Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5fdc69-64c2-4b47-a4f8-ab39be656057/1/WAFhHoC63kAvvWDnhvNPtxctIlo.mft
File:                     WAFhHoC63kAvvWDnhvNPtxctIlo.mft (raw, json)
Hash identifier:          A8JHohKVnE6R1PdmI425gqh2pCFb0FE0b3Fy3/d4kh0=
Subject key identifier:   1C:B2:92:97:B6:07:F5:69:C6:C4:46:9E:A4:CC:C8:90:89:A0:82:23
Authority key identifier: 58:01:61:1E:80:BA:DE:40:2F:BD:60:E7:86:F3:4F:B7:17:2D:22:5A
Certificate issuer:       /CN=5801611e80bade402fbd60e786f34fb7172d225a
Certificate serial:       019511A27335AC57AF6CE4BB1E9D6B927CC1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WAFhHoC63kAvvWDnhvNPtxctIlo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/5fdc69-64c2-4b47-a4f8-ab39be656057/1/WAFhHoC63kAvvWDnhvNPtxctIlo.mft
Manifest number:          11B6
Signing time:             Mon 17 Feb 2025 02:00:13 +0000
Manifest this update:     Mon 17 Feb 2025 02:00:13 +0000
Manifest next update:     Tue 18 Feb 2025 02:00:13 +0000
Files and hashes:         1: WAFhHoC63kAvvWDnhvNPtxctIlo.crl (hash: d3XPoW2xJclBFMvo2pM3QYYuNaNm/wNkTeWFX/9gi1E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/5fdc69-64c2-4b47-a4f8-ab39be656057/1/WAFhHoC63kAvvWDnhvNPtxctIlo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/5fdc69-64c2-4b47-a4f8-ab39be656057/1/WAFhHoC63kAvvWDnhvNPtxctIlo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WAFhHoC63kAvvWDnhvNPtxctIlo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:a2:73:35:ac:57:af:6c:e4:bb:1e:9d:6b:92:7c:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5801611e80bade402fbd60e786f34fb7172d225a
        Validity
            Not Before: Feb 17 02:00:13 2025 GMT
            Not After : Feb 18 02:00:13 2025 GMT
        Subject: CN=1cb29297b607f569c6c4469ea4ccc89089a08223
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:46:dd:05:4d:98:1e:fc:cb:1c:a6:b6:5c:db:
                    ed:a4:36:9c:d9:58:9c:e3:ae:f5:0e:4d:7a:3b:0f:
                    ee:c9:d1:f9:f4:c6:30:80:9d:1b:cf:86:81:9a:09:
                    a2:2a:72:7c:56:ed:a1:5e:c9:ca:7f:3a:08:12:a3:
                    b3:d4:95:09:6c:7a:b8:64:b0:2b:72:0f:ae:89:92:
                    45:79:ce:ab:33:ce:02:f1:8e:4b:10:aa:ad:6c:46:
                    14:42:90:99:7f:85:71:82:2a:45:59:5f:12:36:94:
                    8b:c4:35:2b:62:1f:fa:53:63:3f:52:b2:28:c6:7e:
                    19:6a:2d:fa:b7:fa:c7:27:a0:05:d9:6d:ce:ad:fc:
                    01:93:bb:de:08:ea:66:c7:dc:c1:f8:8b:35:b2:e5:
                    f5:d5:b2:c7:de:40:74:15:46:a8:11:29:2d:47:9b:
                    09:9d:73:69:a1:a7:7f:ca:74:27:b3:a8:bd:81:60:
                    95:25:2f:99:31:b3:ac:02:03:00:71:5e:a3:40:91:
                    c1:dd:54:04:38:88:76:e5:88:59:2f:b3:65:47:1e:
                    86:66:db:b6:da:ae:6f:9f:b2:4e:4e:05:af:5c:0f:
                    61:94:66:03:73:e9:98:ad:fb:da:9a:e2:06:96:01:
                    b6:9d:c4:53:d7:d9:b7:42:15:45:38:4e:e3:26:ab:
                    61:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:B2:92:97:B6:07:F5:69:C6:C4:46:9E:A4:CC:C8:90:89:A0:82:23
            X509v3 Authority Key Identifier:
                keyid:58:01:61:1E:80:BA:DE:40:2F:BD:60:E7:86:F3:4F:B7:17:2D:22:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAFhHoC63kAvvWDnhvNPtxctIlo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5fdc69-64c2-4b47-a4f8-ab39be656057/1/WAFhHoC63kAvvWDnhvNPtxctIlo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5fdc69-64c2-4b47-a4f8-ab39be656057/1/WAFhHoC63kAvvWDnhvNPtxctIlo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:a9:00:83:50:ba:b6:03:46:ff:51:75:bb:a8:f3:9b:73:4a:
         24:3b:36:f5:38:97:b4:10:e1:54:a0:2a:ff:e3:ed:ca:b0:90:
         db:9b:a7:e6:15:eb:7e:d5:f4:66:3e:3a:92:10:6d:f1:c2:56:
         78:26:6e:34:80:d2:f3:a3:0c:c2:1b:4f:19:39:62:40:d0:5e:
         ea:74:ec:22:3b:77:b1:03:64:3c:0b:19:66:64:dc:d8:eb:f2:
         14:1f:3d:00:51:f3:88:b0:22:4e:ca:57:cc:50:30:cc:35:ff:
         bf:eb:32:91:c2:af:cd:56:6d:04:5b:a5:bb:0b:cd:10:80:44:
         01:2f:3d:ec:d5:ba:f4:5e:80:95:4a:0e:ed:34:82:c4:3f:bb:
         45:85:1d:ac:d6:bb:ba:d7:46:a6:40:21:0a:f9:80:06:78:75:
         44:44:92:ab:52:93:eb:3c:23:01:ef:df:17:07:72:d0:f2:6f:
         3b:fb:c9:3c:f4:0e:26:fd:a3:16:ec:87:f2:45:e0:13:2f:9f:
         5c:63:1f:aa:bf:f8:3d:66:58:1f:a8:36:40:42:c4:f5:85:a8:
         ec:d2:e8:cd:c2:63:c5:f5:42:1d:c5:80:a2:d9:97:a5:28:12:
         98:9a:c8:72:ba:fa:29:9f:f6:56:27:d7:a9:a3:86:78:8f:e5:
         05:fb:4b:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURonM1rFevbOS7Hp1rknzBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MDE2MTFlODBiYWRlNDAyZmJkNjBlNzg2ZjM0ZmI3MTcy
ZDIyNWEwHhcNMjUwMjE3MDIwMDEzWhcNMjUwMjE4MDIwMDEzWjAzMTEwLwYDVQQD
EygxY2IyOTI5N2I2MDdmNTY5YzZjNDQ2OWVhNGNjYzg5MDg5YTA4MjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUbdBU2YHvzLHKa2XNvtpDac2Vic
4671Dk16Ow/uydH59MYwgJ0bz4aBmgmiKnJ8Vu2hXsnKfzoIEqOz1JUJbHq4ZLAr
cg+uiZJFec6rM84C8Y5LEKqtbEYUQpCZf4VxgipFWV8SNpSLxDUrYh/6U2M/UrIo
xn4Zai36t/rHJ6AF2W3OrfwBk7veCOpmx9zB+Is1suX11bLH3kB0FUaoESktR5sJ
nXNpoad/ynQns6i9gWCVJS+ZMbOsAgMAcV6jQJHB3VQEOIh25YhZL7NlRx6GZtu2
2q5vn7JOTgWvXA9hlGYDc+mYrfvamuIGlgG2ncRT19m3QhVFOE7jJqthBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFByykpe2B/VpxsRGnqTMyJCJoIIjMB8GA1UdIwQY
MBaAFFgBYR6Aut5AL71g54bzT7cXLSJaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0FGaEhvQzYza0F2dldEbmh2TlB0eGN0SWxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81ZmRjNjktNjRjMi00YjQ3LWE0Zjgt
YWIzOWJlNjU2MDU3LzEvV0FGaEhvQzYza0F2dldEbmh2TlB0eGN0SWxvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81ZmRjNjktNjRjMi00YjQ3LWE0ZjgtYWIzOWJlNjU2MDU3
LzEvV0FGaEhvQzYza0F2dldEbmh2TlB0eGN0SWxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiKkAg1C6
tgNG/1F1u6jzm3NKJDs29TiXtBDhVKAq/+PtyrCQ25un5hXrftX0Zj46khBt8cJW
eCZuNIDS86MMwhtPGTliQNBe6nTsIjt3sQNkPAsZZmTc2OvyFB89AFHziLAiTspX
zFAwzDX/v+sykcKvzVZtBFuluwvNEIBEAS897NW69F6AlUoO7TSCxD+7RYUdrNa7
utdGpkAhCvmABnh1RESSq1KT6zwjAe/fFwdy0PJvO/vJPPQOJv2jFuyH8kXgEy+f
XGMfqr/4PWZYH6g2QELE9YWo7NLozcJjxfVCHcWAotmXpSgSmJrIcrr6KZ/2VifX
qaOGeI/lBftLXw==
-----END CERTIFICATE-----