Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/d23344-b281-42d2-bc33-ecbf7f17f604/1/xBHDOVke38lmej55EY3SPEAr6H8.mft
File:                     xBHDOVke38lmej55EY3SPEAr6H8.mft (raw, json)
Hash identifier:          cUwCMDnuPB1198PBe55Rjpv7eFkDxwTGs89dFz2niA8=
Subject key identifier:   8C:88:57:86:51:D2:CC:52:FF:13:C0:3B:51:94:F7:5F:9B:70:53:44
Authority key identifier: C4:11:C3:39:59:1E:DF:C9:66:7A:3E:79:11:8D:D2:3C:40:2B:E8:7F
Certificate issuer:       /CN=c411c339591edfc9667a3e79118dd23c402be87f
Certificate serial:       0194C42C47D98A79CA027413BD21A133E9A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xBHDOVke38lmej55EY3SPEAr6H8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/d23344-b281-42d2-bc33-ecbf7f17f604/1/xBHDOVke38lmej55EY3SPEAr6H8.mft
Manifest number:          0428
Signing time:             Sun 02 Feb 2025 01:00:23 +0000
Manifest this update:     Sun 02 Feb 2025 01:00:23 +0000
Manifest next update:     Mon 03 Feb 2025 01:00:23 +0000
Files and hashes:         1: xBHDOVke38lmej55EY3SPEAr6H8.crl (hash: dH7hbKWstko5eS9cnRjCSjXjzCJftd+yDJ5TVGxxKo4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/d23344-b281-42d2-bc33-ecbf7f17f604/1/xBHDOVke38lmej55EY3SPEAr6H8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/d23344-b281-42d2-bc33-ecbf7f17f604/1/xBHDOVke38lmej55EY3SPEAr6H8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xBHDOVke38lmej55EY3SPEAr6H8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:2c:47:d9:8a:79:ca:02:74:13:bd:21:a1:33:e9:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c411c339591edfc9667a3e79118dd23c402be87f
        Validity
            Not Before: Feb  2 01:00:23 2025 GMT
            Not After : Feb  3 01:00:23 2025 GMT
        Subject: CN=8c88578651d2cc52ff13c03b5194f75f9b705344
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:ce:55:17:2f:09:2f:47:55:df:6a:f7:48:0f:
                    9a:da:1f:3f:08:a5:5a:26:40:23:f7:f6:a6:fe:c0:
                    51:05:df:16:78:29:8e:7b:d1:52:45:a2:bb:36:e3:
                    48:5e:87:ff:f7:e6:c1:e8:cb:d3:d9:9f:82:02:61:
                    70:41:e5:45:cb:f1:8b:30:bf:e7:32:f9:f1:f5:e3:
                    4e:9c:dd:14:52:35:2b:69:05:70:12:c4:34:3e:f2:
                    17:1f:d7:a6:05:e5:93:bd:f3:49:29:05:8d:4a:cb:
                    6f:00:7b:e4:67:d1:1a:14:f3:00:d8:ae:9f:a6:2e:
                    ef:03:0b:e0:cb:b3:90:92:b0:95:c0:fa:35:fd:63:
                    34:72:ee:ef:ab:dc:75:5c:e8:83:f9:db:2a:24:ef:
                    5e:e5:58:57:40:96:8d:10:11:3d:17:9c:10:ab:a4:
                    c8:e2:72:a6:5b:22:a9:33:2d:62:f4:15:37:c3:88:
                    2d:6b:05:61:2b:af:73:08:e2:fd:ab:80:52:79:70:
                    1d:e0:a8:8b:6e:bd:f4:78:5d:ad:23:54:74:96:79:
                    e1:3f:19:b9:ce:a8:05:64:d6:a9:d8:a5:52:f8:69:
                    b7:49:e2:56:b6:2e:4f:1a:e2:c1:56:2b:a5:58:8a:
                    cd:9a:c5:ff:5c:e2:ce:fd:0f:3d:40:3c:8b:de:f9:
                    90:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:88:57:86:51:D2:CC:52:FF:13:C0:3B:51:94:F7:5F:9B:70:53:44
            X509v3 Authority Key Identifier:
                keyid:C4:11:C3:39:59:1E:DF:C9:66:7A:3E:79:11:8D:D2:3C:40:2B:E8:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBHDOVke38lmej55EY3SPEAr6H8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d23344-b281-42d2-bc33-ecbf7f17f604/1/xBHDOVke38lmej55EY3SPEAr6H8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d23344-b281-42d2-bc33-ecbf7f17f604/1/xBHDOVke38lmej55EY3SPEAr6H8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:24:0b:d4:ae:00:df:8d:50:ba:d3:c4:f6:8d:d7:bb:60:84:
         9a:7e:03:51:9d:b5:b5:d9:28:f7:1b:ef:37:99:4b:76:f2:82:
         27:73:92:05:2b:8f:a2:71:c6:16:0e:b8:70:80:9c:e4:c9:84:
         3d:f2:34:a5:23:44:50:0e:a6:9d:73:7c:2c:a1:63:d7:bc:35:
         68:20:d5:44:5a:b6:fb:e9:67:24:c8:6b:33:96:6c:ec:0e:04:
         fa:10:a9:89:8f:ec:86:f9:75:a8:b2:60:80:76:b0:8a:13:20:
         3f:d4:0b:94:94:4b:3d:65:92:f4:2f:5f:e5:33:7d:2d:84:84:
         d8:77:9e:13:0d:75:15:4d:2d:01:2e:80:66:e2:60:72:f9:83:
         58:ba:a1:d6:a5:63:95:13:d2:fe:5f:b9:e8:93:f8:50:d5:44:
         e0:da:f3:89:d3:f7:0e:e7:5d:54:71:ce:52:93:23:5d:a6:04:
         df:d8:48:8e:19:35:8c:68:97:1f:a5:5e:3a:b4:f5:5d:ff:a5:
         2e:2c:62:b0:c8:04:fc:ba:62:59:dc:21:3a:f7:b2:64:50:10:
         c3:dc:4f:8e:e8:48:3e:07:df:1c:14:48:df:5b:7f:6f:1c:fd:
         4c:70:26:f7:73:a7:3b:fe:e7:7f:f3:34:ae:b3:83:94:79:fb:
         62:4b:e8:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTELEfZinnKAnQTvSGhM+mgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MTFjMzM5NTkxZWRmYzk2NjdhM2U3OTExOGRkMjNjNDAy
YmU4N2YwHhcNMjUwMjAyMDEwMDIzWhcNMjUwMjAzMDEwMDIzWjAzMTEwLwYDVQQD
Eyg4Yzg4NTc4NjUxZDJjYzUyZmYxM2MwM2I1MTk0Zjc1ZjliNzA1MzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn85VFy8JL0dV32r3SA+a2h8/CKVa
JkAj9/am/sBRBd8WeCmOe9FSRaK7NuNIXof/9+bB6MvT2Z+CAmFwQeVFy/GLML/n
Mvnx9eNOnN0UUjUraQVwEsQ0PvIXH9emBeWTvfNJKQWNSstvAHvkZ9EaFPMA2K6f
pi7vAwvgy7OQkrCVwPo1/WM0cu7vq9x1XOiD+dsqJO9e5VhXQJaNEBE9F5wQq6TI
4nKmWyKpMy1i9BU3w4gtawVhK69zCOL9q4BSeXAd4KiLbr30eF2tI1R0lnnhPxm5
zqgFZNap2KVS+Gm3SeJWti5PGuLBViulWIrNmsX/XOLO/Q89QDyL3vmQmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIyIV4ZR0sxS/xPAO1GU91+bcFNEMB8GA1UdIwQY
MBaAFMQRwzlZHt/JZno+eRGN0jxAK+h/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEJIRE9Wa2UzOGxtZWo1NUVZM1NQRUFyNkg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kMjMzNDQtYjI4MS00MmQyLWJjMzMt
ZWNiZjdmMTdmNjA0LzEveEJIRE9Wa2UzOGxtZWo1NUVZM1NQRUFyNkg4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kMjMzNDQtYjI4MS00MmQyLWJjMzMtZWNiZjdmMTdmNjA0
LzEveEJIRE9Wa2UzOGxtZWo1NUVZM1NQRUFyNkg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiCQL1K4A
341QutPE9o3Xu2CEmn4DUZ21tdko9xvvN5lLdvKCJ3OSBSuPonHGFg64cICc5MmE
PfI0pSNEUA6mnXN8LKFj17w1aCDVRFq2++lnJMhrM5Zs7A4E+hCpiY/shvl1qLJg
gHawihMgP9QLlJRLPWWS9C9f5TN9LYSE2HeeEw11FU0tAS6AZuJgcvmDWLqh1qVj
lRPS/l+56JP4UNVE4NrzidP3DuddVHHOUpMjXaYE39hIjhk1jGiXH6VeOrT1Xf+l
LixisMgE/LpiWdwhOveyZFAQw9xPjuhIPgffHBRI31t/bxz9THAm93OnO/7nf/M0
rrODlHn7YkvorQ==
-----END CERTIFICATE-----