Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft
File:                     laaF1WN0LJza4cNZU2at7NCpO6U.mft (raw, json)
Hash identifier:          fcTSkaaya572R2i2TVdqzt8CGTNov1cMLRhH5lZAVfc=
Subject key identifier:   0C:FB:1C:DB:D0:39:25:32:F9:3C:A2:27:97:0A:29:19:B8:55:D7:F3
Authority key identifier: 95:A6:85:D5:63:74:2C:9C:DA:E1:C3:59:53:66:AD:EC:D0:A9:3B:A5
Certificate issuer:       /CN=95a685d563742c9cdae1c3595366adecd0a93ba5
Certificate serial:       0194C3887A4BFDD5B08245FBFF80369DBCD0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/laaF1WN0LJza4cNZU2at7NCpO6U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft
Manifest number:          0BC7
Signing time:             Sat 01 Feb 2025 22:01:28 +0000
Manifest this update:     Sat 01 Feb 2025 22:01:28 +0000
Manifest next update:     Sun 02 Feb 2025 22:01:28 +0000
Files and hashes:         1: laaF1WN0LJza4cNZU2at7NCpO6U.crl (hash: QBewq99VUMni3hbeHtKN+MMdPiLSNo+sKM9FJunlhDc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/laaF1WN0LJza4cNZU2at7NCpO6U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:88:7a:4b:fd:d5:b0:82:45:fb:ff:80:36:9d:bc:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95a685d563742c9cdae1c3595366adecd0a93ba5
        Validity
            Not Before: Feb  1 22:01:28 2025 GMT
            Not After : Feb  2 22:01:28 2025 GMT
        Subject: CN=0cfb1cdbd0392532f93ca227970a2919b855d7f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:3e:5e:d9:ee:e7:b7:2e:90:ed:7f:4d:31:56:
                    57:d8:b3:77:36:70:5c:37:79:4c:0f:9e:7b:03:b8:
                    81:e3:bd:74:37:96:e5:db:94:0a:18:0e:ad:29:a8:
                    6e:29:5b:9e:16:b9:33:5e:12:8c:f0:ec:e6:ee:9b:
                    78:00:c5:18:9e:34:f1:75:da:73:4a:29:97:23:75:
                    1a:7e:12:ee:48:89:d6:f1:69:39:11:31:c1:f4:61:
                    35:8c:84:28:56:43:4d:cf:19:4c:99:8c:c2:dc:21:
                    36:02:07:91:e0:2a:5a:67:65:e8:9f:84:53:55:16:
                    72:9a:78:93:85:c2:04:9a:cd:5a:d2:ce:11:62:5b:
                    7d:c0:f4:db:d8:b9:d3:53:17:dd:8c:50:f0:ad:54:
                    85:ba:5f:cb:7c:20:dc:00:96:5b:40:cc:70:bd:de:
                    6e:b4:9e:c0:52:01:8b:54:d4:5d:de:a3:19:68:0a:
                    4a:21:c7:2d:3a:b6:8d:eb:c9:84:e1:98:6d:39:ad:
                    3e:24:fd:4e:a8:b5:41:ab:f6:18:f4:a2:0e:b1:f5:
                    7d:26:20:03:f5:39:d7:7e:ad:99:17:5a:1c:cc:95:
                    1b:85:df:51:eb:c0:47:48:4c:7b:80:eb:0b:89:43:
                    8c:84:25:33:75:0d:df:d1:73:90:12:a2:53:08:36:
                    db:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:FB:1C:DB:D0:39:25:32:F9:3C:A2:27:97:0A:29:19:B8:55:D7:F3
            X509v3 Authority Key Identifier:
                keyid:95:A6:85:D5:63:74:2C:9C:DA:E1:C3:59:53:66:AD:EC:D0:A9:3B:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/laaF1WN0LJza4cNZU2at7NCpO6U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/a98239-6179-4cdc-8b94-0a4424ff2a1f/1/laaF1WN0LJza4cNZU2at7NCpO6U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:3a:6c:e1:ca:24:76:13:b4:f9:1c:cd:2f:e8:86:25:24:61:
         b4:b4:76:36:1e:b8:b0:53:81:e5:4b:e1:92:e1:39:97:a2:dc:
         fe:f3:c1:c8:85:ff:45:57:e7:b8:3d:e0:63:01:09:5c:8c:15:
         cb:2a:7e:f3:07:ea:f4:ba:5a:8e:b0:5e:74:b1:9b:e9:e2:89:
         0c:37:74:41:74:a5:05:1b:72:10:88:80:21:c8:22:a1:82:e4:
         68:6f:85:42:15:fd:4f:66:7c:6b:9d:74:19:c8:12:d2:a7:99:
         50:4e:c0:46:d5:2d:6f:f8:3c:d5:34:de:b6:52:2a:e2:4f:dc:
         d8:6d:b2:ff:56:f8:f4:5a:16:c3:13:ad:49:d7:0a:b8:78:d0:
         c4:51:05:a1:f6:e5:1b:a6:94:fb:e0:46:11:96:10:74:8f:8a:
         b7:56:96:9b:8c:38:f4:d3:71:86:fd:5f:b8:39:24:bc:f6:95:
         0d:ea:ef:3d:64:d1:e2:1c:61:48:3e:ea:4c:ce:f4:7f:60:d2:
         c9:96:25:bf:49:e2:09:70:fc:ac:2f:8d:97:fe:83:25:22:62:
         d7:03:6b:2d:bb:87:45:f3:5e:d1:78:fc:16:25:7b:52:73:3e:
         52:b5:42:e7:ef:c0:64:bc:ce:5e:3c:2a:9d:19:7a:0a:28:0d:
         84:55:fc:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDiHpL/dWwgkX7/4A2nbzQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YTY4NWQ1NjM3NDJjOWNkYWUxYzM1OTUzNjZhZGVjZDBh
OTNiYTUwHhcNMjUwMjAxMjIwMTI4WhcNMjUwMjAyMjIwMTI4WjAzMTEwLwYDVQQD
EygwY2ZiMWNkYmQwMzkyNTMyZjkzY2EyMjc5NzBhMjkxOWI4NTVkN2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhz5e2e7nty6Q7X9NMVZX2LN3NnBc
N3lMD557A7iB4710N5bl25QKGA6tKahuKVueFrkzXhKM8Ozm7pt4AMUYnjTxddpz
SimXI3UafhLuSInW8Wk5ETHB9GE1jIQoVkNNzxlMmYzC3CE2AgeR4CpaZ2Xon4RT
VRZymniThcIEms1a0s4RYlt9wPTb2LnTUxfdjFDwrVSFul/LfCDcAJZbQMxwvd5u
tJ7AUgGLVNRd3qMZaApKIcctOraN68mE4ZhtOa0+JP1OqLVBq/YY9KIOsfV9JiAD
9TnXfq2ZF1oczJUbhd9R68BHSEx7gOsLiUOMhCUzdQ3f0XOQEqJTCDbblwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAz7HNvQOSUy+TyiJ5cKKRm4VdfzMB8GA1UdIwQY
MBaAFJWmhdVjdCyc2uHDWVNmrezQqTulMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGFhRjFXTjBMSnphNGNOWlUyYXQ3TkNwTzZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hOTgyMzktNjE3OS00Y2RjLThiOTQt
MGE0NDI0ZmYyYTFmLzEvbGFhRjFXTjBMSnphNGNOWlUyYXQ3TkNwTzZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hOTgyMzktNjE3OS00Y2RjLThiOTQtMGE0NDI0ZmYyYTFm
LzEvbGFhRjFXTjBMSnphNGNOWlUyYXQ3TkNwTzZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHDps4cok
dhO0+RzNL+iGJSRhtLR2Nh64sFOB5UvhkuE5l6Lc/vPByIX/RVfnuD3gYwEJXIwV
yyp+8wfq9LpajrBedLGb6eKJDDd0QXSlBRtyEIiAIcgioYLkaG+FQhX9T2Z8a510
GcgS0qeZUE7ARtUtb/g81TTetlIq4k/c2G2y/1b49FoWwxOtSdcKuHjQxFEFofbl
G6aU++BGEZYQdI+Kt1aWm4w49NNxhv1fuDkkvPaVDervPWTR4hxhSD7qTM70f2DS
yZYlv0niCXD8rC+Nl/6DJSJi1wNrLbuHRfNe0Xj8FiV7UnM+UrVC5+/AZLzOXjwq
nRl6CigNhFX8eA==
-----END CERTIFICATE-----