Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/d3a228-fc4f-40b2-88b2-e484611a9621/1/SxEEihpJFuExuM4Iji1v5OXF49s.mft
File:                     SxEEihpJFuExuM4Iji1v5OXF49s.mft (raw, json)
Hash identifier:          X5pRB5ml5E7uaJSzDZM6gs/4J33KEw1Xvjbd+8E+EMU=
Subject key identifier:   C9:4D:57:79:64:37:B2:60:A7:16:F9:9B:1D:7F:ED:55:A0:EE:F7:6D
Authority key identifier: 4B:11:04:8A:1A:49:16:E1:31:B8:CE:08:8E:2D:6F:E4:E5:C5:E3:DB
Certificate issuer:       /CN=4b11048a1a4916e131b8ce088e2d6fe4e5c5e3db
Certificate serial:       0194C50824E5DFB639D4EEF4C101334067AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SxEEihpJFuExuM4Iji1v5OXF49s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/d3a228-fc4f-40b2-88b2-e484611a9621/1/SxEEihpJFuExuM4Iji1v5OXF49s.mft
Manifest number:          6D
Signing time:             Sun 02 Feb 2025 05:00:32 +0000
Manifest this update:     Sun 02 Feb 2025 05:00:32 +0000
Manifest next update:     Mon 03 Feb 2025 05:00:32 +0000
Files and hashes:         1: SxEEihpJFuExuM4Iji1v5OXF49s.crl (hash: l0qOICvJpJzaJpHZ5/+dNrcF4JqRAdPrh5lfAnhcQ98=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/d3a228-fc4f-40b2-88b2-e484611a9621/1/SxEEihpJFuExuM4Iji1v5OXF49s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/d3a228-fc4f-40b2-88b2-e484611a9621/1/SxEEihpJFuExuM4Iji1v5OXF49s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SxEEihpJFuExuM4Iji1v5OXF49s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c5:08:24:e5:df:b6:39:d4:ee:f4:c1:01:33:40:67:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b11048a1a4916e131b8ce088e2d6fe4e5c5e3db
        Validity
            Not Before: Feb  2 05:00:32 2025 GMT
            Not After : Feb  3 05:00:32 2025 GMT
        Subject: CN=c94d57796437b260a716f99b1d7fed55a0eef76d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:f7:c3:52:1b:0b:b3:ec:ef:43:8e:44:85:e9:
                    62:ec:08:d6:77:b7:7b:43:6f:49:e9:f7:3f:e4:af:
                    64:b0:97:04:e0:1f:85:b5:b6:a4:fe:a0:9b:e2:9b:
                    38:48:1b:cb:0c:79:7d:e2:a5:d4:8c:16:9b:d8:59:
                    ba:df:70:8c:b4:f3:4e:40:2e:27:96:a0:ce:08:67:
                    45:53:a9:69:5a:34:7b:6f:0d:31:05:39:f5:b0:00:
                    a9:6f:c9:ae:59:36:d6:40:e0:49:95:e0:2d:68:c4:
                    2b:9c:48:4a:d4:48:77:bf:d2:3b:6b:a8:32:02:8e:
                    04:37:fa:74:40:53:37:6a:21:2f:95:7f:35:0d:95:
                    ba:03:d9:8d:78:33:32:fe:34:fb:a4:f6:98:89:e7:
                    b2:8d:ee:02:8f:25:86:e1:66:c7:0b:a0:4f:1e:fe:
                    ce:a6:de:2c:75:0e:c9:c9:3e:91:04:6f:75:85:13:
                    73:cc:67:3d:4b:53:c7:e3:3e:32:73:49:f2:99:08:
                    fc:3d:b7:0e:63:2e:43:89:6b:7b:8a:0f:2f:03:61:
                    aa:34:71:03:d8:a7:e0:34:f7:04:5a:27:b5:c4:9d:
                    fd:bd:5d:13:dc:96:c6:d1:8d:5d:68:0b:3f:7b:15:
                    0b:31:9e:d3:9a:5e:ea:38:9c:d8:b7:17:9b:83:fc:
                    57:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:4D:57:79:64:37:B2:60:A7:16:F9:9B:1D:7F:ED:55:A0:EE:F7:6D
            X509v3 Authority Key Identifier:
                keyid:4B:11:04:8A:1A:49:16:E1:31:B8:CE:08:8E:2D:6F:E4:E5:C5:E3:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SxEEihpJFuExuM4Iji1v5OXF49s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/d3a228-fc4f-40b2-88b2-e484611a9621/1/SxEEihpJFuExuM4Iji1v5OXF49s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/d3a228-fc4f-40b2-88b2-e484611a9621/1/SxEEihpJFuExuM4Iji1v5OXF49s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:40:37:df:cc:f7:4a:3c:39:6f:3f:76:7d:ac:2d:04:e7:85:
         5c:f2:d7:80:8f:f0:34:35:86:de:04:6e:12:ee:9b:cd:ea:ed:
         7e:b5:f7:ab:c6:9c:e4:08:c5:e6:17:fc:81:24:73:2d:e3:36:
         57:36:b4:7a:de:ad:1c:1e:28:72:d4:1f:56:67:3d:71:5e:80:
         3e:3b:91:fd:ce:3e:23:41:f9:8d:55:be:0f:51:49:01:33:f1:
         39:f6:a3:27:d4:8b:ac:d0:0a:14:4c:ab:1e:01:a6:bd:4e:5a:
         9b:85:a3:2e:a3:b5:21:b1:99:4c:36:76:14:27:e4:ba:dc:5b:
         e3:f2:9f:0f:2a:53:51:d4:c0:14:d3:c0:3c:73:76:11:2b:01:
         30:29:22:df:e1:79:3c:7d:dc:4a:f8:b7:dc:49:cd:1a:c8:b7:
         f1:c2:3c:93:76:c1:66:d1:c0:cf:29:d5:ea:0d:0f:00:29:cb:
         97:25:08:e0:be:17:d8:77:5c:ec:03:e4:8c:ad:0f:11:ea:e6:
         5c:c2:58:4d:c1:b8:14:c8:52:2a:96:eb:ed:d1:d8:98:82:b7:
         0e:3a:2e:51:78:72:f7:64:90:c1:59:93:2f:f5:4b:4e:29:64:
         9b:76:f8:2d:d3:ee:03:e6:ac:ee:93:47:d5:5d:1d:0c:52:b5:
         6a:ec:43:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTFCCTl37Y51O70wQEzQGetMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiMTEwNDhhMWE0OTE2ZTEzMWI4Y2UwODhlMmQ2ZmU0ZTVj
NWUzZGIwHhcNMjUwMjAyMDUwMDMyWhcNMjUwMjAzMDUwMDMyWjAzMTEwLwYDVQQD
EyhjOTRkNTc3OTY0MzdiMjYwYTcxNmY5OWIxZDdmZWQ1NWEwZWVmNzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3/fDUhsLs+zvQ45Eheli7AjWd7d7
Q29J6fc/5K9ksJcE4B+Ftbak/qCb4ps4SBvLDHl94qXUjBab2Fm633CMtPNOQC4n
lqDOCGdFU6lpWjR7bw0xBTn1sACpb8muWTbWQOBJleAtaMQrnEhK1Eh3v9I7a6gy
Ao4EN/p0QFM3aiEvlX81DZW6A9mNeDMy/jT7pPaYieeyje4CjyWG4WbHC6BPHv7O
pt4sdQ7JyT6RBG91hRNzzGc9S1PH4z4yc0nymQj8PbcOYy5DiWt7ig8vA2GqNHED
2KfgNPcEWie1xJ39vV0T3JbG0Y1daAs/exULMZ7Tml7qOJzYtxebg/xXeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMlNV3lkN7Jgpxb5mx1/7VWg7vdtMB8GA1UdIwQY
MBaAFEsRBIoaSRbhMbjOCI4tb+TlxePbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3hFRWlocEpGdUV4dU00SWppMXY1T1hGNDlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9kM2EyMjgtZmM0Zi00MGIyLTg4YjIt
ZTQ4NDYxMWE5NjIxLzEvU3hFRWlocEpGdUV4dU00SWppMXY1T1hGNDlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9kM2EyMjgtZmM0Zi00MGIyLTg4YjItZTQ4NDYxMWE5NjIx
LzEvU3hFRWlocEpGdUV4dU00SWppMXY1T1hGNDlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlkA338z3
Sjw5bz92fawtBOeFXPLXgI/wNDWG3gRuEu6bzertfrX3q8ac5AjF5hf8gSRzLeM2
Vza0et6tHB4octQfVmc9cV6APjuR/c4+I0H5jVW+D1FJATPxOfajJ9SLrNAKFEyr
HgGmvU5am4WjLqO1IbGZTDZ2FCfkutxb4/KfDypTUdTAFNPAPHN2ESsBMCki3+F5
PH3cSvi33EnNGsi38cI8k3bBZtHAzynV6g0PACnLlyUI4L4X2Hdc7APkjK0PEerm
XMJYTcG4FMhSKpbr7dHYmIK3DjouUXhy92SQwVmTL/VLTilkm3b4LdPuA+as7pNH
1V0dDFK1auxDZQ==
-----END CERTIFICATE-----