Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/7f6f96-664c-4c61-bd25-0974f09879a9/1/v40IHJb6fQ_CqdMq7dUMI6YcbxE.mft
File:                     v40IHJb6fQ_CqdMq7dUMI6YcbxE.mft (raw, json)
Hash identifier:          uxbiKIonjisyL2+FxaBRu589UaF/Hrz5PaEYkUN0cis=
Subject key identifier:   A5:62:17:D9:FE:20:BC:BC:1A:86:90:A9:C5:A5:0C:82:83:E1:BE:F5
Authority key identifier: BF:8D:08:1C:96:FA:7D:0F:C2:A9:D3:2A:ED:D5:0C:23:A6:1C:6F:11
Certificate issuer:       /CN=bf8d081c96fa7d0fc2a9d32aedd50c23a61c6f11
Certificate serial:       0195124746518F6C0CA6574D3C0043C44D8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v40IHJb6fQ_CqdMq7dUMI6YcbxE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/7f6f96-664c-4c61-bd25-0974f09879a9/1/v40IHJb6fQ_CqdMq7dUMI6YcbxE.mft
Manifest number:          0148
Signing time:             Mon 17 Feb 2025 05:00:15 +0000
Manifest this update:     Mon 17 Feb 2025 05:00:15 +0000
Manifest next update:     Tue 18 Feb 2025 05:00:15 +0000
Files and hashes:         1: v40IHJb6fQ_CqdMq7dUMI6YcbxE.crl (hash: 3gs6IsQUwSC0gbErSs3WiO0KFdtL62lxNPpvWXSqg4k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/76/7f6f96-664c-4c61-bd25-0974f09879a9/1/v40IHJb6fQ_CqdMq7dUMI6YcbxE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/76/7f6f96-664c-4c61-bd25-0974f09879a9/1/v40IHJb6fQ_CqdMq7dUMI6YcbxE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/v40IHJb6fQ_CqdMq7dUMI6YcbxE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:12:47:46:51:8f:6c:0c:a6:57:4d:3c:00:43:c4:4d:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf8d081c96fa7d0fc2a9d32aedd50c23a61c6f11
        Validity
            Not Before: Feb 17 05:00:15 2025 GMT
            Not After : Feb 18 05:00:15 2025 GMT
        Subject: CN=a56217d9fe20bcbc1a8690a9c5a50c8283e1bef5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:0c:8f:c1:cd:d3:68:dc:91:d9:4c:55:25:cd:
                    1d:6b:e5:d6:01:a0:dc:2c:3b:32:3c:8e:50:7f:f3:
                    d9:63:d2:8a:e5:b3:46:85:77:c3:41:82:e4:53:76:
                    7e:a0:8f:5d:dc:6d:77:83:fd:1d:22:76:39:b0:de:
                    c7:4f:bd:16:bc:8a:16:5b:e8:6a:d8:aa:76:7c:98:
                    f8:26:42:b5:58:55:8b:b0:ca:a4:ad:68:5d:3c:49:
                    83:84:02:e2:cf:8f:b8:f6:6b:56:8e:2f:a7:9a:96:
                    a3:73:8c:5c:b8:c3:82:6b:2a:60:c1:98:ba:a6:8b:
                    e7:b8:4c:af:c9:af:fe:15:20:c7:85:ea:63:b1:a3:
                    1c:f0:3f:68:34:45:d8:29:c1:79:11:82:c7:c1:02:
                    c3:b8:85:7c:49:8b:f2:cd:90:21:48:4e:c7:ce:ec:
                    aa:50:49:51:5c:17:6f:e1:fb:f5:bd:c7:4c:f5:f0:
                    97:38:23:95:51:ff:b7:21:41:6b:d7:cc:15:2a:85:
                    85:51:55:81:88:40:3e:7a:19:59:54:c8:6a:e4:39:
                    0a:fe:67:73:cc:1c:93:6a:4b:af:18:03:67:aa:1a:
                    36:0c:40:3c:2e:ba:fb:65:bf:f6:6d:eb:94:6b:3d:
                    00:31:78:dd:89:60:46:45:e0:b3:2d:86:a3:e7:b8:
                    d2:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:62:17:D9:FE:20:BC:BC:1A:86:90:A9:C5:A5:0C:82:83:E1:BE:F5
            X509v3 Authority Key Identifier:
                keyid:BF:8D:08:1C:96:FA:7D:0F:C2:A9:D3:2A:ED:D5:0C:23:A6:1C:6F:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v40IHJb6fQ_CqdMq7dUMI6YcbxE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/7f6f96-664c-4c61-bd25-0974f09879a9/1/v40IHJb6fQ_CqdMq7dUMI6YcbxE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/7f6f96-664c-4c61-bd25-0974f09879a9/1/v40IHJb6fQ_CqdMq7dUMI6YcbxE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:39:15:82:0f:1b:29:79:e6:39:45:26:1c:e2:3d:05:99:5b:
         b8:a5:cf:02:1e:e2:1d:a3:d3:48:7d:77:79:34:84:4a:00:78:
         41:7b:1d:fc:8a:af:74:64:c1:73:15:a7:51:78:23:f5:01:30:
         b9:d3:d7:71:c4:3e:cd:f8:06:c8:fa:31:19:18:e0:9b:0b:a2:
         8b:46:f8:48:cf:21:c1:a6:37:db:98:1f:42:55:45:01:36:3a:
         08:c0:b0:8c:43:3d:de:6d:26:ce:69:55:3f:9d:4e:82:2e:29:
         17:73:45:ed:df:de:a0:37:1d:a5:74:74:ac:1a:46:6c:d9:ab:
         5a:58:b0:3c:8c:df:92:b9:4f:0c:c8:06:4c:cc:c1:cd:db:72:
         35:5a:b0:b4:8d:88:e5:5b:4d:3c:89:04:82:87:58:2e:05:fe:
         01:5e:ac:6b:91:95:c4:73:90:36:2e:b2:ee:20:18:5b:39:cf:
         06:e2:0b:a6:1b:76:a3:96:f2:8e:88:f0:c2:6b:9e:40:af:cd:
         c0:f8:17:87:b7:7e:cb:ac:cc:6b:9f:31:8b:82:28:1f:55:39:
         73:88:d4:05:58:81:8a:12:07:a9:b6:ff:2d:33:c8:d7:f3:e8:
         03:2a:31:f5:52:cb:ce:af:23:e0:50:4b:d3:4b:15:05:3b:5f:
         86:df:ef:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSR0ZRj2wMpldNPABDxE2MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmOGQwODFjOTZmYTdkMGZjMmE5ZDMyYWVkZDUwYzIzYTYx
YzZmMTEwHhcNMjUwMjE3MDUwMDE1WhcNMjUwMjE4MDUwMDE1WjAzMTEwLwYDVQQD
EyhhNTYyMTdkOWZlMjBiY2JjMWE4NjkwYTljNWE1MGM4MjgzZTFiZWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgyPwc3TaNyR2UxVJc0da+XWAaDc
LDsyPI5Qf/PZY9KK5bNGhXfDQYLkU3Z+oI9d3G13g/0dInY5sN7HT70WvIoWW+hq
2Kp2fJj4JkK1WFWLsMqkrWhdPEmDhALiz4+49mtWji+nmpajc4xcuMOCaypgwZi6
povnuEyvya/+FSDHhepjsaMc8D9oNEXYKcF5EYLHwQLDuIV8SYvyzZAhSE7Hzuyq
UElRXBdv4fv1vcdM9fCXOCOVUf+3IUFr18wVKoWFUVWBiEA+ehlZVMhq5DkK/mdz
zByTakuvGANnqho2DEA8Lrr7Zb/2beuUaz0AMXjdiWBGReCzLYaj57jSdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKViF9n+ILy8GoaQqcWlDIKD4b71MB8GA1UdIwQY
MBaAFL+NCByW+n0PwqnTKu3VDCOmHG8RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjQwSUhKYjZmUV9DcWRNcTdkVU1JNlljYnhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni83ZjZmOTYtNjY0Yy00YzYxLWJkMjUt
MDk3NGYwOTg3OWE5LzEvdjQwSUhKYjZmUV9DcWRNcTdkVU1JNlljYnhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni83ZjZmOTYtNjY0Yy00YzYxLWJkMjUtMDk3NGYwOTg3OWE5
LzEvdjQwSUhKYjZmUV9DcWRNcTdkVU1JNlljYnhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYDkVgg8b
KXnmOUUmHOI9BZlbuKXPAh7iHaPTSH13eTSESgB4QXsd/IqvdGTBcxWnUXgj9QEw
udPXccQ+zfgGyPoxGRjgmwuii0b4SM8hwaY325gfQlVFATY6CMCwjEM93m0mzmlV
P51Ogi4pF3NF7d/eoDcdpXR0rBpGbNmrWliwPIzfkrlPDMgGTMzBzdtyNVqwtI2I
5VtNPIkEgodYLgX+AV6sa5GVxHOQNi6y7iAYWznPBuILpht2o5byjojwwmueQK/N
wPgXh7d+y6zMa58xi4IoH1U5c4jUBViBihIHqbb/LTPI1/PoAyox9VLLzq8j4FBL
00sVBTtfht/v2g==
-----END CERTIFICATE-----