Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
File:                     CUsU8URwOb33-d7l-ik4XB3OlZ0.mft (raw, json)
Hash identifier:          6Yy8BOwSNyWEItcK7CjXIZLG7ROOGpLMtCefwuZ/Cj8=
Subject key identifier:   04:E0:26:18:40:AA:F8:9C:07:03:52:01:C0:C4:A2:94:86:21:85:18
Authority key identifier: 09:4B:14:F1:44:70:39:BD:F7:F9:DE:E5:FA:29:38:5C:1D:CE:95:9D
Certificate issuer:       /CN=094b14f1447039bdf7f9dee5fa29385c1dce959d
Certificate serial:       0196138FF3FD06D7AA9FE335BF7283AC4B5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
Manifest number:          146B
Signing time:             Tue 08 Apr 2025 04:02:03 +0000
Manifest this update:     Tue 08 Apr 2025 04:02:03 +0000
Manifest next update:     Wed 09 Apr 2025 04:02:03 +0000
Files and hashes:         1: CUsU8URwOb33-d7l-ik4XB3OlZ0.crl (hash: JGniICehINg5k+gKjZ4g/eVMPpugLdMWWuWn+Igem8k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 09 Apr 2025 04:02:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:13:8f:f3:fd:06:d7:aa:9f:e3:35:bf:72:83:ac:4b:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=094b14f1447039bdf7f9dee5fa29385c1dce959d
        Validity
            Not Before: Apr  8 04:02:03 2025 GMT
            Not After : Apr  9 04:02:03 2025 GMT
        Subject: CN=04e0261840aaf89c07035201c0c4a29486218518
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:eb:5e:b4:88:08:ad:0f:0e:fc:15:47:3b:40:
                    71:d7:65:c8:35:26:0d:57:9b:aa:26:d2:25:aa:cc:
                    64:9c:7f:2f:76:b9:b6:ea:d0:b9:a3:ee:70:c4:fe:
                    32:80:a8:db:ad:09:c2:44:05:74:99:c4:e7:3c:f9:
                    26:31:05:8e:df:b1:bd:59:23:0d:79:c4:ef:f7:42:
                    4b:5d:cf:a3:99:77:b4:d3:fc:ae:cb:55:fa:15:66:
                    bc:7e:4d:01:1c:82:11:26:f2:16:26:be:c8:81:3d:
                    d7:a5:0d:37:9c:62:5b:8d:ed:06:9f:87:22:6e:14:
                    5e:c2:a0:2a:5c:df:29:85:bf:20:ca:ec:5b:df:cd:
                    c9:3f:b4:2e:0e:ed:82:ae:78:e4:0c:90:7a:b8:a6:
                    5a:1b:88:47:fe:88:e1:f0:f1:0a:a7:b9:15:e4:b4:
                    ce:17:16:37:8f:62:4c:fa:ec:46:e5:7e:9b:50:11:
                    ee:0b:b4:59:98:5b:b2:fc:ec:d6:05:f4:20:17:1c:
                    c7:de:c9:b8:f4:f7:dd:85:8c:4e:0f:7f:b2:c1:43:
                    a4:08:fd:07:4e:c4:fa:b6:a3:ed:76:01:18:9c:a3:
                    a3:0a:11:a5:0e:ff:8e:73:e4:cd:f0:29:66:7b:6d:
                    db:6f:8c:2f:21:f9:dd:b8:dc:28:54:87:3c:be:59:
                    b8:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:E0:26:18:40:AA:F8:9C:07:03:52:01:C0:C4:A2:94:86:21:85:18
            X509v3 Authority Key Identifier:
                keyid:09:4B:14:F1:44:70:39:BD:F7:F9:DE:E5:FA:29:38:5C:1D:CE:95:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:fb:8f:33:eb:dd:15:1b:e9:89:58:1c:59:9e:0d:5a:06:d0:
         b3:dc:d6:7d:ce:17:e6:33:19:2f:fd:1b:78:65:6d:c6:97:ed:
         e1:54:e4:c4:76:ae:0c:71:c8:2f:a4:20:5c:e1:63:6d:b4:22:
         f8:f3:2e:b5:f6:ca:b1:6d:87:ff:6d:5d:d1:6a:08:94:b8:d2:
         81:c2:47:10:0c:0b:98:9e:97:98:db:c2:87:ad:34:44:74:0b:
         52:c8:c3:f0:b9:86:8e:df:53:e2:99:b1:52:44:db:ac:e0:01:
         83:69:a7:a2:5c:9c:5e:d8:24:ef:ba:49:3a:16:a4:34:ef:7d:
         a3:7c:e9:86:d6:91:40:01:1b:6d:25:4e:fe:99:62:1c:a3:97:
         31:3a:99:94:f2:2b:93:9b:c0:e6:64:34:f8:9a:00:e6:4a:38:
         98:e2:45:2d:76:46:09:8f:ff:60:23:ee:26:3a:1a:72:0c:5a:
         8b:0d:cc:40:6c:0d:b0:f3:cf:5a:9e:8b:7c:cd:4d:7b:da:64:
         d8:e4:66:bb:f3:c7:56:dc:90:eb:48:de:8a:1d:a7:8f:b4:40:
         9b:67:4b:13:f9:2d:de:2f:e8:ee:f9:98:6d:d5:00:1f:b9:df:
         2b:f7:d6:56:fd:b6:62:be:e2:fb:86:62:91:49:a5:55:bc:b6:
         85:b5:b3:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYTj/P9Bteqn+M1v3KDrEtfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NGIxNGYxNDQ3MDM5YmRmN2Y5ZGVlNWZhMjkzODVjMWRj
ZTk1OWQwHhcNMjUwNDA4MDQwMjAzWhcNMjUwNDA5MDQwMjAzWjAzMTEwLwYDVQQD
EygwNGUwMjYxODQwYWFmODljMDcwMzUyMDFjMGM0YTI5NDg2MjE4NTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+tetIgIrQ8O/BVHO0Bx12XINSYN
V5uqJtIlqsxknH8vdrm26tC5o+5wxP4ygKjbrQnCRAV0mcTnPPkmMQWO37G9WSMN
ecTv90JLXc+jmXe00/yuy1X6FWa8fk0BHIIRJvIWJr7IgT3XpQ03nGJbje0Gn4ci
bhRewqAqXN8phb8gyuxb383JP7QuDu2CrnjkDJB6uKZaG4hH/ojh8PEKp7kV5LTO
FxY3j2JM+uxG5X6bUBHuC7RZmFuy/OzWBfQgFxzH3sm49PfdhYxOD3+ywUOkCP0H
TsT6tqPtdgEYnKOjChGlDv+Oc+TN8Clme23bb4wvIfnduNwoVIc8vlm4dwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFATgJhhAqvicBwNSAcDEopSGIYUYMB8GA1UdIwQY
MBaAFAlLFPFEcDm99/ne5fopOFwdzpWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82MDY5MzktY2M2OS00Y2ZhLTg0M2Ut
NTBiNjRjYmQwZmUxLzEvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82MDY5MzktY2M2OS00Y2ZhLTg0M2UtNTBiNjRjYmQwZmUx
LzEvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAifuPM+vd
FRvpiVgcWZ4NWgbQs9zWfc4X5jMZL/0beGVtxpft4VTkxHauDHHIL6QgXOFjbbQi
+PMutfbKsW2H/21d0WoIlLjSgcJHEAwLmJ6XmNvCh600RHQLUsjD8LmGjt9T4pmx
UkTbrOABg2mnolycXtgk77pJOhakNO99o3zphtaRQAEbbSVO/pliHKOXMTqZlPIr
k5vA5mQ0+JoA5ko4mOJFLXZGCY//YCPuJjoacgxaiw3MQGwNsPPPWp6LfM1Ne9pk
2ORmu/PHVtyQ60jeih2nj7RAm2dLE/kt3i/o7vmYbdUAH7nfK/fWVv22Yr7i+4Zi
kUmlVby2hbWzyA==
-----END CERTIFICATE-----