Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/a25f89-639b-4f9e-ac9d-7d928c131724/1/8H-pjVIdhMKNrsion3SIu86AAhU.mft
File:                     8H-pjVIdhMKNrsion3SIu86AAhU.mft (raw, json)
Hash identifier:          0waU5dku6m1J9h2+sMx2pMgM3v4GQ7unxTSLzsMDRmQ=
Subject key identifier:   26:59:DC:19:8E:E9:39:30:53:87:18:73:71:68:C4:CC:AB:39:E3:46
Authority key identifier: F0:7F:A9:8D:52:1D:84:C2:8D:AE:C8:A8:9F:74:88:BB:CE:80:02:15
Certificate issuer:       /CN=f07fa98d521d84c28daec8a89f7488bbce800215
Certificate serial:       0194C350AC44943B83A76ED480A8A3ABBD09
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8H-pjVIdhMKNrsion3SIu86AAhU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/a25f89-639b-4f9e-ac9d-7d928c131724/1/8H-pjVIdhMKNrsion3SIu86AAhU.mft
Manifest number:          51
Signing time:             Sat 01 Feb 2025 21:00:31 +0000
Manifest this update:     Sat 01 Feb 2025 21:00:31 +0000
Manifest next update:     Sun 02 Feb 2025 21:00:31 +0000
Files and hashes:         1: 8H-pjVIdhMKNrsion3SIu86AAhU.crl (hash: JV3D00QX/vzw2ko3keMYxuUC0ak0Rt5EVaMxYA3FGBw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/a25f89-639b-4f9e-ac9d-7d928c131724/1/8H-pjVIdhMKNrsion3SIu86AAhU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/a25f89-639b-4f9e-ac9d-7d928c131724/1/8H-pjVIdhMKNrsion3SIu86AAhU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8H-pjVIdhMKNrsion3SIu86AAhU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 21:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:50:ac:44:94:3b:83:a7:6e:d4:80:a8:a3:ab:bd:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f07fa98d521d84c28daec8a89f7488bbce800215
        Validity
            Not Before: Feb  1 21:00:31 2025 GMT
            Not After : Feb  2 21:00:31 2025 GMT
        Subject: CN=2659dc198ee93930538718737168c4ccab39e346
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:e1:38:3c:17:05:64:b3:f9:a3:a9:bf:61:cd:
                    4b:82:54:02:65:a1:43:7f:b2:d9:e4:ef:d2:51:64:
                    b3:63:df:39:62:c3:71:82:2f:26:c6:28:a0:1f:7b:
                    81:1e:b1:f3:6c:ec:94:89:b9:7a:e3:ad:47:98:17:
                    07:6d:b9:f6:60:4f:b9:9f:c1:50:69:96:03:1c:3c:
                    ee:d5:38:25:7a:96:98:f1:dd:e0:96:b4:1c:23:83:
                    74:e6:b1:49:14:be:a6:18:82:76:5f:3f:bd:e5:94:
                    ff:2c:20:be:da:ee:80:25:55:cc:ca:29:64:c8:15:
                    73:ba:f7:03:98:20:78:f8:84:2e:c2:c7:4c:65:06:
                    cf:9f:00:06:52:5c:63:10:94:4a:80:f3:7b:de:66:
                    34:92:74:38:b4:ef:a0:07:33:d6:61:56:39:89:1f:
                    45:63:44:7c:75:a2:a8:a8:9e:5b:92:90:b4:12:ca:
                    64:cb:1d:39:b4:56:ed:35:06:10:79:a6:fb:25:9d:
                    48:3e:f0:58:4e:6a:3f:0c:64:40:da:19:d2:ef:e3:
                    a6:23:58:7d:93:9c:29:1c:26:95:75:fc:b3:94:d2:
                    df:24:dc:d6:54:7f:57:3d:ec:df:7f:ba:d7:6a:4e:
                    6a:d8:2d:3f:45:5e:28:f1:7c:09:1e:92:9c:36:62:
                    05:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:59:DC:19:8E:E9:39:30:53:87:18:73:71:68:C4:CC:AB:39:E3:46
            X509v3 Authority Key Identifier:
                keyid:F0:7F:A9:8D:52:1D:84:C2:8D:AE:C8:A8:9F:74:88:BB:CE:80:02:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8H-pjVIdhMKNrsion3SIu86AAhU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/a25f89-639b-4f9e-ac9d-7d928c131724/1/8H-pjVIdhMKNrsion3SIu86AAhU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/a25f89-639b-4f9e-ac9d-7d928c131724/1/8H-pjVIdhMKNrsion3SIu86AAhU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:66:eb:25:54:4b:2a:ed:ea:bc:b5:1a:72:c1:c9:b4:9f:c4:
         ad:84:4a:10:6d:f1:07:14:b5:4f:6d:84:4a:fa:64:93:a6:33:
         43:7c:d7:a9:8e:8d:91:21:0e:93:e8:d8:2e:4e:ad:18:27:7d:
         17:a2:2b:79:fc:45:a4:59:9e:f6:44:a3:2a:ef:a2:12:f6:3d:
         90:fc:c6:09:6a:e3:66:36:08:94:91:88:ca:ac:05:d7:6e:a6:
         a2:19:21:47:66:03:d9:55:9f:01:f8:7e:fc:67:8c:74:ae:31:
         80:ba:9b:7a:5d:ef:f6:bf:83:0a:b2:51:1a:81:f8:af:43:28:
         3d:6b:4b:39:77:07:2b:c6:a0:66:f3:35:be:97:d7:77:3b:b0:
         dc:e7:d6:d4:7b:49:15:5b:ca:9f:5e:5f:18:d0:77:f1:4c:0e:
         17:99:b4:97:53:59:4d:eb:27:7e:57:63:9f:88:60:35:60:6e:
         c4:43:35:a3:26:ff:d1:f5:5e:41:e5:8a:c6:00:2f:d6:0a:21:
         54:d8:8d:08:5e:17:d6:fe:7c:7b:3b:0f:de:51:3d:ce:00:61:
         06:4f:a6:aa:af:b7:25:32:b1:90:84:aa:3e:2d:67:ee:3a:d2:
         ed:0c:38:4b:3f:52:bd:9e:da:ed:44:02:a7:09:20:63:ac:40:
         fa:7b:8c:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDUKxElDuDp27UgKijq70JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwN2ZhOThkNTIxZDg0YzI4ZGFlYzhhODlmNzQ4OGJiY2U4
MDAyMTUwHhcNMjUwMjAxMjEwMDMxWhcNMjUwMjAyMjEwMDMxWjAzMTEwLwYDVQQD
EygyNjU5ZGMxOThlZTkzOTMwNTM4NzE4NzM3MTY4YzRjY2FiMzllMzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+E4PBcFZLP5o6m/Yc1LglQCZaFD
f7LZ5O/SUWSzY985YsNxgi8mxiigH3uBHrHzbOyUibl6461HmBcHbbn2YE+5n8FQ
aZYDHDzu1TglepaY8d3glrQcI4N05rFJFL6mGIJ2Xz+95ZT/LCC+2u6AJVXMyilk
yBVzuvcDmCB4+IQuwsdMZQbPnwAGUlxjEJRKgPN73mY0knQ4tO+gBzPWYVY5iR9F
Y0R8daKoqJ5bkpC0Espkyx05tFbtNQYQeab7JZ1IPvBYTmo/DGRA2hnS7+OmI1h9
k5wpHCaVdfyzlNLfJNzWVH9XPezff7rXak5q2C0/RV4o8XwJHpKcNmIFgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCZZ3BmO6TkwU4cYc3FoxMyrOeNGMB8GA1UdIwQY
MBaAFPB/qY1SHYTCja7IqJ90iLvOgAIVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEgtcGpWSWRoTUtOcnNpb24zU0l1ODZBQWhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9hMjVmODktNjM5Yi00ZjllLWFjOWQt
N2Q5MjhjMTMxNzI0LzEvOEgtcGpWSWRoTUtOcnNpb24zU0l1ODZBQWhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9hMjVmODktNjM5Yi00ZjllLWFjOWQtN2Q5MjhjMTMxNzI0
LzEvOEgtcGpWSWRoTUtOcnNpb24zU0l1ODZBQWhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbGbrJVRL
Ku3qvLUacsHJtJ/ErYRKEG3xBxS1T22ESvpkk6YzQ3zXqY6NkSEOk+jYLk6tGCd9
F6IrefxFpFme9kSjKu+iEvY9kPzGCWrjZjYIlJGIyqwF126mohkhR2YD2VWfAfh+
/GeMdK4xgLqbel3v9r+DCrJRGoH4r0MoPWtLOXcHK8agZvM1vpfXdzuw3OfW1HtJ
FVvKn15fGNB38UwOF5m0l1NZTesnfldjn4hgNWBuxEM1oyb/0fVeQeWKxgAv1goh
VNiNCF4X1v58ezsP3lE9zgBhBk+mqq+3JTKxkISqPi1n7jrS7Qw4Sz9SvZ7a7UQC
pwkgY6xA+nuMYQ==
-----END CERTIFICATE-----