Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/364413-a6dd-4a37-889c-8aeb38751f12/1/dgynIUsW9YyV1i3vAFkVhtvSPKo.mft
File:                     dgynIUsW9YyV1i3vAFkVhtvSPKo.mft (raw, json)
Hash identifier:          LkgvvqEJczcVp8olvXKe8oAH5haUka+Ad6pYtXhxo2c=
Subject key identifier:   A1:E5:AF:85:A6:82:BE:81:D7:4C:61:1B:C0:7D:46:5F:57:D0:5F:8E
Authority key identifier: 76:0C:A7:21:4B:16:F5:8C:95:D6:2D:EF:00:59:15:86:DB:D2:3C:AA
Certificate issuer:       /CN=760ca7214b16f58c95d62def00591586dbd23caa
Certificate serial:       0194C387C46CFC4CBD34B16D4EF1FAC4919F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dgynIUsW9YyV1i3vAFkVhtvSPKo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/364413-a6dd-4a37-889c-8aeb38751f12/1/dgynIUsW9YyV1i3vAFkVhtvSPKo.mft
Manifest number:          06A0
Signing time:             Sat 01 Feb 2025 22:00:42 +0000
Manifest this update:     Sat 01 Feb 2025 22:00:42 +0000
Manifest next update:     Sun 02 Feb 2025 22:00:42 +0000
Files and hashes:         1: dgynIUsW9YyV1i3vAFkVhtvSPKo.crl (hash: uvOU0n6TXWFYRugyoyXqiklxSoZ+a+YCrAa0xEvAIQM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/364413-a6dd-4a37-889c-8aeb38751f12/1/dgynIUsW9YyV1i3vAFkVhtvSPKo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/364413-a6dd-4a37-889c-8aeb38751f12/1/dgynIUsW9YyV1i3vAFkVhtvSPKo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dgynIUsW9YyV1i3vAFkVhtvSPKo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:87:c4:6c:fc:4c:bd:34:b1:6d:4e:f1:fa:c4:91:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=760ca7214b16f58c95d62def00591586dbd23caa
        Validity
            Not Before: Feb  1 22:00:42 2025 GMT
            Not After : Feb  2 22:00:42 2025 GMT
        Subject: CN=a1e5af85a682be81d74c611bc07d465f57d05f8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:b1:70:8a:17:e6:ac:f6:0e:d6:c6:a9:ba:4b:
                    82:78:ae:56:0e:c2:33:5a:4d:56:30:84:37:d7:64:
                    1f:99:68:d6:5d:c6:04:46:c4:e3:34:a2:9f:2f:68:
                    7d:a8:68:c3:7a:32:6a:4f:0d:cf:99:cc:e2:00:a9:
                    30:dc:dc:ff:d8:8a:c2:2f:84:72:65:ab:b8:7b:97:
                    7e:56:de:9c:70:22:07:5b:eb:29:5a:95:22:a0:af:
                    1b:00:0f:4b:69:dd:9b:ae:40:fa:a5:e0:a4:d6:52:
                    3e:8a:0d:81:1a:f8:bc:6f:1f:22:17:da:56:0d:66:
                    4a:40:24:d6:4a:75:ed:96:3f:ce:21:be:3e:e5:60:
                    3c:8f:5f:0e:06:e7:b3:7a:51:f4:00:be:ad:f3:d8:
                    a4:ec:2c:3f:fa:f3:97:8b:fb:af:8f:46:65:54:73:
                    41:4f:c1:3d:b7:b6:13:eb:b9:23:7e:68:45:59:74:
                    e1:ef:9f:f5:b4:f0:92:1d:43:a2:83:9d:60:9b:2e:
                    22:be:ef:d8:97:7e:6f:b1:3e:94:fe:6d:07:76:8e:
                    da:50:83:9c:87:7d:d2:17:7c:62:5a:14:b6:99:47:
                    43:99:cd:89:96:6e:5a:89:c0:b0:ec:33:9c:7b:e5:
                    dc:60:4d:32:14:fa:99:f8:7d:42:6a:c9:4b:a6:00:
                    7a:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:E5:AF:85:A6:82:BE:81:D7:4C:61:1B:C0:7D:46:5F:57:D0:5F:8E
            X509v3 Authority Key Identifier:
                keyid:76:0C:A7:21:4B:16:F5:8C:95:D6:2D:EF:00:59:15:86:DB:D2:3C:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dgynIUsW9YyV1i3vAFkVhtvSPKo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/364413-a6dd-4a37-889c-8aeb38751f12/1/dgynIUsW9YyV1i3vAFkVhtvSPKo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/364413-a6dd-4a37-889c-8aeb38751f12/1/dgynIUsW9YyV1i3vAFkVhtvSPKo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:fb:7a:18:bc:f7:ba:d8:44:70:44:5e:8c:85:45:98:4d:88:
         4a:e5:de:7a:4c:6d:47:db:12:a7:b2:0e:d5:90:0a:a0:90:3e:
         a5:63:80:f3:16:7b:95:86:0b:19:ee:ea:b2:f7:f8:cb:36:14:
         5e:1e:93:fb:17:66:b9:d7:a7:d0:4a:b7:05:8c:ae:78:9d:5a:
         03:46:b9:07:c6:5e:a0:da:6b:39:7f:b8:88:98:bb:fd:f0:e3:
         67:3f:36:23:3f:f0:fc:22:8b:8f:e5:e2:4d:a7:fb:2b:32:d0:
         1b:6a:72:5a:6e:ec:99:27:1f:2e:9f:b1:52:4d:31:c0:d3:5d:
         8b:35:1c:8a:c3:75:51:e8:da:55:dd:85:18:2d:2a:17:1d:b3:
         93:7a:82:33:03:d7:4f:50:19:8c:e3:34:4e:8c:9e:08:8b:2f:
         5f:40:72:e3:fd:ae:9a:58:97:6c:bd:e3:b0:3d:18:11:b9:d5:
         e2:a2:e5:3c:e4:db:12:08:9c:61:90:23:2b:c7:c8:3c:0b:07:
         bc:57:85:9a:86:ea:81:11:7f:cd:e5:5d:fc:58:2d:f3:b0:80:
         02:26:1c:fa:a6:b9:c0:8b:b0:66:3f:75:f1:bd:b0:26:2e:86:
         4b:48:30:a7:d7:cd:a8:8d:5b:d5:ba:32:8e:bf:b1:0e:3f:de:
         db:b1:70:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh8Rs/Ey9NLFtTvH6xJGfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2MGNhNzIxNGIxNmY1OGM5NWQ2MmRlZjAwNTkxNTg2ZGJk
MjNjYWEwHhcNMjUwMjAxMjIwMDQyWhcNMjUwMjAyMjIwMDQyWjAzMTEwLwYDVQQD
EyhhMWU1YWY4NWE2ODJiZTgxZDc0YzYxMWJjMDdkNDY1ZjU3ZDA1ZjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLFwihfmrPYO1sapukuCeK5WDsIz
Wk1WMIQ312QfmWjWXcYERsTjNKKfL2h9qGjDejJqTw3PmcziAKkw3Nz/2IrCL4Ry
Zau4e5d+Vt6ccCIHW+spWpUioK8bAA9Lad2brkD6peCk1lI+ig2BGvi8bx8iF9pW
DWZKQCTWSnXtlj/OIb4+5WA8j18OBuezelH0AL6t89ik7Cw/+vOXi/uvj0ZlVHNB
T8E9t7YT67kjfmhFWXTh75/1tPCSHUOig51gmy4ivu/Yl35vsT6U/m0Hdo7aUIOc
h33SF3xiWhS2mUdDmc2Jlm5aicCw7DOce+XcYE0yFPqZ+H1CaslLpgB6VQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKHlr4Wmgr6B10xhG8B9Rl9X0F+OMB8GA1UdIwQY
MBaAFHYMpyFLFvWMldYt7wBZFYbb0jyqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGd5bklVc1c5WXlWMWkzdkFGa1ZodHZTUEtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8zNjQ0MTMtYTZkZC00YTM3LTg4OWMt
OGFlYjM4NzUxZjEyLzEvZGd5bklVc1c5WXlWMWkzdkFGa1ZodHZTUEtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8zNjQ0MTMtYTZkZC00YTM3LTg4OWMtOGFlYjM4NzUxZjEy
LzEvZGd5bklVc1c5WXlWMWkzdkFGa1ZodHZTUEtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsft6GLz3
uthEcERejIVFmE2ISuXeekxtR9sSp7IO1ZAKoJA+pWOA8xZ7lYYLGe7qsvf4yzYU
Xh6T+xdmuden0Eq3BYyueJ1aA0a5B8ZeoNprOX+4iJi7/fDjZz82Iz/w/CKLj+Xi
Taf7KzLQG2pyWm7smScfLp+xUk0xwNNdizUcisN1UejaVd2FGC0qFx2zk3qCMwPX
T1AZjOM0ToyeCIsvX0By4/2umliXbL3jsD0YEbnV4qLlPOTbEgicYZAjK8fIPAsH
vFeFmobqgRF/zeVd/Fgt87CAAiYc+qa5wIuwZj918b2wJi6GS0gwp9fNqI1b1boy
jr+xDj/e27Fw/A==
-----END CERTIFICATE-----