Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
File:                     DwQeIIaCRVpnlCzipkhYygcEfos.mft (raw, json)
Hash identifier:          I5ScaWY+HLOwTSI2qsjpNUNcOsbLkT8yfZWMNaYH7uI=
Subject key identifier:   4D:36:A3:B3:B7:CE:C1:E5:8E:74:BE:43:D1:EF:71:3F:F0:08:FB:25
Authority key identifier: 0F:04:1E:20:86:82:45:5A:67:94:2C:E2:A6:48:58:CA:07:04:7E:8B
Certificate issuer:       /CN=0f041e208682455a67942ce2a64858ca07047e8b
Certificate serial:       0194BB29131D0A7EBA4B2F1C8C2C5F81450F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
Manifest number:          1428
Signing time:             Fri 31 Jan 2025 07:00:18 +0000
Manifest this update:     Fri 31 Jan 2025 07:00:18 +0000
Manifest next update:     Sat 01 Feb 2025 07:00:18 +0000
Files and hashes:         1: DwQeIIaCRVpnlCzipkhYygcEfos.crl (hash: iGLyI2ACHFLZU9KBVxx4jxmQocvUgx/Ys9H6xvt+4qI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 07:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:bb:29:13:1d:0a:7e:ba:4b:2f:1c:8c:2c:5f:81:45:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f041e208682455a67942ce2a64858ca07047e8b
        Validity
            Not Before: Jan 31 07:00:18 2025 GMT
            Not After : Feb  1 07:00:18 2025 GMT
        Subject: CN=4d36a3b3b7cec1e58e74be43d1ef713ff008fb25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:08:95:af:f8:55:54:a3:50:11:c4:0e:51:0b:
                    6a:dd:a1:d8:30:f2:32:e0:8e:93:2f:1a:b5:a7:7f:
                    82:a9:d6:18:cd:50:33:ae:1e:c0:cb:4e:83:1f:cf:
                    88:b0:60:f6:00:75:38:af:23:f3:c8:c2:bb:39:a8:
                    3c:51:82:b6:93:cb:32:19:c6:a7:08:f6:2b:bd:7b:
                    2e:c1:e3:20:ca:7a:da:9a:d0:fe:28:30:c9:9e:fe:
                    49:75:4f:11:8e:7d:ce:46:77:f0:b4:82:ad:32:fa:
                    d6:01:cc:7f:14:46:6a:95:41:4b:7a:2e:e5:2a:01:
                    d5:19:b0:b6:33:07:ae:49:e7:f3:15:e4:09:9f:d6:
                    f9:23:d7:80:a6:57:9a:64:e6:3a:e5:a1:01:d8:35:
                    a3:09:cf:61:bf:98:f5:b1:0a:4e:d3:d6:d9:7f:a9:
                    dc:e3:d5:5e:2a:30:20:a5:a2:11:d4:61:14:44:61:
                    26:96:6c:e7:06:cc:de:0d:88:c8:2d:4c:5c:db:5f:
                    db:bd:99:42:44:63:74:ea:34:0c:87:88:59:d3:71:
                    a3:9c:b0:11:17:83:ac:1d:9d:b9:74:08:a7:1c:dc:
                    73:6e:14:f4:aa:78:9b:58:ec:ed:5d:11:40:b1:5f:
                    6e:29:f8:f0:59:b3:7d:f6:09:a5:8e:e2:da:04:c6:
                    fc:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:36:A3:B3:B7:CE:C1:E5:8E:74:BE:43:D1:EF:71:3F:F0:08:FB:25
            X509v3 Authority Key Identifier:
                keyid:0F:04:1E:20:86:82:45:5A:67:94:2C:E2:A6:48:58:CA:07:04:7E:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:08:07:48:77:b5:be:33:3e:55:2e:db:ed:33:65:d3:b9:a7:
         3a:85:6c:93:56:bd:bb:a0:a5:93:57:89:49:8a:e4:53:2a:17:
         e0:c8:42:27:66:91:67:c4:73:3b:21:92:ca:57:07:42:5f:d1:
         dc:fa:66:ce:a6:1c:14:63:58:69:b5:c6:03:8a:d5:f0:26:ca:
         34:6a:dd:12:cd:8d:ec:4a:bc:3a:9a:10:eb:a9:ad:9d:2c:07:
         b2:1b:9a:d1:10:57:e3:c7:a5:18:ba:b5:a0:d0:e2:33:3e:55:
         20:6a:76:fa:59:ef:25:22:45:92:9e:b4:a8:4e:bf:be:16:62:
         25:66:dc:8e:79:9f:d3:b6:51:e5:9a:3f:8d:55:80:21:0d:20:
         72:14:2c:14:92:3c:6b:5e:0b:51:a6:8c:79:b0:60:88:67:3d:
         ff:73:ef:40:07:47:41:94:a5:5b:d6:7e:97:ac:95:1a:3b:e6:
         f4:18:2e:04:24:6c:67:8a:49:12:c0:f2:0e:43:e6:ea:e2:5d:
         44:50:fd:aa:c2:44:1b:97:f8:c5:ae:7c:60:1c:21:16:6b:04:
         20:ca:b8:91:a1:f1:e2:cc:3f:13:07:b0:55:ae:4c:f0:50:5a:
         af:64:e3:b0:c5:56:cb:15:79:2f:f7:b0:6c:f5:5c:1b:bf:4e:
         25:e8:54:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS7KRMdCn66Sy8cjCxfgUUPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMDQxZTIwODY4MjQ1NWE2Nzk0MmNlMmE2NDg1OGNhMDcw
NDdlOGIwHhcNMjUwMTMxMDcwMDE4WhcNMjUwMjAxMDcwMDE4WjAzMTEwLwYDVQQD
Eyg0ZDM2YTNiM2I3Y2VjMWU1OGU3NGJlNDNkMWVmNzEzZmYwMDhmYjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwiVr/hVVKNQEcQOUQtq3aHYMPIy
4I6TLxq1p3+CqdYYzVAzrh7Ay06DH8+IsGD2AHU4ryPzyMK7Oag8UYK2k8syGcan
CPYrvXsuweMgynramtD+KDDJnv5JdU8Rjn3ORnfwtIKtMvrWAcx/FEZqlUFLei7l
KgHVGbC2MweuSefzFeQJn9b5I9eApleaZOY65aEB2DWjCc9hv5j1sQpO09bZf6nc
49VeKjAgpaIR1GEURGEmlmznBszeDYjILUxc21/bvZlCRGN06jQMh4hZ03GjnLAR
F4OsHZ25dAinHNxzbhT0qnibWOztXRFAsV9uKfjwWbN99gmljuLaBMb8BwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE02o7O3zsHljnS+Q9HvcT/wCPslMB8GA1UdIwQY
MBaAFA8EHiCGgkVaZ5Qs4qZIWMoHBH6LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mOTIyZTctZDUzZS00ZGFmLTg3NzAt
N2ZmZGZlZTU3ZjUyLzEvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mOTIyZTctZDUzZS00ZGFmLTg3NzAtN2ZmZGZlZTU3ZjUy
LzEvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgAgHSHe1
vjM+VS7b7TNl07mnOoVsk1a9u6Clk1eJSYrkUyoX4MhCJ2aRZ8RzOyGSylcHQl/R
3PpmzqYcFGNYabXGA4rV8CbKNGrdEs2N7Eq8OpoQ66mtnSwHshua0RBX48elGLq1
oNDiMz5VIGp2+lnvJSJFkp60qE6/vhZiJWbcjnmf07ZR5Zo/jVWAIQ0gchQsFJI8
a14LUaaMebBgiGc9/3PvQAdHQZSlW9Z+l6yVGjvm9BguBCRsZ4pJEsDyDkPm6uJd
RFD9qsJEG5f4xa58YBwhFmsEIMq4kaHx4sw/EwewVa5M8FBar2TjsMVWyxV5L/ew
bPVcG79OJehUEw==
-----END CERTIFICATE-----