Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft
File:                     NB54rk8RnAGERACQzx2JrMiyLCQ.mft (raw, json)
Hash identifier:          pH0Xrrh+15DVNVBXLcqCg9LF54X72CF3SWRbwb3j/F8=
Subject key identifier:   60:B7:EF:33:A9:8E:7F:69:45:ED:9C:18:2A:6F:E8:EB:43:0F:5D:DC
Authority key identifier: 34:1E:78:AE:4F:11:9C:01:84:44:00:90:CF:1D:89:AC:C8:B2:2C:24
Certificate issuer:       /CN=341e78ae4f119c0184440090cf1d89acc8b22c24
Certificate serial:       0194BB5FEB425F298957676340AB0144E18A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NB54rk8RnAGERACQzx2JrMiyLCQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft
Manifest number:          01E7
Signing time:             Fri 31 Jan 2025 08:00:12 +0000
Manifest this update:     Fri 31 Jan 2025 08:00:12 +0000
Manifest next update:     Sat 01 Feb 2025 08:00:12 +0000
Files and hashes:         1: NB54rk8RnAGERACQzx2JrMiyLCQ.crl (hash: vrTyc0rdY7iW8LoUQwkjdNhTvw0FALzTdRcCgseWphE=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NB54rk8RnAGERACQzx2JrMiyLCQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 08:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:bb:5f:eb:42:5f:29:89:57:67:63:40:ab:01:44:e1:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=341e78ae4f119c0184440090cf1d89acc8b22c24
        Validity
            Not Before: Jan 31 08:00:12 2025 GMT
            Not After : Feb  1 08:00:12 2025 GMT
        Subject: CN=60b7ef33a98e7f6945ed9c182a6fe8eb430f5ddc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:59:05:fd:c1:8c:ec:d6:68:89:41:6d:f3:1b:
                    74:b8:68:97:e4:30:6f:6a:21:d2:e6:8f:ca:ab:0b:
                    a1:7f:d6:d3:4e:64:34:ff:64:d8:5b:2e:39:0a:40:
                    ca:93:bd:f3:6b:f6:67:3b:e3:0f:fc:ff:21:85:aa:
                    85:7c:9c:40:7f:8b:86:71:1a:75:46:79:38:5d:5d:
                    9b:58:1f:2f:9d:07:05:96:65:1c:d8:ab:a8:6f:e0:
                    22:67:bd:de:8d:7e:fd:79:4f:93:78:83:01:74:7d:
                    05:fd:bd:59:fd:2d:db:80:25:37:5a:47:36:1a:66:
                    3f:fc:5a:cc:e2:3f:08:05:fd:bb:31:58:56:17:83:
                    6d:c0:7e:54:64:e7:80:c5:29:d6:ca:87:8f:52:6f:
                    88:1e:a0:c9:8a:13:4c:7d:06:40:e6:c2:91:7f:16:
                    b6:79:b8:5d:03:da:55:92:09:56:0b:af:a2:47:bc:
                    ac:02:30:13:f3:5b:da:e0:54:52:66:27:37:70:88:
                    b1:7e:c8:1b:24:d2:e9:c5:b3:d0:ae:da:ff:38:0a:
                    35:0a:8a:44:60:65:2b:32:c7:2f:31:68:4c:82:4c:
                    c1:2b:71:6c:49:b0:f2:5f:7d:68:81:71:f2:92:9e:
                    08:8f:98:34:0a:47:47:24:32:e9:0e:7a:2f:5b:cf:
                    b2:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:B7:EF:33:A9:8E:7F:69:45:ED:9C:18:2A:6F:E8:EB:43:0F:5D:DC
            X509v3 Authority Key Identifier:
                keyid:34:1E:78:AE:4F:11:9C:01:84:44:00:90:CF:1D:89:AC:C8:B2:2C:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NB54rk8RnAGERACQzx2JrMiyLCQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:a2:42:e6:84:da:59:8b:e1:2d:6a:58:16:c7:3c:45:bc:2c:
         f3:8c:d9:26:42:d9:a3:09:29:f4:b6:b4:51:8c:5b:c2:3c:c7:
         9b:c0:d4:79:0e:e2:1a:8f:d5:22:bd:e9:8a:c5:a9:eb:92:e5:
         39:d0:e3:14:11:de:a2:30:9c:f2:b0:d7:b1:fa:a7:ee:57:c2:
         50:42:f6:ca:be:53:4f:ef:84:0e:19:56:9b:ac:8d:72:bd:81:
         7f:12:58:de:91:77:98:d6:34:f3:6f:24:ca:1b:b0:ce:5c:86:
         03:f7:8a:4e:c1:bf:37:26:86:4e:d1:da:d9:1a:87:18:6f:14:
         48:8c:f3:02:d6:2f:fd:33:fe:21:7f:25:2c:8c:0f:dc:74:12:
         71:26:dd:87:e6:30:b0:c7:24:c1:9a:3d:14:7f:86:d6:cb:45:
         c5:3f:8a:ed:79:ad:d9:64:43:7c:75:9a:30:27:cf:05:7a:16:
         b9:ec:86:63:9d:99:e8:cd:e8:ef:e1:c2:24:bd:fb:19:22:80:
         c8:90:6d:a0:e5:0a:7e:48:14:73:15:13:f3:04:25:ae:f0:61:
         5d:a1:82:07:97:8d:16:81:d0:9f:72:28:f3:e6:7c:ad:13:1d:
         f2:b8:8e:32:2f:6a:32:ee:8e:f4:29:64:b1:d0:7a:6e:85:3d:
         81:4f:16:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS7X+tCXymJV2djQKsBROGKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MWU3OGFlNGYxMTljMDE4NDQ0MDA5MGNmMWQ4OWFjYzhi
MjJjMjQwHhcNMjUwMTMxMDgwMDEyWhcNMjUwMjAxMDgwMDEyWjAzMTEwLwYDVQQD
Eyg2MGI3ZWYzM2E5OGU3ZjY5NDVlZDljMTgyYTZmZThlYjQzMGY1ZGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1kF/cGM7NZoiUFt8xt0uGiX5DBv
aiHS5o/Kqwuhf9bTTmQ0/2TYWy45CkDKk73za/ZnO+MP/P8hhaqFfJxAf4uGcRp1
Rnk4XV2bWB8vnQcFlmUc2Kuob+AiZ73ejX79eU+TeIMBdH0F/b1Z/S3bgCU3Wkc2
GmY//FrM4j8IBf27MVhWF4NtwH5UZOeAxSnWyoePUm+IHqDJihNMfQZA5sKRfxa2
ebhdA9pVkglWC6+iR7ysAjAT81va4FRSZic3cIixfsgbJNLpxbPQrtr/OAo1CopE
YGUrMscvMWhMgkzBK3FsSbDyX31ogXHykp4Ij5g0CkdHJDLpDnovW8+yzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGC37zOpjn9pRe2cGCpv6OtDD13cMB8GA1UdIwQY
MBaAFDQeeK5PEZwBhEQAkM8diazIsiwkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkI1NHJrOFJuQUdFUkFDUXp4MkpyTWl5TENRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8yYWVjYTctMDgzNy00NjhkLWJkNjIt
MDNiYjIxYWVmYmEwLzEvTkI1NHJrOFJuQUdFUkFDUXp4MkpyTWl5TENRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8yYWVjYTctMDgzNy00NjhkLWJkNjItMDNiYjIxYWVmYmEw
LzEvTkI1NHJrOFJuQUdFUkFDUXp4MkpyTWl5TENRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVqJC5oTa
WYvhLWpYFsc8Rbws84zZJkLZowkp9La0UYxbwjzHm8DUeQ7iGo/VIr3pisWp65Ll
OdDjFBHeojCc8rDXsfqn7lfCUEL2yr5TT++EDhlWm6yNcr2BfxJY3pF3mNY0828k
yhuwzlyGA/eKTsG/NyaGTtHa2RqHGG8USIzzAtYv/TP+IX8lLIwP3HQScSbdh+Yw
sMckwZo9FH+G1stFxT+K7Xmt2WRDfHWaMCfPBXoWueyGY52Z6M3o7+HCJL37GSKA
yJBtoOUKfkgUcxUT8wQlrvBhXaGCB5eNFoHQn3Io8+Z8rRMd8riOMi9qMu6O9Clk
sdB6boU9gU8Wyg==
-----END CERTIFICATE-----