Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft
File:                     h6xJPPKny2pLNPTYtva3eyqVXpc.mft (raw, json)
Hash identifier:          akoDKwH/LtzGhiVK6fbKB+mMfwP5Oz4Vzo0/K/P3hQ0=
Subject key identifier:   A3:3D:ED:06:48:AA:DE:C2:08:4D:43:F5:C9:47:DE:96:A8:86:AE:16
Authority key identifier: 87:AC:49:3C:F2:A7:CB:6A:4B:34:F4:D8:B6:F6:B7:7B:2A:95:5E:97
Certificate issuer:       /CN=87ac493cf2a7cb6a4b34f4d8b6f6b77b2a955e97
Certificate serial:       0194BB2965468AFF8506E3968CDDEF4543E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h6xJPPKny2pLNPTYtva3eyqVXpc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft
Manifest number:          096E
Signing time:             Fri 31 Jan 2025 07:00:39 +0000
Manifest this update:     Fri 31 Jan 2025 07:00:39 +0000
Manifest next update:     Sat 01 Feb 2025 07:00:39 +0000
Files and hashes:         1: h6xJPPKny2pLNPTYtva3eyqVXpc.crl (hash: cD/UBrqCYlljEgLQdzPKiBNkm90wJrMFcooMNhjUfO8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h6xJPPKny2pLNPTYtva3eyqVXpc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 07:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:bb:29:65:46:8a:ff:85:06:e3:96:8c:dd:ef:45:43:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87ac493cf2a7cb6a4b34f4d8b6f6b77b2a955e97
        Validity
            Not Before: Jan 31 07:00:39 2025 GMT
            Not After : Feb  1 07:00:39 2025 GMT
        Subject: CN=a33ded0648aadec2084d43f5c947de96a886ae16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:ca:22:fb:b4:26:d8:d1:76:7b:75:bf:83:ac:
                    f8:cd:13:99:78:cc:07:e5:13:d5:cd:95:46:4b:ba:
                    a9:e8:61:08:28:ef:39:b3:2a:94:34:af:6f:cb:db:
                    ce:16:9c:21:59:5b:37:fb:03:c7:2f:eb:38:e4:51:
                    22:45:53:f6:5f:3c:0f:36:a8:3a:1b:ad:c2:7d:75:
                    11:9a:37:69:e6:ea:94:ff:46:b3:bd:4b:39:5e:1d:
                    54:0b:e4:22:39:c2:a9:32:0c:87:52:ce:fc:b2:71:
                    d7:1f:d8:42:98:d1:22:6d:a0:4a:f0:18:c3:10:10:
                    a5:e1:9d:c2:4c:2b:dd:2b:9c:47:96:08:5d:06:e4:
                    0f:be:40:9f:15:ea:39:a1:31:eb:54:68:77:4b:8b:
                    01:90:2e:e1:ab:86:83:94:e4:1d:96:a6:af:a2:fb:
                    26:4f:78:ba:09:fa:db:ba:e7:05:1e:48:99:9b:5a:
                    2f:c7:cd:1e:1c:8b:15:c1:05:b0:dd:28:bf:7b:a6:
                    d1:72:bd:e2:f0:17:d3:86:4b:f7:a3:8e:64:cf:b7:
                    ec:88:44:80:f6:ea:31:50:31:ed:b7:63:c2:93:08:
                    64:d4:71:d6:3f:58:e6:d6:0f:06:b4:09:c5:7a:f4:
                    ba:43:7c:e0:c6:25:d9:3e:7c:c3:8b:89:be:8f:02:
                    0d:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:3D:ED:06:48:AA:DE:C2:08:4D:43:F5:C9:47:DE:96:A8:86:AE:16
            X509v3 Authority Key Identifier:
                keyid:87:AC:49:3C:F2:A7:CB:6A:4B:34:F4:D8:B6:F6:B7:7B:2A:95:5E:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h6xJPPKny2pLNPTYtva3eyqVXpc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:e0:f0:bf:07:b0:7e:ce:a5:68:dd:3b:84:50:3a:84:5d:74:
         15:18:50:52:8a:fd:d4:51:ab:e9:5a:a1:e1:d3:1c:5d:d5:d2:
         85:c1:e5:5e:69:6e:f9:a7:7d:bf:cd:bf:aa:f6:55:e0:3b:3b:
         12:61:cd:00:f2:f2:75:59:2e:8f:a6:69:cf:b4:12:3e:5e:91:
         29:db:4c:94:93:46:4a:fa:d6:27:36:0e:6e:36:a5:54:86:b5:
         76:f3:f5:bb:e9:80:91:b3:ae:e0:bd:59:7c:10:67:da:3b:79:
         f0:5b:7e:fb:ee:4a:0c:de:50:d6:a2:8e:d6:49:87:f8:7d:15:
         be:04:5e:dc:6c:b2:f9:42:dc:9c:4c:40:f6:8a:c1:e0:95:1f:
         b3:ce:d8:48:1c:46:ad:e6:ce:bf:20:f6:69:39:6e:2f:8a:34:
         71:82:9e:8b:93:fd:ff:5f:85:da:c0:e3:4b:a1:2a:7f:80:1e:
         65:76:06:b4:b1:1c:82:f4:27:00:bb:5e:ba:12:96:0e:d8:cc:
         4b:37:a0:86:77:4c:4c:63:fd:c3:f2:9a:88:fe:52:1a:bc:38:
         e4:c9:13:4a:db:11:c2:a4:d5:4f:2a:ca:de:8c:a6:83:d1:f0:
         cc:e0:9c:7d:90:dc:3f:d5:08:79:cf:01:0c:6f:fa:a8:d5:b1:
         d9:03:1a:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS7KWVGiv+FBuOWjN3vRUPiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YWM0OTNjZjJhN2NiNmE0YjM0ZjRkOGI2ZjZiNzdiMmE5
NTVlOTcwHhcNMjUwMTMxMDcwMDM5WhcNMjUwMjAxMDcwMDM5WjAzMTEwLwYDVQQD
EyhhMzNkZWQwNjQ4YWFkZWMyMDg0ZDQzZjVjOTQ3ZGU5NmE4ODZhZTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMoi+7Qm2NF2e3W/g6z4zROZeMwH
5RPVzZVGS7qp6GEIKO85syqUNK9vy9vOFpwhWVs3+wPHL+s45FEiRVP2XzwPNqg6
G63CfXURmjdp5uqU/0azvUs5Xh1UC+QiOcKpMgyHUs78snHXH9hCmNEibaBK8BjD
EBCl4Z3CTCvdK5xHlghdBuQPvkCfFeo5oTHrVGh3S4sBkC7hq4aDlOQdlqavovsm
T3i6CfrbuucFHkiZm1ovx80eHIsVwQWw3Si/e6bRcr3i8BfThkv3o45kz7fsiESA
9uoxUDHtt2PCkwhk1HHWP1jm1g8GtAnFevS6Q3zgxiXZPnzDi4m+jwIN1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKM97QZIqt7CCE1D9clH3paohq4WMB8GA1UdIwQY
MBaAFIesSTzyp8tqSzT02Lb2t3sqlV6XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDZ4SlBQS255MnBMTlBUWXR2YTNleXFWWHBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9hNThhMWUtZjczMy00ZDllLTg4ZjYt
MzQxNDM2N2IyZDdlLzEvaDZ4SlBQS255MnBMTlBUWXR2YTNleXFWWHBjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9hNThhMWUtZjczMy00ZDllLTg4ZjYtMzQxNDM2N2IyZDdl
LzEvaDZ4SlBQS255MnBMTlBUWXR2YTNleXFWWHBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAduDwvwew
fs6laN07hFA6hF10FRhQUor91FGr6Vqh4dMcXdXShcHlXmlu+ad9v82/qvZV4Ds7
EmHNAPLydVkuj6Zpz7QSPl6RKdtMlJNGSvrWJzYObjalVIa1dvP1u+mAkbOu4L1Z
fBBn2jt58Ft+++5KDN5Q1qKO1kmH+H0VvgRe3Gyy+ULcnExA9orB4JUfs87YSBxG
rebOvyD2aTluL4o0cYKei5P9/1+F2sDjS6Eqf4AeZXYGtLEcgvQnALteuhKWDtjM
SzeghndMTGP9w/KaiP5SGrw45MkTStsRwqTVTyrK3oymg9HwzOCcfZDcP9UIec8B
DG/6qNWx2QMaoQ==
-----END CERTIFICATE-----