Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
File:                     bP-QsXePU3Q_kng8rxdIouzWaKA.mft (raw, json)
Hash identifier:          MJoRTkYpbPtq7SA6462dekbMQArvf61xgLEeTw1glCI=
Subject key identifier:   A6:90:5F:00:34:34:98:D4:09:84:14:AB:62:1C:86:AB:50:08:F6:66
Authority key identifier: 6C:FF:90:B1:77:8F:53:74:3F:92:78:3C:AF:17:48:A2:EC:D6:68:A0
Certificate issuer:       /CN=6cff90b1778f53743f92783caf1748a2ecd668a0
Certificate serial:       0194C507FCFA6AA4B313FE25A59251DC5941
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
Manifest number:          0143
Signing time:             Sun 02 Feb 2025 05:00:22 +0000
Manifest this update:     Sun 02 Feb 2025 05:00:22 +0000
Manifest next update:     Mon 03 Feb 2025 05:00:22 +0000
Files and hashes:         1: bP-QsXePU3Q_kng8rxdIouzWaKA.crl (hash: aGcz8ijCjWx9BfsQcgtLmcs0Lz1Yc7zkMvheVg1D14o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c5:07:fc:fa:6a:a4:b3:13:fe:25:a5:92:51:dc:59:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cff90b1778f53743f92783caf1748a2ecd668a0
        Validity
            Not Before: Feb  2 05:00:22 2025 GMT
            Not After : Feb  3 05:00:22 2025 GMT
        Subject: CN=a6905f00343498d4098414ab621c86ab5008f666
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:c9:ba:1e:39:06:0e:39:b5:fe:ab:12:78:74:
                    bb:48:96:42:de:6d:98:9c:37:24:9c:d0:1c:bb:06:
                    64:98:db:f8:34:04:a4:97:8c:0a:68:57:f5:65:77:
                    7c:a2:2b:89:20:c5:b9:b6:ab:69:f3:f9:32:58:01:
                    70:e0:40:a3:3f:a4:dc:54:56:8a:67:7b:3a:40:e6:
                    16:84:e5:ab:24:11:4b:07:dc:0d:b9:8e:c5:2e:ed:
                    36:f2:df:bd:3d:bd:0d:d5:fc:f9:ff:38:e5:0d:2a:
                    34:c0:1e:0a:93:6d:4e:3d:19:29:17:43:88:18:dc:
                    4f:2c:b8:8c:04:40:fc:a8:90:b8:ab:ff:7b:5a:d7:
                    0d:91:db:38:10:3a:99:16:73:90:67:d7:1f:dd:5e:
                    e2:0b:07:4a:e7:28:76:f6:5f:7b:ec:75:5b:a1:25:
                    72:89:0a:6c:3c:a1:77:ee:da:28:a7:c8:46:3b:5b:
                    ba:c3:95:93:d2:1a:89:09:d1:8e:43:07:ba:81:d1:
                    00:b6:06:d0:1b:ea:24:ed:f3:75:d0:a3:40:3a:f1:
                    b9:aa:45:07:88:b6:61:44:d9:1f:97:3c:ae:6f:4e:
                    3d:5a:3f:3b:8e:cc:a1:54:0d:95:a5:f2:4e:fc:fe:
                    e3:6b:94:7e:40:8f:47:94:fb:81:03:9e:c9:e3:c4:
                    70:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:90:5F:00:34:34:98:D4:09:84:14:AB:62:1C:86:AB:50:08:F6:66
            X509v3 Authority Key Identifier:
                keyid:6C:FF:90:B1:77:8F:53:74:3F:92:78:3C:AF:17:48:A2:EC:D6:68:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:55:57:13:23:9f:7e:a0:0d:f4:82:66:52:82:1c:96:80:4f:
         fc:8c:43:59:9f:39:4f:d8:19:d4:80:c1:f9:89:50:6e:3f:c9:
         71:99:d9:ff:85:54:6f:3e:ee:d8:bb:ce:be:cd:d7:06:96:28:
         6b:97:44:25:60:fe:3e:e5:17:38:69:24:37:6b:49:9b:cc:d4:
         45:4e:ff:f4:cd:0e:d3:32:d0:4d:5d:0a:ca:66:e8:e6:d2:cb:
         c0:db:64:cc:28:a7:8e:0b:6c:ea:35:53:69:a0:b9:6b:a3:4d:
         31:c9:fc:75:1f:fd:8a:5c:d8:52:8a:e9:e6:b7:f7:1b:a3:c2:
         1b:00:09:6c:0c:af:32:dd:ac:e4:2d:05:e0:07:09:35:3c:4c:
         de:f3:93:36:5c:22:bf:31:c5:a7:3f:bc:ae:db:ac:f6:29:b8:
         62:36:e3:51:77:b6:fb:90:e7:87:30:bd:9e:f5:57:d8:2c:44:
         a3:74:d2:b0:ef:50:5a:6d:85:6d:61:18:6f:2b:18:54:8d:4b:
         4d:c2:cb:1f:b1:32:25:98:fd:10:2a:09:be:53:6b:f4:30:c4:
         c7:d6:63:e5:33:52:d8:32:d2:3a:06:7e:b8:36:03:7e:71:e9:
         37:22:77:d7:da:96:5b:f0:d0:73:96:7b:b4:cc:63:24:9d:26:
         e4:29:0c:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTFB/z6aqSzE/4lpZJR3FlBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZmY5MGIxNzc4ZjUzNzQzZjkyNzgzY2FmMTc0OGEyZWNk
NjY4YTAwHhcNMjUwMjAyMDUwMDIyWhcNMjUwMjAzMDUwMDIyWjAzMTEwLwYDVQQD
EyhhNjkwNWYwMDM0MzQ5OGQ0MDk4NDE0YWI2MjFjODZhYjUwMDhmNjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8m6HjkGDjm1/qsSeHS7SJZC3m2Y
nDcknNAcuwZkmNv4NASkl4wKaFf1ZXd8oiuJIMW5tqtp8/kyWAFw4ECjP6TcVFaK
Z3s6QOYWhOWrJBFLB9wNuY7FLu028t+9Pb0N1fz5/zjlDSo0wB4Kk21OPRkpF0OI
GNxPLLiMBED8qJC4q/97WtcNkds4EDqZFnOQZ9cf3V7iCwdK5yh29l977HVboSVy
iQpsPKF37toop8hGO1u6w5WT0hqJCdGOQwe6gdEAtgbQG+ok7fN10KNAOvG5qkUH
iLZhRNkflzyub049Wj87jsyhVA2VpfJO/P7ja5R+QI9HlPuBA57J48RwFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKaQXwA0NJjUCYQUq2IchqtQCPZmMB8GA1UdIwQY
MBaAFGz/kLF3j1N0P5J4PK8XSKLs1migMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9kYmI1MjUtOGJhNS00MGMzLThjMTIt
N2RlZDRkNjFlOGQyLzEvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9kYmI1MjUtOGJhNS00MGMzLThjMTItN2RlZDRkNjFlOGQy
LzEvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoFVXEyOf
fqAN9IJmUoIcloBP/IxDWZ85T9gZ1IDB+YlQbj/JcZnZ/4VUbz7u2LvOvs3XBpYo
a5dEJWD+PuUXOGkkN2tJm8zURU7/9M0O0zLQTV0Kymbo5tLLwNtkzCinjgts6jVT
aaC5a6NNMcn8dR/9ilzYUorp5rf3G6PCGwAJbAyvMt2s5C0F4AcJNTxM3vOTNlwi
vzHFpz+8rtus9im4YjbjUXe2+5DnhzC9nvVX2CxEo3TSsO9QWm2FbWEYbysYVI1L
TcLLH7EyJZj9ECoJvlNr9DDEx9Zj5TNS2DLSOgZ+uDYDfnHpNyJ319qWW/DQc5Z7
tMxjJJ0m5CkMkQ==
-----END CERTIFICATE-----