61:05:02:a4:3c:fc:79:
                    58:70:40:82:ac:e4:50:52:59:7e:c9:ff:98:85:50:
                    fe:b5:65:b3:a6:c9:66:61:fb:6b:ec:de:70:13:6f:
                    28:1d:c5:f4:17:04:99:c6:90:46:d4:bb:7f:6f:ae:
                    a3:c3:26:e7:ef:b5:e5:32:3c:83:30:f2:e4:b1:f3:
                    25:53:7d:a4:42:77:08:13:f9:9a:db:17:e9:33:42:
                    02:2e:b5:45:d3:9b:67:d9:60:82:04:9b:4d:2e:a7:
                    13:81:e9:ba:97:db:73:bb:94:fc:a9:bd:55:52:0f:
                    f5:40:13:d9:90:b4:77:db:8f:89:64:d1:11:34:49:
                    e9:5f:fa:5a:bd:f3:0c:27:5c:e9:8c:57:fa:a2:33:
                    31:85:6c:a2:63:55:0c:23:ad:82:9c:01:1c:82:01:
                    ec:e5:bb:21:b2:4c:0b:5c:1f:44:e8:3a:e3:54:eb:
                    55:49:1a:f8:5b:f0:c6:60:ad:0b:c5:7c:8f:0b:1c:
                    03:38:24:4a:55:44:e7:40:92:f4:43:32:04:b2:6a:
                    8c:82:69:70:09:2e:3b:d0:65:5f:6a:51:00:62:e5:
                    9d:d4:38:ce:8b:a6:a2:69:26:f7:2d:d7:03:3c:e4:
                    96:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:12:48:EE:2D:DE:40:70:03:56:1A:C8:86:F9:3C:C9:B6:08:2C:47
            X509v3 Authority Key Identifier:
                keyid:CB:83:FB:FC:17:6C:D4:8E:BE:2F:2C:DE:9F:4C:01:ED:25:3B:BB:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y4P7_Bds1I6-Lyzen0wB7SU7uy0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ea37f1-ce1a-4816-bcb6-4412defede73/1/y4P7_Bds1I6-Lyzen0wB7SU7uy0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ea37f1-ce1a-4816-bcb6-4412defede73/1/y4P7_Bds1I6-Lyzen0wB7SU7uy0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:c9:6f:d0:b4:30:76:c2:ae:19:be:49:b1:4b:29:79:bf:ef:
         df:a9:e5:0f:17:b0:3d:98:89:17:07:52:b8:fd:5a:a3:42:c1:
         00:b3:7b:72:a7:c3:37:39:e2:27:13:5f:b5:19:07:c3:57:fa:
         57:f8:d3:be:60:e8:6f:53:70:0e:a0:48:4e:63:07:a6:73:c9:
         4f:f1:b1:e8:a5:38:1a:39:7a:ad:ab:d6:bc:7c:31:95:bb:e1:
         83:05:dc:58:bf:f1:75:28:48:26:bd:8a:df:16:bc:01:f3:2d:
         16:5b:62:da:7c:b6:06:08:a9:0c:b6:c4:35:92:28:b7:62:b2:
         31:dd:d8:57:26:c2:18:13:4e:d0:de:5f:d3:0c:3c:72:bb:fd:
         c5:88:46:21:50:33:ae:ad:f7:d0:18:8d:ac:de:bc:3a:04:ee:
         68:da:15:19:32:bc:1a:8f:3e:6e:93:a5:0e:84:7d:50:39:f2:
         37:e5:bf:e3:c7:49:81:8b:77:0b:23:a7:76:f5:5d:07:b7:63:
         21:6f:d1:d7:68:01:82:7f:32:9e:d9:de:b2:9d:e5:4f:e3:10:
         dc:e8:b9:e9:32:8d:00:15:47:fa:b6:39:26:78:e1:34:d5:4f:
         46:d7:83:4b:e7:e4:e5:0e:88:56:7c:b1:1b:e7:39:db:35:40:
         85:61:98:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDiEkmpz88VcHND3qiZP7iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiODNmYmZjMTc2Y2Q0OGViZTJmMmNkZTlmNGMwMWVkMjUz
YmJiMmQwHhcNMjUwMjAxMjIwMTE2WhcNMjUwMjAyMjIwMTE2WjAzMTEwLwYDVQQD
EyhlZjEyNDhlZTJkZGU0MDcwMDM1NjFhYzg4NmY5M2NjOWI2MDgyYzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqI/1JsAiaHvaxWFejFa29FGdhKdi
0GEFAqQ8/HlYcECCrORQUll+yf+YhVD+tWWzpslmYftr7N5wE28oHcX0FwSZxpBG
1Lt/b66jwybn77XlMjyDMPLksfMlU32kQncIE/ma2xfpM0ICLrVF05tn2WCCBJtN
LqcTgem6l9tzu5T8qb1VUg/1QBPZkLR324+JZNERNEnpX/pavfMMJ1zpjFf6ojMx
hWyiY1UMI62CnAEcggHs5bshskwLXB9E6DrjVOtVSRr4W/DGYK0LxXyPCxwDOCRK
VUTnQJL0QzIEsmqMgmlwCS470GVfalEAYuWd1DjOi6aiaSb3LdcDPOSWVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO8SSO4t3kBwA1YayIb5PMm2CCxHMB8GA1UdIwQY
MBaAFMuD+/wXbNSOvi8s3p9MAe0lO7stMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTRQN19CZHMxSTYtTHl6ZW4wd0I3U1U3dXkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9lYTM3ZjEtY2UxYS00ODE2LWJjYjYt
NDQxMmRlZmVkZTczLzEveTRQN19CZHMxSTYtTHl6ZW4wd0I3U1U3dXkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9lYTM3ZjEtY2UxYS00ODE2LWJjYjYtNDQxMmRlZmVkZTcz
LzEveTRQN19CZHMxSTYtTHl6ZW4wd0I3U1U3dXkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACMlv0LQw
dsKuGb5JsUspeb/v36nlDxewPZiJFwdSuP1ao0LBALN7cqfDNzniJxNftRkHw1f6
V/jTvmDob1NwDqBITmMHpnPJT/Gx6KU4Gjl6ravWvHwxlbvhgwXcWL/xdShIJr2K
3xa8AfMtFlti2ny2BgipDLbENZIot2KyMd3YVybCGBNO0N5f0ww8crv9xYhGIVAz
rq330BiNrN68OgTuaNoVGTK8Go8+bpOlDoR9UDnyN+W/48dJgYt3CyOndvVdB7dj
IW/R12gBgn8yntnesp3lT+MQ3Oi56TKNABVH+rY5JnjhNNVPRteDS+fk5Q6IVnyx
G+c52zVAhWGYiw==
-----END CERTIFICATE-----