Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/af2dd5-3f6e-45d5-b10e-b55f70fb1142/1/WZypahnO8ifMM7NFhZaqRV0rePg.mft
File:                     WZypahnO8ifMM7NFhZaqRV0rePg.mft (raw, json)
Hash identifier:          jhxcNasHNPG9YT8/9BK6y1SLoHJZQqsTkqNxcDeE+Z0=
Subject key identifier:   45:90:F9:34:AB:17:AB:85:1D:BD:56:6C:03:A0:D1:0E:82:C7:6C:48
Authority key identifier: 59:9C:A9:6A:19:CE:F2:27:CC:33:B3:45:85:96:AA:45:5D:2B:78:F8
Certificate issuer:       /CN=599ca96a19cef227cc33b3458596aa455d2b78f8
Certificate serial:       0194C3BE7F903BF545353DE83C3F1C913CAA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WZypahnO8ifMM7NFhZaqRV0rePg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/af2dd5-3f6e-45d5-b10e-b55f70fb1142/1/WZypahnO8ifMM7NFhZaqRV0rePg.mft
Manifest number:          038C
Signing time:             Sat 01 Feb 2025 23:00:29 +0000
Manifest this update:     Sat 01 Feb 2025 23:00:29 +0000
Manifest next update:     Sun 02 Feb 2025 23:00:29 +0000
Files and hashes:         1: WZypahnO8ifMM7NFhZaqRV0rePg.crl (hash: 7F7mG94v9g+iWQ8P1BaBIb4rhgM3NjyWNf0CLP2qlqc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/af2dd5-3f6e-45d5-b10e-b55f70fb1142/1/WZypahnO8ifMM7NFhZaqRV0rePg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/af2dd5-3f6e-45d5-b10e-b55f70fb1142/1/WZypahnO8ifMM7NFhZaqRV0rePg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WZypahnO8ifMM7NFhZaqRV0rePg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 23:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:be:7f:90:3b:f5:45:35:3d:e8:3c:3f:1c:91:3c:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=599ca96a19cef227cc33b3458596aa455d2b78f8
        Validity
            Not Before: Feb  1 23:00:29 2025 GMT
            Not After : Feb  2 23:00:29 2025 GMT
        Subject: CN=4590f934ab17ab851dbd566c03a0d10e82c76c48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:35:05:8c:47:ac:c1:54:5f:35:47:01:fb:ca:
                    39:5d:85:d0:f0:8e:71:da:11:e7:26:4b:65:70:bf:
                    39:26:cd:31:cc:a0:c1:70:d1:6b:ef:b2:a2:94:e0:
                    e8:1e:83:14:1e:5e:92:a3:7c:22:f4:02:52:3b:c1:
                    d2:0c:a5:a3:01:a7:f6:6c:dd:7a:f9:81:fd:88:5c:
                    18:02:f3:78:f9:ab:11:68:a5:c3:f2:8f:56:46:d5:
                    85:c7:0e:74:e2:f3:18:36:1d:6f:15:f2:f0:33:07:
                    1d:72:8d:d6:07:4a:b6:20:b9:bc:35:a4:42:03:fb:
                    a3:1f:16:89:bd:73:c5:62:62:ec:33:1d:91:63:3f:
                    ca:f8:c8:39:ac:45:48:bc:d0:bb:19:32:15:8c:74:
                    bc:f9:a4:60:84:99:0c:1f:36:11:99:d2:b7:24:1e:
                    e5:3e:93:94:ef:27:1b:1a:e4:68:57:5f:b7:25:c2:
                    0d:1b:7a:4d:ec:39:da:b6:bc:09:06:26:66:3a:73:
                    09:0d:ab:fe:94:05:b8:4b:b8:ad:93:97:06:b8:dd:
                    b9:6e:71:2a:5d:c4:10:1c:28:b8:ba:49:16:de:cc:
                    dc:48:4c:35:45:27:dd:47:57:28:be:79:74:fb:4c:
                    61:50:83:ba:cc:50:61:42:85:6f:f3:ec:a6:4e:1f:
                    24:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:90:F9:34:AB:17:AB:85:1D:BD:56:6C:03:A0:D1:0E:82:C7:6C:48
            X509v3 Authority Key Identifier:
                keyid:59:9C:A9:6A:19:CE:F2:27:CC:33:B3:45:85:96:AA:45:5D:2B:78:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WZypahnO8ifMM7NFhZaqRV0rePg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/af2dd5-3f6e-45d5-b10e-b55f70fb1142/1/WZypahnO8ifMM7NFhZaqRV0rePg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/af2dd5-3f6e-45d5-b10e-b55f70fb1142/1/WZypahnO8ifMM7NFhZaqRV0rePg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:ba:99:13:9e:1b:43:a9:0a:b8:51:1d:e7:e2:5c:ef:f2:6b:
         17:15:3f:94:95:6e:58:61:14:f5:53:a0:5c:94:9f:e7:95:4a:
         6e:5f:86:c7:f5:70:7c:21:dd:d8:4b:82:42:3d:92:3a:50:6b:
         ca:c7:bd:f5:f8:b7:a0:fc:1e:91:d3:2a:7e:83:2b:e0:ba:88:
         d3:0b:c3:00:df:06:61:37:b7:ca:22:74:36:50:64:df:53:76:
         43:4b:65:d0:92:48:b0:b3:d8:4e:d4:fa:05:82:1c:48:c9:8f:
         99:5b:f6:fa:3d:74:8b:c9:56:66:df:83:5d:d2:dc:26:c5:8c:
         72:fd:95:de:9b:28:38:11:52:c6:01:50:5b:b4:12:06:39:22:
         42:9b:cf:65:96:56:a4:c9:aa:95:6d:2a:5e:a4:41:84:df:2b:
         3c:9a:d2:fe:78:88:d7:a3:5a:2a:b8:2b:b8:f0:5a:8c:ff:2a:
         e3:cb:51:92:16:14:73:bd:6e:9c:fa:73:1b:91:79:ec:c2:df:
         d9:cd:c9:f5:23:41:fc:42:27:dc:fb:13:b2:14:44:eb:93:ac:
         31:a0:7b:2f:4e:e5:d2:52:d2:e2:b7:a2:fb:64:63:ff:39:ac:
         b1:3f:17:1c:f4:e7:31:e6:83:ec:f6:99:f3:65:3b:57:cb:0d:
         5d:4d:f8:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDvn+QO/VFNT3oPD8ckTyqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5OWNhOTZhMTljZWYyMjdjYzMzYjM0NTg1OTZhYTQ1NWQy
Yjc4ZjgwHhcNMjUwMjAxMjMwMDI5WhcNMjUwMjAyMjMwMDI5WjAzMTEwLwYDVQQD
Eyg0NTkwZjkzNGFiMTdhYjg1MWRiZDU2NmMwM2EwZDEwZTgyYzc2YzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjUFjEeswVRfNUcB+8o5XYXQ8I5x
2hHnJktlcL85Js0xzKDBcNFr77KilODoHoMUHl6So3wi9AJSO8HSDKWjAaf2bN16
+YH9iFwYAvN4+asRaKXD8o9WRtWFxw504vMYNh1vFfLwMwcdco3WB0q2ILm8NaRC
A/ujHxaJvXPFYmLsMx2RYz/K+Mg5rEVIvNC7GTIVjHS8+aRghJkMHzYRmdK3JB7l
PpOU7ycbGuRoV1+3JcING3pN7DnatrwJBiZmOnMJDav+lAW4S7itk5cGuN25bnEq
XcQQHCi4ukkW3szcSEw1RSfdR1covnl0+0xhUIO6zFBhQoVv8+ymTh8k9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEWQ+TSrF6uFHb1WbAOg0Q6Cx2xIMB8GA1UdIwQY
MBaAFFmcqWoZzvInzDOzRYWWqkVdK3j4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1p5cGFobk84aWZNTTdORmhaYXFSVjByZVBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9hZjJkZDUtM2Y2ZS00NWQ1LWIxMGUt
YjU1ZjcwZmIxMTQyLzEvV1p5cGFobk84aWZNTTdORmhaYXFSVjByZVBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9hZjJkZDUtM2Y2ZS00NWQ1LWIxMGUtYjU1ZjcwZmIxMTQy
LzEvV1p5cGFobk84aWZNTTdORmhaYXFSVjByZVBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO7qZE54b
Q6kKuFEd5+Jc7/JrFxU/lJVuWGEU9VOgXJSf55VKbl+Gx/VwfCHd2EuCQj2SOlBr
yse99fi3oPwekdMqfoMr4LqI0wvDAN8GYTe3yiJ0NlBk31N2Q0tl0JJIsLPYTtT6
BYIcSMmPmVv2+j10i8lWZt+DXdLcJsWMcv2V3psoOBFSxgFQW7QSBjkiQpvPZZZW
pMmqlW0qXqRBhN8rPJrS/niI16NaKrgruPBajP8q48tRkhYUc71unPpzG5F57MLf
2c3J9SNB/EIn3PsTshRE65OsMaB7L07l0lLS4rei+2Rj/zmssT8XHPTnMeaD7PaZ
82U7V8sNXU34EQ==
-----END CERTIFICATE-----