Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft
File:                     Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft (raw, json)
Hash identifier:          6AdWOT/er83uNm7Wf+7C3XJzBk/Vemu5GK99YD2VYic=
Subject key identifier:   0F:20:6D:6A:3C:9C:34:60:FF:CA:15:6B:EC:19:77:64:16:0B:29:1D
Authority key identifier: 5E:A8:79:0A:08:C8:E0:D8:45:88:D9:4D:1A:51:BC:A9:AB:E7:58:1D
Certificate issuer:       /CN=5ea8790a08c8e0d84588d94d1a51bca9abe7581d
Certificate serial:       0194C42C06DB6355FC90ACA072B672F43CEC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft
Manifest number:          123D
Signing time:             Sun 02 Feb 2025 01:00:07 +0000
Manifest this update:     Sun 02 Feb 2025 01:00:07 +0000
Manifest next update:     Mon 03 Feb 2025 01:00:07 +0000
Files and hashes:         1: Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl (hash: 3ubsZlGh1Cevz82AGCvF26povZ2DBssk1sxajnWX+l0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:2c:06:db:63:55:fc:90:ac:a0:72:b6:72:f4:3c:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ea8790a08c8e0d84588d94d1a51bca9abe7581d
        Validity
            Not Before: Feb  2 01:00:07 2025 GMT
            Not After : Feb  3 01:00:07 2025 GMT
        Subject: CN=0f206d6a3c9c3460ffca156bec197764160b291d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:c2:51:f9:c0:4e:d7:d4:15:a6:ae:4d:b6:fe:
                    d8:4b:72:42:26:93:b9:80:3d:f7:fa:27:64:b7:fe:
                    fb:b5:3a:3d:30:17:6b:72:a1:bc:d3:14:50:5e:9e:
                    d7:49:15:d1:bf:4d:b5:00:57:4d:e2:be:c7:42:8e:
                    90:a8:5f:cc:fd:0b:37:77:96:30:79:e2:7b:b4:92:
                    ad:d2:37:fd:61:6a:7b:1c:0c:c3:ff:82:ce:27:f3:
                    3b:dd:47:eb:7f:1f:3c:e4:f4:83:1b:5c:9f:8c:e1:
                    e0:1c:65:ce:a0:11:18:8b:fb:7c:cb:94:e9:e3:dc:
                    70:1e:48:cd:da:53:10:ca:4a:00:20:02:43:de:c4:
                    34:38:d5:1c:83:78:f7:f2:be:8f:7d:b7:73:ac:97:
                    7a:bb:35:b0:f0:a6:85:a0:39:c5:e7:5b:18:f6:d1:
                    cd:6c:00:d5:b4:73:e5:de:e1:aa:92:5d:ac:2d:9f:
                    96:af:52:98:8f:ba:01:2d:23:d7:5e:17:05:46:fc:
                    6a:a0:e5:23:6c:97:d4:13:2e:74:1c:a1:61:f7:bd:
                    ce:91:92:c5:62:b8:19:a6:eb:c1:29:14:5d:21:aa:
                    87:74:6d:77:51:3e:85:06:f4:33:b3:df:0a:8b:c1:
                    a0:e1:4e:07:84:39:60:0d:08:bc:8d:be:4d:05:07:
                    df:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:20:6D:6A:3C:9C:34:60:FF:CA:15:6B:EC:19:77:64:16:0B:29:1D
            X509v3 Authority Key Identifier:
                keyid:5E:A8:79:0A:08:C8:E0:D8:45:88:D9:4D:1A:51:BC:A9:AB:E7:58:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:a1:7e:71:e5:31:df:5f:59:1e:43:8d:51:8a:8c:9b:cd:65:
         16:ed:22:03:d5:0f:e5:e5:d7:37:b8:bb:17:38:ba:c7:d3:24:
         2e:d9:ac:28:bb:a4:9a:8c:13:29:a2:17:13:9f:76:c1:50:51:
         59:72:dc:9d:57:c9:21:6a:52:7a:72:c7:aa:70:20:42:da:98:
         b7:57:7b:ff:ed:c9:83:60:7c:8c:a5:a3:47:72:01:a7:18:f7:
         1a:a5:85:ca:37:92:b1:6d:63:5a:d6:ed:4f:42:66:b5:cb:c7:
         5e:9b:e0:9e:e5:a2:29:43:7a:68:d4:cf:c0:18:4a:94:f6:80:
         48:f4:1c:5c:d1:dc:31:5a:63:14:46:96:d6:d6:75:b0:20:d6:
         b2:e1:dc:bc:01:8b:b1:b6:92:61:ea:15:b9:b5:49:5f:de:b5:
         23:3b:f7:00:d4:e9:db:cf:cc:0f:f4:f0:0a:53:49:97:55:ef:
         9b:8b:49:56:01:ba:30:41:ca:22:49:34:17:34:24:fb:b7:1a:
         6e:f7:1f:45:54:79:49:b8:d0:49:34:ec:2e:80:ee:e9:07:3e:
         95:71:ae:f4:69:e3:be:61:ad:cc:ad:87:0d:0f:4b:c4:d4:a0:
         f0:14:86:8f:69:42:fb:66:e3:c5:e9:20:c8:ce:92:77:52:64:
         98:b0:4e:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTELAbbY1X8kKygcrZy9DzsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYTg3OTBhMDhjOGUwZDg0NTg4ZDk0ZDFhNTFiY2E5YWJl
NzU4MWQwHhcNMjUwMjAyMDEwMDA3WhcNMjUwMjAzMDEwMDA3WjAzMTEwLwYDVQQD
EygwZjIwNmQ2YTNjOWMzNDYwZmZjYTE1NmJlYzE5Nzc2NDE2MGIyOTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsJR+cBO19QVpq5Ntv7YS3JCJpO5
gD33+idkt/77tTo9MBdrcqG80xRQXp7XSRXRv021AFdN4r7HQo6QqF/M/Qs3d5Yw
eeJ7tJKt0jf9YWp7HAzD/4LOJ/M73Ufrfx885PSDG1yfjOHgHGXOoBEYi/t8y5Tp
49xwHkjN2lMQykoAIAJD3sQ0ONUcg3j38r6PfbdzrJd6uzWw8KaFoDnF51sY9tHN
bADVtHPl3uGqkl2sLZ+Wr1KYj7oBLSPXXhcFRvxqoOUjbJfUEy50HKFh973OkZLF
YrgZpuvBKRRdIaqHdG13UT6FBvQzs98Ki8Gg4U4HhDlgDQi8jb5NBQffdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA8gbWo8nDRg/8oVa+wZd2QWCykdMB8GA1UdIwQY
MBaAFF6oeQoIyODYRYjZTRpRvKmr51gdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9jMDZhMjMtMDE2My00N2E1LTg2MDgt
MzBjMGExMTFjZDU1LzEvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9jMDZhMjMtMDE2My00N2E1LTg2MDgtMzBjMGExMTFjZDU1
LzEvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApaF+ceUx
319ZHkONUYqMm81lFu0iA9UP5eXXN7i7Fzi6x9MkLtmsKLukmowTKaIXE592wVBR
WXLcnVfJIWpSenLHqnAgQtqYt1d7/+3Jg2B8jKWjR3IBpxj3GqWFyjeSsW1jWtbt
T0JmtcvHXpvgnuWiKUN6aNTPwBhKlPaASPQcXNHcMVpjFEaW1tZ1sCDWsuHcvAGL
sbaSYeoVubVJX961Izv3ANTp28/MD/TwClNJl1Xvm4tJVgG6MEHKIkk0FzQk+7ca
bvcfRVR5SbjQSTTsLoDu6Qc+lXGu9GnjvmGtzK2HDQ9LxNSg8BSGj2lC+2bjxekg
yM6Sd1JkmLBOig==
-----END CERTIFICATE-----