Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft
File:                     oewv8gIW07xkdbhQpGXjYvTs7s0.mft (raw, json)
Hash identifier:          u/ci2zXFs7jUgYqBclW/ruTvhOmgUlo/nFGg4pJKfjk=
Subject key identifier:   47:7B:0F:F1:74:B3:71:00:B7:86:DA:22:77:F4:94:7B:8B:96:CA:BB
Authority key identifier: A1:EC:2F:F2:02:16:D3:BC:64:75:B8:50:A4:65:E3:62:F4:EC:EE:CD
Certificate issuer:       /CN=a1ec2ff20216d3bc6475b850a465e362f4eceecd
Certificate serial:       0194C462F3FFE7AF101C9BE9D887F3421EE3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oewv8gIW07xkdbhQpGXjYvTs7s0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft
Manifest number:          B0
Signing time:             Sun 02 Feb 2025 02:00:06 +0000
Manifest this update:     Sun 02 Feb 2025 02:00:06 +0000
Manifest next update:     Mon 03 Feb 2025 02:00:06 +0000
Files and hashes:         1: oewv8gIW07xkdbhQpGXjYvTs7s0.crl (hash: 0wl8yxYucNQSW98dPR9fn3O+0qcCu0HG3NQAh9NSZOU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oewv8gIW07xkdbhQpGXjYvTs7s0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:62:f3:ff:e7:af:10:1c:9b:e9:d8:87:f3:42:1e:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1ec2ff20216d3bc6475b850a465e362f4eceecd
        Validity
            Not Before: Feb  2 02:00:06 2025 GMT
            Not After : Feb  3 02:00:06 2025 GMT
        Subject: CN=477b0ff174b37100b786da2277f4947b8b96cabb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:ca:3a:4f:47:2e:d7:ef:05:e2:ef:66:ac:df:
                    fa:55:a0:0b:92:e9:c1:68:44:4d:49:ba:c2:41:cf:
                    6b:db:59:b1:b9:00:f0:a7:15:2e:7c:01:54:55:d2:
                    a4:7e:b0:c2:56:19:4d:f4:8d:39:42:e9:17:fd:1e:
                    4c:0a:f6:f7:b1:21:64:55:35:eb:20:75:2f:d7:fa:
                    a9:19:49:d5:67:b5:09:02:99:6c:e6:ce:53:96:5a:
                    c9:3f:0b:ef:91:84:97:7c:df:10:c7:22:3f:ee:ca:
                    78:95:f9:25:7a:51:26:c6:5f:36:9f:a4:ef:b1:74:
                    9d:2f:64:1c:e1:9a:f3:e4:d0:bf:3b:fd:67:fc:12:
                    b6:8d:a7:c2:ed:71:ff:35:2b:a2:df:a7:f6:37:9e:
                    18:3c:a6:69:48:19:fa:71:3e:4a:0d:db:57:84:5b:
                    ea:4f:25:aa:63:0f:3a:08:d3:20:ab:9c:79:00:66:
                    69:81:ea:64:e2:a8:22:21:ee:40:de:e2:ec:39:bf:
                    6f:0d:c4:50:11:9b:e2:cf:4e:34:59:12:6e:9f:98:
                    82:18:1a:bb:f8:90:99:80:d7:48:fa:8a:44:37:eb:
                    88:5c:02:56:f3:93:70:1c:db:ce:7e:b9:c0:2e:9f:
                    02:41:83:00:76:12:46:d7:92:6b:e7:be:ec:f5:4c:
                    f8:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:7B:0F:F1:74:B3:71:00:B7:86:DA:22:77:F4:94:7B:8B:96:CA:BB
            X509v3 Authority Key Identifier:
                keyid:A1:EC:2F:F2:02:16:D3:BC:64:75:B8:50:A4:65:E3:62:F4:EC:EE:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oewv8gIW07xkdbhQpGXjYvTs7s0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:9e:a4:38:74:ec:db:ee:88:1c:88:e8:a3:4b:8d:79:cc:1d:
         f7:02:d1:47:d1:98:61:16:b5:b7:3b:fa:f2:54:27:a7:46:52:
         4e:f9:58:69:74:10:96:dd:80:1c:64:19:9d:6c:26:d4:42:43:
         6e:49:05:cf:06:91:d4:6e:90:1c:bc:1c:60:cf:db:bc:74:62:
         4e:ee:8c:72:14:67:19:90:b9:fe:97:ca:d6:60:0a:c0:a8:59:
         3b:94:91:8c:39:31:41:63:09:87:d8:7f:c9:6b:d1:bd:8a:4f:
         aa:01:4a:42:9e:a1:1f:14:ce:5d:91:2d:ae:c5:4a:5b:02:b8:
         3a:3b:7c:b6:86:f7:d1:ef:e6:64:b0:5d:64:c9:2a:d3:eb:c6:
         a9:45:79:a7:9f:a5:84:c2:f4:20:82:6e:d1:4b:94:06:c4:43:
         d2:6a:ae:fc:2a:e7:08:e7:11:8b:03:a3:8f:de:a8:00:2c:e7:
         e5:c4:86:12:4f:a1:de:7d:23:59:54:f1:2b:4d:09:b6:06:c9:
         00:65:3b:c3:ba:89:c4:34:c2:3f:1e:2c:0e:0e:9b:8d:1c:56:
         98:38:54:0e:87:9f:7a:ad:32:2e:50:58:c5:e1:e1:49:1b:d5:
         a4:88:06:ac:2c:21:16:a6:2a:87:85:21:5b:93:1b:ba:9c:07:
         e6:b6:09:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTEYvP/568QHJvp2IfzQh7jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExZWMyZmYyMDIxNmQzYmM2NDc1Yjg1MGE0NjVlMzYyZjRl
Y2VlY2QwHhcNMjUwMjAyMDIwMDA2WhcNMjUwMjAzMDIwMDA2WjAzMTEwLwYDVQQD
Eyg0NzdiMGZmMTc0YjM3MTAwYjc4NmRhMjI3N2Y0OTQ3YjhiOTZjYWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Mo6T0cu1+8F4u9mrN/6VaALkunB
aERNSbrCQc9r21mxuQDwpxUufAFUVdKkfrDCVhlN9I05QukX/R5MCvb3sSFkVTXr
IHUv1/qpGUnVZ7UJApls5s5TllrJPwvvkYSXfN8QxyI/7sp4lfklelEmxl82n6Tv
sXSdL2Qc4Zrz5NC/O/1n/BK2jafC7XH/NSui36f2N54YPKZpSBn6cT5KDdtXhFvq
TyWqYw86CNMgq5x5AGZpgepk4qgiIe5A3uLsOb9vDcRQEZviz040WRJun5iCGBq7
+JCZgNdI+opEN+uIXAJW85NwHNvOfrnALp8CQYMAdhJG15Jr577s9Uz43wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEd7D/F0s3EAt4baInf0lHuLlsq7MB8GA1UdIwQY
MBaAFKHsL/ICFtO8ZHW4UKRl42L07O7NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2V3djhnSVcwN3hrZGJoUXBHWGpZdlRzN3MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yM2JkNWUtZjdlNC00ZDlkLWI1NzMt
NTA3NTYzODg1NDAzLzEvb2V3djhnSVcwN3hrZGJoUXBHWGpZdlRzN3MwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yM2JkNWUtZjdlNC00ZDlkLWI1NzMtNTA3NTYzODg1NDAz
LzEvb2V3djhnSVcwN3hrZGJoUXBHWGpZdlRzN3MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPZ6kOHTs
2+6IHIjoo0uNecwd9wLRR9GYYRa1tzv68lQnp0ZSTvlYaXQQlt2AHGQZnWwm1EJD
bkkFzwaR1G6QHLwcYM/bvHRiTu6MchRnGZC5/pfK1mAKwKhZO5SRjDkxQWMJh9h/
yWvRvYpPqgFKQp6hHxTOXZEtrsVKWwK4Ojt8tob30e/mZLBdZMkq0+vGqUV5p5+l
hML0IIJu0UuUBsRD0mqu/CrnCOcRiwOjj96oACzn5cSGEk+h3n0jWVTxK00JtgbJ
AGU7w7qJxDTCPx4sDg6bjRxWmDhUDoefeq0yLlBYxeHhSRvVpIgGrCwhFqYqh4Uh
W5MbupwH5rYJTg==
-----END CERTIFICATE-----