Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
File:                     vPI0wEREFriFL7NHh4rTdtCBjWQ.mft (raw, json)
Hash identifier:          VRtzL2IKApE7eHVem5ZxwSxnbgeAN+y8Vw7Jb3DFMng=
Subject key identifier:   50:51:BC:04:14:E2:0D:1F:6C:65:50:E1:C2:68:D0:E5:9D:4D:96:AC
Authority key identifier: BC:F2:34:C0:44:44:16:B8:85:2F:B3:47:87:8A:D3:76:D0:81:8D:64
Certificate issuer:       /CN=bcf234c0444416b8852fb347878ad376d0818d64
Certificate serial:       0194C4D11958C50ACB127907BA1FED93362F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
Manifest number:          07B9
Signing time:             Sun 02 Feb 2025 04:00:25 +0000
Manifest this update:     Sun 02 Feb 2025 04:00:25 +0000
Manifest next update:     Mon 03 Feb 2025 04:00:25 +0000
Files and hashes:         1: vPI0wEREFriFL7NHh4rTdtCBjWQ.crl (hash: HTNlLZ73Cfk6jr9I/LuIunWt/p44SZVdLMaZ0GiiXHk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:d1:19:58:c5:0a:cb:12:79:07:ba:1f:ed:93:36:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bcf234c0444416b8852fb347878ad376d0818d64
        Validity
            Not Before: Feb  2 04:00:25 2025 GMT
            Not After : Feb  3 04:00:25 2025 GMT
        Subject: CN=5051bc0414e20d1f6c6550e1c268d0e59d4d96ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:87:6c:1a:1e:dd:e8:3e:38:e9:93:17:c8:f8:
                    9f:d6:ec:bb:e6:c5:80:93:8c:b3:8b:c2:25:f1:da:
                    3f:0e:6e:c8:f3:e4:c5:80:db:40:3a:48:e4:c9:4a:
                    0d:74:4a:6f:93:03:6c:21:11:87:12:c2:6f:d1:0f:
                    79:3c:a0:e4:b9:6f:ff:79:a6:e9:1d:b8:8b:b3:50:
                    60:fc:1c:e9:96:05:fd:06:e6:45:29:c6:48:6c:a7:
                    b7:d5:62:6c:4e:52:21:61:43:b0:5c:a5:15:38:05:
                    7a:7e:3c:56:b3:85:d4:c7:b6:96:22:d7:43:94:cf:
                    f7:8d:e0:c2:aa:71:aa:bd:47:cf:b2:fd:ad:c5:31:
                    46:0f:75:c3:3b:54:14:66:27:06:6d:05:7b:2c:9e:
                    65:02:48:9f:a2:52:23:35:0f:89:cb:a8:bf:28:32:
                    e8:12:2d:85:e2:0d:39:8b:f2:bc:df:83:7c:1b:2d:
                    fc:27:7d:df:22:02:5e:f0:8d:a2:da:05:e9:61:f5:
                    ba:4f:a2:81:b5:e9:84:c2:29:9b:da:fe:55:e3:7e:
                    55:af:ff:0f:a0:f2:e7:0f:3d:63:31:d6:dc:c8:c1:
                    6e:c0:14:4e:7d:1b:42:a8:f7:8b:8b:00:7b:8d:78:
                    75:2a:e3:c0:b3:54:00:61:9f:58:f2:b1:7d:f6:8f:
                    8c:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:51:BC:04:14:E2:0D:1F:6C:65:50:E1:C2:68:D0:E5:9D:4D:96:AC
            X509v3 Authority Key Identifier:
                keyid:BC:F2:34:C0:44:44:16:B8:85:2F:B3:47:87:8A:D3:76:D0:81:8D:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:e4:fc:07:a2:6f:d6:47:78:0d:c7:27:e0:da:02:4f:1d:d9:
         ed:13:ff:97:16:92:7c:ab:20:30:2c:32:39:7b:e6:74:c3:38:
         08:90:b8:74:68:11:8f:13:f7:7d:77:2c:34:15:92:1a:3a:d5:
         05:5f:5f:36:5a:64:4a:35:64:87:04:cd:b5:d1:f7:37:11:78:
         5c:9f:c8:80:77:7d:a2:9b:05:af:3f:2b:4a:53:e2:b3:3c:52:
         9e:a0:c0:20:8e:24:7e:4c:33:47:46:07:d0:96:c8:ed:7f:37:
         c7:07:f2:eb:93:95:b0:fd:b0:b9:48:43:2a:ce:0a:1a:54:5e:
         51:87:e8:52:b2:ad:e8:67:74:6e:6b:2a:61:3c:80:2c:c0:14:
         33:33:71:f7:8f:28:56:e4:1d:9e:35:45:d4:2b:72:09:1d:25:
         ab:45:de:78:2d:46:f2:0c:21:5b:a5:76:3b:78:04:ac:7a:f4:
         b4:00:ac:d0:b2:56:c4:b6:ed:3d:07:a6:6e:9d:43:a7:de:aa:
         da:45:6a:ee:15:f5:50:0d:91:55:6b:dc:e9:4d:35:c6:32:64:
         63:df:94:00:28:ea:e6:3d:ec:48:1f:ad:9b:d1:29:17:35:13:
         7b:1b:2c:a3:59:d4:ab:81:82:6f:70:56:e4:61:7d:b9:fe:6c:
         73:53:4f:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTE0RlYxQrLEnkHuh/tkzYvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZjIzNGMwNDQ0NDE2Yjg4NTJmYjM0Nzg3OGFkMzc2ZDA4
MThkNjQwHhcNMjUwMjAyMDQwMDI1WhcNMjUwMjAzMDQwMDI1WjAzMTEwLwYDVQQD
Eyg1MDUxYmMwNDE0ZTIwZDFmNmM2NTUwZTFjMjY4ZDBlNTlkNGQ5NmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYdsGh7d6D446ZMXyPif1uy75sWA
k4yzi8Il8do/Dm7I8+TFgNtAOkjkyUoNdEpvkwNsIRGHEsJv0Q95PKDkuW//eabp
HbiLs1Bg/BzplgX9BuZFKcZIbKe31WJsTlIhYUOwXKUVOAV6fjxWs4XUx7aWItdD
lM/3jeDCqnGqvUfPsv2txTFGD3XDO1QUZicGbQV7LJ5lAkifolIjNQ+Jy6i/KDLo
Ei2F4g05i/K834N8Gy38J33fIgJe8I2i2gXpYfW6T6KBtemEwimb2v5V435Vr/8P
oPLnDz1jMdbcyMFuwBROfRtCqPeLiwB7jXh1KuPAs1QAYZ9Y8rF99o+MSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFBRvAQU4g0fbGVQ4cJo0OWdTZasMB8GA1UdIwQY
MBaAFLzyNMBERBa4hS+zR4eK03bQgY1kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlBJMHdFUkVGcmlGTDdOSGg0clRkdENCaldRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9iYjdhN2EtMzAzZi00MjM0LTgyYTEt
OWFjYTdiZDhlYzBmLzEvdlBJMHdFUkVGcmlGTDdOSGg0clRkdENCaldRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9iYjdhN2EtMzAzZi00MjM0LTgyYTEtOWFjYTdiZDhlYzBm
LzEvdlBJMHdFUkVGcmlGTDdOSGg0clRkdENCaldRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZOT8B6Jv
1kd4Dccn4NoCTx3Z7RP/lxaSfKsgMCwyOXvmdMM4CJC4dGgRjxP3fXcsNBWSGjrV
BV9fNlpkSjVkhwTNtdH3NxF4XJ/IgHd9opsFrz8rSlPiszxSnqDAII4kfkwzR0YH
0JbI7X83xwfy65OVsP2wuUhDKs4KGlReUYfoUrKt6Gd0bmsqYTyALMAUMzNx948o
VuQdnjVF1CtyCR0lq0XeeC1G8gwhW6V2O3gErHr0tACs0LJWxLbtPQembp1Dp96q
2kVq7hX1UA2RVWvc6U01xjJkY9+UACjq5j3sSB+tm9EpFzUTexsso1nUq4GCb3BW
5GF9uf5sc1NPJQ==
-----END CERTIFICATE-----