Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/bbf773-67f9-4be5-95cb-70d7f8f4925a/1/stNBgAdlZtcr7mHzoybFbgq7gEo.mft
File:                     stNBgAdlZtcr7mHzoybFbgq7gEo.mft (raw, json)
Hash identifier:          gm2tqFgrk7XhNYFiH/DOV+sNH7pFbTp/cUqo2w9qKTc=
Subject key identifier:   4B:02:13:9F:8E:F9:32:BC:5D:6E:D0:30:BE:93:A0:B8:27:BE:A7:1E
Authority key identifier: B2:D3:41:80:07:65:66:D7:2B:EE:61:F3:A3:26:C5:6E:0A:BB:80:4A
Certificate issuer:       /CN=b2d34180076566d72bee61f3a326c56e0abb804a
Certificate serial:       0194C387B7D95A0C266CF6C0528010BDAB7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/stNBgAdlZtcr7mHzoybFbgq7gEo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/bbf773-67f9-4be5-95cb-70d7f8f4925a/1/stNBgAdlZtcr7mHzoybFbgq7gEo.mft
Manifest number:          0D07
Signing time:             Sat 01 Feb 2025 22:00:38 +0000
Manifest this update:     Sat 01 Feb 2025 22:00:38 +0000
Manifest next update:     Sun 02 Feb 2025 22:00:38 +0000
Files and hashes:         1: stNBgAdlZtcr7mHzoybFbgq7gEo.crl (hash: OO7bMs9/U4Ab7kSc61qsWBjvF1sek1gB+evp7DI1eNw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ad/bbf773-67f9-4be5-95cb-70d7f8f4925a/1/stNBgAdlZtcr7mHzoybFbgq7gEo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ad/bbf773-67f9-4be5-95cb-70d7f8f4925a/1/stNBgAdlZtcr7mHzoybFbgq7gEo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/stNBgAdlZtcr7mHzoybFbgq7gEo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:87:b7:d9:5a:0c:26:6c:f6:c0:52:80:10:bd:ab:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b2d34180076566d72bee61f3a326c56e0abb804a
        Validity
            Not Before: Feb  1 22:00:38 2025 GMT
            Not After : Feb  2 22:00:38 2025 GMT
        Subject: CN=4b02139f8ef932bc5d6ed030be93a0b827bea71e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:2f:f4:6f:81:ad:db:ad:79:cb:9c:61:8d:1e:
                    43:36:d0:b5:03:ee:b7:d8:bd:40:9e:07:fd:36:41:
                    0e:a2:d8:62:89:b0:e0:07:ad:8c:1a:78:74:f4:19:
                    ad:d6:7e:d0:db:42:bb:63:cc:7f:3a:e7:c5:72:38:
                    ae:60:03:e1:69:fb:9b:12:b5:81:c6:fa:de:97:1e:
                    3a:0a:b0:08:6f:bf:1d:40:cd:78:fe:2b:06:f2:b3:
                    f8:cb:bf:52:90:31:0f:b2:86:fc:54:1b:1b:1d:8d:
                    3c:73:db:f3:14:c7:a3:6f:98:23:82:10:11:1a:cb:
                    8f:84:42:cc:f6:05:1a:2b:cf:35:3f:dc:de:4e:91:
                    a7:8d:5d:cc:69:a1:d8:ea:98:bf:f1:0c:ce:e8:93:
                    ad:30:8e:f8:7f:ee:37:d1:89:34:57:ec:17:74:42:
                    68:58:c9:13:cd:75:46:38:bd:fa:e6:47:79:c3:35:
                    df:07:b8:85:2c:35:c9:f6:da:f0:71:1b:22:cc:7c:
                    50:f7:a7:2e:23:14:61:ee:3d:af:0a:e5:7f:b8:5a:
                    08:ea:76:99:28:0b:00:b1:84:bb:09:df:3d:28:b6:
                    53:39:4a:79:23:d2:b2:3f:bb:1d:67:32:cf:37:f4:
                    d0:54:42:a0:e5:4a:59:66:9a:80:0c:64:09:a6:f7:
                    b4:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:02:13:9F:8E:F9:32:BC:5D:6E:D0:30:BE:93:A0:B8:27:BE:A7:1E
            X509v3 Authority Key Identifier:
                keyid:B2:D3:41:80:07:65:66:D7:2B:EE:61:F3:A3:26:C5:6E:0A:BB:80:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/stNBgAdlZtcr7mHzoybFbgq7gEo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/bbf773-67f9-4be5-95cb-70d7f8f4925a/1/stNBgAdlZtcr7mHzoybFbgq7gEo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/bbf773-67f9-4be5-95cb-70d7f8f4925a/1/stNBgAdlZtcr7mHzoybFbgq7gEo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:bf:1b:d3:cd:d3:e3:9e:cd:9c:31:a3:e0:b7:f0:c1:1c:a5:
         48:f6:c4:a9:38:d6:4c:f0:95:f9:67:01:69:d4:12:b4:d4:ac:
         75:7a:e7:1e:2f:9b:77:c6:9e:16:81:b4:0a:ac:22:b9:94:40:
         45:83:4b:b1:8e:7f:66:23:86:62:0c:17:50:cc:c8:50:cc:f8:
         13:a6:f3:1a:07:78:e0:5b:82:f1:b7:d6:21:df:df:6a:d3:c9:
         40:5e:5f:2e:33:4b:8a:06:7b:c5:a2:18:2a:35:b9:9e:9e:71:
         fe:74:23:9c:fc:89:39:b3:56:45:96:60:4a:1d:9c:f2:f4:81:
         7a:be:c4:34:1b:46:79:dc:94:8a:ea:7d:d0:79:c5:e6:71:59:
         7b:1e:2b:c9:11:21:9b:2c:8e:45:77:1b:82:1b:6d:51:69:66:
         40:da:eb:42:ad:bb:c8:48:dc:f0:e7:8b:1f:f8:d2:b1:63:39:
         23:6a:6b:e6:aa:09:8f:a5:06:41:63:ee:c2:74:10:dd:8f:92:
         1f:d6:1e:bb:f1:85:ef:01:2e:56:9e:73:a3:16:99:8b:dd:37:
         3c:0e:64:86:ad:34:59:c6:57:10:a0:24:89:84:e2:6c:e7:62:
         6f:bf:f1:f1:ea:b5:27:8b:ac:f2:55:c9:d7:e9:41:a1:6c:11:
         77:23:81:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh7fZWgwmbPbAUoAQvat7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZDM0MTgwMDc2NTY2ZDcyYmVlNjFmM2EzMjZjNTZlMGFi
YjgwNGEwHhcNMjUwMjAxMjIwMDM4WhcNMjUwMjAyMjIwMDM4WjAzMTEwLwYDVQQD
Eyg0YjAyMTM5ZjhlZjkzMmJjNWQ2ZWQwMzBiZTkzYTBiODI3YmVhNzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArC/0b4Gt2615y5xhjR5DNtC1A+63
2L1Angf9NkEOothiibDgB62MGnh09Bmt1n7Q20K7Y8x/OufFcjiuYAPhafubErWB
xvrelx46CrAIb78dQM14/isG8rP4y79SkDEPsob8VBsbHY08c9vzFMejb5gjghAR
GsuPhELM9gUaK881P9zeTpGnjV3MaaHY6pi/8QzO6JOtMI74f+430Yk0V+wXdEJo
WMkTzXVGOL365kd5wzXfB7iFLDXJ9trwcRsizHxQ96cuIxRh7j2vCuV/uFoI6naZ
KAsAsYS7Cd89KLZTOUp5I9KyP7sdZzLPN/TQVEKg5UpZZpqADGQJpve07wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEsCE5+O+TK8XW7QML6ToLgnvqceMB8GA1UdIwQY
MBaAFLLTQYAHZWbXK+5h86MmxW4Ku4BKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3ROQmdBZGxadGNyN21Iem95YkZiZ3E3Z0VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9iYmY3NzMtNjdmOS00YmU1LTk1Y2It
NzBkN2Y4ZjQ5MjVhLzEvc3ROQmdBZGxadGNyN21Iem95YkZiZ3E3Z0VvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9iYmY3NzMtNjdmOS00YmU1LTk1Y2ItNzBkN2Y4ZjQ5MjVh
LzEvc3ROQmdBZGxadGNyN21Iem95YkZiZ3E3Z0VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASr8b083T
457NnDGj4LfwwRylSPbEqTjWTPCV+WcBadQStNSsdXrnHi+bd8aeFoG0CqwiuZRA
RYNLsY5/ZiOGYgwXUMzIUMz4E6bzGgd44FuC8bfWId/fatPJQF5fLjNLigZ7xaIY
KjW5np5x/nQjnPyJObNWRZZgSh2c8vSBer7ENBtGedyUiup90HnF5nFZex4ryREh
myyORXcbghttUWlmQNrrQq27yEjc8OeLH/jSsWM5I2pr5qoJj6UGQWPuwnQQ3Y+S
H9Yeu/GF7wEuVp5zoxaZi903PA5khq00WcZXEKAkiYTibOdib7/x8eq1J4us8lXJ
1+lBoWwRdyOBeg==
-----END CERTIFICATE-----