Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/8ef162-e840-4a15-aba6-9e0898f4450c/1/gKOAANS1q9FTKiU4HLJhXuwe3KA.mft
File:                     gKOAANS1q9FTKiU4HLJhXuwe3KA.mft (raw, json)
Hash identifier:          zLIJntT7MU7MJFuDcVTriDS5wySCo0fucoAQ+gcmA/4=
Subject key identifier:   9F:D8:97:4C:36:69:D6:E7:41:A3:BD:61:43:49:CD:8C:55:62:B1:33
Authority key identifier: 80:A3:80:00:D4:B5:AB:D1:53:2A:25:38:1C:B2:61:5E:EC:1E:DC:A0
Certificate issuer:       /CN=80a38000d4b5abd1532a25381cb2615eec1edca0
Certificate serial:       0196534A23B849309ADDB2EF366C6087DC6E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gKOAANS1q9FTKiU4HLJhXuwe3KA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/96/8ef162-e840-4a15-aba6-9e0898f4450c/1/gKOAANS1q9FTKiU4HLJhXuwe3KA.mft
Manifest number:          0515
Signing time:             Sun 20 Apr 2025 13:01:29 +0000
Manifest this update:     Sun 20 Apr 2025 13:01:29 +0000
Manifest next update:     Mon 21 Apr 2025 13:01:29 +0000
Files and hashes:         1: gKOAANS1q9FTKiU4HLJhXuwe3KA.crl (hash: Cc77bEVfHtMTGdZu0E8sxPQpXo4Zf9H8abtQ2G9OCsY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/96/8ef162-e840-4a15-aba6-9e0898f4450c/1/gKOAANS1q9FTKiU4HLJhXuwe3KA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/96/8ef162-e840-4a15-aba6-9e0898f4450c/1/gKOAANS1q9FTKiU4HLJhXuwe3KA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gKOAANS1q9FTKiU4HLJhXuwe3KA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:4a:23:b8:49:30:9a:dd:b2:ef:36:6c:60:87:dc:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=80a38000d4b5abd1532a25381cb2615eec1edca0
        Validity
            Not Before: Apr 20 13:01:29 2025 GMT
            Not After : Apr 21 13:01:29 2025 GMT
        Subject: CN=9fd8974c3669d6e741a3bd614349cd8c5562b133
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:36:ef:5b:38:0d:06:36:01:4c:a9:94:a2:2f:
                    34:bf:2c:5c:b1:77:d9:77:d3:d2:99:55:dd:f7:17:
                    d8:9c:bf:b9:3d:4d:fa:d2:f7:55:2f:79:e4:3f:fc:
                    e8:73:51:f0:84:cd:32:f9:4c:25:69:61:6c:1c:71:
                    ae:8e:44:b5:33:55:ae:e3:63:fa:7b:65:1c:2e:ed:
                    6d:84:2b:da:1c:bb:b1:9c:02:d0:7a:62:b7:70:f7:
                    b7:85:05:e2:cf:a4:00:97:40:6b:24:33:90:00:b6:
                    25:65:65:e4:29:bc:bf:f1:58:43:d4:aa:90:78:ce:
                    f4:07:7f:00:03:45:38:87:8d:21:4f:1f:c1:14:c5:
                    8c:93:1b:84:70:25:63:9d:66:88:e5:53:c1:c8:b5:
                    b9:13:64:ae:af:05:1d:a6:54:04:5a:a7:4a:49:8d:
                    36:d9:70:5b:59:3b:eb:29:83:d9:16:ca:3f:bf:ec:
                    81:e4:9c:fe:c8:d8:d1:c9:99:19:6f:5c:c5:a6:41:
                    07:6f:c6:1a:af:48:e3:70:1a:d0:cf:c1:4c:4c:7e:
                    ed:d4:01:69:40:af:b9:96:9a:4c:4a:04:7d:bd:7b:
                    b3:13:69:41:f8:52:1e:3e:e6:0f:d9:fd:bc:f3:4b:
                    1f:12:58:11:56:0d:19:80:6f:a0:f0:28:fe:aa:ee:
                    0b:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:D8:97:4C:36:69:D6:E7:41:A3:BD:61:43:49:CD:8C:55:62:B1:33
            X509v3 Authority Key Identifier:
                keyid:80:A3:80:00:D4:B5:AB:D1:53:2A:25:38:1C:B2:61:5E:EC:1E:DC:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gKOAANS1q9FTKiU4HLJhXuwe3KA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/8ef162-e840-4a15-aba6-9e0898f4450c/1/gKOAANS1q9FTKiU4HLJhXuwe3KA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/96/8ef162-e840-4a15-aba6-9e0898f4450c/1/gKOAANS1q9FTKiU4HLJhXuwe3KA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:98:66:b5:7d:ef:31:b3:e8:27:92:0c:6a:43:54:ba:a2:cd:
         d4:7e:20:0b:40:23:ed:f5:07:be:68:34:bd:03:3c:0c:e7:58:
         80:a8:45:04:c4:04:1f:8f:95:75:cc:43:a1:b0:d9:9d:c7:f2:
         49:e8:2e:0e:3a:ba:03:79:be:8d:ee:fe:34:74:fe:b3:de:5a:
         61:21:b2:d1:86:b0:c9:02:5c:86:ad:2e:0e:0a:3d:cb:4f:67:
         9d:52:44:07:19:9c:7a:77:53:76:8b:31:5e:5f:a4:aa:cd:be:
         b8:b4:8c:e3:63:c0:0f:5d:88:b6:86:e3:2b:3e:b2:fc:81:51:
         81:79:65:77:8b:15:77:bf:2b:d2:32:7e:29:92:78:cf:92:5e:
         5e:05:e0:7c:33:9b:8f:dd:c0:32:56:d9:be:cf:2a:a4:b2:74:
         ca:38:79:10:34:f7:62:c3:ef:3d:09:6c:f5:9b:81:77:87:24:
         27:e0:02:89:fa:7b:4f:aa:a6:9b:0a:5b:ad:16:a0:d0:d7:a5:
         0d:0a:13:90:d8:19:d6:6a:85:0f:52:3f:6c:7c:0a:3b:f4:bd:
         5a:fb:a0:05:e4:eb:cb:3b:0f:c8:6c:f3:d1:a2:0d:1a:0d:e6:
         f6:11:1d:84:4b:88:34:dc:35:d8:0f:7c:7f:88:b8:e4:1f:b1:
         39:63:a6:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZTSiO4STCa3bLvNmxgh9xuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwYTM4MDAwZDRiNWFiZDE1MzJhMjUzODFjYjI2MTVlZWMx
ZWRjYTAwHhcNMjUwNDIwMTMwMTI5WhcNMjUwNDIxMTMwMTI5WjAzMTEwLwYDVQQD
Eyg5ZmQ4OTc0YzM2NjlkNmU3NDFhM2JkNjE0MzQ5Y2Q4YzU1NjJiMTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjbvWzgNBjYBTKmUoi80vyxcsXfZ
d9PSmVXd9xfYnL+5PU360vdVL3nkP/zoc1HwhM0y+UwlaWFsHHGujkS1M1Wu42P6
e2UcLu1thCvaHLuxnALQemK3cPe3hQXiz6QAl0BrJDOQALYlZWXkKby/8VhD1KqQ
eM70B38AA0U4h40hTx/BFMWMkxuEcCVjnWaI5VPByLW5E2SurwUdplQEWqdKSY02
2XBbWTvrKYPZFso/v+yB5Jz+yNjRyZkZb1zFpkEHb8Yar0jjcBrQz8FMTH7t1AFp
QK+5lppMSgR9vXuzE2lB+FIePuYP2f2880sfElgRVg0ZgG+g8Cj+qu4LeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ/Yl0w2adbnQaO9YUNJzYxVYrEzMB8GA1UdIwQY
MBaAFICjgADUtavRUyolOByyYV7sHtygMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0tPQUFOUzFxOUZUS2lVNEhMSmhYdXdlM0tBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni84ZWYxNjItZTg0MC00YTE1LWFiYTYt
OWUwODk4ZjQ0NTBjLzEvZ0tPQUFOUzFxOUZUS2lVNEhMSmhYdXdlM0tBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni84ZWYxNjItZTg0MC00YTE1LWFiYTYtOWUwODk4ZjQ0NTBj
LzEvZ0tPQUFOUzFxOUZUS2lVNEhMSmhYdXdlM0tBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkJhmtX3v
MbPoJ5IMakNUuqLN1H4gC0Aj7fUHvmg0vQM8DOdYgKhFBMQEH4+VdcxDobDZncfy
SeguDjq6A3m+je7+NHT+s95aYSGy0YawyQJchq0uDgo9y09nnVJEBxmcendTdosx
Xl+kqs2+uLSM42PAD12ItobjKz6y/IFRgXlld4sVd78r0jJ+KZJ4z5JeXgXgfDOb
j93AMlbZvs8qpLJ0yjh5EDT3YsPvPQls9ZuBd4ckJ+ACifp7T6qmmwpbrRag0Nel
DQoTkNgZ1mqFD1I/bHwKO/S9WvugBeTryzsPyGzz0aINGg3m9hEdhEuINNw12A98
f4i45B+xOWOmvg==
-----END CERTIFICATE-----