Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/69e7fe-40c0-45c2-b2b1-b72d7adbfb96/1/Tle6dst9bSrsBSA89BuOZxbufqA.mft
File:                     Tle6dst9bSrsBSA89BuOZxbufqA.mft (raw, json)
Hash identifier:          YVhsifWH+UnGmEf0KfNNbhDVZw52eS0sEwo3HJqhSpE=
Subject key identifier:   32:A5:27:4F:4F:EF:1B:03:D8:77:77:35:18:B0:A5:9F:C2:97:E9:C9
Authority key identifier: 4E:57:BA:76:CB:7D:6D:2A:EC:05:20:3C:F4:1B:8E:67:16:EE:7E:A0
Certificate issuer:       /CN=4e57ba76cb7d6d2aec05203cf41b8e6716ee7ea0
Certificate serial:       0194C388631309B1C442D263BDBFFA33ACF1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Tle6dst9bSrsBSA89BuOZxbufqA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/69e7fe-40c0-45c2-b2b1-b72d7adbfb96/1/Tle6dst9bSrsBSA89BuOZxbufqA.mft
Manifest number:          0D53
Signing time:             Sat 01 Feb 2025 22:01:22 +0000
Manifest this update:     Sat 01 Feb 2025 22:01:22 +0000
Manifest next update:     Sun 02 Feb 2025 22:01:22 +0000
Files and hashes:         1: Tle6dst9bSrsBSA89BuOZxbufqA.crl (hash: ptSloHbVXIRj6Ywuy8y3pprMQUuYHl+bp/qQOMUwdfI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/77/69e7fe-40c0-45c2-b2b1-b72d7adbfb96/1/Tle6dst9bSrsBSA89BuOZxbufqA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/77/69e7fe-40c0-45c2-b2b1-b72d7adbfb96/1/Tle6dst9bSrsBSA89BuOZxbufqA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Tle6dst9bSrsBSA89BuOZxbufqA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:88:63:13:09:b1:c4:42:d2:63:bd:bf:fa:33:ac:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e57ba76cb7d6d2aec05203cf41b8e6716ee7ea0
        Validity
            Not Before: Feb  1 22:01:22 2025 GMT
            Not After : Feb  2 22:01:22 2025 GMT
        Subject: CN=32a5274f4fef1b03d877773518b0a59fc297e9c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:fe:a3:12:01:64:e5:37:c0:bf:51:2a:ad:1e:
                    b7:95:ff:a1:3d:c1:d2:6b:4c:9b:8b:f2:40:09:01:
                    1e:b4:51:ae:a6:ca:9a:eb:c7:7c:23:67:1a:6a:36:
                    d4:37:c6:0f:6f:4d:6f:5c:51:49:05:40:4a:cd:80:
                    26:91:0b:d1:bf:7a:79:d2:34:04:36:e0:ff:05:fe:
                    47:1f:53:69:0e:f3:4e:24:64:2f:3d:39:75:e8:f8:
                    e1:d7:17:57:29:b0:34:87:fc:ce:48:86:11:1b:a5:
                    12:bc:bf:01:75:54:cf:e2:3f:3c:4d:93:34:e9:fa:
                    f4:24:1c:7e:38:bf:35:75:3c:3e:d9:9e:cf:a9:aa:
                    3b:51:46:95:3c:67:6f:35:5a:60:2b:04:86:4b:30:
                    5f:58:bf:dc:b3:0d:ae:aa:48:74:52:08:65:fc:fa:
                    0d:9e:90:d2:ce:35:31:06:4c:7a:4c:6c:3e:6d:22:
                    03:2e:55:86:18:1d:97:75:2c:43:be:da:32:f1:f1:
                    92:58:74:12:94:43:ee:b7:68:7f:45:ac:b0:b7:f3:
                    0c:d4:75:76:6c:4d:0c:26:1b:6f:7d:ff:53:eb:96:
                    fb:cd:29:94:af:f6:74:a3:2d:b1:6f:39:41:f4:f8:
                    8f:64:a4:19:6c:a7:ff:90:f4:43:d9:0d:15:cd:5d:
                    32:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:A5:27:4F:4F:EF:1B:03:D8:77:77:35:18:B0:A5:9F:C2:97:E9:C9
            X509v3 Authority Key Identifier:
                keyid:4E:57:BA:76:CB:7D:6D:2A:EC:05:20:3C:F4:1B:8E:67:16:EE:7E:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tle6dst9bSrsBSA89BuOZxbufqA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/69e7fe-40c0-45c2-b2b1-b72d7adbfb96/1/Tle6dst9bSrsBSA89BuOZxbufqA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/69e7fe-40c0-45c2-b2b1-b72d7adbfb96/1/Tle6dst9bSrsBSA89BuOZxbufqA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:5c:49:98:12:9b:93:00:a3:5a:e7:72:d3:1c:7c:ed:ef:25:
         08:63:98:ea:9b:e3:fc:b9:01:00:39:23:6d:68:82:d4:43:71:
         6e:ac:2a:6a:3c:6d:ae:e7:a4:e0:a7:6e:82:6e:20:bb:d9:1e:
         32:9c:c1:d5:a5:d3:d6:c7:7d:4d:46:b6:d2:87:9a:86:22:ff:
         f0:18:d9:f0:57:2c:b1:fb:68:d5:22:28:34:b0:5e:b5:91:1d:
         3e:42:25:b1:19:ce:62:0d:3e:5f:38:bc:09:ba:25:06:c8:9e:
         a4:96:f1:97:74:b3:d7:7b:b7:bd:9b:9e:48:42:60:f3:bd:b6:
         33:1c:31:50:90:f4:31:b0:b3:4f:8f:4f:34:e1:fa:78:80:28:
         21:93:b8:66:f8:01:c6:ca:2b:96:ce:05:c0:c3:b9:ce:b1:08:
         66:75:f4:f4:9e:08:a7:41:1c:75:2c:62:40:91:b8:93:9e:b9:
         e3:af:a8:ba:01:11:fb:6e:d6:83:65:17:06:4f:73:c5:7c:78:
         a4:02:76:d7:fb:7f:d6:f1:cb:99:72:a9:6d:2c:12:02:c2:9d:
         9e:98:b3:06:da:2e:6a:f7:5d:f6:12:7a:7b:ae:8b:84:36:ce:
         17:40:54:69:02:f8:1d:e2:81:64:e9:44:a4:5a:35:c0:aa:e5:
         02:68:c2:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDiGMTCbHEQtJjvb/6M6zxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNTdiYTc2Y2I3ZDZkMmFlYzA1MjAzY2Y0MWI4ZTY3MTZl
ZTdlYTAwHhcNMjUwMjAxMjIwMTIyWhcNMjUwMjAyMjIwMTIyWjAzMTEwLwYDVQQD
EygzMmE1Mjc0ZjRmZWYxYjAzZDg3Nzc3MzUxOGIwYTU5ZmMyOTdlOWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjf6jEgFk5TfAv1EqrR63lf+hPcHS
a0ybi/JACQEetFGupsqa68d8I2caajbUN8YPb01vXFFJBUBKzYAmkQvRv3p50jQE
NuD/Bf5HH1NpDvNOJGQvPTl16Pjh1xdXKbA0h/zOSIYRG6USvL8BdVTP4j88TZM0
6fr0JBx+OL81dTw+2Z7Pqao7UUaVPGdvNVpgKwSGSzBfWL/csw2uqkh0Ughl/PoN
npDSzjUxBkx6TGw+bSIDLlWGGB2XdSxDvtoy8fGSWHQSlEPut2h/Raywt/MM1HV2
bE0MJhtvff9T65b7zSmUr/Z0oy2xbzlB9PiPZKQZbKf/kPRD2Q0VzV0yiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDKlJ09P7xsD2Hd3NRiwpZ/Cl+nJMB8GA1UdIwQY
MBaAFE5XunbLfW0q7AUgPPQbjmcW7n6gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGxlNmRzdDliU3JzQlNBODlCdU9aeGJ1ZnFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny82OWU3ZmUtNDBjMC00NWMyLWIyYjEt
YjcyZDdhZGJmYjk2LzEvVGxlNmRzdDliU3JzQlNBODlCdU9aeGJ1ZnFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny82OWU3ZmUtNDBjMC00NWMyLWIyYjEtYjcyZDdhZGJmYjk2
LzEvVGxlNmRzdDliU3JzQlNBODlCdU9aeGJ1ZnFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXFxJmBKb
kwCjWudy0xx87e8lCGOY6pvj/LkBADkjbWiC1ENxbqwqajxtruek4Kdugm4gu9ke
MpzB1aXT1sd9TUa20oeahiL/8BjZ8Fcssfto1SIoNLBetZEdPkIlsRnOYg0+Xzi8
CbolBsiepJbxl3Sz13u3vZueSEJg8722MxwxUJD0MbCzT49PNOH6eIAoIZO4ZvgB
xsorls4FwMO5zrEIZnX09J4Ip0EcdSxiQJG4k56546+ougER+27Wg2UXBk9zxXx4
pAJ21/t/1vHLmXKpbSwSAsKdnpizBtouavdd9hJ6e66LhDbOF0BUaQL4HeKBZOlE
pFo1wKrlAmjCTQ==
-----END CERTIFICATE-----