Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/0a92a1-e594-41ee-855c-2ba6a022d4c9/1/UgO7TxlYEfjXcjygGgsv-963Whs.mft
File:                     UgO7TxlYEfjXcjygGgsv-963Whs.mft (raw, json)
Hash identifier:          lHYwtvTPdFSqlTFjCaZ2DCJRuc+63WjKsIqRtO3vRso=
Subject key identifier:   FB:77:C9:F4:95:A0:A1:6C:BF:8D:57:2A:F2:97:40:F0:66:CA:6B:F6
Authority key identifier: 52:03:BB:4F:19:58:11:F8:D7:72:3C:A0:1A:0B:2F:FB:DE:B7:5A:1B
Certificate issuer:       /CN=5203bb4f195811f8d7723ca01a0b2ffbdeb75a1b
Certificate serial:       0194C3F60A5456CE51469EF1868E55D1DCD4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UgO7TxlYEfjXcjygGgsv-963Whs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/0a92a1-e594-41ee-855c-2ba6a022d4c9/1/UgO7TxlYEfjXcjygGgsv-963Whs.mft
Manifest number:          63
Signing time:             Sun 02 Feb 2025 00:01:09 +0000
Manifest this update:     Sun 02 Feb 2025 00:01:09 +0000
Manifest next update:     Mon 03 Feb 2025 00:01:09 +0000
Files and hashes:         1: UgO7TxlYEfjXcjygGgsv-963Whs.crl (hash: 7w7a203qCC+QcAmPuhvulQwM+zKpG1+00SEP+B/+ryk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/0a92a1-e594-41ee-855c-2ba6a022d4c9/1/UgO7TxlYEfjXcjygGgsv-963Whs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/0a92a1-e594-41ee-855c-2ba6a022d4c9/1/UgO7TxlYEfjXcjygGgsv-963Whs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UgO7TxlYEfjXcjygGgsv-963Whs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:f6:0a:54:56:ce:51:46:9e:f1:86:8e:55:d1:dc:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5203bb4f195811f8d7723ca01a0b2ffbdeb75a1b
        Validity
            Not Before: Feb  2 00:01:09 2025 GMT
            Not After : Feb  3 00:01:09 2025 GMT
        Subject: CN=fb77c9f495a0a16cbf8d572af29740f066ca6bf6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:15:a5:ec:bc:bd:61:24:c1:fb:44:f7:4a:d6:
                    4d:09:96:d9:a9:66:0e:c5:4d:34:18:db:3f:4f:bb:
                    76:5b:93:5d:aa:a5:ce:68:a2:5f:e9:f3:df:2b:eb:
                    33:5d:99:03:fc:4b:3b:25:e4:ef:5c:9a:d0:ac:42:
                    df:1a:00:0e:3a:f7:79:2d:f5:76:78:e6:48:fa:8d:
                    90:39:b8:33:bb:23:dc:a0:40:e2:37:5e:bf:89:5c:
                    59:7f:bb:94:32:09:5a:91:82:e7:ba:7a:3c:28:dc:
                    e5:bc:51:66:62:3c:41:d0:5e:e7:2b:dc:ca:03:51:
                    57:c0:5a:71:33:6c:9f:19:e1:91:01:4a:3e:36:2e:
                    e6:ef:2a:65:14:da:11:bf:41:52:27:72:65:24:c8:
                    80:fe:89:eb:20:be:39:4a:2c:00:88:4f:bd:10:11:
                    a5:6a:28:61:53:dc:75:a7:8d:b4:a8:e3:71:dc:c5:
                    46:21:83:8e:f6:77:07:e5:5d:f4:aa:d4:db:ee:1a:
                    b3:f8:28:a8:bb:e2:d7:8d:bd:e3:5e:70:d2:90:02:
                    99:a2:ac:bc:bb:ad:b4:39:53:ee:44:80:43:fe:14:
                    96:b0:13:b5:8e:89:9c:ca:d1:6c:30:52:7d:d7:8b:
                    20:22:53:78:56:34:a6:e9:17:dd:0a:87:6d:b2:07:
                    36:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:77:C9:F4:95:A0:A1:6C:BF:8D:57:2A:F2:97:40:F0:66:CA:6B:F6
            X509v3 Authority Key Identifier:
                keyid:52:03:BB:4F:19:58:11:F8:D7:72:3C:A0:1A:0B:2F:FB:DE:B7:5A:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UgO7TxlYEfjXcjygGgsv-963Whs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/0a92a1-e594-41ee-855c-2ba6a022d4c9/1/UgO7TxlYEfjXcjygGgsv-963Whs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/0a92a1-e594-41ee-855c-2ba6a022d4c9/1/UgO7TxlYEfjXcjygGgsv-963Whs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:21:b0:48:e1:79:63:51:49:21:91:c0:b7:04:8b:23:6d:29:
         2b:df:4a:11:5e:3f:c2:e7:f9:c5:e8:56:db:50:0a:66:a7:93:
         5e:8b:97:9d:3d:c0:9d:19:64:f2:a7:09:7e:ee:a6:dd:a0:50:
         9c:76:cd:c3:b7:9c:57:03:ab:52:00:88:98:3b:d7:5c:6d:f0:
         82:b3:ca:6e:07:cd:af:07:f1:cd:ff:77:84:c5:18:0c:3c:7c:
         fc:37:27:bd:18:d6:7c:19:47:4b:7d:97:ab:16:a7:ba:7a:dd:
         66:36:25:7a:53:4b:0d:94:2e:08:0a:83:9e:9d:3c:f2:79:a4:
         8b:b3:86:14:67:2f:16:2a:22:a0:f4:0c:ae:e1:87:4b:92:ff:
         ca:53:eb:74:15:af:e3:57:04:48:86:bb:79:fc:e6:af:0c:56:
         84:cb:9b:2f:a5:fb:8e:58:25:da:19:0e:4b:13:a2:4d:18:c5:
         79:be:6d:8a:8c:e9:95:28:6c:8a:b1:98:ad:88:d8:bc:27:8f:
         53:ac:10:c4:6e:27:16:a3:d8:e6:7e:47:80:74:c5:ae:6e:07:
         b9:c1:7c:46:a9:1d:c7:5c:78:2f:83:6e:2e:3d:fd:ce:59:a2:
         0e:b6:7e:a1:56:e0:aa:8d:25:c6:0c:46:9a:8a:a1:8f:cc:91:
         48:ca:b3:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTD9gpUVs5RRp7xho5V0dzUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMDNiYjRmMTk1ODExZjhkNzcyM2NhMDFhMGIyZmZiZGVi
NzVhMWIwHhcNMjUwMjAyMDAwMTA5WhcNMjUwMjAzMDAwMTA5WjAzMTEwLwYDVQQD
EyhmYjc3YzlmNDk1YTBhMTZjYmY4ZDU3MmFmMjk3NDBmMDY2Y2E2YmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxWl7Ly9YSTB+0T3StZNCZbZqWYO
xU00GNs/T7t2W5NdqqXOaKJf6fPfK+szXZkD/Es7JeTvXJrQrELfGgAOOvd5LfV2
eOZI+o2QObgzuyPcoEDiN16/iVxZf7uUMglakYLnuno8KNzlvFFmYjxB0F7nK9zK
A1FXwFpxM2yfGeGRAUo+Ni7m7yplFNoRv0FSJ3JlJMiA/onrIL45SiwAiE+9EBGl
aihhU9x1p420qONx3MVGIYOO9ncH5V30qtTb7hqz+Ciou+LXjb3jXnDSkAKZoqy8
u620OVPuRIBD/hSWsBO1jomcytFsMFJ914sgIlN4VjSm6RfdCodtsgc2yQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPt3yfSVoKFsv41XKvKXQPBmymv2MB8GA1UdIwQY
MBaAFFIDu08ZWBH413I8oBoLL/vet1obMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWdPN1R4bFlFZmpYY2p5Z0dnc3YtOTYzV2hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8wYTkyYTEtZTU5NC00MWVlLTg1NWMt
MmJhNmEwMjJkNGM5LzEvVWdPN1R4bFlFZmpYY2p5Z0dnc3YtOTYzV2hzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8wYTkyYTEtZTU5NC00MWVlLTg1NWMtMmJhNmEwMjJkNGM5
LzEvVWdPN1R4bFlFZmpYY2p5Z0dnc3YtOTYzV2hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiiGwSOF5
Y1FJIZHAtwSLI20pK99KEV4/wuf5xehW21AKZqeTXouXnT3AnRlk8qcJfu6m3aBQ
nHbNw7ecVwOrUgCImDvXXG3wgrPKbgfNrwfxzf93hMUYDDx8/DcnvRjWfBlHS32X
qxanunrdZjYlelNLDZQuCAqDnp088nmki7OGFGcvFioioPQMruGHS5L/ylPrdBWv
41cESIa7efzmrwxWhMubL6X7jlgl2hkOSxOiTRjFeb5tiozplShsirGYrYjYvCeP
U6wQxG4nFqPY5n5HgHTFrm4HucF8Rqkdx1x4L4NuLj39zlmiDrZ+oVbgqo0lxgxG
moqhj8yRSMqzFw==
-----END CERTIFICATE-----