Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.mft
File:                     aXC3r07RGKBaFTFefYuUY0yf6iA.mft (raw, json)
Hash identifier:          lEEVtXhRX+F2CnKX2BLQ/OVLw2RQWTiiXxC6j7MwzJc=
Subject key identifier:   FA:8F:E8:DB:D2:68:55:96:B0:A3:B0:97:10:C3:3D:D0:B1:B1:48:A7
Authority key identifier: 69:70:B7:AF:4E:D1:18:A0:5A:15:31:5E:7D:8B:94:63:4C:9F:EA:20
Certificate issuer:       /CN=6970b7af4ed118a05a15315e7d8b94634c9fea20
Certificate serial:       0194C4D0FE6C03E94499DB639C4112DADC0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aXC3r07RGKBaFTFefYuUY0yf6iA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.mft
Manifest number:          09B9
Signing time:             Sun 02 Feb 2025 04:00:18 +0000
Manifest this update:     Sun 02 Feb 2025 04:00:18 +0000
Manifest next update:     Mon 03 Feb 2025 04:00:18 +0000
Files and hashes:         1: aXC3r07RGKBaFTFefYuUY0yf6iA.crl (hash: 0R1lsxrONAze3TkQIsgTPZ8gGTxLA6Mde7AoRliJFqw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aXC3r07RGKBaFTFefYuUY0yf6iA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:d0:fe:6c:03:e9:44:99:db:63:9c:41:12:da:dc:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6970b7af4ed118a05a15315e7d8b94634c9fea20
        Validity
            Not Before: Feb  2 04:00:18 2025 GMT
            Not After : Feb  3 04:00:18 2025 GMT
        Subject: CN=fa8fe8dbd2685596b0a3b09710c33dd0b1b148a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:0c:08:e8:c8:37:5f:d0:11:3d:2d:2e:91:1e:
                    c7:c7:d1:94:bd:c4:6e:d2:40:7b:45:4d:c2:45:6d:
                    56:5c:eb:b0:13:92:59:9b:16:90:b0:ac:0e:20:a0:
                    43:6b:01:59:05:ba:72:c4:2c:c7:c5:c8:06:de:f8:
                    62:e7:16:34:3c:e3:6c:50:47:45:25:e2:62:90:d6:
                    a4:7c:a2:29:9a:4d:73:62:5f:85:0f:f7:fa:84:3e:
                    08:ee:68:4d:2a:b9:8f:ca:a3:b3:ea:e0:f3:87:c8:
                    14:2a:99:e1:dd:80:c8:6c:2b:13:c9:6e:86:ee:4d:
                    e2:6d:10:e1:b8:21:34:6b:60:eb:cf:7a:75:19:dd:
                    e4:0d:11:e5:ee:74:55:88:2b:e0:12:70:ae:1f:2d:
                    4a:c2:75:de:27:0a:13:ed:ac:26:47:f0:3f:4e:b3:
                    b2:9b:ff:a6:c3:43:14:35:31:17:da:b2:01:64:48:
                    8a:f5:99:ba:a9:0b:8e:56:a4:74:be:38:03:19:54:
                    ce:a1:7e:e2:33:42:c3:e2:28:1f:b5:2b:ce:20:ee:
                    c0:f8:c0:26:51:6e:84:8b:98:d1:1a:45:4f:ae:86:
                    e8:39:98:7f:9f:f6:7d:ff:5e:64:71:37:65:c1:9c:
                    0d:e0:71:54:fd:8a:6f:78:77:ba:8b:4a:89:2a:3c:
                    95:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:8F:E8:DB:D2:68:55:96:B0:A3:B0:97:10:C3:3D:D0:B1:B1:48:A7
            X509v3 Authority Key Identifier:
                keyid:69:70:B7:AF:4E:D1:18:A0:5A:15:31:5E:7D:8B:94:63:4C:9F:EA:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aXC3r07RGKBaFTFefYuUY0yf6iA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:da:8e:d1:2e:9e:ef:40:9e:21:0b:cb:0c:2a:8d:3a:ca:5f:
         67:4b:fa:37:f7:ef:11:17:a2:24:a6:65:9d:dc:e4:6c:de:32:
         af:58:86:70:b5:25:93:f6:f5:5e:2b:3c:61:b7:2f:b3:00:e2:
         6d:2b:d7:f0:59:34:b3:50:d3:cf:2d:cf:25:80:17:82:61:8f:
         4e:c7:b9:48:d4:90:ab:db:63:34:a8:f5:32:4d:41:21:4c:bd:
         a7:ce:aa:16:38:11:95:49:91:11:39:2c:29:2f:b8:ee:6d:d7:
         b7:58:ae:09:58:4e:67:60:92:71:58:0d:c1:f2:a2:ba:c2:4d:
         ba:71:8a:bd:e8:83:28:83:f2:45:02:df:04:31:5e:aa:6e:46:
         81:42:6a:d0:7c:cd:e4:a5:87:a7:9e:ac:fb:f7:02:e8:60:ac:
         93:10:70:14:d7:7c:8c:d4:89:cc:18:9b:76:81:db:f4:4f:6e:
         5b:92:31:87:f1:1e:f1:e6:a5:df:2f:79:65:c3:4b:a5:05:f1:
         18:fb:cb:a2:c5:69:fb:de:ce:e7:33:98:f1:fd:ca:e5:75:c6:
         25:53:d6:9b:c6:92:8a:e8:22:ba:b7:84:8a:e8:e9:bf:ab:a0:
         8f:5b:29:8d:e5:e1:ff:6e:eb:e8:4f:e3:87:6c:bc:5a:cc:66:
         d2:74:7a:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTE0P5sA+lEmdtjnEES2twLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NzBiN2FmNGVkMTE4YTA1YTE1MzE1ZTdkOGI5NDYzNGM5
ZmVhMjAwHhcNMjUwMjAyMDQwMDE4WhcNMjUwMjAzMDQwMDE4WjAzMTEwLwYDVQQD
EyhmYThmZThkYmQyNjg1NTk2YjBhM2IwOTcxMGMzM2RkMGIxYjE0OGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAwI6Mg3X9ARPS0ukR7Hx9GUvcRu
0kB7RU3CRW1WXOuwE5JZmxaQsKwOIKBDawFZBbpyxCzHxcgG3vhi5xY0PONsUEdF
JeJikNakfKIpmk1zYl+FD/f6hD4I7mhNKrmPyqOz6uDzh8gUKpnh3YDIbCsTyW6G
7k3ibRDhuCE0a2Drz3p1Gd3kDRHl7nRViCvgEnCuHy1KwnXeJwoT7awmR/A/TrOy
m/+mw0MUNTEX2rIBZEiK9Zm6qQuOVqR0vjgDGVTOoX7iM0LD4igftSvOIO7A+MAm
UW6Ei5jRGkVProboOZh/n/Z9/15kcTdlwZwN4HFU/YpveHe6i0qJKjyVewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPqP6NvSaFWWsKOwlxDDPdCxsUinMB8GA1UdIwQY
MBaAFGlwt69O0RigWhUxXn2LlGNMn+ogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVhDM3IwN1JHS0JhRlRGZWZZdVVZMHlmNmlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS82YzEzYWMtMzhhNy00NjhjLWI3ZjEt
YjEwNjIzMmEzNDJjLzEvYVhDM3IwN1JHS0JhRlRGZWZZdVVZMHlmNmlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS82YzEzYWMtMzhhNy00NjhjLWI3ZjEtYjEwNjIzMmEzNDJj
LzEvYVhDM3IwN1JHS0JhRlRGZWZZdVVZMHlmNmlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAitqO0S6e
70CeIQvLDCqNOspfZ0v6N/fvEReiJKZlndzkbN4yr1iGcLUlk/b1Xis8YbcvswDi
bSvX8Fk0s1DTzy3PJYAXgmGPTse5SNSQq9tjNKj1Mk1BIUy9p86qFjgRlUmRETks
KS+47m3Xt1iuCVhOZ2CScVgNwfKiusJNunGKveiDKIPyRQLfBDFeqm5GgUJq0HzN
5KWHp56s+/cC6GCskxBwFNd8jNSJzBibdoHb9E9uW5Ixh/Ee8eal3y95ZcNLpQXx
GPvLosVp+97O5zOY8f3K5XXGJVPWm8aSiugiureEiujpv6ugj1spjeXh/27r6E/j
h2y8Wsxm0nR6xA==
-----END CERTIFICATE-----