Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/895e9f-d541-4564-9947-da04e2f39b88/1/JNuhs13nN_cbfFUN9fS0ToNka40.mft
File:                     JNuhs13nN_cbfFUN9fS0ToNka40.mft (raw, json)
Hash identifier:          dNyBowUxyRKQtLER7dyF1sRhxnOdLZ95hwomCuROLzM=
Subject key identifier:   BC:A6:1D:30:01:FC:D5:48:56:C8:F2:AE:B7:59:8A:A3:D5:6B:4D:AC
Authority key identifier: 24:DB:A1:B3:5D:E7:37:F7:1B:7C:55:0D:F5:F4:B4:4E:83:64:6B:8D
Certificate issuer:       /CN=24dba1b35de737f71b7c550df5f4b44e83646b8d
Certificate serial:       0194C4634F5F11104FDD653361F004939E98
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JNuhs13nN_cbfFUN9fS0ToNka40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/895e9f-d541-4564-9947-da04e2f39b88/1/JNuhs13nN_cbfFUN9fS0ToNka40.mft
Manifest number:          0726
Signing time:             Sun 02 Feb 2025 02:00:30 +0000
Manifest this update:     Sun 02 Feb 2025 02:00:30 +0000
Manifest next update:     Mon 03 Feb 2025 02:00:30 +0000
Files and hashes:         1: JNuhs13nN_cbfFUN9fS0ToNka40.crl (hash: njFQbPAiD+PfZevYc9ak+AGFMpIP1gb5wg1yJsNlGKg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/895e9f-d541-4564-9947-da04e2f39b88/1/JNuhs13nN_cbfFUN9fS0ToNka40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/895e9f-d541-4564-9947-da04e2f39b88/1/JNuhs13nN_cbfFUN9fS0ToNka40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JNuhs13nN_cbfFUN9fS0ToNka40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:63:4f:5f:11:10:4f:dd:65:33:61:f0:04:93:9e:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24dba1b35de737f71b7c550df5f4b44e83646b8d
        Validity
            Not Before: Feb  2 02:00:30 2025 GMT
            Not After : Feb  3 02:00:30 2025 GMT
        Subject: CN=bca61d3001fcd54856c8f2aeb7598aa3d56b4dac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:55:ee:d3:07:20:5d:52:3b:1c:6d:42:49:f4:
                    f4:26:6e:15:54:63:a7:2c:b9:9f:a7:cd:02:51:83:
                    cb:23:8d:1b:c8:ca:5d:67:0d:e3:b1:13:ee:6d:d5:
                    e4:c2:65:a4:2e:fd:b3:8a:d3:0c:3c:ce:4d:c9:43:
                    de:73:41:85:6e:ae:c5:6f:25:fe:3d:ec:9f:76:22:
                    25:cb:c4:12:0a:be:28:48:3c:04:93:30:c6:8d:37:
                    6a:da:75:00:d7:dc:83:99:8b:2f:c8:6f:5e:50:8e:
                    2e:2e:9a:c1:d9:9b:00:78:5f:6c:9c:8f:f8:12:bc:
                    37:74:c1:c9:80:3b:ce:c2:8c:86:96:ee:e7:f1:c5:
                    81:90:d6:2b:35:f2:70:ff:2c:68:5d:15:c4:b2:14:
                    b1:26:a6:48:68:5e:2b:4e:a0:f6:75:78:58:87:fe:
                    cb:17:d1:68:15:1e:3a:b5:47:d4:95:69:fd:72:05:
                    80:b6:8f:40:c6:00:49:4b:9f:92:61:b5:40:3e:8e:
                    75:a9:07:08:30:ff:ba:79:f5:51:ba:b2:63:02:01:
                    1f:00:59:28:6c:a2:fa:42:83:c4:81:19:18:01:41:
                    a2:6e:25:b4:56:4a:18:6d:5f:a4:25:d2:09:c1:3d:
                    1a:a0:45:64:ee:44:97:8f:3a:66:be:98:55:df:70:
                    56:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:A6:1D:30:01:FC:D5:48:56:C8:F2:AE:B7:59:8A:A3:D5:6B:4D:AC
            X509v3 Authority Key Identifier:
                keyid:24:DB:A1:B3:5D:E7:37:F7:1B:7C:55:0D:F5:F4:B4:4E:83:64:6B:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JNuhs13nN_cbfFUN9fS0ToNka40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/895e9f-d541-4564-9947-da04e2f39b88/1/JNuhs13nN_cbfFUN9fS0ToNka40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/895e9f-d541-4564-9947-da04e2f39b88/1/JNuhs13nN_cbfFUN9fS0ToNka40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:45:d1:0a:8c:62:fd:d4:f5:31:44:92:d2:58:7f:12:da:ae:
         1b:9c:00:44:5c:77:f4:b2:09:3c:7d:10:b1:60:bb:3c:6a:25:
         aa:fc:33:a3:6c:90:1c:8f:ec:ab:f9:fd:31:96:19:68:df:ac:
         56:61:a7:08:21:bd:29:70:4a:aa:71:de:d7:df:cf:2e:d0:f7:
         63:c4:b2:c9:a1:80:f8:20:82:4d:15:d3:44:64:f1:60:54:43:
         bb:8b:5b:30:a8:8b:64:e0:2b:c2:95:23:d0:74:3d:a4:f0:ba:
         a6:fe:2b:cb:46:a1:dd:3a:5b:fc:04:db:85:72:97:25:1d:e7:
         f4:83:86:61:b4:4e:af:93:e2:67:ca:21:71:7b:ca:8a:50:af:
         54:80:1c:89:eb:72:d6:74:97:8e:4c:e4:19:af:15:a6:8f:5f:
         21:66:8c:b3:74:2a:3e:ef:bd:75:53:43:0f:a1:ec:cb:fa:c1:
         39:77:9a:bc:0e:f1:db:2f:cb:17:9e:97:f9:b3:b6:a4:5c:e0:
         65:be:a7:80:83:86:03:18:0b:1b:ef:9a:90:f4:30:80:53:45:
         4a:0f:c7:c0:16:2d:41:72:14:06:1f:c2:73:c6:fa:e7:71:a8:
         ee:e7:94:d3:27:d4:79:f6:50:50:19:0f:8c:5c:3a:e4:a2:79:
         42:2d:4e:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTEY09fERBP3WUzYfAEk56YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0ZGJhMWIzNWRlNzM3ZjcxYjdjNTUwZGY1ZjRiNDRlODM2
NDZiOGQwHhcNMjUwMjAyMDIwMDMwWhcNMjUwMjAzMDIwMDMwWjAzMTEwLwYDVQQD
EyhiY2E2MWQzMDAxZmNkNTQ4NTZjOGYyYWViNzU5OGFhM2Q1NmI0ZGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0FXu0wcgXVI7HG1CSfT0Jm4VVGOn
LLmfp80CUYPLI40byMpdZw3jsRPubdXkwmWkLv2zitMMPM5NyUPec0GFbq7FbyX+
PeyfdiIly8QSCr4oSDwEkzDGjTdq2nUA19yDmYsvyG9eUI4uLprB2ZsAeF9snI/4
Erw3dMHJgDvOwoyGlu7n8cWBkNYrNfJw/yxoXRXEshSxJqZIaF4rTqD2dXhYh/7L
F9FoFR46tUfUlWn9cgWAto9AxgBJS5+SYbVAPo51qQcIMP+6efVRurJjAgEfAFko
bKL6QoPEgRkYAUGibiW0VkoYbV+kJdIJwT0aoEVk7kSXjzpmvphV33BWNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLymHTAB/NVIVsjyrrdZiqPVa02sMB8GA1UdIwQY
MBaAFCTbobNd5zf3G3xVDfX0tE6DZGuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk51aHMxM25OX2NiZkZVTjlmUzBUb05rYTQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84OTVlOWYtZDU0MS00NTY0LTk5NDct
ZGEwNGUyZjM5Yjg4LzEvSk51aHMxM25OX2NiZkZVTjlmUzBUb05rYTQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84OTVlOWYtZDU0MS00NTY0LTk5NDctZGEwNGUyZjM5Yjg4
LzEvSk51aHMxM25OX2NiZkZVTjlmUzBUb05rYTQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVEXRCoxi
/dT1MUSS0lh/EtquG5wARFx39LIJPH0QsWC7PGolqvwzo2yQHI/sq/n9MZYZaN+s
VmGnCCG9KXBKqnHe19/PLtD3Y8SyyaGA+CCCTRXTRGTxYFRDu4tbMKiLZOArwpUj
0HQ9pPC6pv4ry0ah3Tpb/ATbhXKXJR3n9IOGYbROr5PiZ8ohcXvKilCvVIAciety
1nSXjkzkGa8Vpo9fIWaMs3QqPu+9dVNDD6Hsy/rBOXeavA7x2y/LF56X+bO2pFzg
Zb6ngIOGAxgLG++akPQwgFNFSg/HwBYtQXIUBh/Cc8b653Go7ueU0yfUefZQUBkP
jFw65KJ5Qi1Oag==
-----END CERTIFICATE-----