Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/729fcd-704b-4081-8d25-c9ff1ee6ad95/1/6ocBJxa2bugiZCwvChuQFItceyk.mft
File:                     6ocBJxa2bugiZCwvChuQFItceyk.mft (raw, json)
Hash identifier:          zTlmEF8j27GKOc7X+Y0Tvl5wqksM5G0Rr3cY2rGdg5o=
Subject key identifier:   E9:99:0F:9D:29:B3:6C:4E:A1:C6:E3:69:A4:9F:2D:44:0A:C0:39:68
Authority key identifier: EA:87:01:27:16:B6:6E:E8:22:64:2C:2F:0A:1B:90:14:8B:5C:7B:29
Certificate issuer:       /CN=ea87012716b66ee822642c2f0a1b90148b5c7b29
Certificate serial:       019510C79FB5B9E0F7E461F874C6B5CA02EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6ocBJxa2bugiZCwvChuQFItceyk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/729fcd-704b-4081-8d25-c9ff1ee6ad95/1/6ocBJxa2bugiZCwvChuQFItceyk.mft
Manifest number:          0BA5
Signing time:             Sun 16 Feb 2025 22:01:12 +0000
Manifest this update:     Sun 16 Feb 2025 22:01:12 +0000
Manifest next update:     Mon 17 Feb 2025 22:01:12 +0000
Files and hashes:         1: 6ocBJxa2bugiZCwvChuQFItceyk.crl (hash: 5h9C8GySnIvVVGWX685p1XBYI30SD15XT8aVKKplOc4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/729fcd-704b-4081-8d25-c9ff1ee6ad95/1/6ocBJxa2bugiZCwvChuQFItceyk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/729fcd-704b-4081-8d25-c9ff1ee6ad95/1/6ocBJxa2bugiZCwvChuQFItceyk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6ocBJxa2bugiZCwvChuQFItceyk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:9f:b5:b9:e0:f7:e4:61:f8:74:c6:b5:ca:02:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ea87012716b66ee822642c2f0a1b90148b5c7b29
        Validity
            Not Before: Feb 16 22:01:12 2025 GMT
            Not After : Feb 17 22:01:12 2025 GMT
        Subject: CN=e9990f9d29b36c4ea1c6e369a49f2d440ac03968
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:75:5b:13:9b:04:f8:b1:e0:71:27:a3:23:cf:
                    af:22:1e:19:c0:db:b5:0a:25:bc:81:84:94:03:74:
                    83:48:53:fe:0d:48:5a:b0:72:9a:03:18:e2:7e:77:
                    8a:d0:58:23:68:b3:14:8f:c2:66:9e:d2:78:b2:e8:
                    17:59:10:6d:40:8c:f3:89:d9:e3:b0:4a:40:27:bf:
                    0d:4f:a6:80:53:47:fc:95:44:62:ae:1e:69:34:aa:
                    5d:28:59:64:78:58:83:f2:c4:4f:62:20:9d:c4:85:
                    c5:7c:fa:9c:85:64:97:37:11:cf:5d:0a:7b:7a:17:
                    eb:fd:b6:d1:a5:e1:6c:4d:b5:61:db:9b:1c:e3:72:
                    f9:e9:83:7c:11:2c:e3:54:4b:92:57:be:df:20:30:
                    97:cd:2e:66:99:b9:8b:44:5a:40:34:1d:43:67:4e:
                    02:78:47:dc:95:20:b4:3a:cd:15:24:ba:e2:53:1d:
                    54:36:ba:a6:7b:f9:27:46:13:40:46:7d:26:fc:9e:
                    92:ce:25:ad:ef:8b:d9:30:4a:ee:00:a8:fd:d4:de:
                    f8:9c:21:72:05:18:2f:45:08:33:29:5a:0d:72:7a:
                    fd:27:5b:04:a3:93:e7:99:3a:02:6a:bb:b0:f6:9f:
                    e7:df:c3:cd:8b:08:65:df:2b:2d:b7:ad:13:35:77:
                    f8:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:99:0F:9D:29:B3:6C:4E:A1:C6:E3:69:A4:9F:2D:44:0A:C0:39:68
            X509v3 Authority Key Identifier:
                keyid:EA:87:01:27:16:B6:6E:E8:22:64:2C:2F:0A:1B:90:14:8B:5C:7B:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6ocBJxa2bugiZCwvChuQFItceyk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/729fcd-704b-4081-8d25-c9ff1ee6ad95/1/6ocBJxa2bugiZCwvChuQFItceyk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/729fcd-704b-4081-8d25-c9ff1ee6ad95/1/6ocBJxa2bugiZCwvChuQFItceyk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:52:02:05:dc:be:d2:e3:d8:8b:00:26:21:91:de:06:06:97:
         67:32:e7:e1:0e:ba:fa:ab:c9:2d:70:ee:be:70:bd:e6:f0:e4:
         5d:47:3e:e3:74:95:21:d9:9d:8a:bb:5d:39:90:fa:26:d7:b3:
         12:df:2e:cc:fd:76:08:fc:fd:a8:9d:76:9e:c7:ea:cb:9e:0c:
         d0:a3:dc:a3:ac:85:e0:f6:56:44:e9:06:ea:66:59:0e:8a:7f:
         47:8f:31:c1:ec:5a:ce:58:b9:67:71:3d:d5:fb:35:78:75:ab:
         54:05:a4:c4:84:5e:45:36:97:56:73:29:00:72:d7:71:69:ff:
         08:94:51:ce:0f:2b:95:a6:e1:80:fb:0d:16:bb:7c:ba:b6:8e:
         e4:f7:d7:25:e6:88:8f:c7:e1:30:e9:60:88:8e:b8:c5:d6:88:
         09:b1:f7:f8:75:53:89:38:52:25:7e:cf:61:f1:bb:e8:b5:94:
         6c:4b:ef:3c:ce:c6:ed:36:e5:a5:fd:75:5c:91:52:4b:4a:ff:
         7a:90:34:5e:39:f7:3d:f1:2f:c8:8b:7b:c0:6f:d3:7e:11:46:
         41:42:07:e4:13:f6:46:33:86:5b:b2:5b:f8:e5:70:26:07:71:
         a8:79:09:de:75:79:d7:3c:02:25:9d:7c:5c:4c:13:9b:1a:10:
         97:b6:83:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQx5+1ueD35GH4dMa1ygLuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhODcwMTI3MTZiNjZlZTgyMjY0MmMyZjBhMWI5MDE0OGI1
YzdiMjkwHhcNMjUwMjE2MjIwMTEyWhcNMjUwMjE3MjIwMTEyWjAzMTEwLwYDVQQD
EyhlOTk5MGY5ZDI5YjM2YzRlYTFjNmUzNjlhNDlmMmQ0NDBhYzAzOTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnVbE5sE+LHgcSejI8+vIh4ZwNu1
CiW8gYSUA3SDSFP+DUhasHKaAxjifneK0FgjaLMUj8JmntJ4sugXWRBtQIzzidnj
sEpAJ78NT6aAU0f8lURirh5pNKpdKFlkeFiD8sRPYiCdxIXFfPqchWSXNxHPXQp7
ehfr/bbRpeFsTbVh25sc43L56YN8ESzjVEuSV77fIDCXzS5mmbmLRFpANB1DZ04C
eEfclSC0Os0VJLriUx1UNrqme/knRhNARn0m/J6SziWt74vZMEruAKj91N74nCFy
BRgvRQgzKVoNcnr9J1sEo5PnmToCaruw9p/n38PNiwhl3ystt60TNXf4vwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOmZD50ps2xOocbjaaSfLUQKwDloMB8GA1UdIwQY
MBaAFOqHAScWtm7oImQsLwobkBSLXHspMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNm9jQkp4YTJidWdpWkN3dkNodVFGSXRjZXlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS83MjlmY2QtNzA0Yi00MDgxLThkMjUt
YzlmZjFlZTZhZDk1LzEvNm9jQkp4YTJidWdpWkN3dkNodVFGSXRjZXlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS83MjlmY2QtNzA0Yi00MDgxLThkMjUtYzlmZjFlZTZhZDk1
LzEvNm9jQkp4YTJidWdpWkN3dkNodVFGSXRjZXlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuFICBdy+
0uPYiwAmIZHeBgaXZzLn4Q66+qvJLXDuvnC95vDkXUc+43SVIdmdirtdOZD6Jtez
Et8uzP12CPz9qJ12nsfqy54M0KPco6yF4PZWROkG6mZZDop/R48xwexazli5Z3E9
1fs1eHWrVAWkxIReRTaXVnMpAHLXcWn/CJRRzg8rlabhgPsNFrt8uraO5PfXJeaI
j8fhMOlgiI64xdaICbH3+HVTiThSJX7PYfG76LWUbEvvPM7G7Tblpf11XJFSS0r/
epA0Xjn3PfEvyIt7wG/TfhFGQUIH5BP2RjOGW7Jb+OVwJgdxqHkJ3nV51zwCJZ18
XEwTmxoQl7aDGA==
-----END CERTIFICATE-----