Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/083f23-26ec-4031-853c-82f151b664c5/1/rS2L1OZ06M7VoJfUPepxhETnivU.mft
File:                     rS2L1OZ06M7VoJfUPepxhETnivU.mft (raw, json)
Hash identifier:          z6Q0mIIblZkypjOV8R2JFkYkwaiYXc3F76K/Du0q22I=
Subject key identifier:   68:C2:37:5D:45:0D:99:E6:D3:D6:E2:06:43:CC:F6:3B:61:05:FF:22
Authority key identifier: AD:2D:8B:D4:E6:74:E8:CE:D5:A0:97:D4:3D:EA:71:84:44:E7:8A:F5
Certificate issuer:       /CN=ad2d8bd4e674e8ced5a097d43dea718444e78af5
Certificate serial:       0194BB29521742C0FBF771EB50B5B6E58CA4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rS2L1OZ06M7VoJfUPepxhETnivU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/083f23-26ec-4031-853c-82f151b664c5/1/rS2L1OZ06M7VoJfUPepxhETnivU.mft
Manifest number:          10FA
Signing time:             Fri 31 Jan 2025 07:00:34 +0000
Manifest this update:     Fri 31 Jan 2025 07:00:34 +0000
Manifest next update:     Sat 01 Feb 2025 07:00:34 +0000
Files and hashes:         1: rS2L1OZ06M7VoJfUPepxhETnivU.crl (hash: AHPe1J6JXPVM3zgvXJjddsYmvazLGuA4q8A2VRlQA/M=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/083f23-26ec-4031-853c-82f151b664c5/1/rS2L1OZ06M7VoJfUPepxhETnivU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/083f23-26ec-4031-853c-82f151b664c5/1/rS2L1OZ06M7VoJfUPepxhETnivU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rS2L1OZ06M7VoJfUPepxhETnivU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 07:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:bb:29:52:17:42:c0:fb:f7:71:eb:50:b5:b6:e5:8c:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad2d8bd4e674e8ced5a097d43dea718444e78af5
        Validity
            Not Before: Jan 31 07:00:34 2025 GMT
            Not After : Feb  1 07:00:34 2025 GMT
        Subject: CN=68c2375d450d99e6d3d6e20643ccf63b6105ff22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:52:8f:37:ff:f5:f3:95:8d:e1:3c:4c:bb:2a:
                    7a:9e:9c:5d:37:ab:63:64:05:ad:e8:bd:8c:7b:ab:
                    a2:9b:96:88:90:24:54:71:61:a6:fa:c7:28:81:99:
                    3d:c4:5d:83:57:0e:8a:48:87:15:fc:b4:26:36:1f:
                    95:4a:ea:09:65:1f:76:9b:3b:3b:90:65:37:d7:40:
                    98:6a:52:a3:cb:4c:00:67:0e:c1:42:6d:b7:3e:41:
                    70:6e:df:50:d6:32:64:56:36:36:7f:c8:9e:da:d3:
                    b1:eb:e6:9f:1a:25:d4:4a:3f:49:87:6a:96:71:8a:
                    de:13:d7:f6:c9:98:bd:ff:be:79:f0:d8:c2:2e:3d:
                    ad:4b:df:d5:16:f2:d8:fc:5b:11:de:a3:06:e7:a7:
                    07:b4:08:12:6e:37:11:73:ee:04:66:33:f4:7b:7b:
                    56:de:81:6e:ee:e5:01:a2:15:19:a3:85:88:6f:9a:
                    27:e2:7d:cf:e9:42:94:15:f0:a2:f1:02:5a:98:17:
                    35:7d:cd:e3:c1:51:4c:b5:93:75:b5:eb:0a:29:05:
                    4c:3d:94:5d:4c:54:b2:ff:5c:93:61:08:08:a7:8d:
                    d5:d4:2c:3a:3a:21:f1:5e:20:fd:40:7d:5b:d7:7d:
                    db:97:d2:a3:ec:44:86:33:dd:78:11:7c:b7:f2:bf:
                    01:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:C2:37:5D:45:0D:99:E6:D3:D6:E2:06:43:CC:F6:3B:61:05:FF:22
            X509v3 Authority Key Identifier:
                keyid:AD:2D:8B:D4:E6:74:E8:CE:D5:A0:97:D4:3D:EA:71:84:44:E7:8A:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rS2L1OZ06M7VoJfUPepxhETnivU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/083f23-26ec-4031-853c-82f151b664c5/1/rS2L1OZ06M7VoJfUPepxhETnivU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/083f23-26ec-4031-853c-82f151b664c5/1/rS2L1OZ06M7VoJfUPepxhETnivU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:c6:de:1c:d8:fa:8c:7f:4c:17:3b:c0:ee:2d:d9:29:96:34:
         f8:6a:49:cf:d4:76:33:8a:1d:55:a3:68:83:ff:18:56:cb:ef:
         5f:5b:da:a3:f0:59:82:95:38:fc:37:af:95:5f:5c:15:9f:dc:
         78:8a:77:09:46:97:e6:18:d9:d5:c1:b4:f5:9d:93:de:4d:c4:
         49:25:37:d9:58:be:ff:4e:19:a3:96:90:2d:38:37:dd:68:f3:
         b3:12:08:a8:88:c0:fe:30:1f:60:35:19:68:7a:23:c0:44:d8:
         fc:64:29:06:74:38:e2:05:2c:84:17:0e:37:be:04:58:49:6a:
         f9:11:0e:7a:98:4a:27:b1:11:77:2f:66:a5:92:9b:3a:0b:27:
         3a:8f:cc:45:23:4f:84:0b:93:d0:39:32:bd:c2:e1:6a:ea:ad:
         f8:a0:b7:89:3b:23:57:08:23:e8:eb:00:2f:71:c7:79:55:31:
         68:87:5f:69:37:35:7e:06:f7:b1:d3:80:e4:87:c9:43:6c:43:
         05:89:f3:52:1b:bc:08:2d:81:45:fd:13:09:cb:ec:15:ff:eb:
         7b:61:24:d7:b2:15:e0:06:83:35:8a:33:c5:20:0d:ef:6f:ec:
         a5:00:33:a5:02:80:bd:73:44:3c:9f:9a:7e:8a:d1:66:73:d4:
         19:9b:8d:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS7KVIXQsD793HrULW25YykMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMmQ4YmQ0ZTY3NGU4Y2VkNWEwOTdkNDNkZWE3MTg0NDRl
NzhhZjUwHhcNMjUwMTMxMDcwMDM0WhcNMjUwMjAxMDcwMDM0WjAzMTEwLwYDVQQD
Eyg2OGMyMzc1ZDQ1MGQ5OWU2ZDNkNmUyMDY0M2NjZjYzYjYxMDVmZjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6VKPN//185WN4TxMuyp6npxdN6tj
ZAWt6L2Me6uim5aIkCRUcWGm+scogZk9xF2DVw6KSIcV/LQmNh+VSuoJZR92mzs7
kGU310CYalKjy0wAZw7BQm23PkFwbt9Q1jJkVjY2f8ie2tOx6+afGiXUSj9Jh2qW
cYreE9f2yZi9/7558NjCLj2tS9/VFvLY/FsR3qMG56cHtAgSbjcRc+4EZjP0e3tW
3oFu7uUBohUZo4WIb5on4n3P6UKUFfCi8QJamBc1fc3jwVFMtZN1tesKKQVMPZRd
TFSy/1yTYQgIp43V1Cw6OiHxXiD9QH1b133bl9Kj7ESGM914EXy38r8BWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGjCN11FDZnm09biBkPM9jthBf8iMB8GA1UdIwQY
MBaAFK0ti9TmdOjO1aCX1D3qcYRE54r1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclMyTDFPWjA2TTdWb0pmVVBlcHhoRVRuaXZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8wODNmMjMtMjZlYy00MDMxLTg1M2Mt
ODJmMTUxYjY2NGM1LzEvclMyTDFPWjA2TTdWb0pmVVBlcHhoRVRuaXZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8wODNmMjMtMjZlYy00MDMxLTg1M2MtODJmMTUxYjY2NGM1
LzEvclMyTDFPWjA2TTdWb0pmVVBlcHhoRVRuaXZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmMbeHNj6
jH9MFzvA7i3ZKZY0+GpJz9R2M4odVaNog/8YVsvvX1vao/BZgpU4/DevlV9cFZ/c
eIp3CUaX5hjZ1cG09Z2T3k3ESSU32Vi+/04Zo5aQLTg33WjzsxIIqIjA/jAfYDUZ
aHojwETY/GQpBnQ44gUshBcON74EWElq+REOephKJ7ERdy9mpZKbOgsnOo/MRSNP
hAuT0DkyvcLhauqt+KC3iTsjVwgj6OsAL3HHeVUxaIdfaTc1fgb3sdOA5IfJQ2xD
BYnzUhu8CC2BRf0TCcvsFf/re2Ek17IV4AaDNYozxSAN72/spQAzpQKAvXNEPJ+a
forRZnPUGZuNVw==
-----END CERTIFICATE-----