Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/96952b-79b8-4e04-bc4a-29e445de2459/1/dWXhJLHEG5OxTX7eBda4B3eYmv0.mft
File:                     dWXhJLHEG5OxTX7eBda4B3eYmv0.mft (raw, json)
Hash identifier:          Rdv1eS0brAJwWxOE6T0mXXLg8g6Y5GUyysGZax0/SfU=
Subject key identifier:   00:1B:3F:1A:00:B4:26:A1:0D:2E:79:7E:4B:9E:7A:50:0C:74:77:DC
Authority key identifier: 75:65:E1:24:B1:C4:1B:93:B1:4D:7E:DE:05:D6:B8:07:77:98:9A:FD
Certificate issuer:       /CN=7565e124b1c41b93b14d7ede05d6b80777989afd
Certificate serial:       0194C4D135E22553DB06F89F15B5CE0775A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dWXhJLHEG5OxTX7eBda4B3eYmv0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/96952b-79b8-4e04-bc4a-29e445de2459/1/dWXhJLHEG5OxTX7eBda4B3eYmv0.mft
Manifest number:          11D3
Signing time:             Sun 02 Feb 2025 04:00:32 +0000
Manifest this update:     Sun 02 Feb 2025 04:00:32 +0000
Manifest next update:     Mon 03 Feb 2025 04:00:32 +0000
Files and hashes:         1: dWXhJLHEG5OxTX7eBda4B3eYmv0.crl (hash: FY4+mCR9iCnq9nlzSTB8pk7NuoajMRe16NznbzlTMyk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/96952b-79b8-4e04-bc4a-29e445de2459/1/dWXhJLHEG5OxTX7eBda4B3eYmv0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/96952b-79b8-4e04-bc4a-29e445de2459/1/dWXhJLHEG5OxTX7eBda4B3eYmv0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dWXhJLHEG5OxTX7eBda4B3eYmv0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:d1:35:e2:25:53:db:06:f8:9f:15:b5:ce:07:75:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7565e124b1c41b93b14d7ede05d6b80777989afd
        Validity
            Not Before: Feb  2 04:00:32 2025 GMT
            Not After : Feb  3 04:00:32 2025 GMT
        Subject: CN=001b3f1a00b426a10d2e797e4b9e7a500c7477dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:a6:a6:f6:59:65:11:36:e3:f7:46:be:3a:ec:
                    e9:26:13:80:5f:fc:bc:20:89:3a:bf:92:43:9e:56:
                    f4:c6:09:8a:a8:d7:26:e8:a2:7d:f5:9a:38:ee:a1:
                    88:f7:80:fc:05:82:5a:a6:8e:f6:e1:48:a4:bc:a7:
                    fb:f6:6c:2c:34:47:82:50:b7:c8:81:02:b8:50:93:
                    8f:66:8f:d1:2c:8b:f8:c1:1f:e9:55:d5:96:2a:fc:
                    28:9e:e9:ab:26:e1:df:1b:37:e0:e0:c1:ee:63:1e:
                    c9:f3:db:9c:20:ff:59:92:1b:18:25:ee:0c:2e:e7:
                    64:39:00:a0:b9:33:c4:ae:51:4c:6b:8f:76:44:12:
                    b6:39:ad:ae:b3:7a:ee:45:90:57:d4:8a:7f:06:ba:
                    e5:ff:c6:8a:7e:80:29:dd:a8:f4:9c:91:3e:dd:bf:
                    2a:5a:bc:86:41:b8:be:9d:b2:8a:62:31:84:2b:83:
                    f5:3a:0a:38:5e:59:26:b7:d7:2a:f6:37:69:4e:d4:
                    b5:a1:86:5d:11:4e:a4:e8:36:b2:b5:7e:f3:0c:60:
                    91:22:94:41:e3:07:48:31:83:f1:a3:c3:70:43:51:
                    8b:60:17:7f:be:1b:c6:9c:61:6c:eb:08:f7:30:3e:
                    a5:8d:a6:37:66:fa:50:12:43:db:55:8b:66:87:72:
                    c7:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:1B:3F:1A:00:B4:26:A1:0D:2E:79:7E:4B:9E:7A:50:0C:74:77:DC
            X509v3 Authority Key Identifier:
                keyid:75:65:E1:24:B1:C4:1B:93:B1:4D:7E:DE:05:D6:B8:07:77:98:9A:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dWXhJLHEG5OxTX7eBda4B3eYmv0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/96952b-79b8-4e04-bc4a-29e445de2459/1/dWXhJLHEG5OxTX7eBda4B3eYmv0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/96952b-79b8-4e04-bc4a-29e445de2459/1/dWXhJLHEG5OxTX7eBda4B3eYmv0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:6d:fb:6b:0a:5e:77:ab:37:16:45:51:e7:1c:9b:47:49:6a:
         d4:78:0b:83:97:58:60:ce:04:91:61:46:68:97:fb:a3:76:78:
         36:69:ea:c6:96:11:45:99:2b:85:92:75:94:b6:53:92:56:b1:
         fa:8e:47:61:a5:57:9b:ef:e8:ed:33:cb:33:ba:99:58:86:28:
         11:ef:ba:75:1b:af:e3:95:7d:c3:ad:8b:5e:c5:1a:7e:b1:02:
         9e:e9:61:a2:18:56:62:8d:b2:45:2c:26:3e:5a:bb:ab:8e:6f:
         87:20:a8:12:18:47:f0:74:8f:64:13:2c:fb:c3:f4:74:aa:b1:
         7b:82:a6:54:61:08:d3:15:42:a7:00:55:2b:31:a5:2b:46:5a:
         d7:0f:02:61:e5:3b:31:3d:38:a0:3c:5b:85:f8:7d:e7:e1:3c:
         4b:39:8b:7d:1f:a9:c1:7e:47:d6:d4:7c:90:14:88:e5:e8:18:
         60:4a:02:ff:9f:46:5d:63:49:5f:ad:15:87:f5:8e:3e:1e:c6:
         4e:a6:57:64:77:c7:07:6f:5f:7f:a2:44:57:4b:0d:05:12:4e:
         d2:1f:4a:dd:89:06:fc:98:5c:0d:af:98:c1:b4:f6:a0:6f:f8:
         28:65:27:e0:e9:8d:07:d3:4d:71:d3:9f:16:c6:70:70:4e:0a:
         a8:cc:63:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTE0TXiJVPbBvifFbXOB3WoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NjVlMTI0YjFjNDFiOTNiMTRkN2VkZTA1ZDZiODA3Nzc5
ODlhZmQwHhcNMjUwMjAyMDQwMDMyWhcNMjUwMjAzMDQwMDMyWjAzMTEwLwYDVQQD
EygwMDFiM2YxYTAwYjQyNmExMGQyZTc5N2U0YjllN2E1MDBjNzQ3N2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKam9lllETbj90a+OuzpJhOAX/y8
IIk6v5JDnlb0xgmKqNcm6KJ99Zo47qGI94D8BYJapo724UikvKf79mwsNEeCULfI
gQK4UJOPZo/RLIv4wR/pVdWWKvwonumrJuHfGzfg4MHuYx7J89ucIP9ZkhsYJe4M
LudkOQCguTPErlFMa492RBK2Oa2us3ruRZBX1Ip/Brrl/8aKfoAp3aj0nJE+3b8q
WryGQbi+nbKKYjGEK4P1Ogo4Xlkmt9cq9jdpTtS1oYZdEU6k6DaytX7zDGCRIpRB
4wdIMYPxo8NwQ1GLYBd/vhvGnGFs6wj3MD6ljaY3ZvpQEkPbVYtmh3LHlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAAbPxoAtCahDS55fkueelAMdHfcMB8GA1UdIwQY
MBaAFHVl4SSxxBuTsU1+3gXWuAd3mJr9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFdYaEpMSEVHNU94VFg3ZUJkYTRCM2VZbXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi85Njk1MmItNzliOC00ZTA0LWJjNGEt
MjllNDQ1ZGUyNDU5LzEvZFdYaEpMSEVHNU94VFg3ZUJkYTRCM2VZbXYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi85Njk1MmItNzliOC00ZTA0LWJjNGEtMjllNDQ1ZGUyNDU5
LzEvZFdYaEpMSEVHNU94VFg3ZUJkYTRCM2VZbXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFW37awpe
d6s3FkVR5xybR0lq1HgLg5dYYM4EkWFGaJf7o3Z4NmnqxpYRRZkrhZJ1lLZTklax
+o5HYaVXm+/o7TPLM7qZWIYoEe+6dRuv45V9w62LXsUafrECnulhohhWYo2yRSwm
Plq7q45vhyCoEhhH8HSPZBMs+8P0dKqxe4KmVGEI0xVCpwBVKzGlK0Za1w8CYeU7
MT04oDxbhfh95+E8SzmLfR+pwX5H1tR8kBSI5egYYEoC/59GXWNJX60Vh/WOPh7G
TqZXZHfHB29ff6JEV0sNBRJO0h9K3YkG/JhcDa+YwbT2oG/4KGUn4OmNB9NNcdOf
FsZwcE4KqMxjyw==
-----END CERTIFICATE-----