Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft
File:                     sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft (raw, json)
Hash identifier:          0MpTeYvlEioXX8X5mccaboogFmwQ9ixbtD+duL7Ifws=
Subject key identifier:   72:AD:5F:AC:6B:C9:86:99:FE:B6:68:0B:25:0F:CB:AF:EA:4F:4C:D4
Authority key identifier: B1:72:B5:BD:C7:54:D5:F6:44:E4:08:1D:BC:03:B2:B4:0A:89:F1:6D
Certificate issuer:       /CN=b172b5bdc754d5f644e4081dbc03b2b40a89f16d
Certificate serial:       0194C387C7BF4D5121FC140FBF92DADF9BAF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sXK1vcdU1fZE5AgdvAOytAqJ8W0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft
Manifest number:          0182
Signing time:             Sat 01 Feb 2025 22:00:43 +0000
Manifest this update:     Sat 01 Feb 2025 22:00:43 +0000
Manifest next update:     Sun 02 Feb 2025 22:00:43 +0000
Files and hashes:         1: sXK1vcdU1fZE5AgdvAOytAqJ8W0.crl (hash: QbPVOsxkzJ+5/pZiv0mQWBEiQY7dwMlfcFc9K5n0x0k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sXK1vcdU1fZE5AgdvAOytAqJ8W0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:87:c7:bf:4d:51:21:fc:14:0f:bf:92:da:df:9b:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b172b5bdc754d5f644e4081dbc03b2b40a89f16d
        Validity
            Not Before: Feb  1 22:00:43 2025 GMT
            Not After : Feb  2 22:00:43 2025 GMT
        Subject: CN=72ad5fac6bc98699feb6680b250fcbafea4f4cd4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:48:ff:78:42:e1:21:ec:72:02:28:96:f8:7d:
                    80:d7:36:1b:cc:5b:c7:21:3f:7a:a1:7d:5a:23:e5:
                    91:ff:b1:af:56:a7:a2:3e:ed:09:81:fa:3e:0d:41:
                    ad:e7:f5:6c:f4:b3:8e:51:23:b5:e0:67:79:60:16:
                    4b:3f:df:66:ce:da:5b:90:bc:d3:5f:55:c2:ce:d9:
                    88:fc:fd:6e:3a:a7:7b:28:ca:e1:bc:81:fb:5d:99:
                    87:a3:b7:63:40:d6:45:2a:e0:75:d7:64:0f:43:02:
                    05:32:55:49:ae:fe:af:4c:f0:38:9b:a8:69:9f:ad:
                    e3:19:5f:8a:b1:86:5a:70:89:47:4b:cf:f0:d4:d9:
                    15:3e:28:63:7a:1c:bb:36:c5:64:21:ed:1c:5e:3b:
                    99:fa:f9:97:06:8c:60:a6:a0:94:f7:36:6c:38:50:
                    5a:2d:6b:cf:aa:c7:50:83:dc:19:80:f1:17:3e:43:
                    0b:d4:98:fc:2e:12:84:0a:93:c5:a6:68:01:03:86:
                    60:c3:78:2b:bb:86:9c:5d:05:c3:ee:db:b0:cc:be:
                    99:30:34:f8:6e:49:da:10:33:24:2d:65:ec:43:c7:
                    98:5d:27:4e:c0:70:59:85:8d:b4:0a:54:31:cb:8f:
                    d2:8b:28:3c:5c:28:6d:af:da:61:43:49:a1:d4:c5:
                    98:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:AD:5F:AC:6B:C9:86:99:FE:B6:68:0B:25:0F:CB:AF:EA:4F:4C:D4
            X509v3 Authority Key Identifier:
                keyid:B1:72:B5:BD:C7:54:D5:F6:44:E4:08:1D:BC:03:B2:B4:0A:89:F1:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sXK1vcdU1fZE5AgdvAOytAqJ8W0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:94:c6:87:43:7a:b6:a8:93:d9:f1:4b:ed:c2:d2:a2:32:16:
         4a:5f:d9:e9:89:18:3f:fc:32:06:5a:31:af:d9:85:6a:6e:a8:
         9e:f6:cc:bc:71:d8:d3:a8:e8:01:40:d7:e7:26:c4:7a:06:8a:
         36:79:c7:8d:0d:e2:d6:5a:83:f8:8e:64:f5:a2:9c:4f:d7:b6:
         cf:42:c5:71:45:c4:45:bf:76:5c:47:ab:9a:4c:88:8a:00:8e:
         34:df:4a:0e:9a:1a:4b:87:f6:6c:b0:c3:c7:12:38:61:13:43:
         4a:71:00:d6:90:3c:62:4b:77:15:18:8d:be:c9:cb:ba:2b:1f:
         df:90:9d:45:94:64:21:b2:19:ce:9b:52:b7:f0:a1:7b:04:76:
         01:f3:d6:20:66:67:52:1e:26:aa:a1:e6:29:8f:f1:3b:07:cf:
         26:99:b2:54:90:bc:b5:c5:8a:aa:58:5f:34:55:c7:ed:ca:56:
         c9:54:e4:5f:68:12:54:ea:ae:2f:3c:be:30:15:77:de:80:ec:
         e3:1d:14:e2:a1:1f:0d:de:3c:1b:32:1e:75:57:47:5c:9a:dc:
         d9:ab:a8:0b:8c:1a:82:06:71:bf:e7:85:26:ba:09:b6:cb:9b:
         8e:4e:6c:51:5a:28:4f:7d:11:39:48:10:f7:43:87:7a:50:6e:
         1d:94:68:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh8e/TVEh/BQPv5La35uvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNzJiNWJkYzc1NGQ1ZjY0NGU0MDgxZGJjMDNiMmI0MGE4
OWYxNmQwHhcNMjUwMjAxMjIwMDQzWhcNMjUwMjAyMjIwMDQzWjAzMTEwLwYDVQQD
Eyg3MmFkNWZhYzZiYzk4Njk5ZmViNjY4MGIyNTBmY2JhZmVhNGY0Y2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkj/eELhIexyAiiW+H2A1zYbzFvH
IT96oX1aI+WR/7GvVqeiPu0Jgfo+DUGt5/Vs9LOOUSO14Gd5YBZLP99mztpbkLzT
X1XCztmI/P1uOqd7KMrhvIH7XZmHo7djQNZFKuB112QPQwIFMlVJrv6vTPA4m6hp
n63jGV+KsYZacIlHS8/w1NkVPihjehy7NsVkIe0cXjuZ+vmXBoxgpqCU9zZsOFBa
LWvPqsdQg9wZgPEXPkML1Jj8LhKECpPFpmgBA4Zgw3gru4acXQXD7tuwzL6ZMDT4
bknaEDMkLWXsQ8eYXSdOwHBZhY20ClQxy4/Siyg8XChtr9phQ0mh1MWYuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHKtX6xryYaZ/rZoCyUPy6/qT0zUMB8GA1UdIwQY
MBaAFLFytb3HVNX2ROQIHbwDsrQKifFtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1hLMXZjZFUxZlpFNUFnZHZBT3l0QXFKOFcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny81MDBiYjctZTU1NC00YjFjLTlmNDMt
ZWE1MmFlMDhkZTljLzEvc1hLMXZjZFUxZlpFNUFnZHZBT3l0QXFKOFcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny81MDBiYjctZTU1NC00YjFjLTlmNDMtZWE1MmFlMDhkZTlj
LzEvc1hLMXZjZFUxZlpFNUFnZHZBT3l0QXFKOFcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmJTGh0N6
tqiT2fFL7cLSojIWSl/Z6YkYP/wyBloxr9mFam6onvbMvHHY06joAUDX5ybEegaK
NnnHjQ3i1lqD+I5k9aKcT9e2z0LFcUXERb92XEermkyIigCONN9KDpoaS4f2bLDD
xxI4YRNDSnEA1pA8Ykt3FRiNvsnLuisf35CdRZRkIbIZzptSt/ChewR2AfPWIGZn
Uh4mqqHmKY/xOwfPJpmyVJC8tcWKqlhfNFXH7cpWyVTkX2gSVOquLzy+MBV33oDs
4x0U4qEfDd48GzIedVdHXJrc2auoC4waggZxv+eFJroJtsubjk5sUVooT30ROUgQ
90OHelBuHZRosA==
-----END CERTIFICATE-----