Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft
File:                     NSfzoow8WhVFLOxPVswmno6tnXI.mft (raw, json)
Hash identifier:          CHmoz8JnhJG1NgSBVOkqXAGOH9jb+YmpEVwK+NyAP9A=
Subject key identifier:   20:28:E2:BF:11:49:8B:AC:7A:58:76:F1:63:66:E7:68:40:4D:05:9B
Authority key identifier: 35:27:F3:A2:8C:3C:5A:15:45:2C:EC:4F:56:CC:26:9E:8E:AD:9D:72
Certificate issuer:       /CN=3527f3a28c3c5a15452cec4f56cc269e8ead9d72
Certificate serial:       0194C3876CC4F44653F1A3B225C19FBC0C99
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft
Manifest number:          1429
Signing time:             Sat 01 Feb 2025 22:00:19 +0000
Manifest this update:     Sat 01 Feb 2025 22:00:19 +0000
Manifest next update:     Sun 02 Feb 2025 22:00:19 +0000
Files and hashes:         1: NSfzoow8WhVFLOxPVswmno6tnXI.crl (hash: VgOcjsVAVleapOkW2DzNQKmMNJgFrFNFZnO0GXvkLng=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:87:6c:c4:f4:46:53:f1:a3:b2:25:c1:9f:bc:0c:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3527f3a28c3c5a15452cec4f56cc269e8ead9d72
        Validity
            Not Before: Feb  1 22:00:19 2025 GMT
            Not After : Feb  2 22:00:19 2025 GMT
        Subject: CN=2028e2bf11498bac7a5876f16366e768404d059b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:d9:e1:de:15:bf:75:05:bf:a2:f9:ab:6f:41:
                    cf:5a:05:bc:13:c7:cd:8d:63:be:05:19:df:30:15:
                    47:bb:6d:c9:df:eb:1d:de:c0:6c:d3:b5:19:8f:52:
                    11:af:d2:18:75:6a:fa:cf:49:c1:a3:92:f4:d8:ea:
                    07:1d:99:3d:20:aa:ea:b9:8f:a5:1b:f5:d8:c8:14:
                    71:bf:e3:3a:fc:1c:d7:d8:a3:4c:7a:d2:93:d8:b9:
                    0f:b1:68:1c:e8:c6:41:1e:01:fe:09:df:18:49:2c:
                    5f:ce:18:b8:8e:04:f7:cf:01:24:b9:92:e6:09:bb:
                    23:b4:45:9a:32:37:07:bd:cc:11:d6:4c:44:f2:18:
                    cc:4a:a4:5f:dc:c0:8f:50:6e:34:1e:ae:4e:14:b9:
                    2c:03:0a:43:d9:24:7f:ae:62:d3:39:44:25:e2:49:
                    b9:86:ce:0e:79:ab:1e:31:6c:77:04:ee:85:6e:9f:
                    00:50:cd:56:12:a8:51:e3:59:10:ae:be:34:9e:7a:
                    79:ce:b4:80:75:2f:12:73:d3:57:39:1d:a4:b4:0d:
                    01:db:01:77:ea:a7:f7:82:cb:be:52:4f:8c:dd:8e:
                    4f:aa:44:f0:04:78:7f:ea:c9:7a:61:80:aa:55:fb:
                    7b:80:72:df:7a:1b:64:20:00:cf:18:1c:ef:f3:0c:
                    a5:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:28:E2:BF:11:49:8B:AC:7A:58:76:F1:63:66:E7:68:40:4D:05:9B
            X509v3 Authority Key Identifier:
                keyid:35:27:F3:A2:8C:3C:5A:15:45:2C:EC:4F:56:CC:26:9E:8E:AD:9D:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:e1:ed:7a:3f:ef:b2:91:15:d7:b8:22:8d:b6:3d:c8:f4:97:
         8c:b5:fd:b7:d7:af:f6:01:45:85:b1:44:af:cc:8d:4f:06:f5:
         11:5d:94:98:f5:c3:2a:ff:43:2a:73:45:bf:36:0b:63:bd:f0:
         e2:cb:3a:0d:44:ed:b3:55:91:3f:4f:8e:e6:c0:36:ad:61:4c:
         57:0b:40:0e:37:d1:45:f5:12:60:01:92:23:a4:e1:b2:28:1e:
         5b:af:65:0b:9b:e7:04:1a:7d:ae:d5:f7:65:e8:d9:85:f5:c4:
         69:e3:37:5f:81:97:4d:3c:d9:2a:a2:6c:20:a1:c4:27:7e:a4:
         c0:3b:33:3e:93:27:7d:da:69:06:a8:83:67:7b:48:da:27:a7:
         24:d8:d3:2c:41:15:22:b7:97:70:dd:36:26:29:0f:87:ce:f4:
         aa:ca:99:7b:85:e0:49:45:d6:4d:28:32:a0:68:07:d5:94:b0:
         a6:30:53:15:ae:b5:4d:88:99:56:d9:93:5f:82:a1:4a:46:c4:
         54:c5:f2:fb:a9:ac:e9:16:29:9c:0c:dc:bd:5a:71:3d:2e:52:
         e3:80:81:46:64:44:16:39:4b:fd:15:31:64:67:e2:0a:84:5a:
         84:25:97:b7:21:86:79:1b:6a:b0:a1:a7:4f:d9:b4:92:36:3a:
         b0:91:7a:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh2zE9EZT8aOyJcGfvAyZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MjdmM2EyOGMzYzVhMTU0NTJjZWM0ZjU2Y2MyNjllOGVh
ZDlkNzIwHhcNMjUwMjAxMjIwMDE5WhcNMjUwMjAyMjIwMDE5WjAzMTEwLwYDVQQD
EygyMDI4ZTJiZjExNDk4YmFjN2E1ODc2ZjE2MzY2ZTc2ODQwNGQwNTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5tnh3hW/dQW/ovmrb0HPWgW8E8fN
jWO+BRnfMBVHu23J3+sd3sBs07UZj1IRr9IYdWr6z0nBo5L02OoHHZk9IKrquY+l
G/XYyBRxv+M6/BzX2KNMetKT2LkPsWgc6MZBHgH+Cd8YSSxfzhi4jgT3zwEkuZLm
CbsjtEWaMjcHvcwR1kxE8hjMSqRf3MCPUG40Hq5OFLksAwpD2SR/rmLTOUQl4km5
hs4OeaseMWx3BO6Fbp8AUM1WEqhR41kQrr40nnp5zrSAdS8Sc9NXOR2ktA0B2wF3
6qf3gsu+Uk+M3Y5PqkTwBHh/6sl6YYCqVft7gHLfehtkIADPGBzv8wyl7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCAo4r8RSYuselh28WNm52hATQWbMB8GA1UdIwQY
MBaAFDUn86KMPFoVRSzsT1bMJp6OrZ1yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS85NDM5MDMtYmVlOS00ZGQ3LTg0YzIt
YTQ4ZmVjMWZjYjcwLzEvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS85NDM5MDMtYmVlOS00ZGQ3LTg0YzItYTQ4ZmVjMWZjYjcw
LzEvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEeHtej/v
spEV17gijbY9yPSXjLX9t9ev9gFFhbFEr8yNTwb1EV2UmPXDKv9DKnNFvzYLY73w
4ss6DUTts1WRP0+O5sA2rWFMVwtADjfRRfUSYAGSI6ThsigeW69lC5vnBBp9rtX3
ZejZhfXEaeM3X4GXTTzZKqJsIKHEJ36kwDszPpMnfdppBqiDZ3tI2ienJNjTLEEV
IreXcN02JikPh870qsqZe4XgSUXWTSgyoGgH1ZSwpjBTFa61TYiZVtmTX4KhSkbE
VMXy+6ms6RYpnAzcvVpxPS5S44CBRmREFjlL/RUxZGfiCoRahCWXtyGGeRtqsKGn
T9m0kjY6sJF6zw==
-----END CERTIFICATE-----