Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft
File:                     NJxIN9k5hA1fbHSqwINm70v-SHQ.mft (raw, json)
Hash identifier:          ag4wsOLUc9RSXlPQhqrpK0yEUFRDrc0m6GZKO+z5hCE=
Subject key identifier:   44:63:D4:AC:1B:11:F2:C5:F2:00:6D:BB:BB:28:1B:11:A0:38:39:86
Authority key identifier: 34:9C:48:37:D9:39:84:0D:5F:6C:74:AA:C0:83:66:EF:4B:FE:48:74
Certificate issuer:       /CN=349c4837d939840d5f6c74aac08366ef4bfe4874
Certificate serial:       0194C387F81E054188771C13C331A3A3C555
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NJxIN9k5hA1fbHSqwINm70v-SHQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft
Manifest number:          1A
Signing time:             Sat 01 Feb 2025 22:00:55 +0000
Manifest this update:     Sat 01 Feb 2025 22:00:55 +0000
Manifest next update:     Sun 02 Feb 2025 22:00:55 +0000
Files and hashes:         1: NJxIN9k5hA1fbHSqwINm70v-SHQ.crl (hash: mReFUUClIWEfiiYq+cpHa90JccVNQg+D7QUKqImmjRI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NJxIN9k5hA1fbHSqwINm70v-SHQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:87:f8:1e:05:41:88:77:1c:13:c3:31:a3:a3:c5:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=349c4837d939840d5f6c74aac08366ef4bfe4874
        Validity
            Not Before: Feb  1 22:00:55 2025 GMT
            Not After : Feb  2 22:00:55 2025 GMT
        Subject: CN=4463d4ac1b11f2c5f2006dbbbb281b11a0383986
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:66:ad:d6:4e:56:82:60:2b:85:51:02:43:e5:
                    a3:80:f3:7f:64:1d:a6:51:82:4b:61:80:e8:e6:5a:
                    dc:15:6d:56:e7:4a:d9:47:92:f2:79:a7:26:7c:26:
                    70:20:ae:c9:c2:ea:e8:37:d1:01:0c:d6:f0:61:a8:
                    39:11:0e:06:83:fc:24:c0:4d:a8:d1:4e:e7:91:d2:
                    74:bb:6b:01:85:0e:94:84:fe:cc:47:27:87:a0:18:
                    0e:10:17:e7:dd:8b:1d:20:26:26:00:c3:4c:c1:b3:
                    97:e5:82:92:4a:06:46:36:37:f6:71:73:92:b1:54:
                    e5:22:57:33:2e:48:9b:7d:2c:8b:16:dc:e1:46:b1:
                    3c:48:8a:3c:a0:af:a0:06:a6:00:63:69:b3:0c:7c:
                    45:4b:7e:f7:9c:e7:18:f5:a3:66:22:0f:df:1f:2c:
                    a2:a1:f2:2f:55:2d:bc:18:1c:9a:e5:09:b0:53:d2:
                    c9:18:17:8c:10:0f:a9:8e:fb:16:eb:ac:37:ca:60:
                    b7:1a:19:47:a4:29:2b:2b:01:d0:b3:90:86:93:74:
                    44:9c:ba:0d:11:6f:a2:35:48:b7:13:34:3d:75:fa:
                    dd:10:f2:ad:71:db:56:6d:f6:db:35:d5:96:8d:4b:
                    c0:16:a8:01:c9:2b:1a:e9:67:b5:9c:b3:3d:b7:f2:
                    49:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:63:D4:AC:1B:11:F2:C5:F2:00:6D:BB:BB:28:1B:11:A0:38:39:86
            X509v3 Authority Key Identifier:
                keyid:34:9C:48:37:D9:39:84:0D:5F:6C:74:AA:C0:83:66:EF:4B:FE:48:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJxIN9k5hA1fbHSqwINm70v-SHQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:60:a7:87:69:0e:44:3e:08:e8:d5:f0:1f:1b:1a:0b:4f:bd:
         37:15:5a:a9:b0:af:e5:42:50:7e:3f:eb:c7:c5:a7:8c:c1:71:
         59:9b:a1:99:a8:f7:a8:ec:96:ce:db:5c:66:4b:72:27:c9:ff:
         ed:c7:4f:90:43:f2:2b:c7:2a:63:08:a1:7c:22:9b:7a:62:6a:
         35:bf:9e:51:6a:33:bd:b0:51:09:00:93:13:fb:47:2a:9d:b9:
         b8:0c:ac:f9:88:55:fb:7d:e7:f9:99:49:9c:4b:bc:cc:3c:bd:
         8b:7f:9f:1e:22:9a:95:bb:a5:c4:1e:83:d7:72:f7:9d:33:55:
         17:55:79:a4:76:29:dc:00:07:d5:8d:13:f4:41:1b:69:9e:07:
         c0:69:a1:6e:08:5b:8e:e7:69:3b:29:08:c1:8d:fc:e2:07:e7:
         7c:d7:e9:ec:e0:6e:86:86:22:b2:53:7c:7c:c2:ce:84:da:e3:
         e4:e6:80:65:5f:a5:e8:8b:ee:68:ee:e3:d9:b3:c3:35:67:e8:
         5e:fe:3d:ac:1b:b8:5a:84:46:7e:cc:75:0c:01:fc:a1:6f:df:
         06:7d:61:2d:ff:ef:d0:30:fe:5d:a5:0b:7d:86:bb:be:8b:d7:
         9a:8e:a5:8c:9f:77:8b:f5:25:02:e6:de:70:01:61:45:ce:81:
         ac:2c:b4:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh/geBUGIdxwTwzGjo8VVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWM0ODM3ZDkzOTg0MGQ1ZjZjNzRhYWMwODM2NmVmNGJm
ZTQ4NzQwHhcNMjUwMjAxMjIwMDU1WhcNMjUwMjAyMjIwMDU1WjAzMTEwLwYDVQQD
Eyg0NDYzZDRhYzFiMTFmMmM1ZjIwMDZkYmJiYjI4MWIxMWEwMzgzOTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGat1k5WgmArhVECQ+WjgPN/ZB2m
UYJLYYDo5lrcFW1W50rZR5LyeacmfCZwIK7JwuroN9EBDNbwYag5EQ4Gg/wkwE2o
0U7nkdJ0u2sBhQ6UhP7MRyeHoBgOEBfn3YsdICYmAMNMwbOX5YKSSgZGNjf2cXOS
sVTlIlczLkibfSyLFtzhRrE8SIo8oK+gBqYAY2mzDHxFS373nOcY9aNmIg/fHyyi
ofIvVS28GBya5QmwU9LJGBeMEA+pjvsW66w3ymC3GhlHpCkrKwHQs5CGk3REnLoN
EW+iNUi3EzQ9dfrdEPKtcdtWbfbbNdWWjUvAFqgBySsa6We1nLM9t/JJWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFERj1KwbEfLF8gBtu7soGxGgODmGMB8GA1UdIwQY
MBaAFDScSDfZOYQNX2x0qsCDZu9L/kh0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp4SU45azVoQTFmYkhTcXdJTm03MHYtU0hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9hZmQ3MWItMDI2OC00NDA5LWEzODMt
NTg0YTc2Mzk5NDE0LzEvTkp4SU45azVoQTFmYkhTcXdJTm03MHYtU0hRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9hZmQ3MWItMDI2OC00NDA5LWEzODMtNTg0YTc2Mzk5NDE0
LzEvTkp4SU45azVoQTFmYkhTcXdJTm03MHYtU0hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOmCnh2kO
RD4I6NXwHxsaC0+9NxVaqbCv5UJQfj/rx8WnjMFxWZuhmaj3qOyWzttcZktyJ8n/
7cdPkEPyK8cqYwihfCKbemJqNb+eUWozvbBRCQCTE/tHKp25uAys+YhV+33n+ZlJ
nEu8zDy9i3+fHiKalbulxB6D13L3nTNVF1V5pHYp3AAH1Y0T9EEbaZ4HwGmhbghb
judpOykIwY384gfnfNfp7OBuhoYislN8fMLOhNrj5OaAZV+l6IvuaO7j2bPDNWfo
Xv49rBu4WoRGfsx1DAH8oW/fBn1hLf/v0DD+XaULfYa7vovXmo6ljJ93i/UlAube
cAFhRc6BrCy0Zg==
-----END CERTIFICATE-----