Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft
File:                     pukanXyu9IGGdMXWJigTYVyJ3lY.mft (raw, json)
Hash identifier:          S0FxCDr7Z0eBcyrep5RN0C7WXogZ83UHFMlMkffVUsM=
Subject key identifier:   91:D6:49:17:67:73:BE:3A:EB:DB:A6:F7:9E:B7:09:05:F6:13:51:C0
Authority key identifier: A6:E9:1A:9D:7C:AE:F4:81:86:74:C5:D6:26:28:13:61:5C:89:DE:56
Certificate issuer:       /CN=a6e91a9d7caef4818674c5d6262813615c89de56
Certificate serial:       0194C3887D39D71489E49077EB38119666B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pukanXyu9IGGdMXWJigTYVyJ3lY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft
Manifest number:          0DA1
Signing time:             Sat 01 Feb 2025 22:01:29 +0000
Manifest this update:     Sat 01 Feb 2025 22:01:29 +0000
Manifest next update:     Sun 02 Feb 2025 22:01:29 +0000
Files and hashes:         1: pukanXyu9IGGdMXWJigTYVyJ3lY.crl (hash: cB9L71iM9U/EMsSdCTmYEDqt5hs3hCCLl+5lr1Vl5ZI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pukanXyu9IGGdMXWJigTYVyJ3lY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:88:7d:39:d7:14:89:e4:90:77:eb:38:11:96:66:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a6e91a9d7caef4818674c5d6262813615c89de56
        Validity
            Not Before: Feb  1 22:01:29 2025 GMT
            Not After : Feb  2 22:01:29 2025 GMT
        Subject: CN=91d649176773be3aebdba6f79eb70905f61351c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:28:eb:52:a1:1a:45:8a:1a:65:ad:b9:74:68:
                    d7:11:4e:fc:81:80:ee:7e:43:f0:5b:8b:99:94:db:
                    46:60:9a:b9:e6:10:61:46:35:23:77:34:27:0a:1e:
                    e9:81:55:83:85:13:69:4b:e5:b0:e9:24:b5:ac:19:
                    98:8d:f6:7c:9a:16:88:4b:c7:34:07:e0:8b:d0:04:
                    cd:98:af:95:a6:c6:bb:06:9e:4b:f0:e5:0e:df:86:
                    1c:99:38:74:23:1b:09:63:68:90:f3:38:d3:43:8b:
                    fc:43:8e:f6:b4:2b:2b:00:15:bb:fc:f9:9c:7e:33:
                    69:35:e2:4b:0f:2e:38:e5:8c:4a:eb:76:24:4b:a8:
                    b9:00:ab:26:19:82:af:ad:48:1a:56:03:b2:10:b8:
                    ca:52:04:72:52:ca:68:3f:15:bd:e0:47:1c:78:31:
                    74:76:f1:a0:47:88:1b:44:6b:bd:39:79:aa:6f:c1:
                    b3:3e:34:8d:00:0f:d8:c5:bc:52:6a:38:49:2f:2d:
                    f9:bd:de:ec:48:8f:86:51:01:82:d8:dd:41:c0:8d:
                    c9:a1:cd:e6:3b:7d:40:11:d0:39:9c:1c:ea:6d:b4:
                    97:81:e5:d9:05:05:73:3e:8c:99:d5:9d:a6:65:6d:
                    4b:9f:df:c0:ca:0b:1c:05:6d:21:7a:ef:6a:04:2e:
                    31:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:D6:49:17:67:73:BE:3A:EB:DB:A6:F7:9E:B7:09:05:F6:13:51:C0
            X509v3 Authority Key Identifier:
                keyid:A6:E9:1A:9D:7C:AE:F4:81:86:74:C5:D6:26:28:13:61:5C:89:DE:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pukanXyu9IGGdMXWJigTYVyJ3lY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:d2:62:18:66:dd:f3:8b:f9:6f:ec:48:bd:2a:73:3c:f9:a0:
         60:7f:bb:54:93:ce:3e:9b:bf:40:74:e0:12:e5:8a:1d:57:38:
         5c:41:18:d6:b0:56:5d:48:3c:51:42:7c:41:da:d7:cd:18:a8:
         a0:04:9c:4d:73:26:b3:4d:9e:bc:99:63:11:dc:64:6c:20:86:
         cb:58:9e:0f:43:06:6c:9a:63:43:d2:84:13:97:2d:21:8f:25:
         f4:30:de:3e:67:f9:26:4b:6a:9b:89:22:f6:4c:af:cd:0c:20:
         a1:74:7f:ed:b3:ff:3d:6e:10:d5:f2:cd:ad:16:ff:17:6c:ea:
         23:a2:2d:b1:80:44:c6:33:9b:bd:8d:cf:30:7b:4c:51:d0:c5:
         96:5c:d5:d3:93:17:33:ae:90:4c:80:54:ef:42:30:80:0a:da:
         26:d6:18:45:b8:31:f9:8f:31:04:b0:d5:f1:3a:22:9c:fe:85:
         a2:97:11:75:31:67:78:dc:cb:56:87:fc:55:9f:7a:88:0c:b6:
         7d:b9:df:d2:19:33:90:21:39:7b:6d:be:4c:f3:b8:96:ef:8e:
         8e:e3:ba:72:86:b2:52:65:4a:d9:36:3c:af:87:f0:bf:10:e8:
         b2:10:95:f3:98:28:43:3a:28:e7:76:60:a4:33:54:49:b7:d3:
         7a:3a:3b:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDiH051xSJ5JB36zgRlma0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2ZTkxYTlkN2NhZWY0ODE4Njc0YzVkNjI2MjgxMzYxNWM4
OWRlNTYwHhcNMjUwMjAxMjIwMTI5WhcNMjUwMjAyMjIwMTI5WjAzMTEwLwYDVQQD
Eyg5MWQ2NDkxNzY3NzNiZTNhZWJkYmE2Zjc5ZWI3MDkwNWY2MTM1MWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzSjrUqEaRYoaZa25dGjXEU78gYDu
fkPwW4uZlNtGYJq55hBhRjUjdzQnCh7pgVWDhRNpS+Ww6SS1rBmYjfZ8mhaIS8c0
B+CL0ATNmK+Vpsa7Bp5L8OUO34YcmTh0IxsJY2iQ8zjTQ4v8Q472tCsrABW7/Pmc
fjNpNeJLDy445YxK63YkS6i5AKsmGYKvrUgaVgOyELjKUgRyUspoPxW94EcceDF0
dvGgR4gbRGu9OXmqb8GzPjSNAA/YxbxSajhJLy35vd7sSI+GUQGC2N1BwI3Joc3m
O31AEdA5nBzqbbSXgeXZBQVzPoyZ1Z2mZW1Ln9/AygscBW0heu9qBC4xeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJHWSRdnc74669um9563CQX2E1HAMB8GA1UdIwQY
MBaAFKbpGp18rvSBhnTF1iYoE2Fcid5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHVrYW5YeXU5SUdHZE1YV0ppZ1RZVnlKM2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny81NWRlOTAtYmNmNi00MWE2LWE5ZTgt
NDA4MjI5ZjBiYWYxLzEvcHVrYW5YeXU5SUdHZE1YV0ppZ1RZVnlKM2xZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny81NWRlOTAtYmNmNi00MWE2LWE5ZTgtNDA4MjI5ZjBiYWYx
LzEvcHVrYW5YeXU5SUdHZE1YV0ppZ1RZVnlKM2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACNJiGGbd
84v5b+xIvSpzPPmgYH+7VJPOPpu/QHTgEuWKHVc4XEEY1rBWXUg8UUJ8QdrXzRio
oAScTXMms02evJljEdxkbCCGy1ieD0MGbJpjQ9KEE5ctIY8l9DDePmf5Jktqm4ki
9kyvzQwgoXR/7bP/PW4Q1fLNrRb/F2zqI6ItsYBExjObvY3PMHtMUdDFllzV05MX
M66QTIBU70IwgAraJtYYRbgx+Y8xBLDV8ToinP6FopcRdTFneNzLVof8VZ96iAy2
fbnf0hkzkCE5e22+TPO4lu+OjuO6coayUmVK2TY8r4fwvxDoshCV85goQzoo53Zg
pDNUSbfTejo7WQ==
-----END CERTIFICATE-----