Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/cf1693-e67c-4f73-aee1-e044071ef2d9/1/SHcGwrHYON95a_g_qn176rxcdvg.mft
File:                     SHcGwrHYON95a_g_qn176rxcdvg.mft (raw, json)
Hash identifier:          eoS7llWsUOkHB386ROC7ZSggAEI4RoPkoGjTYJ7HI0k=
Subject key identifier:   BF:92:8F:20:5D:0C:B1:B6:C4:E3:6D:84:AF:C0:FE:5C:6A:E7:04:ED
Authority key identifier: 48:77:06:C2:B1:D8:38:DF:79:6B:F8:3F:AA:7D:7B:EA:BC:5C:76:F8
Certificate issuer:       /CN=487706c2b1d838df796bf83faa7d7beabc5c76f8
Certificate serial:       0194C42C6E14DEEF3063047E056E3C35FDEC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SHcGwrHYON95a_g_qn176rxcdvg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/cf1693-e67c-4f73-aee1-e044071ef2d9/1/SHcGwrHYON95a_g_qn176rxcdvg.mft
Manifest number:          0C16
Signing time:             Sun 02 Feb 2025 01:00:33 +0000
Manifest this update:     Sun 02 Feb 2025 01:00:33 +0000
Manifest next update:     Mon 03 Feb 2025 01:00:33 +0000
Files and hashes:         1: SHcGwrHYON95a_g_qn176rxcdvg.crl (hash: W1H5vZ8bAf7PpCUFbDH/SHaDSAioPd8CZ/k9sRtArkU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/cf1693-e67c-4f73-aee1-e044071ef2d9/1/SHcGwrHYON95a_g_qn176rxcdvg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/cf1693-e67c-4f73-aee1-e044071ef2d9/1/SHcGwrHYON95a_g_qn176rxcdvg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SHcGwrHYON95a_g_qn176rxcdvg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:2c:6e:14:de:ef:30:63:04:7e:05:6e:3c:35:fd:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=487706c2b1d838df796bf83faa7d7beabc5c76f8
        Validity
            Not Before: Feb  2 01:00:33 2025 GMT
            Not After : Feb  3 01:00:33 2025 GMT
        Subject: CN=bf928f205d0cb1b6c4e36d84afc0fe5c6ae704ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:4b:59:0d:42:54:34:00:52:21:b7:1c:57:70:
                    ed:50:ea:5f:49:16:f1:2d:29:80:f9:9d:27:eb:8a:
                    a1:a4:b4:bd:d5:04:dd:de:96:4a:de:35:73:11:79:
                    75:70:2d:4c:e0:24:f7:09:4e:ab:ee:45:6b:0d:52:
                    26:63:56:97:b8:cc:db:9b:b9:22:25:aa:b6:96:a4:
                    df:4e:97:74:29:37:57:7a:e5:d6:26:df:84:e2:86:
                    95:2d:2f:b0:92:13:1c:76:32:46:8e:01:f7:6f:6c:
                    e8:be:42:0c:a6:fe:95:64:18:80:78:ad:81:e6:2b:
                    b4:29:75:14:bc:07:6e:07:0f:47:03:f7:03:97:d0:
                    8b:74:f1:bb:2b:2c:5e:53:d4:74:d1:17:44:10:4d:
                    0b:32:31:14:7b:40:7c:b4:29:43:82:ca:05:4c:c2:
                    78:52:b2:d9:3b:f7:ab:91:e6:94:73:89:1c:35:13:
                    b9:79:ba:83:e3:71:3c:2a:84:57:07:8d:66:3e:41:
                    75:01:eb:bc:82:31:fc:57:02:6e:1c:22:c0:54:bb:
                    21:f7:98:f8:e5:69:67:39:65:ed:a8:a0:32:8b:6f:
                    f1:9c:43:b1:7d:3a:1f:1d:ef:f5:f2:24:d1:ad:f1:
                    7f:0a:27:1a:92:58:02:64:d7:38:1a:21:a8:53:ae:
                    16:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:92:8F:20:5D:0C:B1:B6:C4:E3:6D:84:AF:C0:FE:5C:6A:E7:04:ED
            X509v3 Authority Key Identifier:
                keyid:48:77:06:C2:B1:D8:38:DF:79:6B:F8:3F:AA:7D:7B:EA:BC:5C:76:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SHcGwrHYON95a_g_qn176rxcdvg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/cf1693-e67c-4f73-aee1-e044071ef2d9/1/SHcGwrHYON95a_g_qn176rxcdvg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/cf1693-e67c-4f73-aee1-e044071ef2d9/1/SHcGwrHYON95a_g_qn176rxcdvg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:01:d6:25:12:75:fe:58:e0:5a:ef:f4:d0:1e:4e:00:b1:5e:
         af:99:e6:80:b8:21:63:6d:c0:ca:84:b3:ab:e4:82:f4:42:23:
         59:c1:36:f7:a6:48:d7:c4:56:1c:e0:8d:48:24:6f:c9:09:e3:
         26:b9:58:ec:53:61:96:2d:f1:62:22:f4:c8:f1:87:51:a1:24:
         57:4b:e8:d5:c2:e2:b5:60:cf:87:be:df:1a:7c:78:4b:f6:22:
         50:7c:af:12:ab:b4:2e:2d:a3:1f:79:62:c5:99:f9:56:94:f8:
         53:b6:8c:34:b2:53:55:7c:46:0f:52:7e:c0:b9:69:b2:f2:89:
         ed:a0:80:66:cb:60:a3:2c:d4:26:54:5d:d9:6a:9c:b1:38:20:
         b6:9d:09:1e:a2:d5:1a:7a:94:04:d8:d6:18:3a:d9:f7:e2:5b:
         79:10:fd:03:bc:f2:49:61:a1:df:13:7b:41:27:67:de:56:5e:
         e0:90:0b:75:b9:4f:f4:41:b0:ad:09:9a:58:39:9a:ec:37:8c:
         92:e9:1a:d1:cf:1a:f9:e3:df:ad:81:53:ad:86:5d:a3:92:d6:
         21:24:d7:63:8f:6a:24:2d:2b:ce:05:02:2e:8b:2e:60:28:54:
         39:d8:bf:d0:68:53:50:ba:58:65:cf:de:ae:fa:4d:b1:17:11:
         1b:7d:ae:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTELG4U3u8wYwR+BW48Nf3sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4NzcwNmMyYjFkODM4ZGY3OTZiZjgzZmFhN2Q3YmVhYmM1
Yzc2ZjgwHhcNMjUwMjAyMDEwMDMzWhcNMjUwMjAzMDEwMDMzWjAzMTEwLwYDVQQD
EyhiZjkyOGYyMDVkMGNiMWI2YzRlMzZkODRhZmMwZmU1YzZhZTcwNGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEtZDUJUNABSIbccV3DtUOpfSRbx
LSmA+Z0n64qhpLS91QTd3pZK3jVzEXl1cC1M4CT3CU6r7kVrDVImY1aXuMzbm7ki
Jaq2lqTfTpd0KTdXeuXWJt+E4oaVLS+wkhMcdjJGjgH3b2zovkIMpv6VZBiAeK2B
5iu0KXUUvAduBw9HA/cDl9CLdPG7KyxeU9R00RdEEE0LMjEUe0B8tClDgsoFTMJ4
UrLZO/erkeaUc4kcNRO5ebqD43E8KoRXB41mPkF1Aeu8gjH8VwJuHCLAVLsh95j4
5WlnOWXtqKAyi2/xnEOxfTofHe/18iTRrfF/CicaklgCZNc4GiGoU64WeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL+SjyBdDLG2xONthK/A/lxq5wTtMB8GA1UdIwQY
MBaAFEh3BsKx2DjfeWv4P6p9e+q8XHb4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0hjR3dySFlPTjk1YV9nX3FuMTc2cnhjZHZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jZjE2OTMtZTY3Yy00ZjczLWFlZTEt
ZTA0NDA3MWVmMmQ5LzEvU0hjR3dySFlPTjk1YV9nX3FuMTc2cnhjZHZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9jZjE2OTMtZTY3Yy00ZjczLWFlZTEtZTA0NDA3MWVmMmQ5
LzEvU0hjR3dySFlPTjk1YV9nX3FuMTc2cnhjZHZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMQHWJRJ1
/ljgWu/00B5OALFer5nmgLghY23AyoSzq+SC9EIjWcE296ZI18RWHOCNSCRvyQnj
JrlY7FNhli3xYiL0yPGHUaEkV0vo1cLitWDPh77fGnx4S/YiUHyvEqu0Li2jH3li
xZn5VpT4U7aMNLJTVXxGD1J+wLlpsvKJ7aCAZstgoyzUJlRd2WqcsTggtp0JHqLV
GnqUBNjWGDrZ9+JbeRD9A7zySWGh3xN7QSdn3lZe4JALdblP9EGwrQmaWDma7DeM
kuka0c8a+ePfrYFTrYZdo5LWISTXY49qJC0rzgUCLosuYChUOdi/0GhTULpYZc/e
rvpNsRcRG32uKw==
-----END CERTIFICATE-----