Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft
File:                     aAkoqR-PfmOX5sZdDgtmKReW01I.mft (raw, json)
Hash identifier:          7FbL093kkzh/tr3ueALVFq1b5V4ylKaPCXxGwuKfafo=
Subject key identifier:   3C:24:72:BA:11:AE:DD:3B:DE:73:59:2B:6C:03:33:86:64:53:E1:BE
Authority key identifier: 68:09:28:A9:1F:8F:7E:63:97:E6:C6:5D:0E:0B:66:29:17:96:D3:52
Certificate issuer:       /CN=680928a91f8f7e6397e6c65d0e0b66291796d352
Certificate serial:       019512104F288FEC79BF490FE5733FEB6438
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aAkoqR-PfmOX5sZdDgtmKReW01I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft
Manifest number:          101A
Signing time:             Mon 17 Feb 2025 04:00:13 +0000
Manifest this update:     Mon 17 Feb 2025 04:00:13 +0000
Manifest next update:     Tue 18 Feb 2025 04:00:13 +0000
Files and hashes:         1: aAkoqR-PfmOX5sZdDgtmKReW01I.crl (hash: TUtugSDsyFZge92QMCHXqUVwxOZSK8+wgwO+2urz5I0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aAkoqR-PfmOX5sZdDgtmKReW01I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:12:10:4f:28:8f:ec:79:bf:49:0f:e5:73:3f:eb:64:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=680928a91f8f7e6397e6c65d0e0b66291796d352
        Validity
            Not Before: Feb 17 04:00:13 2025 GMT
            Not After : Feb 18 04:00:13 2025 GMT
        Subject: CN=3c2472ba11aedd3bde73592b6c0333866453e1be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:17:07:29:85:6d:d7:20:35:37:28:de:17:2f:
                    dd:af:17:b8:ca:ef:eb:ab:3c:81:c5:90:5c:8b:1a:
                    65:46:3a:91:91:1f:f2:3b:c9:b1:88:c6:fc:41:13:
                    7c:07:90:7e:41:68:70:1c:b7:ca:13:20:0e:29:3c:
                    5f:65:91:2c:96:af:cd:40:d9:e6:84:41:23:f8:71:
                    0d:32:b6:d7:7f:f8:ea:55:b7:2b:0a:fd:0d:af:6f:
                    a8:bd:40:07:51:c0:59:2e:26:02:a7:79:89:f6:0b:
                    02:29:8e:d6:e6:9a:aa:01:b7:b5:a3:df:f1:30:bb:
                    b3:26:87:94:d7:f7:2b:b9:88:f2:c3:ba:79:ad:c1:
                    19:2b:0a:36:f1:9c:66:44:fc:79:d4:2c:d2:aa:ea:
                    e9:ce:e2:55:dc:41:2e:e7:d5:67:83:0f:19:43:02:
                    e6:b7:05:0c:38:65:21:ec:49:77:9a:e9:bd:fe:e1:
                    3b:6b:63:6a:5e:08:4d:a3:95:c5:de:00:7d:fa:b5:
                    45:a3:00:68:fc:b5:b8:7f:b7:6d:d8:8a:d8:69:34:
                    f4:bc:3f:4b:bc:eb:15:73:ac:cf:f8:3e:04:2f:bf:
                    20:07:fb:57:d8:da:ef:83:db:e7:c6:bb:5b:41:5c:
                    d5:c7:3a:26:bb:d2:a6:d2:6a:64:22:cd:9f:c3:c2:
                    45:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:24:72:BA:11:AE:DD:3B:DE:73:59:2B:6C:03:33:86:64:53:E1:BE
            X509v3 Authority Key Identifier:
                keyid:68:09:28:A9:1F:8F:7E:63:97:E6:C6:5D:0E:0B:66:29:17:96:D3:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAkoqR-PfmOX5sZdDgtmKReW01I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:ef:17:80:88:4d:cf:15:5b:da:50:e4:7e:f1:e4:61:5b:bc:
         73:ee:73:8b:ca:57:21:15:1a:1d:6c:5a:e8:c1:8f:57:26:51:
         27:bf:5f:75:2a:28:b5:d4:9b:ab:99:0d:aa:0c:7e:55:4d:0d:
         5d:97:39:2a:3b:13:5d:b9:f3:b8:b3:88:f5:b4:aa:d8:22:3c:
         fb:92:4c:c7:0d:5f:3d:8c:5b:19:ca:46:08:71:01:50:ca:36:
         91:e2:43:b5:f1:a4:f3:c4:4c:c5:e0:93:9e:ad:f3:3e:48:88:
         c9:af:67:99:f7:ad:58:d8:f6:a4:be:a4:9a:af:76:6c:67:28:
         e6:38:e4:58:cf:eb:85:7e:c5:17:d6:31:ea:1d:82:b2:a0:3e:
         f0:76:f2:4f:f9:2d:fe:a0:81:ef:59:73:2c:07:d5:93:9a:00:
         4a:65:10:3f:4e:df:6d:b0:f4:8e:d7:e6:6f:78:ae:05:3a:de:
         a5:f0:2a:7c:16:93:3d:4f:83:73:5f:4c:01:c9:f7:bd:6b:a3:
         20:7d:25:27:6d:cb:37:96:78:18:ab:7e:8c:b0:65:82:ba:82:
         1e:ca:73:b6:d5:38:c2:48:29:7d:e7:56:2a:c1:56:9b:3d:b6:
         f0:5f:22:8e:9a:e1:23:70:44:bc:2f:0d:b3:1f:e9:1c:bd:68:
         a4:4e:5e:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSEE8oj+x5v0kP5XM/62Q4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDkyOGE5MWY4ZjdlNjM5N2U2YzY1ZDBlMGI2NjI5MTc5
NmQzNTIwHhcNMjUwMjE3MDQwMDEzWhcNMjUwMjE4MDQwMDEzWjAzMTEwLwYDVQQD
EygzYzI0NzJiYTExYWVkZDNiZGU3MzU5MmI2YzAzMzM4NjY0NTNlMWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBcHKYVt1yA1NyjeFy/drxe4yu/r
qzyBxZBcixplRjqRkR/yO8mxiMb8QRN8B5B+QWhwHLfKEyAOKTxfZZEslq/NQNnm
hEEj+HENMrbXf/jqVbcrCv0Nr2+ovUAHUcBZLiYCp3mJ9gsCKY7W5pqqAbe1o9/x
MLuzJoeU1/cruYjyw7p5rcEZKwo28ZxmRPx51CzSqurpzuJV3EEu59Vngw8ZQwLm
twUMOGUh7El3mum9/uE7a2NqXghNo5XF3gB9+rVFowBo/LW4f7dt2IrYaTT0vD9L
vOsVc6zP+D4EL78gB/tX2Nrvg9vnxrtbQVzVxzomu9Km0mpkIs2fw8JF/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDwkcroRrt073nNZK2wDM4ZkU+G+MB8GA1UdIwQY
MBaAFGgJKKkfj35jl+bGXQ4LZikXltNSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFrb3FSLVBmbU9YNXNaZERndG1LUmVXMDFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9lYjE5Y2ItYWM4My00NTFlLTliNTQt
OGJlM2RmODlmMzU5LzEvYUFrb3FSLVBmbU9YNXNaZERndG1LUmVXMDFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9lYjE5Y2ItYWM4My00NTFlLTliNTQtOGJlM2RmODlmMzU5
LzEvYUFrb3FSLVBmbU9YNXNaZERndG1LUmVXMDFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUu8XgIhN
zxVb2lDkfvHkYVu8c+5zi8pXIRUaHWxa6MGPVyZRJ79fdSootdSbq5kNqgx+VU0N
XZc5KjsTXbnzuLOI9bSq2CI8+5JMxw1fPYxbGcpGCHEBUMo2keJDtfGk88RMxeCT
nq3zPkiIya9nmfetWNj2pL6kmq92bGco5jjkWM/rhX7FF9Yx6h2CsqA+8HbyT/kt
/qCB71lzLAfVk5oASmUQP07fbbD0jtfmb3iuBTrepfAqfBaTPU+Dc19MAcn3vWuj
IH0lJ23LN5Z4GKt+jLBlgrqCHspzttU4wkgpfedWKsFWmz228F8ijprhI3BEvC8N
sx/pHL1opE5eUQ==
-----END CERTIFICATE-----