Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/6bc113-89aa-45de-8895-14aaea208f25/1/vgMXYC-wyqOlEAaL2YnUba44TdI.mft
File:                     vgMXYC-wyqOlEAaL2YnUba44TdI.mft (raw, json)
Hash identifier:          OPgPRj1McspbhnQl05jAHnEe7pD9IoalZqV6dZNN8as=
Subject key identifier:   EF:44:EC:95:97:17:EA:1B:BD:A9:68:FB:D7:C6:BE:EF:B4:81:C2:FE
Authority key identifier: BE:03:17:60:2F:B0:CA:A3:A5:10:06:8B:D9:89:D4:6D:AE:38:4D:D2
Certificate issuer:       /CN=be0317602fb0caa3a510068bd989d46dae384dd2
Certificate serial:       0194C388830A7E898347CB62E42366466E3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vgMXYC-wyqOlEAaL2YnUba44TdI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/6bc113-89aa-45de-8895-14aaea208f25/1/vgMXYC-wyqOlEAaL2YnUba44TdI.mft
Manifest number:          A0
Signing time:             Sat 01 Feb 2025 22:01:30 +0000
Manifest this update:     Sat 01 Feb 2025 22:01:30 +0000
Manifest next update:     Sun 02 Feb 2025 22:01:30 +0000
Files and hashes:         1: vgMXYC-wyqOlEAaL2YnUba44TdI.crl (hash: wT4hxGI+9hLUiBYS+F8yaP/VEbpfBALPai1anRHmdRY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/6bc113-89aa-45de-8895-14aaea208f25/1/vgMXYC-wyqOlEAaL2YnUba44TdI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/6bc113-89aa-45de-8895-14aaea208f25/1/vgMXYC-wyqOlEAaL2YnUba44TdI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vgMXYC-wyqOlEAaL2YnUba44TdI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:01:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:88:83:0a:7e:89:83:47:cb:62:e4:23:66:46:6e:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=be0317602fb0caa3a510068bd989d46dae384dd2
        Validity
            Not Before: Feb  1 22:01:30 2025 GMT
            Not After : Feb  2 22:01:30 2025 GMT
        Subject: CN=ef44ec959717ea1bbda968fbd7c6beefb481c2fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:cc:63:44:7d:63:66:3b:1d:d2:5e:e1:75:3e:
                    bf:9c:a9:50:4d:66:7e:09:09:4b:05:e8:ed:8c:eb:
                    6d:d0:8f:10:a4:f3:2a:9a:ff:91:05:fa:d2:1d:4f:
                    bf:c9:a9:a1:1e:f7:f4:8c:41:c1:31:cb:a8:09:23:
                    cb:8d:60:61:a3:7b:39:ab:eb:36:13:f9:39:e4:9b:
                    b2:2b:b8:54:67:43:9e:18:1d:73:65:0f:0b:d3:a3:
                    e4:ba:f4:f3:09:3f:5f:89:9f:8d:17:9d:60:fe:dd:
                    14:d6:aa:79:ad:e3:10:14:ed:a2:f8:25:69:e8:30:
                    e4:aa:e9:67:62:7c:1f:1c:59:b6:16:61:cb:1d:f5:
                    ac:f5:36:4b:5c:cd:62:58:ef:5d:88:08:c0:a7:23:
                    5f:b4:8f:29:a1:4f:7b:74:7c:63:60:04:00:59:35:
                    57:b8:48:28:73:a8:1b:c2:a0:2c:46:1f:c4:82:cb:
                    7e:bb:22:d4:f3:01:4b:bb:74:47:42:36:56:b9:1b:
                    15:02:81:1f:68:23:c6:28:c9:00:8f:b6:fd:3d:b8:
                    20:e4:0f:2a:b3:fb:54:0a:eb:d6:c3:38:d8:5f:74:
                    03:7c:ea:fc:e0:02:5c:94:83:4f:bd:3c:d4:85:f7:
                    7c:9f:78:a6:92:25:31:dc:81:3c:32:61:a7:fe:a5:
                    3d:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:44:EC:95:97:17:EA:1B:BD:A9:68:FB:D7:C6:BE:EF:B4:81:C2:FE
            X509v3 Authority Key Identifier:
                keyid:BE:03:17:60:2F:B0:CA:A3:A5:10:06:8B:D9:89:D4:6D:AE:38:4D:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vgMXYC-wyqOlEAaL2YnUba44TdI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/6bc113-89aa-45de-8895-14aaea208f25/1/vgMXYC-wyqOlEAaL2YnUba44TdI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/6bc113-89aa-45de-8895-14aaea208f25/1/vgMXYC-wyqOlEAaL2YnUba44TdI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:c7:70:d1:52:b9:f8:cc:69:da:9c:10:0f:dd:97:32:80:dc:
         bc:ba:ac:70:16:8c:ce:13:a3:f6:6c:8e:ea:c5:d4:9a:12:4e:
         06:08:e9:49:7f:81:1b:14:92:5e:f5:a8:19:8a:19:4e:90:b8:
         14:d9:87:bd:61:77:67:af:66:61:b8:ff:bb:71:15:a1:10:08:
         65:b4:07:1c:20:89:2b:8d:78:bd:6c:96:2f:01:f5:59:ff:0d:
         cb:8e:fd:2b:49:d2:a9:c8:01:9c:8e:ba:d1:eb:f0:0a:7d:af:
         88:51:6c:26:cc:37:14:c2:20:16:cd:b9:85:f9:38:5d:91:76:
         43:43:57:08:87:70:ee:a5:e5:21:48:b1:4f:06:ea:d6:67:be:
         eb:b5:c7:9e:ed:84:e9:b1:a2:37:c4:1c:94:2f:6a:d3:3c:a7:
         ce:55:26:af:5e:81:b2:37:28:75:83:36:65:bc:c4:7d:d2:c3:
         5e:9a:14:63:1b:47:3f:fc:49:99:f6:03:57:6a:04:52:c9:69:
         a1:dc:2c:99:73:d0:3e:8c:ba:04:10:f3:a0:3a:2f:20:bf:66:
         6a:a9:ab:35:d0:a0:3b:9f:3b:0a:f3:7a:a5:09:d6:e1:d3:8b:
         f7:dd:c8:9c:c2:d0:8d:61:87:d1:32:e4:84:95:77:53:b8:93:
         47:02:27:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDiIMKfomDR8ti5CNmRm4+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlMDMxNzYwMmZiMGNhYTNhNTEwMDY4YmQ5ODlkNDZkYWUz
ODRkZDIwHhcNMjUwMjAxMjIwMTMwWhcNMjUwMjAyMjIwMTMwWjAzMTEwLwYDVQQD
EyhlZjQ0ZWM5NTk3MTdlYTFiYmRhOTY4ZmJkN2M2YmVlZmI0ODFjMmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsxjRH1jZjsd0l7hdT6/nKlQTWZ+
CQlLBejtjOtt0I8QpPMqmv+RBfrSHU+/yamhHvf0jEHBMcuoCSPLjWBho3s5q+s2
E/k55JuyK7hUZ0OeGB1zZQ8L06PkuvTzCT9fiZ+NF51g/t0U1qp5reMQFO2i+CVp
6DDkqulnYnwfHFm2FmHLHfWs9TZLXM1iWO9diAjApyNftI8poU97dHxjYAQAWTVX
uEgoc6gbwqAsRh/Egst+uyLU8wFLu3RHQjZWuRsVAoEfaCPGKMkAj7b9Pbgg5A8q
s/tUCuvWwzjYX3QDfOr84AJclINPvTzUhfd8n3imkiUx3IE8MmGn/qU9owIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO9E7JWXF+obvalo+9fGvu+0gcL+MB8GA1UdIwQY
MBaAFL4DF2AvsMqjpRAGi9mJ1G2uOE3SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmdNWFlDLXd5cU9sRUFhTDJZblViYTQ0VGRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi82YmMxMTMtODlhYS00NWRlLTg4OTUt
MTRhYWVhMjA4ZjI1LzEvdmdNWFlDLXd5cU9sRUFhTDJZblViYTQ0VGRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi82YmMxMTMtODlhYS00NWRlLTg4OTUtMTRhYWVhMjA4ZjI1
LzEvdmdNWFlDLXd5cU9sRUFhTDJZblViYTQ0VGRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkMdw0VK5
+Mxp2pwQD92XMoDcvLqscBaMzhOj9myO6sXUmhJOBgjpSX+BGxSSXvWoGYoZTpC4
FNmHvWF3Z69mYbj/u3EVoRAIZbQHHCCJK414vWyWLwH1Wf8Ny479K0nSqcgBnI66
0evwCn2viFFsJsw3FMIgFs25hfk4XZF2Q0NXCIdw7qXlIUixTwbq1me+67XHnu2E
6bGiN8QclC9q0zynzlUmr16BsjcodYM2ZbzEfdLDXpoUYxtHP/xJmfYDV2oEUslp
odwsmXPQPoy6BBDzoDovIL9maqmrNdCgO587CvN6pQnW4dOL993InMLQjWGH0TLk
hJV3U7iTRwInXA==
-----END CERTIFICATE-----