Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/432623-06b1-4847-9829-ff333fc3c64c/1/NeSwM5oLyzU5SwvNHgMQl8WrPZ4.mft
File:                     NeSwM5oLyzU5SwvNHgMQl8WrPZ4.mft (raw, json)
Hash identifier:          lYEWPSa/odwABhary42SgE/mL3AedUBdwXoCwOATbc4=
Subject key identifier:   0D:99:55:FE:10:F5:E3:06:ED:3B:D7:77:A8:3D:31:E9:8F:AE:52:50
Authority key identifier: 35:E4:B0:33:9A:0B:CB:35:39:4B:0B:CD:1E:03:10:97:C5:AB:3D:9E
Certificate issuer:       /CN=35e4b0339a0bcb35394b0bcd1e031097c5ab3d9e
Certificate serial:       0194C4D0E027128A29737A630A4B9FB0888A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NeSwM5oLyzU5SwvNHgMQl8WrPZ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/432623-06b1-4847-9829-ff333fc3c64c/1/NeSwM5oLyzU5SwvNHgMQl8WrPZ4.mft
Manifest number:          0843
Signing time:             Sun 02 Feb 2025 04:00:10 +0000
Manifest this update:     Sun 02 Feb 2025 04:00:10 +0000
Manifest next update:     Mon 03 Feb 2025 04:00:10 +0000
Files and hashes:         1: NeSwM5oLyzU5SwvNHgMQl8WrPZ4.crl (hash: x2A6MXQErHSmb2ThpqOFUZwa23nDegAb6VTKRVwESI8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/432623-06b1-4847-9829-ff333fc3c64c/1/NeSwM5oLyzU5SwvNHgMQl8WrPZ4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/432623-06b1-4847-9829-ff333fc3c64c/1/NeSwM5oLyzU5SwvNHgMQl8WrPZ4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NeSwM5oLyzU5SwvNHgMQl8WrPZ4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:d0:e0:27:12:8a:29:73:7a:63:0a:4b:9f:b0:88:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35e4b0339a0bcb35394b0bcd1e031097c5ab3d9e
        Validity
            Not Before: Feb  2 04:00:10 2025 GMT
            Not After : Feb  3 04:00:10 2025 GMT
        Subject: CN=0d9955fe10f5e306ed3bd777a83d31e98fae5250
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:b5:47:33:f2:d6:45:8c:81:4c:56:25:40:18:
                    04:81:5b:94:91:3b:75:f3:a7:db:01:e6:73:24:f5:
                    c6:d3:10:25:ad:38:1b:ab:95:d3:42:5d:04:47:3d:
                    a5:96:a3:c3:d4:d8:9a:ba:a4:a2:4c:28:00:c7:22:
                    48:fe:a0:24:7b:56:62:c3:ac:5e:77:bd:c4:9a:c2:
                    fc:11:64:b7:15:57:72:e6:d6:aa:39:d7:d4:94:10:
                    a9:75:f7:cd:81:81:7b:0d:54:d3:d7:57:d4:48:cc:
                    69:c3:a0:54:71:29:7f:ad:c0:53:23:07:0a:90:18:
                    6f:41:d5:7f:ec:48:c2:ab:39:29:4a:03:46:24:14:
                    c3:0c:ef:78:ea:7c:25:16:fb:fc:20:46:a7:60:78:
                    0a:ef:9d:4d:bf:15:c0:d9:97:ee:5b:35:56:6c:b9:
                    09:4d:86:4c:33:14:9c:92:51:14:fb:20:04:6b:8c:
                    24:0e:c3:2d:35:85:0e:d8:d3:4a:9b:b4:82:73:e4:
                    e5:05:60:ca:0e:7c:0b:5c:e3:5a:ed:77:f4:d9:38:
                    02:a5:b2:e3:12:fd:fe:09:43:bd:56:a5:ba:8e:84:
                    68:fe:49:97:f8:a7:24:31:5c:ee:33:2d:2b:b4:b5:
                    7d:db:55:a3:6c:e7:fb:1b:2f:ef:2a:b6:f7:d0:ff:
                    61:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:99:55:FE:10:F5:E3:06:ED:3B:D7:77:A8:3D:31:E9:8F:AE:52:50
            X509v3 Authority Key Identifier:
                keyid:35:E4:B0:33:9A:0B:CB:35:39:4B:0B:CD:1E:03:10:97:C5:AB:3D:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NeSwM5oLyzU5SwvNHgMQl8WrPZ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/432623-06b1-4847-9829-ff333fc3c64c/1/NeSwM5oLyzU5SwvNHgMQl8WrPZ4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/432623-06b1-4847-9829-ff333fc3c64c/1/NeSwM5oLyzU5SwvNHgMQl8WrPZ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:19:d5:7d:04:b9:54:a5:ff:ee:0f:bf:7b:84:ff:8e:c6:15:
         74:40:63:ed:b8:64:8c:bf:29:b4:ec:9e:ff:af:ac:8e:77:5c:
         f9:27:fd:63:7d:07:fa:c9:51:9c:a9:c2:c0:cc:7a:8d:3a:74:
         9a:a5:a6:bf:c6:31:8a:3d:3d:3c:6f:5e:9e:17:04:11:6f:fe:
         84:2c:76:1d:b5:e4:68:7c:38:a9:28:a5:a1:2a:77:68:34:55:
         1d:a7:64:5f:bd:d9:8f:cc:dd:ea:bf:19:b2:b7:66:34:0e:58:
         bd:29:31:5c:a2:e5:2d:d6:a7:41:14:d1:b4:52:7d:c3:92:86:
         37:c5:46:b0:85:ca:2a:79:ee:83:3d:91:9c:13:dc:c7:ed:3c:
         61:ac:18:1f:ec:42:89:08:94:cc:91:a8:b1:5d:c0:42:d3:d4:
         be:f1:df:b3:b4:53:cc:11:66:c4:61:2b:8d:43:1c:98:e6:3e:
         d9:99:c4:a5:c4:4a:31:15:64:eb:f0:f4:f6:1f:0f:7a:2e:8d:
         e5:7e:93:dc:a8:c6:06:d7:47:74:f1:3b:00:16:6c:74:d7:c1:
         ef:1d:d2:2c:bf:e1:04:44:a8:13:44:9b:ee:d3:bc:53:2b:cd:
         9d:6d:0c:42:30:06:85:1a:7c:aa:1f:c5:d4:a3:f4:5f:71:c0:
         de:a7:cf:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTE0OAnEoopc3pjCkufsIiKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZTRiMDMzOWEwYmNiMzUzOTRiMGJjZDFlMDMxMDk3YzVh
YjNkOWUwHhcNMjUwMjAyMDQwMDEwWhcNMjUwMjAzMDQwMDEwWjAzMTEwLwYDVQQD
EygwZDk5NTVmZTEwZjVlMzA2ZWQzYmQ3NzdhODNkMzFlOThmYWU1MjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLVHM/LWRYyBTFYlQBgEgVuUkTt1
86fbAeZzJPXG0xAlrTgbq5XTQl0ERz2llqPD1NiauqSiTCgAxyJI/qAke1Ziw6xe
d73EmsL8EWS3FVdy5taqOdfUlBCpdffNgYF7DVTT11fUSMxpw6BUcSl/rcBTIwcK
kBhvQdV/7EjCqzkpSgNGJBTDDO946nwlFvv8IEanYHgK751NvxXA2ZfuWzVWbLkJ
TYZMMxScklEU+yAEa4wkDsMtNYUO2NNKm7SCc+TlBWDKDnwLXONa7Xf02TgCpbLj
Ev3+CUO9VqW6joRo/kmX+KckMVzuMy0rtLV921WjbOf7Gy/vKrb30P9hrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA2ZVf4Q9eMG7TvXd6g9MemPrlJQMB8GA1UdIwQY
MBaAFDXksDOaC8s1OUsLzR4DEJfFqz2eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmVTd001b0x5elU1U3d2TkhnTVFsOFdyUFo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi80MzI2MjMtMDZiMS00ODQ3LTk4Mjkt
ZmYzMzNmYzNjNjRjLzEvTmVTd001b0x5elU1U3d2TkhnTVFsOFdyUFo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi80MzI2MjMtMDZiMS00ODQ3LTk4MjktZmYzMzNmYzNjNjRj
LzEvTmVTd001b0x5elU1U3d2TkhnTVFsOFdyUFo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABBnVfQS5
VKX/7g+/e4T/jsYVdEBj7bhkjL8ptOye/6+sjndc+Sf9Y30H+slRnKnCwMx6jTp0
mqWmv8Yxij09PG9enhcEEW/+hCx2HbXkaHw4qSiloSp3aDRVHadkX73Zj8zd6r8Z
srdmNA5YvSkxXKLlLdanQRTRtFJ9w5KGN8VGsIXKKnnugz2RnBPcx+08YawYH+xC
iQiUzJGosV3AQtPUvvHfs7RTzBFmxGErjUMcmOY+2ZnEpcRKMRVk6/D09h8Pei6N
5X6T3KjGBtdHdPE7ABZsdNfB7x3SLL/hBESoE0Sb7tO8UyvNnW0MQjAGhRp8qh/F
1KP0X3HA3qfPkw==
-----END CERTIFICATE-----