Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft
File:                     XzoD6voEyDkjvYaTJGGFDfX3gUY.mft (raw, json)
Hash identifier:          kOrlBUKo0TB5Gya7liFpbQxll05CBbHoUDwWqBxzTUo=
Subject key identifier:   76:1B:85:7E:7B:3C:2C:98:A0:3F:DA:B8:11:C4:F6:1C:74:BF:0A:5F
Authority key identifier: 5F:3A:03:EA:FA:04:C8:39:23:BD:86:93:24:61:85:0D:F5:F7:81:46
Certificate issuer:       /CN=5f3a03eafa04c83923bd86932461850df5f78146
Certificate serial:       0194BB298A2BE9A57CBC737C091B4FB6BA78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XzoD6voEyDkjvYaTJGGFDfX3gUY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft
Manifest number:          1084
Signing time:             Fri 31 Jan 2025 07:00:49 +0000
Manifest this update:     Fri 31 Jan 2025 07:00:49 +0000
Manifest next update:     Sat 01 Feb 2025 07:00:49 +0000
Files and hashes:         1: XzoD6voEyDkjvYaTJGGFDfX3gUY.crl (hash: wzFRsdOhPvY1iQsTeVA4cRkTRjPIa3wPEww4X5qWhOg=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XzoD6voEyDkjvYaTJGGFDfX3gUY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 07:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:bb:29:8a:2b:e9:a5:7c:bc:73:7c:09:1b:4f:b6:ba:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f3a03eafa04c83923bd86932461850df5f78146
        Validity
            Not Before: Jan 31 07:00:49 2025 GMT
            Not After : Feb  1 07:00:49 2025 GMT
        Subject: CN=761b857e7b3c2c98a03fdab811c4f61c74bf0a5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:59:28:d5:59:a7:92:2f:60:8b:e3:f6:40:f1:
                    d6:79:2c:19:d1:3a:82:f6:29:61:90:77:96:33:78:
                    5a:be:c5:15:0e:74:d3:70:d6:7d:d7:02:30:88:5f:
                    e6:f5:01:05:2e:53:1f:89:93:42:ae:ee:be:e2:6f:
                    8a:ed:b4:95:a8:21:52:d6:bd:e5:15:ed:d8:9f:84:
                    ba:c9:1d:4c:1b:75:86:29:b4:96:11:1e:5a:e2:bc:
                    ae:1b:24:c8:83:2d:87:87:79:d5:e6:07:2a:25:db:
                    95:20:58:fb:e6:35:75:b2:e3:8d:13:6b:01:09:0a:
                    e5:56:84:3a:92:d2:62:e4:2e:72:e6:5f:a6:8a:e5:
                    ad:1a:9c:96:6f:f4:da:8d:93:d6:1b:34:35:5a:4d:
                    5a:6a:97:fc:c5:dd:38:07:63:d5:51:45:55:2c:1b:
                    60:4d:95:8d:71:55:33:2f:5d:ac:e9:07:06:e3:ea:
                    c9:a8:65:0e:35:4a:e3:a4:23:44:6c:01:be:2e:54:
                    d8:3f:5a:76:b0:d5:8f:4e:14:e4:68:37:57:c3:30:
                    9b:e8:65:76:91:3a:80:ef:d3:ab:af:b8:cd:8b:a9:
                    b3:3f:56:92:47:4e:06:10:eb:97:66:4d:8b:3a:7d:
                    55:38:8d:3c:59:ff:d6:f3:a3:e0:fb:42:c4:0e:1e:
                    54:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:1B:85:7E:7B:3C:2C:98:A0:3F:DA:B8:11:C4:F6:1C:74:BF:0A:5F
            X509v3 Authority Key Identifier:
                keyid:5F:3A:03:EA:FA:04:C8:39:23:BD:86:93:24:61:85:0D:F5:F7:81:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XzoD6voEyDkjvYaTJGGFDfX3gUY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:f4:c8:36:ae:db:0c:23:19:49:72:6b:bd:cb:16:b3:4f:f0:
         97:ba:2c:a9:f3:d6:0c:94:04:03:8a:35:93:b9:25:b6:93:3a:
         b5:74:45:82:fb:06:a1:c8:80:9b:aa:50:43:e4:58:c7:dc:87:
         4b:50:7a:2a:aa:bb:f8:92:25:e9:af:51:23:39:a8:bd:03:17:
         d1:09:8b:a5:1a:de:b3:18:dd:76:a0:82:c1:29:e4:29:1e:bc:
         8f:27:bc:0e:41:44:d4:57:64:c8:d3:a8:4e:df:ac:d4:5f:72:
         5b:af:52:c8:db:fd:98:ab:2c:78:f7:9a:4e:66:f3:23:cb:8b:
         51:98:7b:d1:3f:dc:dc:04:38:c2:76:30:27:b4:64:fe:b5:b5:
         68:7f:93:03:1b:81:96:43:48:3e:ac:c0:22:15:dd:b0:8b:4a:
         19:9e:33:b9:ab:63:9b:af:e5:69:42:06:34:94:da:d3:69:12:
         50:e9:a8:5e:3f:c4:f5:5d:88:f8:fc:2e:86:3a:f9:d9:22:39:
         fe:40:03:43:88:5e:ad:61:f6:81:42:3c:4a:d0:03:b7:7b:cb:
         83:9a:03:d7:16:48:61:5f:ca:11:01:d9:aa:3e:c6:3d:54:e3:
         e5:43:de:0a:85:c0:97:80:f6:06:d1:b4:82:97:ae:55:ac:00:
         a4:85:2e:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS7KYor6aV8vHN8CRtPtrp4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmM2EwM2VhZmEwNGM4MzkyM2JkODY5MzI0NjE4NTBkZjVm
NzgxNDYwHhcNMjUwMTMxMDcwMDQ5WhcNMjUwMjAxMDcwMDQ5WjAzMTEwLwYDVQQD
Eyg3NjFiODU3ZTdiM2MyYzk4YTAzZmRhYjgxMWM0ZjYxYzc0YmYwYTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1ko1Vmnki9gi+P2QPHWeSwZ0TqC
9ilhkHeWM3havsUVDnTTcNZ91wIwiF/m9QEFLlMfiZNCru6+4m+K7bSVqCFS1r3l
Fe3Yn4S6yR1MG3WGKbSWER5a4ryuGyTIgy2Hh3nV5gcqJduVIFj75jV1suONE2sB
CQrlVoQ6ktJi5C5y5l+miuWtGpyWb/TajZPWGzQ1Wk1aapf8xd04B2PVUUVVLBtg
TZWNcVUzL12s6QcG4+rJqGUONUrjpCNEbAG+LlTYP1p2sNWPThTkaDdXwzCb6GV2
kTqA79Orr7jNi6mzP1aSR04GEOuXZk2LOn1VOI08Wf/W86Pg+0LEDh5UEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHYbhX57PCyYoD/auBHE9hx0vwpfMB8GA1UdIwQY
MBaAFF86A+r6BMg5I72GkyRhhQ3194FGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHpvRDZ2b0V5RGtqdllhVEpHR0ZEZlgzZ1VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8xYmFmZTEtNjk5Ni00ZGNmLTg3NTIt
ZDU0MGU4YjEzZjdkLzEvWHpvRDZ2b0V5RGtqdllhVEpHR0ZEZlgzZ1VZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8xYmFmZTEtNjk5Ni00ZGNmLTg3NTItZDU0MGU4YjEzZjdk
LzEvWHpvRDZ2b0V5RGtqdllhVEpHR0ZEZlgzZ1VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArvTINq7b
DCMZSXJrvcsWs0/wl7osqfPWDJQEA4o1k7kltpM6tXRFgvsGociAm6pQQ+RYx9yH
S1B6Kqq7+JIl6a9RIzmovQMX0QmLpRresxjddqCCwSnkKR68jye8DkFE1FdkyNOo
Tt+s1F9yW69SyNv9mKssePeaTmbzI8uLUZh70T/c3AQ4wnYwJ7Rk/rW1aH+TAxuB
lkNIPqzAIhXdsItKGZ4zuatjm6/laUIGNJTa02kSUOmoXj/E9V2I+Pwuhjr52SI5
/kADQ4herWH2gUI8StADt3vLg5oD1xZIYV/KEQHZqj7GPVTj5UPeCoXAl4D2BtG0
gpeuVawApIUujg==
-----END CERTIFICATE-----