Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
File:                     U53I-Drwei_XEh53wBzCg8ZRoIc.mft (raw, json)
Hash identifier:          e3PVY1fn1v6WtSoUq9Z2bwfETbOXnq2mbRHQe2wuHAY=
Subject key identifier:   BC:3D:A6:96:9F:A9:81:69:D6:F0:2B:7F:16:E3:3C:00:17:9A:29:FC
Authority key identifier: 53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87
Certificate issuer:       /CN=539dc8f83af07a2fd7121e77c01cc283c651a087
Certificate serial:       019510FDF001C63AC2D275259F51EA260486
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
Manifest number:          1456
Signing time:             Sun 16 Feb 2025 23:00:32 +0000
Manifest this update:     Sun 16 Feb 2025 23:00:32 +0000
Manifest next update:     Mon 17 Feb 2025 23:00:32 +0000
Files and hashes:         1: U53I-Drwei_XEh53wBzCg8ZRoIc.crl (hash: +TjGLHXv4r46jOhZj+liifIz0EIiBJFzC2Dq3fDrQKk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:fd:f0:01:c6:3a:c2:d2:75:25:9f:51:ea:26:04:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=539dc8f83af07a2fd7121e77c01cc283c651a087
        Validity
            Not Before: Feb 16 23:00:32 2025 GMT
            Not After : Feb 17 23:00:32 2025 GMT
        Subject: CN=bc3da6969fa98169d6f02b7f16e33c00179a29fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:05:f0:c8:ae:52:08:cb:37:11:67:a7:9f:69:
                    84:b2:49:be:dd:0d:02:98:52:32:3f:fe:82:13:e7:
                    6e:b5:38:40:9b:66:1b:95:22:98:0a:ff:8f:ce:9c:
                    79:16:85:b2:86:3c:21:60:f3:fa:d8:b7:c5:96:6e:
                    89:1b:98:6a:4c:3b:69:90:f5:30:1a:2b:90:67:f8:
                    39:45:f3:40:3d:c2:77:45:98:93:c9:03:04:0e:47:
                    2d:f1:62:70:0b:59:7e:ac:4b:f2:82:aa:46:9a:eb:
                    d0:db:e6:be:64:0a:53:ff:a8:93:00:fe:82:15:1f:
                    fa:f1:db:e6:99:6d:13:a8:c8:e6:21:35:b7:51:df:
                    2f:84:da:8e:da:47:5f:7d:2a:c9:21:71:9e:d0:dc:
                    1c:b3:55:2a:ba:ea:1f:56:19:40:a4:62:96:ce:dd:
                    f9:cf:2e:b9:31:99:c0:8a:5e:6c:79:6b:c2:c3:d1:
                    e7:b5:f5:7d:1b:f5:93:c6:01:19:ed:95:a3:2b:3a:
                    77:1b:4b:56:ef:8e:29:f3:0a:4e:7a:0c:e0:bc:b8:
                    0b:a4:64:2f:57:d7:c6:a1:0c:d9:79:97:68:c6:78:
                    81:5f:d1:32:cf:19:4d:35:fe:df:36:22:82:45:08:
                    5f:a4:86:19:06:3a:5c:d5:6b:50:f9:c8:37:7a:44:
                    0b:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:3D:A6:96:9F:A9:81:69:D6:F0:2B:7F:16:E3:3C:00:17:9A:29:FC
            X509v3 Authority Key Identifier:
                keyid:53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:ef:fc:26:1a:e5:ec:7b:ad:06:9a:70:32:82:da:a4:b0:5b:
         99:93:b1:e6:ac:6a:bb:6a:ee:d0:24:e9:d1:b5:cc:c9:34:1d:
         6b:a0:d2:72:5d:31:c8:5e:3f:28:72:44:6f:bb:77:67:e1:33:
         1d:79:3b:15:a5:91:1d:cc:d9:20:65:f6:93:fc:70:95:27:d5:
         5a:09:05:ba:bc:d4:fa:c6:88:24:1c:ca:b1:9b:5c:75:62:21:
         bf:78:fc:4c:be:a1:65:d6:57:d5:e8:22:05:6a:aa:47:64:65:
         46:13:dd:a6:64:15:c3:bd:9e:c3:4d:d1:20:3c:dc:4c:fd:a8:
         de:d0:7f:91:a8:b5:3f:f7:96:66:bc:3a:0e:c2:f8:0a:96:39:
         a3:57:1c:f4:0a:07:62:ab:9a:55:9b:46:2b:69:7d:f1:92:46:
         a1:c9:24:f6:ff:65:36:04:ab:c9:db:e3:75:78:1b:d1:40:21:
         1b:d4:12:c1:1f:9e:74:a6:4e:39:66:74:52:60:53:03:4d:a0:
         4b:82:f4:14:45:32:24:52:d6:7b:50:2d:9e:3b:62:be:9e:09:
         79:46:39:88:a3:ba:02:5a:38:79:69:e8:9c:7d:aa:18:87:a2:
         5b:a5:8f:3b:12:3e:d4:1a:56:50:7e:c0:29:14:e3:b7:b4:d7:
         d9:92:81:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQ/fABxjrC0nUln1HqJgSGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzOWRjOGY4M2FmMDdhMmZkNzEyMWU3N2MwMWNjMjgzYzY1
MWEwODcwHhcNMjUwMjE2MjMwMDMyWhcNMjUwMjE3MjMwMDMyWjAzMTEwLwYDVQQD
EyhiYzNkYTY5NjlmYTk4MTY5ZDZmMDJiN2YxNmUzM2MwMDE3OWEyOWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwXwyK5SCMs3EWenn2mEskm+3Q0C
mFIyP/6CE+dutThAm2YblSKYCv+Pzpx5FoWyhjwhYPP62LfFlm6JG5hqTDtpkPUw
GiuQZ/g5RfNAPcJ3RZiTyQMEDkct8WJwC1l+rEvygqpGmuvQ2+a+ZApT/6iTAP6C
FR/68dvmmW0TqMjmITW3Ud8vhNqO2kdffSrJIXGe0Nwcs1UquuofVhlApGKWzt35
zy65MZnAil5seWvCw9HntfV9G/WTxgEZ7ZWjKzp3G0tW744p8wpOegzgvLgLpGQv
V9fGoQzZeZdoxniBX9EyzxlNNf7fNiKCRQhfpIYZBjpc1WtQ+cg3ekQLNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLw9ppafqYFp1vArfxbjPAAXmin8MB8GA1UdIwQY
MBaAFFOdyPg68Hov1xIed8AcwoPGUaCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83MzJlYTItOWE1Yy00ZWRhLWI5YjQt
NjI3NmIxNzhlZmRmLzEvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83MzJlYTItOWE1Yy00ZWRhLWI5YjQtNjI3NmIxNzhlZmRm
LzEvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXe/8Jhrl
7HutBppwMoLapLBbmZOx5qxqu2ru0CTp0bXMyTQda6DScl0xyF4/KHJEb7t3Z+Ez
HXk7FaWRHczZIGX2k/xwlSfVWgkFurzU+saIJBzKsZtcdWIhv3j8TL6hZdZX1egi
BWqqR2RlRhPdpmQVw72ew03RIDzcTP2o3tB/kai1P/eWZrw6DsL4CpY5o1cc9AoH
YquaVZtGK2l98ZJGockk9v9lNgSrydvjdXgb0UAhG9QSwR+edKZOOWZ0UmBTA02g
S4L0FEUyJFLWe1Atnjtivp4JeUY5iKO6Alo4eWnonH2qGIeiW6WPOxI+1BpWUH7A
KRTjt7TX2ZKBwA==
-----END CERTIFICATE-----