Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/2fc804-2477-4d6b-8137-704a995e3db6/1/wKopmx5fodUSbfrXXf1Km65EOhc.mft
File:                     wKopmx5fodUSbfrXXf1Km65EOhc.mft (raw, json)
Hash identifier:          erKxjea92kHJD6HUkwcyJQQ13/790kNzChBcCDhUWyI=
Subject key identifier:   BC:4F:D5:F8:65:D5:6E:71:97:F2:C7:ED:33:03:B6:F2:A7:25:E1:76
Authority key identifier: C0:AA:29:9B:1E:5F:A1:D5:12:6D:FA:D7:5D:FD:4A:9B:AE:44:3A:17
Certificate issuer:       /CN=c0aa299b1e5fa1d5126dfad75dfd4a9bae443a17
Certificate serial:       019510C7DE7464E715EB17648E8BE57066D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wKopmx5fodUSbfrXXf1Km65EOhc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/2fc804-2477-4d6b-8137-704a995e3db6/1/wKopmx5fodUSbfrXXf1Km65EOhc.mft
Manifest number:          0390
Signing time:             Sun 16 Feb 2025 22:01:28 +0000
Manifest this update:     Sun 16 Feb 2025 22:01:28 +0000
Manifest next update:     Mon 17 Feb 2025 22:01:28 +0000
Files and hashes:         1: wKopmx5fodUSbfrXXf1Km65EOhc.crl (hash: 80DCRjKiOlmwUu/qvgcg54lrTBZfKgkmHEF8E+5rT5w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/94/2fc804-2477-4d6b-8137-704a995e3db6/1/wKopmx5fodUSbfrXXf1Km65EOhc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/94/2fc804-2477-4d6b-8137-704a995e3db6/1/wKopmx5fodUSbfrXXf1Km65EOhc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wKopmx5fodUSbfrXXf1Km65EOhc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:de:74:64:e7:15:eb:17:64:8e:8b:e5:70:66:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c0aa299b1e5fa1d5126dfad75dfd4a9bae443a17
        Validity
            Not Before: Feb 16 22:01:28 2025 GMT
            Not After : Feb 17 22:01:28 2025 GMT
        Subject: CN=bc4fd5f865d56e7197f2c7ed3303b6f2a725e176
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:c8:45:e5:e1:32:33:3f:69:15:67:2b:9b:94:
                    ec:8b:23:cf:73:c5:10:c8:93:67:b5:73:a2:81:cc:
                    ba:c8:40:94:85:b9:0f:4f:af:e1:23:6c:36:8f:2a:
                    24:26:7f:fc:d3:18:98:87:59:56:d0:69:e8:43:1e:
                    c5:f0:9a:8f:f5:14:a9:94:67:44:29:b2:59:92:9a:
                    da:42:59:f1:77:87:ec:ab:82:e5:ce:57:c5:9b:93:
                    94:2d:d8:2a:12:4f:0e:60:c9:9c:9f:09:12:e3:0a:
                    4d:7a:4b:1a:8b:be:86:24:f2:51:f7:98:6c:a2:03:
                    18:f1:3a:37:44:c3:e6:cc:7a:b1:00:c3:ae:ed:f0:
                    2b:2b:02:0e:97:83:65:4d:78:39:82:08:1c:51:6c:
                    66:c1:7f:b1:32:9b:b4:87:23:36:e9:71:66:b8:af:
                    f0:73:c7:aa:f9:42:dd:50:21:56:97:cd:a0:db:e7:
                    0a:28:ac:07:19:ea:bd:19:1a:2b:3e:07:c5:f8:7d:
                    7e:35:e2:f0:0b:5e:a7:ff:cf:e1:b2:4d:e8:fc:3f:
                    3d:6f:81:1f:f9:52:22:3d:8f:ae:b5:a3:3e:b7:29:
                    be:64:dc:3b:27:f5:af:a7:50:44:87:dc:1d:f6:63:
                    30:6e:55:6a:66:b6:b8:9b:9c:e1:61:f2:81:ef:ab:
                    08:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:4F:D5:F8:65:D5:6E:71:97:F2:C7:ED:33:03:B6:F2:A7:25:E1:76
            X509v3 Authority Key Identifier:
                keyid:C0:AA:29:9B:1E:5F:A1:D5:12:6D:FA:D7:5D:FD:4A:9B:AE:44:3A:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wKopmx5fodUSbfrXXf1Km65EOhc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/2fc804-2477-4d6b-8137-704a995e3db6/1/wKopmx5fodUSbfrXXf1Km65EOhc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/2fc804-2477-4d6b-8137-704a995e3db6/1/wKopmx5fodUSbfrXXf1Km65EOhc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:9c:e4:82:2b:98:53:88:7f:a5:5d:27:0b:d0:c9:fb:85:2b:
         3f:e5:85:3c:14:ce:f8:6d:8e:af:0d:70:35:10:a2:28:36:1b:
         9a:ab:a9:f1:d9:59:0a:d1:49:31:3f:2a:04:f5:ec:84:92:f6:
         c6:ab:79:c5:2c:cd:bb:2f:86:d5:06:87:10:bc:71:6b:e3:e7:
         80:67:a9:42:c8:6a:e4:44:3d:82:bd:f5:2d:2a:57:ec:34:50:
         19:89:03:e3:a6:36:ac:ed:38:90:53:ce:bd:8c:67:15:36:cc:
         c2:a4:24:c3:f9:60:7c:0e:58:54:ed:80:77:0d:82:b5:3a:ec:
         67:b1:20:bb:b3:7b:ed:5c:79:64:55:73:92:b7:74:74:c5:f6:
         e0:83:af:50:0d:7c:a1:23:8b:e0:bc:81:e3:99:a2:e5:1e:70:
         61:c9:13:3d:44:ca:cb:ca:7e:ba:ec:6b:49:43:ee:09:f4:73:
         fe:09:5c:75:62:f1:f5:45:28:33:dc:4a:ea:cd:4f:55:12:25:
         81:56:4c:c9:71:fb:05:82:8b:45:08:66:9c:cb:dc:0a:a0:a5:
         87:05:1c:d3:a9:b4:68:88:57:00:cf:73:cc:f5:cc:57:2c:76:
         c8:1e:33:38:da:e9:05:52:5d:ea:fc:06:fa:3e:d9:d4:52:df:
         c2:63:2d:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQx950ZOcV6xdkjovlcGbRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwYWEyOTliMWU1ZmExZDUxMjZkZmFkNzVkZmQ0YTliYWU0
NDNhMTcwHhcNMjUwMjE2MjIwMTI4WhcNMjUwMjE3MjIwMTI4WjAzMTEwLwYDVQQD
EyhiYzRmZDVmODY1ZDU2ZTcxOTdmMmM3ZWQzMzAzYjZmMmE3MjVlMTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAichF5eEyMz9pFWcrm5TsiyPPc8UQ
yJNntXOigcy6yECUhbkPT6/hI2w2jyokJn/80xiYh1lW0GnoQx7F8JqP9RSplGdE
KbJZkpraQlnxd4fsq4LlzlfFm5OULdgqEk8OYMmcnwkS4wpNeksai76GJPJR95hs
ogMY8To3RMPmzHqxAMOu7fArKwIOl4NlTXg5gggcUWxmwX+xMpu0hyM26XFmuK/w
c8eq+ULdUCFWl82g2+cKKKwHGeq9GRorPgfF+H1+NeLwC16n/8/hsk3o/D89b4Ef
+VIiPY+utaM+tym+ZNw7J/Wvp1BEh9wd9mMwblVqZra4m5zhYfKB76sIFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLxP1fhl1W5xl/LH7TMDtvKnJeF2MB8GA1UdIwQY
MBaAFMCqKZseX6HVEm361139SpuuRDoXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0tvcG14NWZvZFVTYmZyWFhmMUttNjVFT2hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8yZmM4MDQtMjQ3Ny00ZDZiLTgxMzct
NzA0YTk5NWUzZGI2LzEvd0tvcG14NWZvZFVTYmZyWFhmMUttNjVFT2hjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8yZmM4MDQtMjQ3Ny00ZDZiLTgxMzctNzA0YTk5NWUzZGI2
LzEvd0tvcG14NWZvZFVTYmZyWFhmMUttNjVFT2hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUJzkgiuY
U4h/pV0nC9DJ+4UrP+WFPBTO+G2Orw1wNRCiKDYbmqup8dlZCtFJMT8qBPXshJL2
xqt5xSzNuy+G1QaHELxxa+PngGepQshq5EQ9gr31LSpX7DRQGYkD46Y2rO04kFPO
vYxnFTbMwqQkw/lgfA5YVO2Adw2CtTrsZ7Egu7N77Vx5ZFVzkrd0dMX24IOvUA18
oSOL4LyB45mi5R5wYckTPUTKy8p+uuxrSUPuCfRz/glcdWLx9UUoM9xK6s1PVRIl
gVZMyXH7BYKLRQhmnMvcCqClhwUc06m0aIhXAM9zzPXMVyx2yB4zONrpBVJd6vwG
+j7Z1FLfwmMtIw==
-----END CERTIFICATE-----