Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/4e9e37-6e66-41b1-aa99-1516b6d82e2d/1/mXFUBuche_wTgSpHBMYq4JnnyP8.mft
File:                     mXFUBuche_wTgSpHBMYq4JnnyP8.mft (raw, json)
Hash identifier:          2DrzUhrFt4VR9aY+RCmKg6U1IlgwTIK+z0J4ZlwSeyI=
Subject key identifier:   21:1F:0C:E8:B2:DD:2E:52:58:E9:CD:AC:66:63:DF:C8:3F:F4:11:A9
Authority key identifier: 99:71:54:06:E7:21:7B:FC:13:81:2A:47:04:C6:2A:E0:99:E7:C8:FF
Certificate issuer:       /CN=99715406e7217bfc13812a4704c62ae099e7c8ff
Certificate serial:       01951210B21ADEB57634C22AEB890B6348D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mXFUBuche_wTgSpHBMYq4JnnyP8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/4e9e37-6e66-41b1-aa99-1516b6d82e2d/1/mXFUBuche_wTgSpHBMYq4JnnyP8.mft
Manifest number:          0172
Signing time:             Mon 17 Feb 2025 04:00:38 +0000
Manifest this update:     Mon 17 Feb 2025 04:00:38 +0000
Manifest next update:     Tue 18 Feb 2025 04:00:38 +0000
Files and hashes:         1: mXFUBuche_wTgSpHBMYq4JnnyP8.crl (hash: 4dDAfPwZXD8sFzT4FdaEATeWAm44su+j+U69m0xjuDY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/4e9e37-6e66-41b1-aa99-1516b6d82e2d/1/mXFUBuche_wTgSpHBMYq4JnnyP8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/4e9e37-6e66-41b1-aa99-1516b6d82e2d/1/mXFUBuche_wTgSpHBMYq4JnnyP8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mXFUBuche_wTgSpHBMYq4JnnyP8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:12:10:b2:1a:de:b5:76:34:c2:2a:eb:89:0b:63:48:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99715406e7217bfc13812a4704c62ae099e7c8ff
        Validity
            Not Before: Feb 17 04:00:38 2025 GMT
            Not After : Feb 18 04:00:38 2025 GMT
        Subject: CN=211f0ce8b2dd2e5258e9cdac6663dfc83ff411a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:47:d1:1b:eb:c8:26:a4:ba:c8:74:93:ea:69:
                    f5:58:cb:7f:0a:37:03:52:e0:1f:6a:59:7a:73:9e:
                    a7:7d:9a:a6:42:b5:24:ce:20:38:01:ea:41:b1:95:
                    74:d1:c0:4a:22:b8:77:24:47:76:10:64:b3:72:da:
                    4d:d3:9d:cb:7a:29:6a:af:68:d8:a9:54:49:0b:45:
                    18:0e:40:02:70:a9:31:5d:92:fd:6a:67:99:32:c5:
                    6c:f0:5f:84:be:71:fb:4b:43:dd:74:6d:77:44:3b:
                    54:b8:1b:6c:ba:81:94:a6:7e:c5:9b:f7:03:65:a1:
                    6a:03:16:7f:b6:45:ec:bc:85:07:38:ca:63:0c:f8:
                    f6:24:1e:94:d9:61:f8:06:91:f8:7e:6b:c4:1a:9e:
                    88:18:cf:7c:0a:e7:c0:1d:89:3c:26:a8:a0:d6:d1:
                    58:c8:6c:9f:d1:b8:56:b8:9a:e0:4b:75:59:13:71:
                    7b:c1:d4:57:2c:2e:d3:ea:67:c1:ef:25:99:89:40:
                    ca:5f:5d:92:92:b6:2f:ad:f4:7b:b4:16:46:4a:d1:
                    7a:63:b3:b8:e9:da:e7:48:0e:28:bc:30:d3:bf:9a:
                    23:b0:6e:db:50:55:93:b2:98:70:c2:83:8d:98:f4:
                    94:7a:a8:b5:d1:fd:82:01:56:3d:c2:07:d4:ee:e2:
                    db:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:1F:0C:E8:B2:DD:2E:52:58:E9:CD:AC:66:63:DF:C8:3F:F4:11:A9
            X509v3 Authority Key Identifier:
                keyid:99:71:54:06:E7:21:7B:FC:13:81:2A:47:04:C6:2A:E0:99:E7:C8:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mXFUBuche_wTgSpHBMYq4JnnyP8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/4e9e37-6e66-41b1-aa99-1516b6d82e2d/1/mXFUBuche_wTgSpHBMYq4JnnyP8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/4e9e37-6e66-41b1-aa99-1516b6d82e2d/1/mXFUBuche_wTgSpHBMYq4JnnyP8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:9b:b9:f6:93:3d:98:39:da:25:00:bb:4a:71:3c:3e:f4:df:
         3e:b6:d5:e4:57:02:b6:74:29:6b:ef:b3:87:00:23:5d:2b:06:
         32:aa:38:63:cc:b9:e7:da:36:78:35:ef:59:7f:fb:6d:53:f5:
         42:e1:87:a4:2a:e4:55:cb:67:2a:2e:7f:bb:b8:58:96:9b:43:
         69:40:68:d1:45:e8:05:ef:54:9d:16:4b:53:68:12:34:c4:ac:
         f8:35:97:76:92:41:26:b6:d0:dd:ee:8c:c2:a1:5f:fd:10:e0:
         ca:b8:79:50:ef:c8:b5:19:ad:7c:bd:27:ae:d4:e0:18:39:05:
         43:c5:d7:a7:e1:93:71:1a:44:66:1a:74:0b:a5:8c:dc:c2:c7:
         88:3a:18:cd:f8:19:af:28:76:b4:94:a7:6e:ca:2f:29:d7:1a:
         3a:f0:8a:7a:b0:80:43:e0:a3:07:ca:4b:ea:1f:5c:8f:71:80:
         ae:ec:1d:21:02:1a:e7:e1:ca:1e:5d:65:79:32:82:5c:7e:50:
         25:1c:78:47:57:96:ee:e2:c8:23:a0:9f:90:9b:df:c5:03:2f:
         4b:86:3c:fe:7e:54:4c:38:b8:ad:ff:8e:9b:d7:75:8d:8c:3c:
         33:75:39:5c:98:14:59:85:74:7f:3b:87:3e:6e:03:e1:eb:1f:
         bc:e9:5e:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSELIa3rV2NMIq64kLY0jWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NzE1NDA2ZTcyMTdiZmMxMzgxMmE0NzA0YzYyYWUwOTll
N2M4ZmYwHhcNMjUwMjE3MDQwMDM4WhcNMjUwMjE4MDQwMDM4WjAzMTEwLwYDVQQD
EygyMTFmMGNlOGIyZGQyZTUyNThlOWNkYWM2NjYzZGZjODNmZjQxMWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8EfRG+vIJqS6yHST6mn1WMt/CjcD
UuAfall6c56nfZqmQrUkziA4AepBsZV00cBKIrh3JEd2EGSzctpN053Leilqr2jY
qVRJC0UYDkACcKkxXZL9ameZMsVs8F+EvnH7S0PddG13RDtUuBtsuoGUpn7Fm/cD
ZaFqAxZ/tkXsvIUHOMpjDPj2JB6U2WH4BpH4fmvEGp6IGM98CufAHYk8Jqig1tFY
yGyf0bhWuJrgS3VZE3F7wdRXLC7T6mfB7yWZiUDKX12SkrYvrfR7tBZGStF6Y7O4
6drnSA4ovDDTv5ojsG7bUFWTsphwwoONmPSUeqi10f2CAVY9wgfU7uLbcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCEfDOiy3S5SWOnNrGZj38g/9BGpMB8GA1UdIwQY
MBaAFJlxVAbnIXv8E4EqRwTGKuCZ58j/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVhGVUJ1Y2hlX3dUZ1NwSEJNWXE0Sm5ueVA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS80ZTllMzctNmU2Ni00MWIxLWFhOTkt
MTUxNmI2ZDgyZTJkLzEvbVhGVUJ1Y2hlX3dUZ1NwSEJNWXE0Sm5ueVA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS80ZTllMzctNmU2Ni00MWIxLWFhOTktMTUxNmI2ZDgyZTJk
LzEvbVhGVUJ1Y2hlX3dUZ1NwSEJNWXE0Sm5ueVA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGpu59pM9
mDnaJQC7SnE8PvTfPrbV5FcCtnQpa++zhwAjXSsGMqo4Y8y559o2eDXvWX/7bVP1
QuGHpCrkVctnKi5/u7hYlptDaUBo0UXoBe9UnRZLU2gSNMSs+DWXdpJBJrbQ3e6M
wqFf/RDgyrh5UO/ItRmtfL0nrtTgGDkFQ8XXp+GTcRpEZhp0C6WM3MLHiDoYzfgZ
ryh2tJSnbsovKdcaOvCKerCAQ+CjB8pL6h9cj3GAruwdIQIa5+HKHl1leTKCXH5Q
JRx4R1eW7uLII6CfkJvfxQMvS4Y8/n5UTDi4rf+Om9d1jYw8M3U5XJgUWYV0fzuH
Pm4D4esfvOleEQ==
-----END CERTIFICATE-----