Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5fdc69-64c2-4b47-a4f8-ab39be656057/1/WAFhHoC63kAvvWDnhvNPtxctIlo.mft
File:                     WAFhHoC63kAvvWDnhvNPtxctIlo.mft (raw, json)
Hash identifier:          IA6NAbOb1D+TUROjrpAFV5SNEi7N61DT+y6LToQebzY=
Subject key identifier:   E9:84:AA:C8:A5:14:D9:50:5D:81:58:B2:BA:02:9A:79:0F:30:D2:55
Authority key identifier: 58:01:61:1E:80:BA:DE:40:2F:BD:60:E7:86:F3:4F:B7:17:2D:22:5A
Certificate issuer:       /CN=5801611e80bade402fbd60e786f34fb7172d225a
Certificate serial:       01958F2A136E32F993E84A5BF902CC8A2FD8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WAFhHoC63kAvvWDnhvNPtxctIlo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/5fdc69-64c2-4b47-a4f8-ab39be656057/1/WAFhHoC63kAvvWDnhvNPtxctIlo.mft
Manifest number:          11F7
Signing time:             Thu 13 Mar 2025 11:00:54 +0000
Manifest this update:     Thu 13 Mar 2025 11:00:54 +0000
Manifest next update:     Fri 14 Mar 2025 11:00:54 +0000
Files and hashes:         1: WAFhHoC63kAvvWDnhvNPtxctIlo.crl (hash: KAxuUXTtw+b6FL/HVmYaNeSt6OBkT1R8SRybEI1KJ7I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/5fdc69-64c2-4b47-a4f8-ab39be656057/1/WAFhHoC63kAvvWDnhvNPtxctIlo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/5fdc69-64c2-4b47-a4f8-ab39be656057/1/WAFhHoC63kAvvWDnhvNPtxctIlo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WAFhHoC63kAvvWDnhvNPtxctIlo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 14 Mar 2025 09:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8f:2a:13:6e:32:f9:93:e8:4a:5b:f9:02:cc:8a:2f:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5801611e80bade402fbd60e786f34fb7172d225a
        Validity
            Not Before: Mar 13 11:00:54 2025 GMT
            Not After : Mar 14 11:00:54 2025 GMT
        Subject: CN=e984aac8a514d9505d8158b2ba029a790f30d255
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:91:62:a2:c8:5c:a0:e0:1c:8c:01:6f:7c:d2:
                    1e:4f:66:dc:70:c9:c9:6b:92:0a:16:65:68:89:f8:
                    0f:25:cb:7c:8a:c2:c1:47:10:09:94:20:7e:88:7b:
                    1e:05:82:98:f6:66:05:0a:c1:ec:70:5c:95:c6:18:
                    23:23:42:9a:c0:45:85:1b:0a:95:1a:4e:b6:ed:a3:
                    31:f6:cc:66:af:0f:00:18:58:24:8b:2b:95:5c:55:
                    3e:2e:42:c0:ad:db:a9:fb:1b:6b:24:01:26:15:a5:
                    3a:d3:05:44:1e:89:7f:69:42:57:a4:3d:88:92:f4:
                    37:7f:68:23:16:b5:8e:eb:d5:38:19:fb:df:dd:fe:
                    e9:1c:c2:32:31:b3:cc:e5:39:85:d5:4b:00:25:fb:
                    42:57:2e:45:f7:39:65:e5:8c:c3:e4:89:63:66:a2:
                    bb:41:d4:ae:14:ed:04:2a:79:f7:81:b7:33:4a:55:
                    08:5c:b0:58:37:92:17:13:e4:04:71:f9:85:a7:6d:
                    c6:1c:4d:7b:91:45:91:a8:49:af:9e:1a:98:c2:77:
                    a4:30:25:65:ff:13:42:63:1a:1d:c8:94:18:ed:a6:
                    d4:1c:7f:fd:8d:87:7d:c0:82:12:8c:32:63:e2:0e:
                    4f:a0:6f:36:32:a5:ca:27:e5:74:dd:a6:d6:27:a7:
                    4e:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:84:AA:C8:A5:14:D9:50:5D:81:58:B2:BA:02:9A:79:0F:30:D2:55
            X509v3 Authority Key Identifier:
                keyid:58:01:61:1E:80:BA:DE:40:2F:BD:60:E7:86:F3:4F:B7:17:2D:22:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAFhHoC63kAvvWDnhvNPtxctIlo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5fdc69-64c2-4b47-a4f8-ab39be656057/1/WAFhHoC63kAvvWDnhvNPtxctIlo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5fdc69-64c2-4b47-a4f8-ab39be656057/1/WAFhHoC63kAvvWDnhvNPtxctIlo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:94:07:16:f0:45:6b:92:76:48:34:83:60:ac:c1:a1:ec:8c:
         32:e6:83:5b:2c:60:74:e7:05:76:ce:72:f7:61:3e:4e:f8:cd:
         62:51:bc:b5:58:d2:7b:aa:eb:ed:b3:f5:18:9d:1b:a4:11:a4:
         8e:54:3e:34:4d:38:74:3d:a4:03:f5:95:6d:e1:c9:db:54:61:
         cd:5a:a1:aa:a8:12:2e:11:c5:36:7a:c1:c6:d5:a5:3d:95:fc:
         9c:a7:94:1f:ac:13:6e:a0:58:f6:1d:0e:1b:3d:4c:d6:c3:0a:
         70:77:2e:e8:73:10:84:bf:e2:1d:f1:af:2d:03:53:47:8e:ff:
         a2:9d:02:02:50:4a:9c:98:d2:d8:b7:2f:56:a0:3b:ff:20:17:
         9f:a9:b3:cf:b4:eb:3e:9d:82:17:61:76:0c:ac:f1:28:8b:40:
         c1:b6:6d:61:ca:99:ca:69:bd:0f:cc:5c:27:e2:6c:a3:4f:ee:
         28:a6:2b:04:ed:21:be:ef:d8:3f:a9:1c:84:99:58:24:69:be:
         5e:c9:82:51:4f:c4:09:8c:dd:c5:38:3a:23:5d:6e:5f:96:bc:
         c7:47:ff:43:46:c7:c9:c2:a1:97:c5:85:0c:8f:b8:a7:a1:97:
         3b:42:32:cb:c5:52:3d:80:6f:00:83:15:de:8d:d6:20:a7:83:
         3f:19:1c:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWPKhNuMvmT6Epb+QLMii/YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MDE2MTFlODBiYWRlNDAyZmJkNjBlNzg2ZjM0ZmI3MTcy
ZDIyNWEwHhcNMjUwMzEzMTEwMDU0WhcNMjUwMzE0MTEwMDU0WjAzMTEwLwYDVQQD
EyhlOTg0YWFjOGE1MTRkOTUwNWQ4MTU4YjJiYTAyOWE3OTBmMzBkMjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0JFioshcoOAcjAFvfNIeT2bccMnJ
a5IKFmVoifgPJct8isLBRxAJlCB+iHseBYKY9mYFCsHscFyVxhgjI0KawEWFGwqV
Gk627aMx9sxmrw8AGFgkiyuVXFU+LkLArdup+xtrJAEmFaU60wVEHol/aUJXpD2I
kvQ3f2gjFrWO69U4Gfvf3f7pHMIyMbPM5TmF1UsAJftCVy5F9zll5YzD5IljZqK7
QdSuFO0EKnn3gbczSlUIXLBYN5IXE+QEcfmFp23GHE17kUWRqEmvnhqYwnekMCVl
/xNCYxodyJQY7abUHH/9jYd9wIISjDJj4g5PoG82MqXKJ+V03abWJ6dO4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOmEqsilFNlQXYFYsroCmnkPMNJVMB8GA1UdIwQY
MBaAFFgBYR6Aut5AL71g54bzT7cXLSJaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0FGaEhvQzYza0F2dldEbmh2TlB0eGN0SWxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81ZmRjNjktNjRjMi00YjQ3LWE0Zjgt
YWIzOWJlNjU2MDU3LzEvV0FGaEhvQzYza0F2dldEbmh2TlB0eGN0SWxvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81ZmRjNjktNjRjMi00YjQ3LWE0ZjgtYWIzOWJlNjU2MDU3
LzEvV0FGaEhvQzYza0F2dldEbmh2TlB0eGN0SWxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdpQHFvBF
a5J2SDSDYKzBoeyMMuaDWyxgdOcFds5y92E+TvjNYlG8tVjSe6rr7bP1GJ0bpBGk
jlQ+NE04dD2kA/WVbeHJ21RhzVqhqqgSLhHFNnrBxtWlPZX8nKeUH6wTbqBY9h0O
Gz1M1sMKcHcu6HMQhL/iHfGvLQNTR47/op0CAlBKnJjS2LcvVqA7/yAXn6mzz7Tr
Pp2CF2F2DKzxKItAwbZtYcqZymm9D8xcJ+Jso0/uKKYrBO0hvu/YP6kchJlYJGm+
XsmCUU/ECYzdxTg6I11uX5a8x0f/Q0bHycKhl8WFDI+4p6GXO0Iyy8VSPYBvAIMV
3o3WIKeDPxkcGQ==
-----END CERTIFICATE-----