Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/770966-7dac-4e1c-b3ed-df5902013cdf/1/VRDNubrguTLHmin42XktMJ9617c.mft
File:                     VRDNubrguTLHmin42XktMJ9617c.mft (raw, json)
Hash identifier:          q1OdJ1nORjCjC17/kpDh4Tv0omkrQCuW8lEP4+mw9mU=
Subject key identifier:   95:C8:91:14:63:17:C7:53:99:39:3B:37:4A:B4:63:81:2F:FE:D0:59
Authority key identifier: 55:10:CD:B9:BA:E0:B9:32:C7:9A:29:F8:D9:79:2D:30:9F:7A:D7:B7
Certificate issuer:       /CN=5510cdb9bae0b932c79a29f8d9792d309f7ad7b7
Certificate serial:       0194C3BE4AD21DA41B52BF66631D87FE6BD0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VRDNubrguTLHmin42XktMJ9617c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/770966-7dac-4e1c-b3ed-df5902013cdf/1/VRDNubrguTLHmin42XktMJ9617c.mft
Manifest number:          D4
Signing time:             Sat 01 Feb 2025 23:00:15 +0000
Manifest this update:     Sat 01 Feb 2025 23:00:15 +0000
Manifest next update:     Sun 02 Feb 2025 23:00:15 +0000
Files and hashes:         1: VRDNubrguTLHmin42XktMJ9617c.crl (hash: mSigCPeybt8qQdUYOqH/Gd3l+BVBtPrBw8tmeGQGdC8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/770966-7dac-4e1c-b3ed-df5902013cdf/1/VRDNubrguTLHmin42XktMJ9617c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/770966-7dac-4e1c-b3ed-df5902013cdf/1/VRDNubrguTLHmin42XktMJ9617c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VRDNubrguTLHmin42XktMJ9617c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 23:00:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:be:4a:d2:1d:a4:1b:52:bf:66:63:1d:87:fe:6b:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5510cdb9bae0b932c79a29f8d9792d309f7ad7b7
        Validity
            Not Before: Feb  1 23:00:15 2025 GMT
            Not After : Feb  2 23:00:15 2025 GMT
        Subject: CN=95c891146317c75399393b374ab463812ffed059
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:9e:c9:77:93:3c:20:71:64:63:6e:98:0c:7f:
                    b5:d8:b0:d8:af:5b:9b:9e:0b:bf:d3:0d:97:ea:be:
                    6a:f1:2c:db:cc:c3:85:1f:99:f0:a6:1d:2b:d4:bb:
                    a1:f9:75:f0:78:c3:01:20:02:1b:67:29:ec:5f:df:
                    56:5e:f3:a9:b7:4a:32:4a:5a:a2:6f:e6:49:7e:c5:
                    16:dd:ea:47:4a:8a:86:fd:d8:7e:6c:64:7b:6a:4f:
                    a9:04:eb:46:c7:40:c6:17:ba:48:43:7f:40:9d:ba:
                    db:53:ca:d1:52:ff:e8:2b:02:ca:00:24:da:ea:38:
                    60:33:84:8a:30:f6:ad:82:15:8a:f9:2f:51:92:07:
                    ae:f2:ba:07:b4:19:99:e7:c9:0b:96:fb:cd:54:31:
                    67:68:53:fa:45:28:1e:fc:ab:27:75:5b:81:b5:d2:
                    a9:a7:4e:95:83:e1:4e:a4:38:d6:2e:21:f2:44:c7:
                    1a:39:d4:4c:c7:ad:a8:cf:d8:6e:cc:0f:dd:e8:5c:
                    e5:49:dd:d5:96:de:11:df:8a:ca:2b:62:c6:74:1e:
                    c7:c5:c8:d0:ce:21:cf:db:1d:63:13:ea:da:63:88:
                    08:f8:b9:07:ed:4d:2b:17:54:fb:93:50:c9:19:e3:
                    43:3a:ec:57:e6:73:56:f1:d4:fa:4b:4e:62:d2:56:
                    d2:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:C8:91:14:63:17:C7:53:99:39:3B:37:4A:B4:63:81:2F:FE:D0:59
            X509v3 Authority Key Identifier:
                keyid:55:10:CD:B9:BA:E0:B9:32:C7:9A:29:F8:D9:79:2D:30:9F:7A:D7:B7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VRDNubrguTLHmin42XktMJ9617c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/770966-7dac-4e1c-b3ed-df5902013cdf/1/VRDNubrguTLHmin42XktMJ9617c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/770966-7dac-4e1c-b3ed-df5902013cdf/1/VRDNubrguTLHmin42XktMJ9617c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:eb:11:c5:a3:2c:cc:a0:6b:4c:f4:c2:2e:e0:29:53:e5:65:
         cb:00:89:9d:2f:d8:a8:2a:35:ee:8f:8c:04:cf:73:f6:b7:84:
         a1:33:69:f0:9a:1b:59:0b:9f:12:ac:41:b7:04:a8:2c:9d:7d:
         90:5a:95:39:dd:f6:eb:77:ba:32:37:5a:d8:dd:1b:3c:79:60:
         d3:1d:bd:03:a7:b9:97:f5:6a:ea:82:f1:aa:b4:36:f9:8e:cf:
         56:4c:91:04:5d:22:07:30:aa:27:75:49:73:99:73:84:ac:0f:
         b7:cd:66:e0:87:6f:71:fd:c0:79:69:bb:5c:ba:18:ba:c7:37:
         3f:54:5f:f8:f4:15:40:97:cf:e1:9c:c2:7f:d9:7f:c3:2a:96:
         6e:61:1d:c2:c0:9e:79:30:18:95:98:5d:82:d1:e7:24:e3:43:
         80:c6:d0:b1:37:3f:f3:bc:5a:02:38:4b:86:8b:c2:5c:66:ce:
         25:13:f8:40:31:c2:14:a2:ce:07:0b:23:8e:33:85:3a:60:dd:
         56:7a:c5:ab:8e:85:39:f8:a2:7b:8e:91:89:83:08:2c:fa:3d:
         e6:8a:30:9b:ae:ad:2a:a4:6d:09:e9:ef:80:1c:0e:e1:63:42:
         01:19:0f:03:ab:f6:6d:e1:eb:24:80:0f:cb:e5:a4:c6:1e:d0:
         45:57:12:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDvkrSHaQbUr9mYx2H/mvQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1MTBjZGI5YmFlMGI5MzJjNzlhMjlmOGQ5NzkyZDMwOWY3
YWQ3YjcwHhcNMjUwMjAxMjMwMDE1WhcNMjUwMjAyMjMwMDE1WjAzMTEwLwYDVQQD
Eyg5NWM4OTExNDYzMTdjNzUzOTkzOTNiMzc0YWI0NjM4MTJmZmVkMDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyp7Jd5M8IHFkY26YDH+12LDYr1ub
ngu/0w2X6r5q8SzbzMOFH5nwph0r1Luh+XXweMMBIAIbZynsX99WXvOpt0oySlqi
b+ZJfsUW3epHSoqG/dh+bGR7ak+pBOtGx0DGF7pIQ39AnbrbU8rRUv/oKwLKACTa
6jhgM4SKMPatghWK+S9Rkgeu8roHtBmZ58kLlvvNVDFnaFP6RSge/KsndVuBtdKp
p06Vg+FOpDjWLiHyRMcaOdRMx62oz9huzA/d6FzlSd3Vlt4R34rKK2LGdB7HxcjQ
ziHP2x1jE+raY4gI+LkH7U0rF1T7k1DJGeNDOuxX5nNW8dT6S05i0lbSPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJXIkRRjF8dTmTk7N0q0Y4Ev/tBZMB8GA1UdIwQY
MBaAFFUQzbm64Lkyx5op+Nl5LTCfete3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlJETnVicmd1VExIbWluNDJYa3RNSjk2MTdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny83NzA5NjYtN2RhYy00ZTFjLWIzZWQt
ZGY1OTAyMDEzY2RmLzEvVlJETnVicmd1VExIbWluNDJYa3RNSjk2MTdjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny83NzA5NjYtN2RhYy00ZTFjLWIzZWQtZGY1OTAyMDEzY2Rm
LzEvVlJETnVicmd1VExIbWluNDJYa3RNSjk2MTdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADesRxaMs
zKBrTPTCLuApU+VlywCJnS/YqCo17o+MBM9z9reEoTNp8JobWQufEqxBtwSoLJ19
kFqVOd3263e6Mjda2N0bPHlg0x29A6e5l/Vq6oLxqrQ2+Y7PVkyRBF0iBzCqJ3VJ
c5lzhKwPt81m4Idvcf3AeWm7XLoYusc3P1Rf+PQVQJfP4ZzCf9l/wyqWbmEdwsCe
eTAYlZhdgtHnJONDgMbQsTc/87xaAjhLhovCXGbOJRP4QDHCFKLOBwsjjjOFOmDd
VnrFq46FOfiie46RiYMILPo95oowm66tKqRtCenvgBwO4WNCARkPA6v2beHrJIAP
y+Wkxh7QRVcSKw==
-----END CERTIFICATE-----