Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft
File:                     Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft (raw, json)
Hash identifier:          Ofh4j13rqDLPeGThLRIV+Y04wjjAatT0QIVZqrtoYdI=
Subject key identifier:   31:F7:6A:89:73:8B:89:7B:30:EC:46:0A:3E:3C:68:8F:5A:0C:48:F8
Authority key identifier: 63:A8:CA:16:66:20:6D:2C:F1:2B:50:78:72:EA:D0:F5:A7:93:D0:E0
Certificate issuer:       /CN=63a8ca1666206d2cf12b507872ead0f5a793d0e0
Certificate serial:       0194C42C26AAEA5F9F1239B2B99DB3E5C95E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y6jKFmYgbSzxK1B4curQ9aeT0OA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft
Manifest number:          05B9
Signing time:             Sun 02 Feb 2025 01:00:15 +0000
Manifest this update:     Sun 02 Feb 2025 01:00:15 +0000
Manifest next update:     Mon 03 Feb 2025 01:00:15 +0000
Files and hashes:         1: Y6jKFmYgbSzxK1B4curQ9aeT0OA.crl (hash: XbNdqGfxAYNDnIb5nRfI+TRIAKC/qzmAGjOxwiF8uME=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y6jKFmYgbSzxK1B4curQ9aeT0OA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:2c:26:aa:ea:5f:9f:12:39:b2:b9:9d:b3:e5:c9:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63a8ca1666206d2cf12b507872ead0f5a793d0e0
        Validity
            Not Before: Feb  2 01:00:15 2025 GMT
            Not After : Feb  3 01:00:15 2025 GMT
        Subject: CN=31f76a89738b897b30ec460a3e3c688f5a0c48f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:3c:e9:5a:c7:34:b5:70:fc:f2:36:ed:7d:8d:
                    7f:91:02:1d:75:55:23:a0:c8:05:7c:de:de:3e:bd:
                    d3:c5:37:a5:b9:cc:1d:fc:13:7b:8e:25:d2:9f:58:
                    72:87:91:61:9a:8c:82:f7:0f:5b:97:b9:34:fc:4c:
                    c0:34:eb:d3:89:71:95:84:7e:df:25:4c:b7:bb:90:
                    c6:89:f9:ea:f9:2f:0e:b1:38:7d:d5:5d:c1:1a:86:
                    d4:7f:fa:b5:7c:7e:e1:53:9e:58:0d:99:d4:20:bc:
                    2e:64:36:a0:e0:f6:b3:32:cb:09:cc:37:b8:fc:e8:
                    ca:c2:87:d1:ce:39:5b:18:0c:5a:61:8e:7d:10:46:
                    ce:6f:0e:15:37:3d:25:87:e6:63:06:90:72:47:bb:
                    1e:be:f3:76:93:5c:0e:c5:c5:4e:07:e3:2c:ac:ce:
                    36:6d:da:d1:0c:c3:08:27:23:cf:8c:c2:4f:ad:a2:
                    a4:80:04:5d:a3:84:33:cb:43:b4:15:37:94:d4:79:
                    4e:ea:15:ab:25:50:21:75:8d:e1:20:e3:d8:d3:4f:
                    81:40:db:8d:c6:e8:f6:6b:3a:55:aa:5c:12:b6:0c:
                    e5:83:f5:52:b4:4c:17:d7:e1:7f:46:ff:ac:af:5e:
                    6b:a4:84:ae:30:fc:49:5d:b6:92:0c:94:05:23:aa:
                    82:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:F7:6A:89:73:8B:89:7B:30:EC:46:0A:3E:3C:68:8F:5A:0C:48:F8
            X509v3 Authority Key Identifier:
                keyid:63:A8:CA:16:66:20:6D:2C:F1:2B:50:78:72:EA:D0:F5:A7:93:D0:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y6jKFmYgbSzxK1B4curQ9aeT0OA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:9d:15:2a:96:01:3b:4f:d4:3a:4e:4f:22:fa:fb:23:05:52:
         6a:5a:be:5a:8c:5e:90:53:ad:4f:10:f3:d6:ab:36:6f:f1:d0:
         52:e0:c2:f6:91:bf:8e:81:ea:c6:91:2c:ed:10:69:3b:d7:b0:
         f8:02:05:80:e3:f6:b0:be:02:ea:c7:c5:4b:0f:23:e9:29:ff:
         4d:1a:49:4a:74:1a:0d:19:69:66:92:fa:b3:a5:23:7b:1a:d5:
         2c:c4:7b:ed:36:2e:b3:d6:c6:3d:aa:b9:31:8a:28:de:83:73:
         c1:3a:29:d7:1f:7f:d9:ae:c3:2a:07:c2:2c:fd:35:82:b8:67:
         b5:55:0f:58:05:bb:c6:ae:99:dc:91:a8:93:85:be:b8:f4:b7:
         3a:9c:d7:0c:48:ea:79:13:e7:30:c6:c0:a5:88:7c:8e:54:ce:
         3c:87:fd:5e:55:56:48:67:9d:b1:2b:3f:b7:1f:0b:e2:a4:4b:
         0b:a1:0e:23:3c:26:22:8b:80:1a:d6:af:73:0f:14:99:7f:b8:
         c9:62:ce:a1:e1:51:72:5b:d8:3b:22:a8:dd:fd:e2:ec:bc:4d:
         9e:02:46:01:fd:a8:40:e8:1d:14:0f:68:7f:fb:75:e7:a3:af:
         1c:ca:d3:31:3e:e2:41:59:90:c0:53:3c:aa:b9:aa:a4:52:81:
         7a:f1:e4:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTELCaq6l+fEjmyuZ2z5cleMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzYThjYTE2NjYyMDZkMmNmMTJiNTA3ODcyZWFkMGY1YTc5
M2QwZTAwHhcNMjUwMjAyMDEwMDE1WhcNMjUwMjAzMDEwMDE1WjAzMTEwLwYDVQQD
EygzMWY3NmE4OTczOGI4OTdiMzBlYzQ2MGEzZTNjNjg4ZjVhMGM0OGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzzpWsc0tXD88jbtfY1/kQIddVUj
oMgFfN7ePr3TxTelucwd/BN7jiXSn1hyh5FhmoyC9w9bl7k0/EzANOvTiXGVhH7f
JUy3u5DGifnq+S8OsTh91V3BGobUf/q1fH7hU55YDZnUILwuZDag4PazMssJzDe4
/OjKwofRzjlbGAxaYY59EEbObw4VNz0lh+ZjBpByR7sevvN2k1wOxcVOB+MsrM42
bdrRDMMIJyPPjMJPraKkgARdo4Qzy0O0FTeU1HlO6hWrJVAhdY3hIOPY00+BQNuN
xuj2azpVqlwStgzlg/VStEwX1+F/Rv+sr15rpISuMPxJXbaSDJQFI6qCFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDH3aolzi4l7MOxGCj48aI9aDEj4MB8GA1UdIwQY
MBaAFGOoyhZmIG0s8StQeHLq0PWnk9DgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTZqS0ZtWWdiU3p4SzFCNGN1clE5YWVUME9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8wNDQ2YjEtZGYyZi00MjYxLWExYmEt
NzVhYjIxZjNiM2QwLzEvWTZqS0ZtWWdiU3p4SzFCNGN1clE5YWVUME9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8wNDQ2YjEtZGYyZi00MjYxLWExYmEtNzVhYjIxZjNiM2Qw
LzEvWTZqS0ZtWWdiU3p4SzFCNGN1clE5YWVUME9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANp0VKpYB
O0/UOk5PIvr7IwVSalq+WoxekFOtTxDz1qs2b/HQUuDC9pG/joHqxpEs7RBpO9ew
+AIFgOP2sL4C6sfFSw8j6Sn/TRpJSnQaDRlpZpL6s6UjexrVLMR77TYus9bGPaq5
MYoo3oNzwTop1x9/2a7DKgfCLP01grhntVUPWAW7xq6Z3JGok4W+uPS3OpzXDEjq
eRPnMMbApYh8jlTOPIf9XlVWSGedsSs/tx8L4qRLC6EOIzwmIouAGtavcw8UmX+4
yWLOoeFRclvYOyKo3f3i7LxNngJGAf2oQOgdFA9of/t156OvHMrTMT7iQVmQwFM8
qrmqpFKBevHkMw==
-----END CERTIFICATE-----