Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/b44856-214a-4596-927b-3da415ac0dc0/1/dGMPFkhbT5M4X5So7HEArUjF_FA.mft
File:                     dGMPFkhbT5M4X5So7HEArUjF_FA.mft (raw, json)
Hash identifier:          twB8KqkWnrrFWHC8Urc5oEoi/zq+vL+Bhv/1Mhqr+A8=
Subject key identifier:   E0:94:42:25:49:C2:0F:7C:DB:59:BF:70:E6:22:8B:16:AA:D3:2F:10
Authority key identifier: 74:63:0F:16:48:5B:4F:93:38:5F:94:A8:EC:71:00:AD:48:C5:FC:50
Certificate issuer:       /CN=74630f16485b4f93385f94a8ec7100ad48c5fc50
Certificate serial:       0194C387CF2CF2EBA2BFBD6688251F8640DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dGMPFkhbT5M4X5So7HEArUjF_FA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/b44856-214a-4596-927b-3da415ac0dc0/1/dGMPFkhbT5M4X5So7HEArUjF_FA.mft
Manifest number:          0B66
Signing time:             Sat 01 Feb 2025 22:00:44 +0000
Manifest this update:     Sat 01 Feb 2025 22:00:44 +0000
Manifest next update:     Sun 02 Feb 2025 22:00:44 +0000
Files and hashes:         1: dGMPFkhbT5M4X5So7HEArUjF_FA.crl (hash: P3yCaVn0bh1UKnkXq8747vmOm7Nth3Ww0mwSod4PQAg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/b44856-214a-4596-927b-3da415ac0dc0/1/dGMPFkhbT5M4X5So7HEArUjF_FA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/b44856-214a-4596-927b-3da415ac0dc0/1/dGMPFkhbT5M4X5So7HEArUjF_FA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dGMPFkhbT5M4X5So7HEArUjF_FA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:87:cf:2c:f2:eb:a2:bf:bd:66:88:25:1f:86:40:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74630f16485b4f93385f94a8ec7100ad48c5fc50
        Validity
            Not Before: Feb  1 22:00:44 2025 GMT
            Not After : Feb  2 22:00:44 2025 GMT
        Subject: CN=e094422549c20f7cdb59bf70e6228b16aad32f10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:b0:4e:e9:9f:61:e0:74:59:45:b9:3c:4a:86:
                    75:a9:9d:1d:6f:28:32:4f:1a:72:b5:1e:47:f7:a5:
                    37:78:9f:76:ca:5e:50:86:fe:ca:1a:27:66:1c:ec:
                    a4:e4:e6:b4:b8:6f:17:74:1d:59:bd:b6:b2:7f:9a:
                    97:70:7d:12:c0:52:d9:1d:8a:12:4e:09:3f:3a:34:
                    ef:be:61:02:92:ed:2e:74:fe:3d:4a:ce:66:15:24:
                    26:d2:f7:20:d5:ef:ba:ae:c4:f2:70:e2:9c:4f:f9:
                    fd:4e:bf:13:07:b3:92:5a:6d:53:f8:86:8a:88:29:
                    91:0c:31:9e:b5:5d:06:4c:98:6b:1f:22:9f:f0:49:
                    1e:2d:4b:a4:bc:3c:4c:de:a6:66:4b:98:83:00:f3:
                    7c:3e:09:40:5a:09:fc:23:81:b2:ff:7a:c0:79:a8:
                    b0:de:bc:91:91:1e:53:95:a4:6e:90:55:06:27:9f:
                    d5:cc:8f:02:18:9b:06:e7:d3:fb:a3:71:a1:bc:92:
                    2f:5d:6d:03:22:f0:15:eb:0a:3f:0f:76:8b:1c:f7:
                    35:71:50:25:aa:b5:ca:94:c0:e5:19:ae:1a:c1:54:
                    3a:af:2b:6b:90:29:ba:14:42:4c:7d:ab:e3:7a:60:
                    c1:47:6e:b5:61:e6:f5:ee:b6:14:0c:04:48:ff:9d:
                    a6:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:94:42:25:49:C2:0F:7C:DB:59:BF:70:E6:22:8B:16:AA:D3:2F:10
            X509v3 Authority Key Identifier:
                keyid:74:63:0F:16:48:5B:4F:93:38:5F:94:A8:EC:71:00:AD:48:C5:FC:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGMPFkhbT5M4X5So7HEArUjF_FA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/b44856-214a-4596-927b-3da415ac0dc0/1/dGMPFkhbT5M4X5So7HEArUjF_FA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/b44856-214a-4596-927b-3da415ac0dc0/1/dGMPFkhbT5M4X5So7HEArUjF_FA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:75:19:3c:f6:4a:cc:35:6a:ac:c9:71:c3:ce:cf:3c:fb:f7:
         58:60:af:f0:5f:24:91:08:f7:06:5a:4b:04:53:66:53:21:c5:
         74:31:04:40:62:8d:c3:47:c0:88:2e:14:17:e2:84:51:22:52:
         a7:a4:20:fb:8a:67:26:76:7c:86:4b:83:41:1b:03:77:46:6c:
         0b:b4:1a:ad:8c:13:21:2f:00:09:13:2d:5c:3f:65:19:42:1e:
         ea:3c:ba:8c:da:d6:5f:42:e7:5b:ca:cc:63:9f:10:2e:bb:df:
         7b:a5:20:75:09:0d:69:4c:77:a1:96:dd:88:30:c5:8a:3c:8a:
         5a:73:4a:da:be:36:d9:af:b1:63:95:ca:13:5a:0a:9d:bc:56:
         7b:7c:3f:5e:60:88:99:80:44:3d:01:91:32:15:c1:35:fb:4d:
         b2:5f:bd:43:0e:1c:b3:c5:e1:3f:c0:d4:59:bc:e7:9a:2f:63:
         13:f7:47:42:84:83:e7:06:62:4e:3c:d6:80:af:1a:8e:9f:d8:
         70:d5:45:8e:92:61:52:22:45:95:ca:33:1f:36:ff:07:28:b6:
         51:86:5d:36:0c:ba:2c:d4:ba:df:ea:1f:8e:b3:65:0e:21:25:
         46:6c:47:99:00:98:3c:3f:57:e5:0f:30:0b:43:b5:bd:2a:ff:
         f9:31:89:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh88s8uuiv71miCUfhkDfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjMwZjE2NDg1YjRmOTMzODVmOTRhOGVjNzEwMGFkNDhj
NWZjNTAwHhcNMjUwMjAxMjIwMDQ0WhcNMjUwMjAyMjIwMDQ0WjAzMTEwLwYDVQQD
EyhlMDk0NDIyNTQ5YzIwZjdjZGI1OWJmNzBlNjIyOGIxNmFhZDMyZjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7BO6Z9h4HRZRbk8SoZ1qZ0dbygy
TxpytR5H96U3eJ92yl5Qhv7KGidmHOyk5Oa0uG8XdB1Zvbayf5qXcH0SwFLZHYoS
Tgk/OjTvvmECku0udP49Ss5mFSQm0vcg1e+6rsTycOKcT/n9Tr8TB7OSWm1T+IaK
iCmRDDGetV0GTJhrHyKf8EkeLUukvDxM3qZmS5iDAPN8PglAWgn8I4Gy/3rAeaiw
3ryRkR5TlaRukFUGJ5/VzI8CGJsG59P7o3GhvJIvXW0DIvAV6wo/D3aLHPc1cVAl
qrXKlMDlGa4awVQ6rytrkCm6FEJMfavjemDBR261Yeb17rYUDARI/52mzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOCUQiVJwg9821m/cOYiixaq0y8QMB8GA1UdIwQY
MBaAFHRjDxZIW0+TOF+UqOxxAK1IxfxQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdNUEZraGJUNU00WDVTbzdIRUFyVWpGX0ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9iNDQ4NTYtMjE0YS00NTk2LTkyN2It
M2RhNDE1YWMwZGMwLzEvZEdNUEZraGJUNU00WDVTbzdIRUFyVWpGX0ZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9iNDQ4NTYtMjE0YS00NTk2LTkyN2ItM2RhNDE1YWMwZGMw
LzEvZEdNUEZraGJUNU00WDVTbzdIRUFyVWpGX0ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJnUZPPZK
zDVqrMlxw87PPPv3WGCv8F8kkQj3BlpLBFNmUyHFdDEEQGKNw0fAiC4UF+KEUSJS
p6Qg+4pnJnZ8hkuDQRsDd0ZsC7QarYwTIS8ACRMtXD9lGUIe6jy6jNrWX0LnW8rM
Y58QLrvfe6UgdQkNaUx3oZbdiDDFijyKWnNK2r422a+xY5XKE1oKnbxWe3w/XmCI
mYBEPQGRMhXBNftNsl+9Qw4cs8XhP8DUWbznmi9jE/dHQoSD5wZiTjzWgK8ajp/Y
cNVFjpJhUiJFlcozHzb/Byi2UYZdNgy6LNS63+ofjrNlDiElRmxHmQCYPD9X5Q8w
C0O1vSr/+TGJ8w==
-----END CERTIFICATE-----