Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/knaysJMpLF-nXm4UwqSZrIR-QWs.mft
File:                     knaysJMpLF-nXm4UwqSZrIR-QWs.mft (raw, json)
Hash identifier:          JImRIdSFfLmnpXOkEnxQh9ELmrrYqyfEX4eI6CQO8aw=
Subject key identifier:   C1:0B:B0:8C:1F:78:A3:D3:1C:B9:A8:3F:54:4E:58:92:3A:5A:92:56
Authority key identifier: 92:76:B2:B0:93:29:2C:5F:A7:5E:6E:14:C2:A4:99:AC:84:7E:41:6B
Certificate issuer:       /CN=9276b2b093292c5fa75e6e14c2a499ac847e416b
Certificate serial:       0194C387D434611F25CE35EA79D6C28892C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/knaysJMpLF-nXm4UwqSZrIR-QWs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/knaysJMpLF-nXm4UwqSZrIR-QWs.mft
Manifest number:          11FE
Signing time:             Sat 01 Feb 2025 22:00:46 +0000
Manifest this update:     Sat 01 Feb 2025 22:00:46 +0000
Manifest next update:     Sun 02 Feb 2025 22:00:46 +0000
Files and hashes:         1: knaysJMpLF-nXm4UwqSZrIR-QWs.crl (hash: G4U9uHOym/Huzs49Lbe86ojkAAc7rM/PKytgTHykkFQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/knaysJMpLF-nXm4UwqSZrIR-QWs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/knaysJMpLF-nXm4UwqSZrIR-QWs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/knaysJMpLF-nXm4UwqSZrIR-QWs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:87:d4:34:61:1f:25:ce:35:ea:79:d6:c2:88:92:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9276b2b093292c5fa75e6e14c2a499ac847e416b
        Validity
            Not Before: Feb  1 22:00:46 2025 GMT
            Not After : Feb  2 22:00:46 2025 GMT
        Subject: CN=c10bb08c1f78a3d31cb9a83f544e58923a5a9256
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:1b:d7:b0:49:29:33:34:c5:28:1c:43:08:b1:
                    75:7d:6a:56:b7:b9:45:71:82:77:4b:01:fc:0e:02:
                    8d:49:48:14:6a:f6:44:0e:a9:c8:fc:ab:ff:11:0f:
                    14:1f:8d:51:62:3a:fc:4f:fc:33:5d:17:92:66:e0:
                    7a:e4:e2:98:fc:6a:9e:05:8c:f9:1a:07:b5:37:2e:
                    e6:f7:a7:5d:fa:00:90:4d:7d:41:cc:b1:12:2f:87:
                    b3:1f:f9:a6:76:a2:4c:46:5f:b2:36:3e:20:1f:f0:
                    91:ba:51:75:f6:7b:3e:1a:61:bd:bd:7f:af:77:ea:
                    07:0f:c6:8f:2b:22:81:1e:18:c4:8f:20:02:ae:f9:
                    18:7b:d8:00:88:45:8d:62:14:a2:cb:11:f6:81:0b:
                    cb:03:5a:c9:00:2d:0e:56:1c:7b:1a:54:1c:fb:93:
                    0c:05:c5:43:fc:7c:9c:69:d5:bf:4f:11:49:9a:2a:
                    a3:ad:3a:3c:7c:5a:39:b6:e0:d0:ec:57:a6:3e:72:
                    c7:7d:20:6a:e6:fa:14:4a:2e:2a:e7:cc:12:98:94:
                    9f:a1:ca:e1:45:c9:73:7a:c8:56:d9:fc:d0:92:6b:
                    b4:b7:8b:bf:07:6d:01:d5:87:b5:fd:4b:f3:d6:8a:
                    99:a1:6e:d0:cd:c9:e8:c7:57:e6:b9:09:ab:f2:b1:
                    68:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:0B:B0:8C:1F:78:A3:D3:1C:B9:A8:3F:54:4E:58:92:3A:5A:92:56
            X509v3 Authority Key Identifier:
                keyid:92:76:B2:B0:93:29:2C:5F:A7:5E:6E:14:C2:A4:99:AC:84:7E:41:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/knaysJMpLF-nXm4UwqSZrIR-QWs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/knaysJMpLF-nXm4UwqSZrIR-QWs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/knaysJMpLF-nXm4UwqSZrIR-QWs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:d7:9f:47:63:08:b3:d5:d9:03:cc:25:86:f6:1b:61:c4:e1:
         49:0f:2f:eb:82:65:e2:79:21:93:88:81:af:ba:52:64:c8:8b:
         cf:ea:67:55:30:a3:4e:f7:9d:36:7a:dd:a6:d2:e4:c2:57:a7:
         d4:dc:58:0f:8f:25:46:88:a7:5d:03:fb:57:d4:74:5c:af:83:
         7d:0f:7e:e3:9a:44:e0:1e:3a:8c:af:0a:d0:09:09:91:3d:2d:
         61:f6:f9:89:fb:57:31:49:9d:75:f4:a3:5d:9c:48:43:60:7c:
         5e:67:61:ae:42:4c:a2:e4:4b:95:10:7c:bd:d0:1e:47:cc:c6:
         63:5f:d6:61:d6:20:5a:2f:6e:e6:ef:23:2e:94:54:a5:64:43:
         af:5f:bf:7c:a6:f9:2e:84:bf:1a:f4:99:64:9b:8c:f9:8a:47:
         63:06:58:8f:cd:73:5a:99:d0:74:24:ad:de:4a:46:7f:b5:23:
         90:72:9f:00:89:96:49:e7:61:31:ef:f3:3f:da:df:a4:4b:b8:
         f0:b7:95:de:e6:0b:0d:d9:4f:7a:84:ac:b3:cc:e1:da:d2:7e:
         83:7b:7a:8e:fb:de:4b:2c:3a:7a:68:e0:48:61:07:f6:18:c0:
         14:46:83:c7:d5:87:20:f4:14:7e:e9:70:2c:76:fd:a6:7e:53:
         a4:43:30:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh9Q0YR8lzjXqedbCiJLGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNzZiMmIwOTMyOTJjNWZhNzVlNmUxNGMyYTQ5OWFjODQ3
ZTQxNmIwHhcNMjUwMjAxMjIwMDQ2WhcNMjUwMjAyMjIwMDQ2WjAzMTEwLwYDVQQD
EyhjMTBiYjA4YzFmNzhhM2QzMWNiOWE4M2Y1NDRlNTg5MjNhNWE5MjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBvXsEkpMzTFKBxDCLF1fWpWt7lF
cYJ3SwH8DgKNSUgUavZEDqnI/Kv/EQ8UH41RYjr8T/wzXReSZuB65OKY/GqeBYz5
Gge1Ny7m96dd+gCQTX1BzLESL4ezH/mmdqJMRl+yNj4gH/CRulF19ns+GmG9vX+v
d+oHD8aPKyKBHhjEjyACrvkYe9gAiEWNYhSiyxH2gQvLA1rJAC0OVhx7GlQc+5MM
BcVD/HycadW/TxFJmiqjrTo8fFo5tuDQ7FemPnLHfSBq5voUSi4q58wSmJSfocrh
RclzeshW2fzQkmu0t4u/B20B1Ye1/Uvz1oqZoW7Qzcnox1fmuQmr8rFoBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMELsIwfeKPTHLmoP1ROWJI6WpJWMB8GA1UdIwQY
MBaAFJJ2srCTKSxfp15uFMKkmayEfkFrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva25heXNKTXBMRi1uWG00VXdxU1pySVItUVdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8zZmE5MmYtY2FiZC00MTNiLWFlNWMt
NjliNzMzY2JjNTI4LzEva25heXNKTXBMRi1uWG00VXdxU1pySVItUVdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS8zZmE5MmYtY2FiZC00MTNiLWFlNWMtNjliNzMzY2JjNTI4
LzEva25heXNKTXBMRi1uWG00VXdxU1pySVItUVdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX9efR2MI
s9XZA8wlhvYbYcThSQ8v64Jl4nkhk4iBr7pSZMiLz+pnVTCjTvedNnrdptLkwlen
1NxYD48lRoinXQP7V9R0XK+DfQ9+45pE4B46jK8K0AkJkT0tYfb5iftXMUmddfSj
XZxIQ2B8XmdhrkJMouRLlRB8vdAeR8zGY1/WYdYgWi9u5u8jLpRUpWRDr1+/fKb5
LoS/GvSZZJuM+YpHYwZYj81zWpnQdCSt3kpGf7UjkHKfAImWSedhMe/zP9rfpEu4
8LeV3uYLDdlPeoSss8zh2tJ+g3t6jvveSyw6emjgSGEH9hjAFEaDx9WHIPQUfulw
LHb9pn5TpEMw+g==
-----END CERTIFICATE-----