Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.mft
File:                     h_S8G8xE8-kQBwQ1297UG25ILmg.mft (raw, json)
Hash identifier:          uXMwCki3N+H/ah0vACbBIVKXiObsv6i2qgeZMydkspQ=
Subject key identifier:   CB:BF:C3:9B:65:47:26:20:29:59:56:C3:82:6B:DB:66:93:6A:68:A1
Authority key identifier: 87:F4:BC:1B:CC:44:F3:E9:10:07:04:35:DB:DE:D4:1B:6E:48:2E:68
Certificate issuer:       /CN=87f4bc1bcc44f3e910070435dbded41b6e482e68
Certificate serial:       0195124788620E1DDAEBBBF25BF239DE1456
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h_S8G8xE8-kQBwQ1297UG25ILmg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.mft
Manifest number:          028A
Signing time:             Mon 17 Feb 2025 05:00:32 +0000
Manifest this update:     Mon 17 Feb 2025 05:00:32 +0000
Manifest next update:     Tue 18 Feb 2025 05:00:32 +0000
Files and hashes:         1: h_S8G8xE8-kQBwQ1297UG25ILmg.crl (hash: AfYz7kdpGSU66d0wjrFgBV5538a6juAWNMC1LEzZEfw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h_S8G8xE8-kQBwQ1297UG25ILmg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:12:47:88:62:0e:1d:da:eb:bb:f2:5b:f2:39:de:14:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87f4bc1bcc44f3e910070435dbded41b6e482e68
        Validity
            Not Before: Feb 17 05:00:32 2025 GMT
            Not After : Feb 18 05:00:32 2025 GMT
        Subject: CN=cbbfc39b65472620295956c3826bdb66936a68a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:29:1b:52:ad:be:37:60:64:ab:73:1a:79:f5:
                    0e:22:3e:23:83:33:a8:26:2d:09:5c:a1:fb:4d:c6:
                    2c:73:3e:9b:49:c2:55:02:cf:1b:9a:18:6b:58:e8:
                    9c:61:d6:40:43:f9:14:28:40:4d:a2:1e:6f:51:82:
                    46:75:36:0d:a4:00:b9:85:29:78:28:12:d0:e9:de:
                    fa:e4:3e:16:10:c6:d3:ed:f2:98:7b:0a:3a:17:1d:
                    3e:6f:b4:fa:7b:01:ac:31:4a:e3:4c:ac:49:78:df:
                    21:b6:9b:60:cd:ce:51:10:a9:90:52:d0:ab:5f:fc:
                    6b:6c:c1:b5:4b:67:0b:b7:08:1a:ed:b3:d7:5a:5d:
                    a3:aa:af:ba:20:eb:99:ab:93:51:a5:b4:7d:29:2f:
                    a0:3b:26:63:2a:bb:a6:5a:86:33:75:c9:1d:83:59:
                    42:5a:b2:3f:1b:27:64:0e:06:9c:c2:b4:d0:55:e6:
                    17:3c:f0:71:df:49:ce:e3:1f:13:f6:d7:b8:eb:f0:
                    11:0d:8d:3f:4d:0c:c1:03:36:6d:2c:de:3d:90:7f:
                    71:32:99:83:5a:cf:c1:80:a4:0e:93:68:f7:24:a6:
                    89:91:a2:d2:d2:ac:bb:39:94:7e:81:5f:cd:47:fd:
                    98:dd:f5:bb:b0:72:87:5f:48:d3:58:df:8c:8d:c1:
                    53:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:BF:C3:9B:65:47:26:20:29:59:56:C3:82:6B:DB:66:93:6A:68:A1
            X509v3 Authority Key Identifier:
                keyid:87:F4:BC:1B:CC:44:F3:E9:10:07:04:35:DB:DE:D4:1B:6E:48:2E:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h_S8G8xE8-kQBwQ1297UG25ILmg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:f8:b2:31:7c:04:d3:bc:9c:42:34:1e:35:d9:3d:b1:85:c1:
         ec:bd:2f:51:dd:ec:cf:80:70:14:02:83:7f:9b:f1:92:ec:ec:
         53:6a:52:b2:62:dd:cb:76:25:16:7b:16:e3:1f:4a:95:6e:67:
         3b:7c:c5:fb:c6:d8:71:ac:f2:b4:c1:cb:b1:f5:4e:2a:4a:4d:
         00:6d:82:d8:9a:a5:4e:fc:48:81:2d:31:22:24:c4:07:19:75:
         a8:57:97:58:35:43:48:72:52:44:d8:06:8e:de:c9:1e:ee:45:
         94:81:39:ac:39:26:6e:d4:00:63:04:3a:26:df:5d:cf:f3:fd:
         92:e4:3b:3d:8d:0c:50:0f:95:32:67:a8:aa:05:15:ac:54:8c:
         40:7b:b0:33:d8:5a:eb:ec:54:ac:ae:30:9e:3c:6e:03:77:fd:
         51:ee:0c:32:66:e0:8b:a8:e9:46:26:8f:90:27:f6:3a:20:d0:
         a9:bc:7b:00:7d:90:03:08:49:9b:78:da:53:b3:12:2d:ef:a4:
         8c:ba:2b:88:8e:30:39:ed:33:fc:29:75:ff:d9:6f:58:c3:67:
         37:92:46:6e:92:fd:c4:cf:5a:81:ae:79:bd:6f:09:ec:86:8d:
         17:6e:ad:8d:5a:cf:fa:07:6d:4d:6a:12:c3:39:7a:2a:75:1c:
         ad:6a:5a:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSR4hiDh3a67vyW/I53hRWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZjRiYzFiY2M0NGYzZTkxMDA3MDQzNWRiZGVkNDFiNmU0
ODJlNjgwHhcNMjUwMjE3MDUwMDMyWhcNMjUwMjE4MDUwMDMyWjAzMTEwLwYDVQQD
EyhjYmJmYzM5YjY1NDcyNjIwMjk1OTU2YzM4MjZiZGI2NjkzNmE2OGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlykbUq2+N2Bkq3MaefUOIj4jgzOo
Ji0JXKH7TcYscz6bScJVAs8bmhhrWOicYdZAQ/kUKEBNoh5vUYJGdTYNpAC5hSl4
KBLQ6d765D4WEMbT7fKYewo6Fx0+b7T6ewGsMUrjTKxJeN8htptgzc5REKmQUtCr
X/xrbMG1S2cLtwga7bPXWl2jqq+6IOuZq5NRpbR9KS+gOyZjKrumWoYzdckdg1lC
WrI/GydkDgacwrTQVeYXPPBx30nO4x8T9te46/ARDY0/TQzBAzZtLN49kH9xMpmD
Ws/BgKQOk2j3JKaJkaLS0qy7OZR+gV/NR/2Y3fW7sHKHX0jTWN+MjcFTiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMu/w5tlRyYgKVlWw4Jr22aTamihMB8GA1UdIwQY
MBaAFIf0vBvMRPPpEAcENdve1BtuSC5oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaF9TOEc4eEU4LWtRQndRMTI5N1VHMjVJTG1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wYjViNmQtN2Y0Ni00NDdhLTg5NDYt
N2U3ODE2ODBkMWQyLzEvaF9TOEc4eEU4LWtRQndRMTI5N1VHMjVJTG1nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wYjViNmQtN2Y0Ni00NDdhLTg5NDYtN2U3ODE2ODBkMWQy
LzEvaF9TOEc4eEU4LWtRQndRMTI5N1VHMjVJTG1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANfiyMXwE
07ycQjQeNdk9sYXB7L0vUd3sz4BwFAKDf5vxkuzsU2pSsmLdy3YlFnsW4x9KlW5n
O3zF+8bYcazytMHLsfVOKkpNAG2C2JqlTvxIgS0xIiTEBxl1qFeXWDVDSHJSRNgG
jt7JHu5FlIE5rDkmbtQAYwQ6Jt9dz/P9kuQ7PY0MUA+VMmeoqgUVrFSMQHuwM9ha
6+xUrK4wnjxuA3f9Ue4MMmbgi6jpRiaPkCf2OiDQqbx7AH2QAwhJm3jaU7MSLe+k
jLoriI4wOe0z/Cl1/9lvWMNnN5JGbpL9xM9aga55vW8J7IaNF26tjVrP+gdtTWoS
wzl6KnUcrWpa0w==
-----END CERTIFICATE-----