Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.mft
File:                     idSzdf1Mr9XfusQG3SWmHSLdNso.mft (raw, json)
Hash identifier:          +CY4se3hgSeQV9gyB92p2WyK+1xKLTwrtvJc3LB3HKY=
Subject key identifier:   D5:6F:81:2D:1A:01:A7:81:43:31:4E:39:3F:DF:51:2D:DE:67:F4:BE
Authority key identifier: 89:D4:B3:75:FD:4C:AF:D5:DF:BA:C4:06:DD:25:A6:1D:22:DD:36:CA
Certificate issuer:       /CN=89d4b375fd4cafd5dfbac406dd25a61d22dd36ca
Certificate serial:       0194C38853F8AA14DCF12A06CF771D9E6A1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/idSzdf1Mr9XfusQG3SWmHSLdNso.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.mft
Manifest number:          0FAB
Signing time:             Sat 01 Feb 2025 22:01:18 +0000
Manifest this update:     Sat 01 Feb 2025 22:01:18 +0000
Manifest next update:     Sun 02 Feb 2025 22:01:18 +0000
Files and hashes:         1: idSzdf1Mr9XfusQG3SWmHSLdNso.crl (hash: D6CeHVmDhoiQo/FQkc2sTgHV3Hp74HD4CIY4FNwiTyA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/idSzdf1Mr9XfusQG3SWmHSLdNso.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:88:53:f8:aa:14:dc:f1:2a:06:cf:77:1d:9e:6a:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89d4b375fd4cafd5dfbac406dd25a61d22dd36ca
        Validity
            Not Before: Feb  1 22:01:18 2025 GMT
            Not After : Feb  2 22:01:18 2025 GMT
        Subject: CN=d56f812d1a01a78143314e393fdf512dde67f4be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:5b:27:19:4c:2d:4e:f1:85:c1:5d:97:7f:19:
                    0d:35:1f:01:d4:a7:69:cb:e0:a3:87:68:bf:e8:3b:
                    10:e4:12:ed:0f:66:d6:74:02:14:63:7a:33:f5:bb:
                    9e:9c:cd:26:c1:37:1f:02:b7:8f:e4:ca:b9:de:6b:
                    31:f8:d4:02:13:17:cc:26:e6:c0:3b:ad:fe:fa:09:
                    7e:31:87:88:af:33:85:c6:d2:75:c3:15:04:a1:47:
                    b9:3b:55:ba:11:6a:5a:15:13:30:94:88:74:4c:9d:
                    2d:ad:80:38:90:16:3b:0b:ae:7e:0e:41:66:3d:99:
                    3b:08:32:96:13:a7:9f:4e:eb:71:ca:3b:85:69:4a:
                    52:3f:3c:85:87:16:0c:ec:b0:54:aa:16:ac:65:01:
                    c4:d1:00:e1:19:c6:87:d5:08:b4:4c:39:94:b5:85:
                    6b:43:f5:30:50:ef:22:9d:07:a9:79:da:d3:5f:b3:
                    da:4a:28:4d:3e:23:44:28:db:9f:f6:ca:ac:cd:42:
                    8e:de:21:41:fe:3c:a3:4d:10:42:b2:5b:ab:20:92:
                    89:53:70:67:ab:17:af:4d:5f:97:0b:51:8b:a5:5f:
                    62:e5:d9:23:35:18:7b:9e:72:9d:83:c8:3f:10:7f:
                    71:c1:51:26:7e:a9:35:ef:6f:87:4d:51:c1:f2:ee:
                    ac:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:6F:81:2D:1A:01:A7:81:43:31:4E:39:3F:DF:51:2D:DE:67:F4:BE
            X509v3 Authority Key Identifier:
                keyid:89:D4:B3:75:FD:4C:AF:D5:DF:BA:C4:06:DD:25:A6:1D:22:DD:36:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/idSzdf1Mr9XfusQG3SWmHSLdNso.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:a2:8d:0f:24:87:43:4f:7f:a1:e9:f7:23:1b:fe:03:17:2d:
         63:cc:fb:25:a0:10:e7:48:c6:7f:f6:d6:51:a9:8a:5a:05:d2:
         34:9e:5e:aa:59:1f:f6:48:bb:e9:56:59:42:bb:cc:f1:2a:1b:
         e8:02:a8:3d:0c:5d:93:85:ed:4d:ea:0c:e0:f3:97:38:58:52:
         37:db:e8:26:e1:a4:5c:c9:eb:5f:c0:b9:ca:b7:2f:cb:11:eb:
         51:f7:65:58:27:59:67:e5:e3:c0:72:e8:a4:9c:e1:89:27:43:
         f5:60:f9:2d:83:c5:83:1d:82:db:ee:8f:47:54:e1:01:f3:54:
         33:13:d2:bb:e5:2b:cd:a4:a5:96:c5:80:26:2a:ff:8f:d8:10:
         de:06:9b:d7:74:9d:2f:5f:98:62:e0:03:f9:81:fd:57:2d:11:
         ee:ff:e6:a7:cf:96:ea:06:b4:a0:69:32:f0:9c:b0:c2:8b:21:
         e5:a4:b2:b3:a3:63:d9:27:48:02:33:83:94:0a:5a:32:7b:04:
         9c:4a:e1:27:d7:56:d8:30:6a:87:54:aa:65:f3:24:3c:64:eb:
         89:44:bd:cd:5f:78:a0:70:f9:04:41:d8:08:b6:cd:aa:a0:24:
         96:06:6c:cf:47:26:91:c2:60:77:b5:59:40:45:48:f3:d3:e1:
         b2:f8:0d:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDiFP4qhTc8SoGz3cdnmobMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ZDRiMzc1ZmQ0Y2FmZDVkZmJhYzQwNmRkMjVhNjFkMjJk
ZDM2Y2EwHhcNMjUwMjAxMjIwMTE4WhcNMjUwMjAyMjIwMTE4WjAzMTEwLwYDVQQD
EyhkNTZmODEyZDFhMDFhNzgxNDMzMTRlMzkzZmRmNTEyZGRlNjdmNGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1FsnGUwtTvGFwV2XfxkNNR8B1Kdp
y+Cjh2i/6DsQ5BLtD2bWdAIUY3oz9buenM0mwTcfAreP5Mq53msx+NQCExfMJubA
O63++gl+MYeIrzOFxtJ1wxUEoUe5O1W6EWpaFRMwlIh0TJ0trYA4kBY7C65+DkFm
PZk7CDKWE6efTutxyjuFaUpSPzyFhxYM7LBUqhasZQHE0QDhGcaH1Qi0TDmUtYVr
Q/UwUO8inQepedrTX7PaSihNPiNEKNuf9sqszUKO3iFB/jyjTRBCslurIJKJU3Bn
qxevTV+XC1GLpV9i5dkjNRh7nnKdg8g/EH9xwVEmfqk172+HTVHB8u6sbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNVvgS0aAaeBQzFOOT/fUS3eZ/S+MB8GA1UdIwQY
MBaAFInUs3X9TK/V37rEBt0lph0i3TbKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWRTemRmMU1yOVhmdXNRRzNTV21IU0xkTnNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9iY2FkOGQtOGU1NS00YTgxLWIzOTMt
Mjc0MjUxMjUyMDc3LzEvaWRTemRmMU1yOVhmdXNRRzNTV21IU0xkTnNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9iY2FkOGQtOGU1NS00YTgxLWIzOTMtMjc0MjUxMjUyMDc3
LzEvaWRTemRmMU1yOVhmdXNRRzNTV21IU0xkTnNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnaKNDySH
Q09/oen3Ixv+AxctY8z7JaAQ50jGf/bWUamKWgXSNJ5eqlkf9ki76VZZQrvM8Sob
6AKoPQxdk4XtTeoM4POXOFhSN9voJuGkXMnrX8C5yrcvyxHrUfdlWCdZZ+XjwHLo
pJzhiSdD9WD5LYPFgx2C2+6PR1ThAfNUMxPSu+UrzaSllsWAJir/j9gQ3gab13Sd
L1+YYuAD+YH9Vy0R7v/mp8+W6ga0oGky8Jywwosh5aSys6Nj2SdIAjODlApaMnsE
nErhJ9dW2DBqh1SqZfMkPGTriUS9zV94oHD5BEHYCLbNqqAklgZsz0cmkcJgd7VZ
QEVI89PhsvgNKg==
-----END CERTIFICATE-----