Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.mft
File:                     cfxj7vZnTya1A6gwpd-pU9L_qr4.mft (raw, json)
Hash identifier:          SD8Q3gylCMPekcfM2jDizSbR5oLBqJIVnZeK5qS7MrM=
Subject key identifier:   38:FE:F2:22:92:3D:41:C5:14:48:B6:6F:45:70:5F:7E:C2:67:A1:7A
Authority key identifier: 71:FC:63:EE:F6:67:4F:26:B5:03:A8:30:A5:DF:A9:53:D2:FF:AA:BE
Certificate issuer:       /CN=71fc63eef6674f26b503a830a5dfa953d2ffaabe
Certificate serial:       0194C3F5AA6CECCB883E1952EF76F789275E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cfxj7vZnTya1A6gwpd-pU9L_qr4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.mft
Manifest number:          1296
Signing time:             Sun 02 Feb 2025 00:00:44 +0000
Manifest this update:     Sun 02 Feb 2025 00:00:44 +0000
Manifest next update:     Mon 03 Feb 2025 00:00:44 +0000
Files and hashes:         1: cfxj7vZnTya1A6gwpd-pU9L_qr4.crl (hash: vTkfaP+OpuWMb3J0gf72MRBmKc1+CA8uVPC6ReDHcno=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cfxj7vZnTya1A6gwpd-pU9L_qr4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:f5:aa:6c:ec:cb:88:3e:19:52:ef:76:f7:89:27:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71fc63eef6674f26b503a830a5dfa953d2ffaabe
        Validity
            Not Before: Feb  2 00:00:44 2025 GMT
            Not After : Feb  3 00:00:44 2025 GMT
        Subject: CN=38fef222923d41c51448b66f45705f7ec267a17a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:d3:4b:36:02:66:00:1c:c6:7f:4c:54:ff:fa:
                    63:e9:27:0e:42:59:db:2b:3a:9f:4d:e1:fa:99:7c:
                    1c:4f:07:11:fa:f9:61:44:da:ff:dd:f7:a3:79:0f:
                    17:55:8f:39:5a:e7:b8:da:f4:78:4b:69:3e:b4:bd:
                    09:5f:a0:cd:ed:13:5b:d0:db:5f:81:22:4a:e9:19:
                    2f:6c:47:2d:e8:8a:b2:b9:53:89:61:5c:45:b0:36:
                    ae:fa:b2:c1:8d:f9:01:2b:7f:84:eb:3b:a8:9d:36:
                    d3:fe:ff:80:55:27:8e:77:db:62:af:68:5e:e3:60:
                    a4:56:d4:bb:7b:b4:d2:d0:2c:13:ac:13:83:c8:bc:
                    24:ef:c2:e0:08:34:e8:3b:53:be:2e:7e:bc:ce:86:
                    49:b4:39:85:ad:a3:28:57:2b:28:15:a1:84:be:1a:
                    a6:7c:33:86:6e:70:9d:5d:de:6c:0e:69:e5:b8:18:
                    a4:ec:ef:2c:d7:6d:26:c1:2c:dc:8d:c4:0f:a2:14:
                    0e:16:21:38:4d:d2:a2:77:c2:bd:6a:5d:c8:73:c1:
                    2f:c8:52:d7:e9:da:95:5e:21:c0:0b:a1:35:76:11:
                    7d:b4:5e:65:83:0e:28:ab:51:25:6b:91:8a:a6:43:
                    81:fc:04:46:17:93:4c:2c:f7:c0:7b:06:ef:fd:3a:
                    2b:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:FE:F2:22:92:3D:41:C5:14:48:B6:6F:45:70:5F:7E:C2:67:A1:7A
            X509v3 Authority Key Identifier:
                keyid:71:FC:63:EE:F6:67:4F:26:B5:03:A8:30:A5:DF:A9:53:D2:FF:AA:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cfxj7vZnTya1A6gwpd-pU9L_qr4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:ee:40:85:39:af:0a:55:db:c7:37:f7:dc:36:a2:fa:ae:8b:
         81:88:d3:88:f3:5d:ac:98:c2:52:3b:07:8c:f6:c1:43:e7:f4:
         d9:bf:83:57:a9:29:28:f1:1b:f9:a7:62:ec:8f:61:6f:66:11:
         45:bc:c9:a7:f0:67:e2:dd:6a:97:bc:9b:81:b2:cc:5b:42:6f:
         56:0e:5f:e3:52:18:25:52:8d:84:ae:1a:7a:7b:85:e7:7a:3a:
         c1:e2:98:17:b1:9a:9d:4c:0b:6b:2d:1a:ef:79:bc:38:85:f6:
         3e:6c:af:b4:ca:11:e3:36:f1:aa:6c:f8:e0:93:4d:3a:bb:b4:
         13:61:02:34:2a:3f:d7:29:a8:6b:06:33:d3:64:28:ce:6a:55:
         33:3b:7a:e1:6e:70:ba:81:32:11:61:07:d7:8b:a4:db:11:1a:
         2b:62:06:bf:7a:6f:3b:7f:4a:2f:83:45:25:c4:59:36:7d:e8:
         b5:ce:e8:c0:38:1c:61:78:fb:e3:9d:d2:dd:c8:95:3b:0e:ad:
         9c:d4:aa:f4:a3:b1:ca:e7:ae:67:b3:f8:52:5e:69:f3:f2:c5:
         6e:64:49:a5:bc:3a:da:58:4a:d3:0e:e6:a9:c4:5c:d9:99:f5:
         6c:ca:46:ec:8c:47:73:1d:ee:9c:23:82:53:6f:ab:7f:54:8a:
         ac:93:79:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTD9aps7MuIPhlS73b3iSdeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxZmM2M2VlZjY2NzRmMjZiNTAzYTgzMGE1ZGZhOTUzZDJm
ZmFhYmUwHhcNMjUwMjAyMDAwMDQ0WhcNMjUwMjAzMDAwMDQ0WjAzMTEwLwYDVQQD
EygzOGZlZjIyMjkyM2Q0MWM1MTQ0OGI2NmY0NTcwNWY3ZWMyNjdhMTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptNLNgJmABzGf0xU//pj6ScOQlnb
KzqfTeH6mXwcTwcR+vlhRNr/3fejeQ8XVY85Wue42vR4S2k+tL0JX6DN7RNb0Ntf
gSJK6RkvbEct6IqyuVOJYVxFsDau+rLBjfkBK3+E6zuonTbT/v+AVSeOd9tir2he
42CkVtS7e7TS0CwTrBODyLwk78LgCDToO1O+Ln68zoZJtDmFraMoVysoFaGEvhqm
fDOGbnCdXd5sDmnluBik7O8s120mwSzcjcQPohQOFiE4TdKid8K9al3Ic8EvyFLX
6dqVXiHAC6E1dhF9tF5lgw4oq1Ela5GKpkOB/ARGF5NMLPfAewbv/TorUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDj+8iKSPUHFFEi2b0VwX37CZ6F6MB8GA1UdIwQY
MBaAFHH8Y+72Z08mtQOoMKXfqVPS/6q+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2Z4ajd2Wm5UeWExQTZnd3BkLXBVOUxfcXI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9mODAxMGUtNmEzZi00ZmYwLTk1ZTct
ZDQxODI0OGU1NzI4LzEvY2Z4ajd2Wm5UeWExQTZnd3BkLXBVOUxfcXI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9mODAxMGUtNmEzZi00ZmYwLTk1ZTctZDQxODI0OGU1NzI4
LzEvY2Z4ajd2Wm5UeWExQTZnd3BkLXBVOUxfcXI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiO5AhTmv
ClXbxzf33Dai+q6LgYjTiPNdrJjCUjsHjPbBQ+f02b+DV6kpKPEb+adi7I9hb2YR
RbzJp/Bn4t1ql7ybgbLMW0JvVg5f41IYJVKNhK4aenuF53o6weKYF7GanUwLay0a
73m8OIX2PmyvtMoR4zbxqmz44JNNOru0E2ECNCo/1ymoawYz02QozmpVMzt64W5w
uoEyEWEH14uk2xEaK2IGv3pvO39KL4NFJcRZNn3otc7owDgcYXj7453S3ciVOw6t
nNSq9KOxyueuZ7P4Ul5p8/LFbmRJpbw62lhK0w7mqcRc2Zn1bMpG7IxHcx3unCOC
U2+rf1SKrJN5Ew==
-----END CERTIFICATE-----