Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.mft
File:                     hCsY-NHbH5R2IbLY94ZgPisb1Qw.mft (raw, json)
Hash identifier:          o1uEEB9zlrucKf2S92OxC3P1GN1gVF3ni2bYbpFyA4Q=
Subject key identifier:   A3:50:F9:A6:06:62:7D:93:BC:B3:06:19:96:58:87:64:FA:3F:55:88
Authority key identifier: 84:2B:18:F8:D1:DB:1F:94:76:21:B2:D8:F7:86:60:3E:2B:1B:D5:0C
Certificate issuer:       /CN=842b18f8d1db1f947621b2d8f786603e2b1bd50c
Certificate serial:       0194C387D21118E5878A5C784141EA0446C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hCsY-NHbH5R2IbLY94ZgPisb1Qw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.mft
Manifest number:          0713
Signing time:             Sat 01 Feb 2025 22:00:45 +0000
Manifest this update:     Sat 01 Feb 2025 22:00:45 +0000
Manifest next update:     Sun 02 Feb 2025 22:00:45 +0000
Files and hashes:         1: hCsY-NHbH5R2IbLY94ZgPisb1Qw.crl (hash: JT43KDWyoEM75ydIFeYkhDqmQnhg55udlMYJCUsycdU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hCsY-NHbH5R2IbLY94ZgPisb1Qw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:87:d2:11:18:e5:87:8a:5c:78:41:41:ea:04:46:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=842b18f8d1db1f947621b2d8f786603e2b1bd50c
        Validity
            Not Before: Feb  1 22:00:45 2025 GMT
            Not After : Feb  2 22:00:45 2025 GMT
        Subject: CN=a350f9a606627d93bcb3061996588764fa3f5588
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:7b:c8:ea:e2:32:d9:21:cb:11:d4:74:c0:f4:
                    67:ff:a7:90:3f:bc:dd:a8:c4:ee:c7:3d:7a:49:c3:
                    19:7b:cc:24:fb:77:51:5f:55:3f:e9:aa:57:c7:af:
                    a3:f1:6b:5a:90:28:9a:ba:38:cc:c2:3d:4f:f6:f6:
                    ac:57:a3:19:8b:0f:43:d8:09:fb:51:c4:57:39:7e:
                    24:73:d4:08:bd:a7:fe:f2:be:d4:a4:4b:21:d2:e5:
                    4f:dc:78:1b:02:e0:aa:0e:d1:80:43:d3:67:a6:7d:
                    c9:bc:ea:87:3e:65:69:64:95:77:cc:66:e4:f1:b1:
                    eb:89:ef:25:1d:00:05:49:7b:7f:bf:ab:b7:69:d4:
                    36:04:0d:f6:86:17:a1:e6:7d:91:91:5d:ae:ee:9d:
                    70:30:4a:1f:90:af:78:8a:ce:64:31:c4:b1:2c:61:
                    24:39:3c:9e:fc:15:e2:b5:08:01:d0:b7:4e:14:7b:
                    70:5e:ea:2d:d2:11:a9:1f:3b:04:76:b1:34:84:dc:
                    86:87:ca:6d:89:54:33:bf:19:85:e5:66:e4:40:70:
                    96:26:a6:1d:64:90:60:9e:c2:85:2c:f5:47:a0:90:
                    84:d3:5e:9e:47:7f:34:91:7a:08:ea:a2:f6:ee:30:
                    80:f7:5b:a0:ff:47:82:b2:81:ea:15:15:1c:d1:db:
                    59:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:50:F9:A6:06:62:7D:93:BC:B3:06:19:96:58:87:64:FA:3F:55:88
            X509v3 Authority Key Identifier:
                keyid:84:2B:18:F8:D1:DB:1F:94:76:21:B2:D8:F7:86:60:3E:2B:1B:D5:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hCsY-NHbH5R2IbLY94ZgPisb1Qw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cc:5a:fc:87:f8:02:36:da:91:31:7f:3e:26:59:5f:18:08:1d:
         50:ad:e1:dc:02:82:99:83:00:9c:df:5d:7c:84:33:8c:d2:7c:
         11:55:30:8e:3b:65:6c:54:b3:6f:49:f7:9b:4c:07:e0:9a:0b:
         ce:72:fa:1f:11:33:75:11:55:e8:7d:1a:b7:76:56:1a:12:f7:
         42:fa:3b:b2:93:b8:70:a1:a6:f5:35:75:d3:d8:a7:ca:1d:95:
         c4:18:3c:88:6b:0d:03:24:20:1c:b0:fb:f3:e7:97:4b:bc:39:
         44:a7:a8:1c:19:55:26:7f:0b:a3:3d:f3:fe:e5:27:03:6b:db:
         e1:e4:94:1b:64:c6:e3:b9:3d:bd:61:eb:9c:d2:d6:6b:e1:23:
         36:0f:64:6c:75:d3:96:8b:e0:c8:dc:4d:3a:1e:63:61:f0:0d:
         ed:4b:e4:24:0c:fe:f3:5c:8d:82:25:f5:24:72:27:ca:56:7f:
         58:42:ac:c0:1c:61:f0:ba:01:35:b2:1e:35:da:3e:7e:89:d9:
         17:e8:4a:e7:c3:e7:06:d0:a6:f6:c9:d7:df:06:83:41:21:3c:
         f9:e4:c3:c2:d3:a6:9e:0e:f8:4b:29:6d:38:a8:8f:82:eb:36:
         7d:09:75:48:e5:33:4a:87:5a:04:53:f0:ff:1f:6e:18:ba:ce:
         92:7a:2d:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh9IRGOWHilx4QUHqBEbFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MmIxOGY4ZDFkYjFmOTQ3NjIxYjJkOGY3ODY2MDNlMmIx
YmQ1MGMwHhcNMjUwMjAxMjIwMDQ1WhcNMjUwMjAyMjIwMDQ1WjAzMTEwLwYDVQQD
EyhhMzUwZjlhNjA2NjI3ZDkzYmNiMzA2MTk5NjU4ODc2NGZhM2Y1NTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3vI6uIy2SHLEdR0wPRn/6eQP7zd
qMTuxz16ScMZe8wk+3dRX1U/6apXx6+j8WtakCiaujjMwj1P9vasV6MZiw9D2An7
UcRXOX4kc9QIvaf+8r7UpEsh0uVP3HgbAuCqDtGAQ9Nnpn3JvOqHPmVpZJV3zGbk
8bHrie8lHQAFSXt/v6u3adQ2BA32hheh5n2RkV2u7p1wMEofkK94is5kMcSxLGEk
OTye/BXitQgB0LdOFHtwXuot0hGpHzsEdrE0hNyGh8ptiVQzvxmF5WbkQHCWJqYd
ZJBgnsKFLPVHoJCE016eR380kXoI6qL27jCA91ug/0eCsoHqFRUc0dtZUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKNQ+aYGYn2TvLMGGZZYh2T6P1WIMB8GA1UdIwQY
MBaAFIQrGPjR2x+UdiGy2PeGYD4rG9UMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaENzWS1OSGJINVIySWJMWTk0WmdQaXNiMVF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8zYzhlNzgtZGZhMC00NjE2LWIyMjgt
MGI5NzBiOTZjOTBiLzEvaENzWS1OSGJINVIySWJMWTk0WmdQaXNiMVF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8zYzhlNzgtZGZhMC00NjE2LWIyMjgtMGI5NzBiOTZjOTBi
LzEvaENzWS1OSGJINVIySWJMWTk0WmdQaXNiMVF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzFr8h/gC
NtqRMX8+JllfGAgdUK3h3AKCmYMAnN9dfIQzjNJ8EVUwjjtlbFSzb0n3m0wH4JoL
znL6HxEzdRFV6H0at3ZWGhL3Qvo7spO4cKGm9TV109inyh2VxBg8iGsNAyQgHLD7
8+eXS7w5RKeoHBlVJn8Loz3z/uUnA2vb4eSUG2TG47k9vWHrnNLWa+EjNg9kbHXT
lovgyNxNOh5jYfAN7UvkJAz+81yNgiX1JHInylZ/WEKswBxh8LoBNbIeNdo+fonZ
F+hK58PnBtCm9snX3waDQSE8+eTDwtOmng74SyltOKiPgus2fQl1SOUzSodaBFPw
/x9uGLrOknotTQ==
-----END CERTIFICATE-----