Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft
File:                     aUSJSM9NjazkdxjA9yWe3usJPns.mft (raw, json)
Hash identifier:          +TuvnWTYPITXMo1OoKBm1Tm2RexYRhZHleNS8BXgMUE=
Subject key identifier:   63:56:6B:A9:76:8F:C6:05:CB:CF:A4:65:10:8C:CF:64:B9:EC:CF:CA
Authority key identifier: 69:44:89:48:CF:4D:8D:AC:E4:77:18:C0:F7:25:9E:DE:EB:09:3E:7B
Certificate issuer:       /CN=69448948cf4d8dace47718c0f7259edeeb093e7b
Certificate serial:       0194C4D16838DD186787437F6D1F16740712
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft
Manifest number:          142C
Signing time:             Sun 02 Feb 2025 04:00:45 +0000
Manifest this update:     Sun 02 Feb 2025 04:00:45 +0000
Manifest next update:     Mon 03 Feb 2025 04:00:45 +0000
Files and hashes:         1: aUSJSM9NjazkdxjA9yWe3usJPns.crl (hash: VibsNqGi3BIHAJEUTTCFMwYP6UPQ+UF7BKz1kdZoSEE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:d1:68:38:dd:18:67:87:43:7f:6d:1f:16:74:07:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69448948cf4d8dace47718c0f7259edeeb093e7b
        Validity
            Not Before: Feb  2 04:00:45 2025 GMT
            Not After : Feb  3 04:00:45 2025 GMT
        Subject: CN=63566ba9768fc605cbcfa465108ccf64b9eccfca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:15:bf:a0:9a:f2:c3:20:10:75:60:ae:0c:38:
                    3a:cb:5c:ee:23:2a:9f:0b:72:3f:fd:68:00:56:4d:
                    0a:5d:3e:e5:1c:3e:6a:64:75:6b:21:65:e8:e9:38:
                    48:fa:5d:c4:a0:65:c7:24:5a:d2:f7:5b:33:cf:b1:
                    f3:b1:90:70:43:57:56:fc:43:29:56:24:18:d1:f6:
                    86:8e:3b:cc:50:44:03:a0:fa:49:cc:ee:cc:aa:9f:
                    0c:69:12:f1:b4:bd:d0:f2:a6:95:5b:44:85:02:24:
                    96:5b:1b:80:61:75:7d:27:e3:1b:8f:cb:d0:7b:28:
                    be:03:f5:fb:24:b4:fc:bf:8e:97:d4:0f:98:e1:c9:
                    46:7d:83:f4:ee:b7:00:94:af:26:86:04:0e:fe:81:
                    12:07:6a:c6:f3:7f:2f:c4:dd:07:03:35:d7:9c:af:
                    bb:a1:95:05:bb:94:b2:8f:8a:9b:62:55:e1:81:ab:
                    bc:4f:95:1e:6d:03:76:bc:09:52:54:4f:3a:d0:0e:
                    21:85:3a:14:72:99:9e:89:24:ad:bc:24:4b:f8:74:
                    8c:5e:62:de:27:e7:97:21:37:0e:16:3e:4b:4b:28:
                    36:d6:6b:a4:88:cd:7e:88:12:2e:a5:d1:ae:93:89:
                    ba:dc:51:97:6d:1d:d7:0f:3d:c7:de:5f:92:a1:82:
                    25:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:56:6B:A9:76:8F:C6:05:CB:CF:A4:65:10:8C:CF:64:B9:EC:CF:CA
            X509v3 Authority Key Identifier:
                keyid:69:44:89:48:CF:4D:8D:AC:E4:77:18:C0:F7:25:9E:DE:EB:09:3E:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:8c:72:a0:24:91:4f:2f:b0:c9:1e:e8:b0:6c:5d:f7:fa:50:
         ce:a1:0f:ee:f2:4d:ed:3b:f5:31:6b:b0:31:69:1c:86:7c:02:
         52:3d:ce:ca:0c:e0:75:11:76:63:94:f7:fb:ce:43:27:10:f2:
         87:fe:bf:db:ee:f5:18:3b:11:de:83:24:27:71:44:fb:2f:53:
         bc:09:f4:b3:5e:96:5e:bb:29:bc:5f:dc:0c:28:c6:f3:63:78:
         2e:b0:19:f7:06:16:52:e8:a6:a2:cc:a1:a6:99:65:51:90:5b:
         b5:ab:cd:3d:95:b8:df:60:2c:f8:fc:c2:ee:17:4a:cf:07:e8:
         2d:77:44:2b:95:9c:ca:77:d6:93:6a:ea:e5:70:27:8f:0f:d5:
         f6:e1:16:dc:96:ad:5d:fd:fa:20:e2:56:e1:48:77:b3:f4:5b:
         22:37:d8:7d:e2:51:64:f1:f8:b9:91:0b:9a:23:87:a8:41:4a:
         17:6f:1d:e1:df:63:d1:93:69:97:5f:3c:ed:ba:98:74:24:df:
         a6:5e:63:7f:58:7a:45:33:c6:96:87:60:b5:93:91:5b:f3:ce:
         00:73:1a:19:ca:97:13:13:42:8e:ca:0b:f4:38:18:ad:94:5a:
         42:c5:5a:6e:b4:a1:13:5e:e2:d3:12:8d:3e:15:dc:c8:ea:c6:
         17:21:a1:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTE0Wg43Rhnh0N/bR8WdAcSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NDQ4OTQ4Y2Y0ZDhkYWNlNDc3MThjMGY3MjU5ZWRlZWIw
OTNlN2IwHhcNMjUwMjAyMDQwMDQ1WhcNMjUwMjAzMDQwMDQ1WjAzMTEwLwYDVQQD
Eyg2MzU2NmJhOTc2OGZjNjA1Y2JjZmE0NjUxMDhjY2Y2NGI5ZWNjZmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6BW/oJrywyAQdWCuDDg6y1zuIyqf
C3I//WgAVk0KXT7lHD5qZHVrIWXo6ThI+l3EoGXHJFrS91szz7HzsZBwQ1dW/EMp
ViQY0faGjjvMUEQDoPpJzO7Mqp8MaRLxtL3Q8qaVW0SFAiSWWxuAYXV9J+Mbj8vQ
eyi+A/X7JLT8v46X1A+Y4clGfYP07rcAlK8mhgQO/oESB2rG838vxN0HAzXXnK+7
oZUFu5Syj4qbYlXhgau8T5UebQN2vAlSVE860A4hhToUcpmeiSStvCRL+HSMXmLe
J+eXITcOFj5LSyg21mukiM1+iBIupdGuk4m63FGXbR3XDz3H3l+SoYIl2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGNWa6l2j8YFy8+kZRCMz2S57M/KMB8GA1UdIwQY
MBaAFGlEiUjPTY2s5HcYwPclnt7rCT57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xYTkyNDgtZWM5MS00M2ZhLTg2ZmYt
NGIxMzdhNGRiYzZlLzEvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xYTkyNDgtZWM5MS00M2ZhLTg2ZmYtNGIxMzdhNGRiYzZl
LzEvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqIxyoCSR
Ty+wyR7osGxd9/pQzqEP7vJN7Tv1MWuwMWkchnwCUj3OygzgdRF2Y5T3+85DJxDy
h/6/2+71GDsR3oMkJ3FE+y9TvAn0s16WXrspvF/cDCjG82N4LrAZ9wYWUuimosyh
ppllUZBbtavNPZW432As+PzC7hdKzwfoLXdEK5WcynfWk2rq5XAnjw/V9uEW3Jat
Xf36IOJW4Uh3s/RbIjfYfeJRZPH4uZELmiOHqEFKF28d4d9j0ZNpl1887bqYdCTf
pl5jf1h6RTPGlodgtZORW/POAHMaGcqXExNCjsoL9DgYrZRaQsVabrShE17i0xKN
PhXcyOrGFyGhEw==
-----END CERTIFICATE-----