Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.mft
File:                     USzy1zi8akeL64yogkEB_w_IGmE.mft (raw, json)
Hash identifier:          EqFSSoVZZ6PKGK8t8ybTGUnfNs9dGhnsdmDCqf6hJ9A=
Subject key identifier:   FD:95:D4:5B:48:33:D2:99:0A:57:E8:65:82:C7:F0:0E:C9:0C:0C:9B
Authority key identifier: 51:2C:F2:D7:38:BC:6A:47:8B:EB:8C:A8:82:41:01:FF:0F:C8:1A:61
Certificate issuer:       /CN=512cf2d738bc6a478beb8ca8824101ff0fc81a61
Certificate serial:       0194C42C87A65EE9E9E1EF27E56D8E0CDA04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/USzy1zi8akeL64yogkEB_w_IGmE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.mft
Manifest number:          0210
Signing time:             Sun 02 Feb 2025 01:00:40 +0000
Manifest this update:     Sun 02 Feb 2025 01:00:40 +0000
Manifest next update:     Mon 03 Feb 2025 01:00:40 +0000
Files and hashes:         1: USzy1zi8akeL64yogkEB_w_IGmE.crl (hash: KiAGPfh9jd6olt9ZikAH9ng+KIVXcr8wpO4rYiOv1EQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/USzy1zi8akeL64yogkEB_w_IGmE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:2c:87:a6:5e:e9:e9:e1:ef:27:e5:6d:8e:0c:da:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=512cf2d738bc6a478beb8ca8824101ff0fc81a61
        Validity
            Not Before: Feb  2 01:00:40 2025 GMT
            Not After : Feb  3 01:00:40 2025 GMT
        Subject: CN=fd95d45b4833d2990a57e86582c7f00ec90c0c9b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:05:44:5b:e8:48:59:49:71:1d:71:77:80:81:
                    f7:64:26:98:5b:9b:7e:fb:01:32:a0:45:79:44:a1:
                    6e:b5:ed:cb:d9:79:c7:91:be:2c:fd:9f:c0:24:7e:
                    9b:ea:98:30:cb:84:86:1a:f1:6a:0b:7c:a7:80:b2:
                    54:7c:ba:ce:01:f6:b3:36:a1:1f:29:3c:b7:61:61:
                    71:50:e2:45:9a:57:35:b8:7f:1b:bc:fd:7c:10:4d:
                    fd:2e:91:8a:a5:ef:6d:33:8f:6d:5d:cd:08:6c:8b:
                    8b:f7:16:e3:07:32:2f:92:ee:13:9e:44:72:c3:84:
                    d3:87:0e:8e:61:ce:39:90:ea:b8:de:a2:62:f8:0c:
                    f8:46:0c:bc:21:03:7b:81:2e:f4:4d:39:f4:14:9b:
                    2a:ba:d6:79:33:79:70:51:31:9b:db:9e:13:11:d5:
                    6b:92:21:cb:0f:9d:87:91:d6:4b:9d:ba:d9:10:e9:
                    ea:92:ae:a5:18:86:be:b5:85:7b:4c:ed:f7:5c:72:
                    7a:64:3e:30:ba:41:16:78:de:d3:62:b5:20:a7:61:
                    c8:97:dd:50:8c:ad:d1:ec:32:d5:f0:96:60:69:ae:
                    d8:88:a2:9a:4c:ce:da:ec:51:50:eb:eb:79:38:29:
                    52:4f:18:e0:1e:67:ad:5f:00:d9:f2:14:8b:89:d5:
                    45:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:95:D4:5B:48:33:D2:99:0A:57:E8:65:82:C7:F0:0E:C9:0C:0C:9B
            X509v3 Authority Key Identifier:
                keyid:51:2C:F2:D7:38:BC:6A:47:8B:EB:8C:A8:82:41:01:FF:0F:C8:1A:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USzy1zi8akeL64yogkEB_w_IGmE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:22:02:c1:0f:7a:44:fe:98:73:51:bc:c5:74:c2:93:86:cc:
         bc:18:cb:15:a1:e0:37:c9:0a:71:c4:49:1c:44:ce:b5:a1:27:
         cd:01:cc:b5:ad:a0:8d:4d:8f:5b:33:ff:31:b6:a9:61:ec:73:
         19:33:13:23:72:4d:f2:d5:8e:5a:0c:a5:1c:a5:b6:5d:47:13:
         b5:7b:b4:a8:c9:f2:89:e1:3e:96:3a:99:34:75:6f:33:6d:c2:
         a7:53:f9:0e:26:b0:63:b9:70:33:cc:ce:2e:54:ed:ce:4e:b6:
         6e:5d:91:89:83:03:06:b1:eb:a6:4e:3a:6b:b0:7c:6d:1e:4a:
         89:bd:d3:ff:09:84:94:46:99:02:f6:a5:ed:3a:6a:65:d4:36:
         ee:1e:2d:5c:f0:07:19:6f:48:d6:f6:08:d7:d6:03:c2:a0:47:
         d6:ac:1a:0f:57:2e:79:94:bf:c5:c4:e1:50:d3:dc:c6:e5:b2:
         1d:8d:6b:02:36:97:85:9e:c2:21:63:f2:05:4f:f5:22:7f:1b:
         1c:c0:d9:57:71:4c:86:17:7e:0c:4d:83:06:fa:94:3b:c5:90:
         3f:fb:2f:79:88:41:e6:71:48:a7:4a:06:40:97:22:ee:bb:ee:
         4d:ec:81:f3:bc:a1:cc:d8:54:d1:78:e0:82:f7:6e:e1:b8:6b:
         9d:dd:84:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTELIemXunp4e8n5W2ODNoEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMmNmMmQ3MzhiYzZhNDc4YmViOGNhODgyNDEwMWZmMGZj
ODFhNjEwHhcNMjUwMjAyMDEwMDQwWhcNMjUwMjAzMDEwMDQwWjAzMTEwLwYDVQQD
EyhmZDk1ZDQ1YjQ4MzNkMjk5MGE1N2U4NjU4MmM3ZjAwZWM5MGMwYzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9wVEW+hIWUlxHXF3gIH3ZCaYW5t+
+wEyoEV5RKFute3L2XnHkb4s/Z/AJH6b6pgwy4SGGvFqC3yngLJUfLrOAfazNqEf
KTy3YWFxUOJFmlc1uH8bvP18EE39LpGKpe9tM49tXc0IbIuL9xbjBzIvku4TnkRy
w4TThw6OYc45kOq43qJi+Az4Rgy8IQN7gS70TTn0FJsqutZ5M3lwUTGb254TEdVr
kiHLD52HkdZLnbrZEOnqkq6lGIa+tYV7TO33XHJ6ZD4wukEWeN7TYrUgp2HIl91Q
jK3R7DLV8JZgaa7YiKKaTM7a7FFQ6+t5OClSTxjgHmetXwDZ8hSLidVFuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP2V1FtIM9KZClfoZYLH8A7JDAybMB8GA1UdIwQY
MBaAFFEs8tc4vGpHi+uMqIJBAf8PyBphMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVN6eTF6aThha2VMNjR5b2drRUJfd19JR21FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS80YTU0Y2YtMjQxNC00ZDZmLThiYTUt
NzAwMWJhZjc3NWYyLzEvVVN6eTF6aThha2VMNjR5b2drRUJfd19JR21FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS80YTU0Y2YtMjQxNC00ZDZmLThiYTUtNzAwMWJhZjc3NWYy
LzEvVVN6eTF6aThha2VMNjR5b2drRUJfd19JR21FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATiICwQ96
RP6Yc1G8xXTCk4bMvBjLFaHgN8kKccRJHETOtaEnzQHMta2gjU2PWzP/MbapYexz
GTMTI3JN8tWOWgylHKW2XUcTtXu0qMnyieE+ljqZNHVvM23Cp1P5DiawY7lwM8zO
LlTtzk62bl2RiYMDBrHrpk46a7B8bR5Kib3T/wmElEaZAval7TpqZdQ27h4tXPAH
GW9I1vYI19YDwqBH1qwaD1cueZS/xcThUNPcxuWyHY1rAjaXhZ7CIWPyBU/1In8b
HMDZV3FMhhd+DE2DBvqUO8WQP/sveYhB5nFIp0oGQJci7rvuTeyB87yhzNhU0Xjg
gvdu4bhrnd2Edg==
-----END CERTIFICATE-----