Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.mft
File:                     a-BR-5PgFam3YbtFr-EJ2740fGY.mft (raw, json)
Hash identifier:          dpH/aXfbCSaGnE2ZM8IyFk7wcl/eTTGFrzJavqpUfNk=
Subject key identifier:   4F:F3:7C:B2:36:28:F5:84:51:CD:54:08:D4:F2:17:A0:DE:48:C7:43
Authority key identifier: 6B:E0:51:FB:93:E0:15:A9:B7:61:BB:45:AF:E1:09:DB:BE:34:7C:66
Certificate issuer:       /CN=6be051fb93e015a9b761bb45afe109dbbe347c66
Certificate serial:       0194C4630BFE1586D3257786A3A8AEAF2B3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a-BR-5PgFam3YbtFr-EJ2740fGY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.mft
Manifest number:          03DF
Signing time:             Sun 02 Feb 2025 02:00:12 +0000
Manifest this update:     Sun 02 Feb 2025 02:00:12 +0000
Manifest next update:     Mon 03 Feb 2025 02:00:12 +0000
Files and hashes:         1: a-BR-5PgFam3YbtFr-EJ2740fGY.crl (hash: APGgJm8itZ09lU/IOltBiwSXSRRNUr4xBKyQwPn5j1c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a-BR-5PgFam3YbtFr-EJ2740fGY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:63:0b:fe:15:86:d3:25:77:86:a3:a8:ae:af:2b:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6be051fb93e015a9b761bb45afe109dbbe347c66
        Validity
            Not Before: Feb  2 02:00:12 2025 GMT
            Not After : Feb  3 02:00:12 2025 GMT
        Subject: CN=4ff37cb23628f58451cd5408d4f217a0de48c743
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:67:0a:a7:5c:b8:63:57:82:98:2d:c9:bf:0c:
                    4d:27:36:46:4a:6e:f0:a0:34:1b:eb:34:ce:63:f8:
                    80:83:d4:66:83:95:bd:7e:7b:b7:b4:79:09:32:99:
                    6c:c4:e0:1d:05:23:cf:6a:45:06:1f:de:ab:58:0c:
                    51:83:4f:84:a6:1f:ea:33:18:f8:2e:cc:fa:c4:4d:
                    c5:c9:11:5f:79:9e:74:b1:73:ad:4a:17:e2:45:24:
                    7b:31:6d:bb:88:2a:ba:16:81:5f:4f:50:b8:93:df:
                    9a:4b:04:0d:e2:a6:9d:98:e5:2d:94:3a:0a:21:5a:
                    9c:0a:cc:b7:0b:87:f5:69:12:4e:d6:46:f7:c1:3f:
                    b8:da:8a:0c:5b:89:90:fa:a6:60:53:69:3f:c9:20:
                    22:92:ca:46:77:10:13:b0:f9:8d:8e:e4:15:c2:65:
                    97:b1:5c:e1:ed:f3:99:2c:25:d8:9a:ac:18:8a:52:
                    b7:07:7b:6f:64:ea:39:b8:03:4e:56:5f:1b:e9:90:
                    e1:cb:10:c5:83:ec:80:cf:aa:7e:b6:27:88:e0:f7:
                    0e:cf:43:88:7f:31:26:cb:d4:f6:3d:75:ca:0d:8d:
                    6a:06:78:72:12:0b:39:25:ba:e5:f9:e7:8e:c2:d1:
                    c9:7c:92:72:4a:8d:85:0f:f3:d7:55:8b:48:63:6b:
                    f0:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:F3:7C:B2:36:28:F5:84:51:CD:54:08:D4:F2:17:A0:DE:48:C7:43
            X509v3 Authority Key Identifier:
                keyid:6B:E0:51:FB:93:E0:15:A9:B7:61:BB:45:AF:E1:09:DB:BE:34:7C:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a-BR-5PgFam3YbtFr-EJ2740fGY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:18:f5:10:9f:fa:f8:bd:09:fd:8c:c3:78:e0:8c:4c:01:da:
         fb:c8:98:cb:63:3b:49:08:6e:e6:a1:88:1b:af:5d:95:0c:6c:
         57:0f:c1:25:4f:7b:04:5e:ee:58:c9:7b:15:6f:01:67:61:43:
         8d:61:bb:ac:80:2f:62:fd:6c:0d:10:76:2b:ae:53:c3:63:73:
         fc:1d:b9:6b:7a:de:a9:06:95:d4:b8:01:d9:ba:a6:a5:c6:ee:
         68:33:7f:29:b7:25:00:58:c7:e6:e7:ec:44:67:c7:49:70:2b:
         70:63:75:70:5c:d9:68:5e:20:61:06:85:6c:cb:5f:a4:f5:41:
         e0:09:b9:43:f7:12:d1:23:49:d2:56:1d:23:32:8e:28:83:4a:
         9a:12:88:15:e7:c8:a4:3b:bd:00:ef:db:24:8f:00:b8:20:ac:
         94:99:64:5b:19:04:3e:ed:25:14:ac:88:e5:05:5d:05:77:85:
         99:da:5f:2e:a4:d1:b8:36:34:43:7d:75:76:30:8c:6c:2d:6c:
         7d:ff:ba:50:d4:86:f2:94:4e:e6:af:77:12:6c:35:4d:3a:d2:
         58:60:65:fb:55:9c:41:6f:d5:8d:83:76:41:2d:d6:b9:1b:3a:
         30:98:73:eb:9c:a0:f8:1d:58:95:34:2f:dc:c1:66:e8:e6:63:
         9f:c6:bb:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTEYwv+FYbTJXeGo6iurys6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiZTA1MWZiOTNlMDE1YTliNzYxYmI0NWFmZTEwOWRiYmUz
NDdjNjYwHhcNMjUwMjAyMDIwMDEyWhcNMjUwMjAzMDIwMDEyWjAzMTEwLwYDVQQD
Eyg0ZmYzN2NiMjM2MjhmNTg0NTFjZDU0MDhkNGYyMTdhMGRlNDhjNzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA12cKp1y4Y1eCmC3JvwxNJzZGSm7w
oDQb6zTOY/iAg9Rmg5W9fnu3tHkJMplsxOAdBSPPakUGH96rWAxRg0+Eph/qMxj4
Lsz6xE3FyRFfeZ50sXOtShfiRSR7MW27iCq6FoFfT1C4k9+aSwQN4qadmOUtlDoK
IVqcCsy3C4f1aRJO1kb3wT+42ooMW4mQ+qZgU2k/ySAikspGdxATsPmNjuQVwmWX
sVzh7fOZLCXYmqwYilK3B3tvZOo5uANOVl8b6ZDhyxDFg+yAz6p+tieI4PcOz0OI
fzEmy9T2PXXKDY1qBnhyEgs5Jbrl+eeOwtHJfJJySo2FD/PXVYtIY2vwmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE/zfLI2KPWEUc1UCNTyF6DeSMdDMB8GA1UdIwQY
MBaAFGvgUfuT4BWpt2G7Ra/hCdu+NHxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYS1CUi01UGdGYW0zWWJ0RnItRUoyNzQwZkdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yNWY4NWUtZDA3MC00ODhiLTg5ZjYt
ZjRlNTlmMzlhNzRhLzEvYS1CUi01UGdGYW0zWWJ0RnItRUoyNzQwZkdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yNWY4NWUtZDA3MC00ODhiLTg5ZjYtZjRlNTlmMzlhNzRh
LzEvYS1CUi01UGdGYW0zWWJ0RnItRUoyNzQwZkdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQBj1EJ/6
+L0J/YzDeOCMTAHa+8iYy2M7SQhu5qGIG69dlQxsVw/BJU97BF7uWMl7FW8BZ2FD
jWG7rIAvYv1sDRB2K65Tw2Nz/B25a3reqQaV1LgB2bqmpcbuaDN/KbclAFjH5ufs
RGfHSXArcGN1cFzZaF4gYQaFbMtfpPVB4Am5Q/cS0SNJ0lYdIzKOKINKmhKIFefI
pDu9AO/bJI8AuCCslJlkWxkEPu0lFKyI5QVdBXeFmdpfLqTRuDY0Q311djCMbC1s
ff+6UNSG8pRO5q93Emw1TTrSWGBl+1WcQW/VjYN2QS3WuRs6MJhz65yg+B1YlTQv
3MFm6OZjn8a7ZQ==
-----END CERTIFICATE-----