Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft
File:                     MCbiQi-nIkVOYIMX0hhitmqjfTM.mft (raw, json)
Hash identifier:          +B3s05BgOpRfxypXyH51LsxNCe7dqSUVVFRS01hNypw=
Subject key identifier:   66:CE:CD:28:DF:E6:7F:09:71:70:9C:F5:5D:1C:52:E9:F3:79:4A:BA
Authority key identifier: 30:26:E2:42:2F:A7:22:45:4E:60:83:17:D2:18:62:B6:6A:A3:7D:33
Certificate issuer:       /CN=3026e2422fa722454e608317d21862b66aa37d33
Certificate serial:       0194C387D27EE5FD3529EEEB69499A75A439
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft
Manifest number:          137E
Signing time:             Sat 01 Feb 2025 22:00:45 +0000
Manifest this update:     Sat 01 Feb 2025 22:00:45 +0000
Manifest next update:     Sun 02 Feb 2025 22:00:45 +0000
Files and hashes:         1: MCbiQi-nIkVOYIMX0hhitmqjfTM.crl (hash: WSREDw19jAmOyfoFFRl5tFCF7623C8jvbhr7IvCGNTA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:87:d2:7e:e5:fd:35:29:ee:eb:69:49:9a:75:a4:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3026e2422fa722454e608317d21862b66aa37d33
        Validity
            Not Before: Feb  1 22:00:45 2025 GMT
            Not After : Feb  2 22:00:45 2025 GMT
        Subject: CN=66cecd28dfe67f0971709cf55d1c52e9f3794aba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:53:7f:9a:ad:97:d6:5d:5a:d6:c6:6e:0e:1a:
                    7e:75:0a:cc:f4:1c:ec:0c:a8:27:5a:14:13:26:19:
                    7e:a8:33:6c:fe:9b:d1:6b:62:64:69:63:4f:ce:35:
                    72:19:14:34:f8:b9:a1:39:24:55:05:c2:14:5d:f7:
                    9f:5b:2d:08:83:94:54:6c:4a:23:b2:10:fa:15:a6:
                    08:b9:f3:dc:5e:40:a4:4a:75:41:e4:f9:34:1c:76:
                    4c:b6:45:4e:b1:25:cd:90:8c:23:0d:78:3e:7d:71:
                    e8:18:fb:34:58:02:9a:da:4b:37:ff:89:9d:be:e8:
                    d3:bf:34:b2:a6:09:4b:71:53:a0:c8:89:79:21:13:
                    3e:30:52:e7:bc:0b:6d:8b:ca:85:a8:53:ab:4c:cd:
                    8e:38:49:ca:e5:da:2d:fe:0c:fc:b4:90:ec:c8:d0:
                    95:59:68:90:7a:31:c7:4d:ac:68:0b:e1:2c:4a:0c:
                    d0:48:d7:78:e2:0a:e2:25:70:43:7d:3f:eb:db:62:
                    e8:2f:96:4e:e9:c0:c0:22:de:ca:8f:a9:1d:f9:a5:
                    fa:5e:1d:4a:92:1c:14:6d:08:e3:76:c3:b3:bf:ec:
                    6d:8e:a7:fc:06:c8:fa:0b:1e:99:c5:36:03:27:03:
                    37:98:7d:3b:27:5a:7f:f9:f9:f8:ab:4f:6d:f8:9e:
                    3f:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:CE:CD:28:DF:E6:7F:09:71:70:9C:F5:5D:1C:52:E9:F3:79:4A:BA
            X509v3 Authority Key Identifier:
                keyid:30:26:E2:42:2F:A7:22:45:4E:60:83:17:D2:18:62:B6:6A:A3:7D:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:08:1e:8f:e8:05:51:ef:c9:ae:20:59:aa:1b:9a:17:e8:9b:
         56:52:05:c5:d5:cd:09:2c:09:93:40:88:7b:65:79:08:f9:6f:
         52:b7:a7:1f:42:b7:b5:b5:bd:88:5f:3b:53:5e:27:9e:1f:11:
         c3:4c:07:89:eb:34:2e:53:d2:05:d1:a5:7c:19:3a:60:da:90:
         95:8d:36:51:c3:54:45:bd:bb:35:3a:7e:3d:e8:e9:52:d3:6e:
         8c:18:5b:9b:51:50:27:18:3e:a3:de:65:0c:f5:09:8f:5c:3a:
         7e:5c:a6:de:0d:fb:1a:71:0c:d1:9f:c5:16:20:21:6b:d0:37:
         9b:2a:17:df:19:7d:95:06:ba:fd:77:07:e6:53:4d:8e:e0:d8:
         8a:bc:c7:d9:07:d3:bd:ea:46:9b:50:6e:bb:c2:7f:5e:e9:cf:
         50:57:a4:aa:b4:06:8b:9b:54:ab:28:b0:13:93:93:9a:f9:e7:
         55:88:91:4c:3f:0c:91:2e:40:63:d2:97:9e:d4:a5:8a:f2:ed:
         6e:6e:2c:fb:85:1f:59:d9:14:e4:bf:49:e3:ae:cf:3b:50:5b:
         20:37:f5:10:05:7a:38:f7:ed:60:34:6d:12:78:9f:ab:5d:b9:
         3f:90:07:f8:d2:f4:0b:3f:bd:c5:39:7d:95:40:77:18:d7:3f:
         f9:90:13:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh9J+5f01Ke7raUmadaQ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMjZlMjQyMmZhNzIyNDU0ZTYwODMxN2QyMTg2MmI2NmFh
MzdkMzMwHhcNMjUwMjAxMjIwMDQ1WhcNMjUwMjAyMjIwMDQ1WjAzMTEwLwYDVQQD
Eyg2NmNlY2QyOGRmZTY3ZjA5NzE3MDljZjU1ZDFjNTJlOWYzNzk0YWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFN/mq2X1l1a1sZuDhp+dQrM9Bzs
DKgnWhQTJhl+qDNs/pvRa2JkaWNPzjVyGRQ0+LmhOSRVBcIUXfefWy0Ig5RUbEoj
shD6FaYIufPcXkCkSnVB5Pk0HHZMtkVOsSXNkIwjDXg+fXHoGPs0WAKa2ks3/4md
vujTvzSypglLcVOgyIl5IRM+MFLnvAtti8qFqFOrTM2OOEnK5dot/gz8tJDsyNCV
WWiQejHHTaxoC+EsSgzQSNd44griJXBDfT/r22LoL5ZO6cDAIt7Kj6kd+aX6Xh1K
khwUbQjjdsOzv+xtjqf8Bsj6Cx6ZxTYDJwM3mH07J1p/+fn4q09t+J4/aQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGbOzSjf5n8JcXCc9V0cUunzeUq6MB8GA1UdIwQY
MBaAFDAm4kIvpyJFTmCDF9IYYrZqo30zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iNzkyY2MtYWI5Ni00NTZlLTlkM2Ut
YTFlZTQ0MGZmZTNlLzEvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iNzkyY2MtYWI5Ni00NTZlLTlkM2UtYTFlZTQ0MGZmZTNl
LzEvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaggej+gF
Ue/JriBZqhuaF+ibVlIFxdXNCSwJk0CIe2V5CPlvUrenH0K3tbW9iF87U14nnh8R
w0wHies0LlPSBdGlfBk6YNqQlY02UcNURb27NTp+PejpUtNujBhbm1FQJxg+o95l
DPUJj1w6flym3g37GnEM0Z/FFiAha9A3myoX3xl9lQa6/XcH5lNNjuDYirzH2QfT
vepGm1Buu8J/XunPUFekqrQGi5tUqyiwE5OTmvnnVYiRTD8MkS5AY9KXntSlivLt
bm4s+4UfWdkU5L9J467PO1BbIDf1EAV6OPftYDRtEnifq125P5AH+NL0Cz+9xTl9
lUB3GNc/+ZATmA==
-----END CERTIFICATE-----