Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/f4c354-80fb-4c39-a0f8-f18fbf596eba/1/K2s1AF0wIoBENtctw8nIZc-qoAM.mft
File:                     K2s1AF0wIoBENtctw8nIZc-qoAM.mft (raw, json)
Hash identifier:          TQYtP9+JG8LlUIb7nSmvUp/nAOCpMF4CiS2JwUmIcmo=
Subject key identifier:   EC:5B:30:C3:C0:2A:90:A6:45:B5:46:0D:23:CC:D8:7C:67:D5:F2:91
Authority key identifier: 2B:6B:35:00:5D:30:22:80:44:36:D7:2D:C3:C9:C8:65:CF:AA:A0:03
Certificate issuer:       /CN=2b6b35005d3022804436d72dc3c9c865cfaaa003
Certificate serial:       0194C3F62E8699596B6EEE294F397728C7E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K2s1AF0wIoBENtctw8nIZc-qoAM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/f4c354-80fb-4c39-a0f8-f18fbf596eba/1/K2s1AF0wIoBENtctw8nIZc-qoAM.mft
Manifest number:          0959
Signing time:             Sun 02 Feb 2025 00:01:18 +0000
Manifest this update:     Sun 02 Feb 2025 00:01:18 +0000
Manifest next update:     Mon 03 Feb 2025 00:01:18 +0000
Files and hashes:         1: K2s1AF0wIoBENtctw8nIZc-qoAM.crl (hash: cdauaj8DhPDxKZzLQc+0jDrk8hwbT69AhI6l7oXqd+U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/f4c354-80fb-4c39-a0f8-f18fbf596eba/1/K2s1AF0wIoBENtctw8nIZc-qoAM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/f4c354-80fb-4c39-a0f8-f18fbf596eba/1/K2s1AF0wIoBENtctw8nIZc-qoAM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/K2s1AF0wIoBENtctw8nIZc-qoAM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:f6:2e:86:99:59:6b:6e:ee:29:4f:39:77:28:c7:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b6b35005d3022804436d72dc3c9c865cfaaa003
        Validity
            Not Before: Feb  2 00:01:18 2025 GMT
            Not After : Feb  3 00:01:18 2025 GMT
        Subject: CN=ec5b30c3c02a90a645b5460d23ccd87c67d5f291
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:99:e0:af:77:29:b1:6d:80:f8:1a:21:43:4b:
                    42:a0:0a:88:bf:42:d7:d2:32:82:73:54:26:1f:6d:
                    9d:cd:08:02:4b:8d:60:21:ee:de:f3:d1:ba:72:0e:
                    85:d7:28:98:4d:30:43:c8:27:59:22:1f:fb:47:b1:
                    bb:50:df:8e:3d:d1:9a:ba:d5:df:80:3e:b0:81:6e:
                    72:11:1e:b0:d3:f9:32:64:c6:cc:11:f5:2a:13:6d:
                    45:a0:44:fa:08:b8:6f:1b:61:f3:70:da:41:da:62:
                    6c:9c:0c:50:3c:70:b9:c1:09:ce:68:20:72:4b:b2:
                    1b:d4:3e:28:7f:39:ad:86:52:40:3c:f9:7f:60:66:
                    f0:9d:dd:70:eb:0a:6f:16:2b:0b:61:e5:31:fb:5c:
                    6a:23:fd:4e:0d:b0:c9:e9:7a:92:7b:76:4a:d7:a1:
                    67:6f:dc:d7:5e:d0:82:b3:bd:20:38:c9:e3:69:85:
                    e9:6b:e4:48:1c:da:1f:83:f8:ba:f0:b5:f9:a8:a2:
                    5e:c8:50:36:d0:af:c1:33:54:dd:80:21:5f:32:59:
                    2d:6b:1c:5e:50:38:2b:d5:51:56:4f:77:c8:d8:33:
                    d9:42:b7:3a:1d:d2:35:f8:e8:03:96:63:83:f9:a1:
                    86:86:e6:31:91:04:46:cb:08:7f:48:e3:d5:61:e6:
                    c0:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:5B:30:C3:C0:2A:90:A6:45:B5:46:0D:23:CC:D8:7C:67:D5:F2:91
            X509v3 Authority Key Identifier:
                keyid:2B:6B:35:00:5D:30:22:80:44:36:D7:2D:C3:C9:C8:65:CF:AA:A0:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K2s1AF0wIoBENtctw8nIZc-qoAM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f4c354-80fb-4c39-a0f8-f18fbf596eba/1/K2s1AF0wIoBENtctw8nIZc-qoAM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f4c354-80fb-4c39-a0f8-f18fbf596eba/1/K2s1AF0wIoBENtctw8nIZc-qoAM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:f8:e3:9c:bf:bd:85:10:c3:ed:b5:ec:cd:4f:d7:7e:a3:26:
         69:05:d5:83:5c:79:75:7f:1d:7b:43:1d:aa:07:fc:05:2c:19:
         95:b0:f7:3a:0a:30:7f:59:f6:4e:55:a7:5f:bf:20:70:0b:25:
         dd:ea:ee:33:c7:4e:a7:66:bc:74:be:1f:ee:e2:62:36:3c:be:
         81:de:8f:f2:8d:41:1b:fa:d1:37:dd:f0:07:0b:f7:cc:5d:d8:
         a9:79:fb:1c:7c:39:d1:03:4d:ca:fa:a2:40:13:d7:30:c6:46:
         a3:49:d1:52:0d:30:2f:93:60:98:8e:7c:dd:bc:1c:4b:b7:09:
         58:a8:c7:c1:68:b4:58:2f:94:b4:8b:4b:24:e8:a0:f7:1c:ab:
         09:8c:42:12:84:c1:49:30:6f:92:0c:a3:08:f0:94:ea:5f:60:
         66:28:ed:bc:39:b8:6f:b3:90:f3:41:c0:b2:f4:c4:41:d3:01:
         ba:72:ae:9a:33:13:08:15:c5:35:c3:da:37:1a:d5:03:ec:56:
         29:90:ba:75:f6:9b:0b:d4:e6:25:46:70:a7:0b:f3:bf:e8:80:
         6c:84:a7:2b:b5:b2:8e:45:d0:9d:20:69:e0:cd:58:04:08:3b:
         dd:81:9f:5d:82:b9:1c:e9:50:6c:4f:85:37:a2:98:be:6a:78:
         02:bf:f4:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTD9i6GmVlrbu4pTzl3KMfkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiNmIzNTAwNWQzMDIyODA0NDM2ZDcyZGMzYzljODY1Y2Zh
YWEwMDMwHhcNMjUwMjAyMDAwMTE4WhcNMjUwMjAzMDAwMTE4WjAzMTEwLwYDVQQD
EyhlYzViMzBjM2MwMmE5MGE2NDViNTQ2MGQyM2NjZDg3YzY3ZDVmMjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5ngr3cpsW2A+BohQ0tCoAqIv0LX
0jKCc1QmH22dzQgCS41gIe7e89G6cg6F1yiYTTBDyCdZIh/7R7G7UN+OPdGautXf
gD6wgW5yER6w0/kyZMbMEfUqE21FoET6CLhvG2HzcNpB2mJsnAxQPHC5wQnOaCBy
S7Ib1D4ofzmthlJAPPl/YGbwnd1w6wpvFisLYeUx+1xqI/1ODbDJ6XqSe3ZK16Fn
b9zXXtCCs70gOMnjaYXpa+RIHNofg/i68LX5qKJeyFA20K/BM1TdgCFfMlktaxxe
UDgr1VFWT3fI2DPZQrc6HdI1+OgDlmOD+aGGhuYxkQRGywh/SOPVYebACQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOxbMMPAKpCmRbVGDSPM2Hxn1fKRMB8GA1UdIwQY
MBaAFCtrNQBdMCKARDbXLcPJyGXPqqADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzJzMUFGMHdJb0JFTnRjdHc4bklaYy1xb0FNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9mNGMzNTQtODBmYi00YzM5LWEwZjgt
ZjE4ZmJmNTk2ZWJhLzEvSzJzMUFGMHdJb0JFTnRjdHc4bklaYy1xb0FNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9mNGMzNTQtODBmYi00YzM5LWEwZjgtZjE4ZmJmNTk2ZWJh
LzEvSzJzMUFGMHdJb0JFTnRjdHc4bklaYy1xb0FNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPvjjnL+9
hRDD7bXszU/XfqMmaQXVg1x5dX8de0Mdqgf8BSwZlbD3Ogowf1n2TlWnX78gcAsl
3eruM8dOp2a8dL4f7uJiNjy+gd6P8o1BG/rRN93wBwv3zF3YqXn7HHw50QNNyvqi
QBPXMMZGo0nRUg0wL5NgmI583bwcS7cJWKjHwWi0WC+UtItLJOig9xyrCYxCEoTB
STBvkgyjCPCU6l9gZijtvDm4b7OQ80HAsvTEQdMBunKumjMTCBXFNcPaNxrVA+xW
KZC6dfabC9TmJUZwpwvzv+iAbISnK7WyjkXQnSBp4M1YBAg73YGfXYK5HOlQbE+F
N6KYvmp4Ar/0gg==
-----END CERTIFICATE-----