Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft
File:                     ba7zApYp3gKduYq3tOm9IhwomRw.mft (raw, json)
Hash identifier:          dNbNtLH/DNMVrScyGmvKgmcUWPeRF0X9LvbZWvRZaN0=
Subject key identifier:   CB:00:A5:B5:FE:0B:64:CB:B1:5E:48:45:A0:3C:1B:9E:98:09:57:53
Authority key identifier: 6D:AE:F3:02:96:29:DE:02:9D:B9:8A:B7:B4:E9:BD:22:1C:28:99:1C
Certificate issuer:       /CN=6daef3029629de029db98ab7b4e9bd221c28991c
Certificate serial:       0194C388623F872A2554FAFDEAA1CFF59905
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft
Manifest number:          0A17
Signing time:             Sat 01 Feb 2025 22:01:22 +0000
Manifest this update:     Sat 01 Feb 2025 22:01:22 +0000
Manifest next update:     Sun 02 Feb 2025 22:01:22 +0000
Files and hashes:         1: ba7zApYp3gKduYq3tOm9IhwomRw.crl (hash: dkwXhmzUSEZl5C2LYsGDD+Dv3HMVB6ATqclVuQ99eqc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:88:62:3f:87:2a:25:54:fa:fd:ea:a1:cf:f5:99:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6daef3029629de029db98ab7b4e9bd221c28991c
        Validity
            Not Before: Feb  1 22:01:22 2025 GMT
            Not After : Feb  2 22:01:22 2025 GMT
        Subject: CN=cb00a5b5fe0b64cbb15e4845a03c1b9e98095753
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:39:93:6b:be:50:1b:49:7a:bc:c0:8f:da:d9:
                    87:c2:85:86:ce:b7:03:97:9b:dd:dd:f5:84:1b:6b:
                    e7:ae:f3:02:ec:02:b1:1f:56:bd:e9:e3:a4:11:6f:
                    7d:84:8f:c6:c7:23:b0:e6:b6:a5:80:ea:35:a5:08:
                    7e:55:be:1c:29:a0:2b:7e:d4:36:ff:ae:29:62:34:
                    3b:a4:72:f0:06:f6:3b:37:0f:ad:34:cd:85:0f:90:
                    87:a5:ed:de:6f:21:ac:ed:54:07:a2:9a:62:c4:d8:
                    19:2b:0e:cf:5c:6e:bd:b4:34:78:2b:54:e1:8a:b0:
                    52:bb:32:ce:0f:aa:65:d6:e7:81:3c:b5:45:f3:90:
                    ad:ea:70:ee:50:78:bd:98:18:e0:92:34:1c:86:0e:
                    61:1c:27:71:dc:42:d5:5d:d6:81:98:e8:fe:60:8d:
                    5f:c1:2e:7d:35:12:54:3f:09:d9:f2:a9:3d:69:cf:
                    fe:c4:d2:a2:fe:84:56:86:18:fe:a5:aa:23:32:20:
                    a2:52:02:7f:aa:0c:42:75:c1:a0:07:95:5f:01:c7:
                    97:c9:dc:23:5d:de:49:a6:52:c2:78:31:51:aa:fe:
                    9c:d9:e5:ef:26:96:4e:9b:7c:8f:c0:38:44:42:38:
                    b3:14:d4:90:c0:4f:d9:2e:04:31:44:be:94:c1:ff:
                    ce:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:00:A5:B5:FE:0B:64:CB:B1:5E:48:45:A0:3C:1B:9E:98:09:57:53
            X509v3 Authority Key Identifier:
                keyid:6D:AE:F3:02:96:29:DE:02:9D:B9:8A:B7:B4:E9:BD:22:1C:28:99:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:1c:04:38:9d:ad:fc:7e:5d:53:de:ac:53:24:32:a9:17:ae:
         69:2c:f2:4f:27:dc:80:cc:0d:94:ad:91:b1:da:e8:86:7f:04:
         71:ff:7e:c5:59:70:37:f6:93:95:30:c4:df:c0:f6:dc:ac:c6:
         e8:b0:51:b8:47:ac:00:fa:c8:b7:35:84:09:da:8b:a2:cb:64:
         ef:ec:e9:8e:55:d4:ce:41:e3:36:10:f2:83:be:6a:22:09:0a:
         fd:e2:11:4e:bc:b5:d9:14:4d:60:15:f5:c3:2c:c7:5c:6b:70:
         57:1f:1e:7d:3c:17:e7:88:3c:54:46:e8:cd:d6:54:55:ae:6a:
         61:b8:75:9b:c8:d9:f9:9e:00:c2:1f:b5:98:24:1c:a4:a4:84:
         a9:d1:14:1a:2a:e2:a7:f3:1a:46:35:a8:7a:1b:7e:fc:b8:b2:
         3d:fa:ce:7f:77:f3:c3:e7:9d:a8:4b:12:67:f4:2d:4d:ec:d9:
         a8:0a:b8:63:d0:c4:5b:29:6b:cf:aa:5b:c4:27:89:96:db:c2:
         ec:c1:5c:39:25:6d:1d:bf:cf:dc:79:6d:ba:eb:50:8b:0d:5c:
         2e:34:15:e5:74:8f:fa:e0:c7:f4:bc:03:c2:61:01:f7:14:a6:
         08:93:d0:3a:b0:e0:c0:9d:d8:d2:e1:bb:7f:18:e3:23:b9:a5:
         a2:2d:cf:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDiGI/hyolVPr96qHP9ZkFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkYWVmMzAyOTYyOWRlMDI5ZGI5OGFiN2I0ZTliZDIyMWMy
ODk5MWMwHhcNMjUwMjAxMjIwMTIyWhcNMjUwMjAyMjIwMTIyWjAzMTEwLwYDVQQD
EyhjYjAwYTViNWZlMGI2NGNiYjE1ZTQ4NDVhMDNjMWI5ZTk4MDk1NzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTmTa75QG0l6vMCP2tmHwoWGzrcD
l5vd3fWEG2vnrvMC7AKxH1a96eOkEW99hI/GxyOw5ralgOo1pQh+Vb4cKaArftQ2
/64pYjQ7pHLwBvY7Nw+tNM2FD5CHpe3ebyGs7VQHoppixNgZKw7PXG69tDR4K1Th
irBSuzLOD6pl1ueBPLVF85Ct6nDuUHi9mBjgkjQchg5hHCdx3ELVXdaBmOj+YI1f
wS59NRJUPwnZ8qk9ac/+xNKi/oRWhhj+paojMiCiUgJ/qgxCdcGgB5VfAceXydwj
Xd5JplLCeDFRqv6c2eXvJpZOm3yPwDhEQjizFNSQwE/ZLgQxRL6Uwf/OywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMsApbX+C2TLsV5IRaA8G56YCVdTMB8GA1UdIwQY
MBaAFG2u8wKWKd4CnbmKt7TpvSIcKJkcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iNzM0MTEtY2Y0ZS00OTk5LTlmNDIt
Y2RlNDA0ODA1YjEwLzEvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iNzM0MTEtY2Y0ZS00OTk5LTlmNDItY2RlNDA0ODA1YjEw
LzEvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALRwEOJ2t
/H5dU96sUyQyqReuaSzyTyfcgMwNlK2Rsdrohn8Ecf9+xVlwN/aTlTDE38D23KzG
6LBRuEesAPrItzWECdqLostk7+zpjlXUzkHjNhDyg75qIgkK/eIRTry12RRNYBX1
wyzHXGtwVx8efTwX54g8VEbozdZUVa5qYbh1m8jZ+Z4Awh+1mCQcpKSEqdEUGiri
p/MaRjWoeht+/LiyPfrOf3fzw+edqEsSZ/QtTezZqAq4Y9DEWylrz6pbxCeJltvC
7MFcOSVtHb/P3HltuutQiw1cLjQV5XSP+uDH9LwDwmEB9xSmCJPQOrDgwJ3Y0uG7
fxjjI7mloi3PKA==
-----END CERTIFICATE-----