Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/5b1129-21dd-4ea5-9648-5f16de5c8658/1/zRvlrhITa5bNnXilwkykct6Ixlg.mft
File:                     zRvlrhITa5bNnXilwkykct6Ixlg.mft (raw, json)
Hash identifier:          a15vvOFzyMh5E6pCsRo6YJUAl55mqGrsrkncKe19oF4=
Subject key identifier:   46:F0:68:6C:7C:FF:9F:4D:48:63:BA:C8:B4:3C:B2:35:7C:4D:3C:43
Authority key identifier: CD:1B:E5:AE:12:13:6B:96:CD:9D:78:A5:C2:4C:A4:72:DE:88:C6:58
Certificate issuer:       /CN=cd1be5ae12136b96cd9d78a5c24ca472de88c658
Certificate serial:       0194BA846ABA0C5C99121A686C901B408302
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zRvlrhITa5bNnXilwkykct6Ixlg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/5b1129-21dd-4ea5-9648-5f16de5c8658/1/zRvlrhITa5bNnXilwkykct6Ixlg.mft
Manifest number:          065C
Signing time:             Fri 31 Jan 2025 04:00:27 +0000
Manifest this update:     Fri 31 Jan 2025 04:00:27 +0000
Manifest next update:     Sat 01 Feb 2025 04:00:27 +0000
Files and hashes:         1: zRvlrhITa5bNnXilwkykct6Ixlg.crl (hash: KEfEpaK6W3dgSMjjiZrkbeHkw4WXa8bdkQ7cI1hSjb4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/5b1129-21dd-4ea5-9648-5f16de5c8658/1/zRvlrhITa5bNnXilwkykct6Ixlg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/5b1129-21dd-4ea5-9648-5f16de5c8658/1/zRvlrhITa5bNnXilwkykct6Ixlg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zRvlrhITa5bNnXilwkykct6Ixlg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 04:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:ba:84:6a:ba:0c:5c:99:12:1a:68:6c:90:1b:40:83:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd1be5ae12136b96cd9d78a5c24ca472de88c658
        Validity
            Not Before: Jan 31 04:00:27 2025 GMT
            Not After : Feb  1 04:00:27 2025 GMT
        Subject: CN=46f0686c7cff9f4d4863bac8b43cb2357c4d3c43
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:79:0b:37:17:43:10:19:0c:79:46:09:9d:1f:
                    01:33:7e:43:3c:56:07:b5:33:2c:c5:95:8f:cb:84:
                    2a:24:05:47:f8:b3:56:f6:e1:42:22:46:84:68:10:
                    b7:d0:d7:55:b7:0e:e9:82:c4:31:cc:93:db:e6:69:
                    61:03:33:dc:dd:75:be:e7:68:51:31:18:d6:a7:aa:
                    7a:cc:d7:ee:aa:61:a1:98:2b:4d:74:ba:1b:90:40:
                    a7:a4:18:6d:ae:4a:86:bb:64:f1:9a:00:1c:e3:e9:
                    0b:f2:ad:10:c8:3d:e3:74:cd:d5:dd:2e:da:a7:df:
                    9b:ea:83:d9:92:06:ac:13:7b:70:42:f8:13:3a:15:
                    f5:e2:1d:2d:8d:5f:58:e4:36:a8:e2:05:dc:0a:aa:
                    60:f0:e7:a3:dd:b3:11:b3:b5:d2:8b:90:03:0c:ee:
                    21:b9:bf:6d:6f:95:f8:85:b4:77:75:5e:0a:b5:3f:
                    5e:1b:40:02:eb:82:4c:de:d3:8a:00:90:86:84:88:
                    7e:d4:c2:18:39:db:ec:ed:7c:b7:9e:8c:11:db:92:
                    20:c4:b3:9c:2b:11:87:72:bf:02:29:72:d6:b6:9f:
                    e2:ff:f3:5c:4b:98:5a:b3:d6:9d:bc:09:e8:d0:e0:
                    fe:3a:70:11:32:5f:f2:73:03:64:63:96:68:56:19:
                    70:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:F0:68:6C:7C:FF:9F:4D:48:63:BA:C8:B4:3C:B2:35:7C:4D:3C:43
            X509v3 Authority Key Identifier:
                keyid:CD:1B:E5:AE:12:13:6B:96:CD:9D:78:A5:C2:4C:A4:72:DE:88:C6:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRvlrhITa5bNnXilwkykct6Ixlg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/5b1129-21dd-4ea5-9648-5f16de5c8658/1/zRvlrhITa5bNnXilwkykct6Ixlg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/5b1129-21dd-4ea5-9648-5f16de5c8658/1/zRvlrhITa5bNnXilwkykct6Ixlg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:6a:71:1e:51:41:3e:4f:ab:4a:71:94:e9:a3:73:58:d4:9d:
         db:b3:d9:77:d7:5b:72:8d:58:c1:33:9a:7a:f3:45:28:47:5e:
         c3:e9:2d:62:d3:9d:33:c4:ce:a7:92:35:f7:ca:80:b1:43:bc:
         99:4c:19:27:cf:61:5d:38:34:8e:03:4a:42:9e:e9:90:ea:b8:
         b4:15:fd:a6:b8:92:1c:71:25:16:b5:46:84:8f:76:45:54:19:
         9a:11:41:e5:1b:db:86:d8:f6:bb:35:98:fc:a8:38:36:d4:7f:
         3d:44:e0:fe:60:9c:f1:72:f4:8c:0d:49:34:64:91:b6:d8:8f:
         94:5b:bb:58:51:75:dc:42:6f:f3:2a:bd:2b:37:fa:b6:aa:4f:
         fa:0b:6b:ce:a3:96:87:91:97:d4:b0:47:9c:1d:5a:37:36:bd:
         d8:d4:c6:31:a0:e9:28:de:d1:93:a1:95:8c:c5:83:d8:a7:a0:
         d6:b1:05:70:8d:80:d8:db:f7:46:62:39:2e:ef:15:f5:60:3c:
         2c:7a:73:cb:e2:7f:a8:85:15:a2:ce:6f:35:e3:26:ad:ce:55:
         f7:1a:9f:77:59:57:e5:76:96:8f:0a:9f:87:c3:03:67:04:9e:
         c0:a2:00:4e:c2:77:9a:f1:46:1d:1b:e6:21:be:79:6c:95:4c:
         1d:0d:26:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS6hGq6DFyZEhpobJAbQIMCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMWJlNWFlMTIxMzZiOTZjZDlkNzhhNWMyNGNhNDcyZGU4
OGM2NTgwHhcNMjUwMTMxMDQwMDI3WhcNMjUwMjAxMDQwMDI3WjAzMTEwLwYDVQQD
Eyg0NmYwNjg2YzdjZmY5ZjRkNDg2M2JhYzhiNDNjYjIzNTdjNGQzYzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3kLNxdDEBkMeUYJnR8BM35DPFYH
tTMsxZWPy4QqJAVH+LNW9uFCIkaEaBC30NdVtw7pgsQxzJPb5mlhAzPc3XW+52hR
MRjWp6p6zNfuqmGhmCtNdLobkECnpBhtrkqGu2TxmgAc4+kL8q0QyD3jdM3V3S7a
p9+b6oPZkgasE3twQvgTOhX14h0tjV9Y5Dao4gXcCqpg8Oej3bMRs7XSi5ADDO4h
ub9tb5X4hbR3dV4KtT9eG0AC64JM3tOKAJCGhIh+1MIYOdvs7Xy3nowR25IgxLOc
KxGHcr8CKXLWtp/i//NcS5has9advAno0OD+OnARMl/ycwNkY5ZoVhlwHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEbwaGx8/59NSGO6yLQ8sjV8TTxDMB8GA1UdIwQY
MBaAFM0b5a4SE2uWzZ14pcJMpHLeiMZYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJ2bHJoSVRhNWJOblhpbHdreWtjdDZJeGxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi81YjExMjktMjFkZC00ZWE1LTk2NDgt
NWYxNmRlNWM4NjU4LzEvelJ2bHJoSVRhNWJOblhpbHdreWtjdDZJeGxnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi81YjExMjktMjFkZC00ZWE1LTk2NDgtNWYxNmRlNWM4NjU4
LzEvelJ2bHJoSVRhNWJOblhpbHdreWtjdDZJeGxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiWpxHlFB
Pk+rSnGU6aNzWNSd27PZd9dbco1YwTOaevNFKEdew+ktYtOdM8TOp5I198qAsUO8
mUwZJ89hXTg0jgNKQp7pkOq4tBX9priSHHElFrVGhI92RVQZmhFB5Rvbhtj2uzWY
/Kg4NtR/PUTg/mCc8XL0jA1JNGSRttiPlFu7WFF13EJv8yq9Kzf6tqpP+gtrzqOW
h5GX1LBHnB1aNza92NTGMaDpKN7Rk6GVjMWD2Keg1rEFcI2A2Nv3RmI5Lu8V9WA8
LHpzy+J/qIUVos5vNeMmrc5V9xqfd1lX5XaWjwqfh8MDZwSewKIATsJ3mvFGHRvm
Ib55bJVMHQ0mhQ==
-----END CERTIFICATE-----