Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft
File:                     hFNK68PtnHkETCI8iyXgEdq_L98.mft (raw, json)
Hash identifier:          gIGPtc51k2jj9IYm+u5Maodm+4qcl4YCsb8QihLltTU=
Subject key identifier:   59:88:2C:E3:59:7C:61:99:75:61:E7:F0:EB:8B:21:5A:C5:99:EE:0F
Authority key identifier: 84:53:4A:EB:C3:ED:9C:79:04:4C:22:3C:8B:25:E0:11:DA:BF:2F:DF
Certificate issuer:       /CN=84534aebc3ed9c79044c223c8b25e011dabf2fdf
Certificate serial:       0194C46354DB34F96CE4BECD753E1AB334E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft
Manifest number:          0513
Signing time:             Sun 02 Feb 2025 02:00:31 +0000
Manifest this update:     Sun 02 Feb 2025 02:00:31 +0000
Manifest next update:     Mon 03 Feb 2025 02:00:31 +0000
Files and hashes:         1: hFNK68PtnHkETCI8iyXgEdq_L98.crl (hash: 2DPJ853dnuK7kaq4YUZfe5n3YGpD9/EZ30Dx+09QVRc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:63:54:db:34:f9:6c:e4:be:cd:75:3e:1a:b3:34:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84534aebc3ed9c79044c223c8b25e011dabf2fdf
        Validity
            Not Before: Feb  2 02:00:31 2025 GMT
            Not After : Feb  3 02:00:31 2025 GMT
        Subject: CN=59882ce3597c61997561e7f0eb8b215ac599ee0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:c7:a1:55:41:92:2d:d5:33:33:53:a5:e6:b9:
                    b7:05:45:f7:c4:15:98:b5:4c:ab:88:6f:60:ba:68:
                    c8:93:51:d0:6a:1e:b3:86:9e:86:68:63:6e:ee:1a:
                    29:d9:a9:0b:e0:c9:56:f7:f1:56:db:30:1a:c9:93:
                    99:96:2e:b2:63:4a:fd:d3:86:c4:9f:30:f3:80:de:
                    30:34:26:1d:e9:d5:91:50:31:dc:cf:01:6d:53:3c:
                    f6:03:29:60:d9:bc:2b:8b:59:b8:7a:c3:61:62:3a:
                    49:f0:6f:47:95:e7:a1:b4:5a:bf:7d:b6:40:8c:ca:
                    3c:ce:24:37:a8:4b:6e:3d:fd:d0:31:cb:5f:9b:f1:
                    91:8f:64:c1:b5:1a:4b:bb:4e:41:07:cc:a7:7a:b6:
                    4f:bb:23:ce:91:40:2b:c1:2b:e3:79:83:fe:22:0b:
                    2e:e0:d6:5f:1f:69:43:33:46:89:61:62:70:0b:11:
                    19:c3:50:f6:32:55:0e:52:7f:7f:bb:47:75:11:41:
                    cf:0a:c2:b5:0c:c2:91:cf:9b:e0:b5:45:f5:b2:65:
                    47:4a:db:25:ec:db:50:d7:ec:bd:87:18:f0:71:a7:
                    28:fc:4f:da:54:00:d3:62:8e:3a:ea:f2:3e:f8:97:
                    09:e5:b2:70:44:7f:66:e6:27:a0:9f:15:4d:57:51:
                    9d:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:88:2C:E3:59:7C:61:99:75:61:E7:F0:EB:8B:21:5A:C5:99:EE:0F
            X509v3 Authority Key Identifier:
                keyid:84:53:4A:EB:C3:ED:9C:79:04:4C:22:3C:8B:25:E0:11:DA:BF:2F:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:47:ad:4b:7e:9a:9b:de:18:22:d2:22:97:0b:f6:da:2a:27:
         85:e6:58:9c:cc:dd:35:ae:cd:5c:96:91:f4:bd:92:0d:1a:4a:
         e1:39:17:6c:a5:0a:cf:b4:ff:cd:47:03:5a:8a:87:03:91:0b:
         61:55:51:aa:b4:67:a4:b4:d6:3b:5b:5b:c6:25:12:ba:a5:43:
         98:4d:84:3a:63:de:27:e2:51:b6:c2:44:39:2f:17:50:d1:cd:
         8f:77:58:a3:b3:94:4a:3a:4a:6f:dc:8f:a1:a2:5c:e0:d5:d6:
         1b:3c:8d:81:6f:82:71:b1:16:24:a6:d7:9b:58:31:68:24:44:
         e1:00:94:f4:32:40:e6:05:c4:ef:98:f2:bc:f3:ce:e7:f0:ad:
         a3:fc:8d:25:0e:e2:04:1e:5d:34:f7:e5:33:a4:38:e1:f8:12:
         61:ad:bf:38:4c:81:b0:c8:9f:c7:57:94:fa:eb:97:64:cd:e1:
         3c:18:3b:a9:12:ac:b4:c0:c8:7c:5c:35:2c:ed:30:08:ad:d0:
         15:3c:af:2a:41:22:09:2f:78:a3:81:98:b1:88:c0:5d:fe:8c:
         30:04:88:b4:ff:26:5f:cf:ee:02:21:96:e9:90:15:5b:5a:10:
         5a:79:0c:0e:b9:53:a0:9d:4f:b3:41:1a:9b:74:ae:59:50:99:
         b4:ce:fd:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTEY1TbNPls5L7NdT4aszTnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NTM0YWViYzNlZDljNzkwNDRjMjIzYzhiMjVlMDExZGFi
ZjJmZGYwHhcNMjUwMjAyMDIwMDMxWhcNMjUwMjAzMDIwMDMxWjAzMTEwLwYDVQQD
Eyg1OTg4MmNlMzU5N2M2MTk5NzU2MWU3ZjBlYjhiMjE1YWM1OTllZTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMehVUGSLdUzM1Ol5rm3BUX3xBWY
tUyriG9gumjIk1HQah6zhp6GaGNu7hop2akL4MlW9/FW2zAayZOZli6yY0r904bE
nzDzgN4wNCYd6dWRUDHczwFtUzz2Aylg2bwri1m4esNhYjpJ8G9HleehtFq/fbZA
jMo8ziQ3qEtuPf3QMctfm/GRj2TBtRpLu05BB8ynerZPuyPOkUArwSvjeYP+Igsu
4NZfH2lDM0aJYWJwCxEZw1D2MlUOUn9/u0d1EUHPCsK1DMKRz5vgtUX1smVHStsl
7NtQ1+y9hxjwcaco/E/aVADTYo466vI++JcJ5bJwRH9m5iegnxVNV1GdwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFmILONZfGGZdWHn8OuLIVrFme4PMB8GA1UdIwQY
MBaAFIRTSuvD7Zx5BEwiPIsl4BHavy/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hOGUzMjktM2JkNy00MzdmLTgxMDct
ZWJkZTc0OTMzYzc3LzEvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hOGUzMjktM2JkNy00MzdmLTgxMDctZWJkZTc0OTMzYzc3
LzEvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb0etS36a
m94YItIilwv22ionheZYnMzdNa7NXJaR9L2SDRpK4TkXbKUKz7T/zUcDWoqHA5EL
YVVRqrRnpLTWO1tbxiUSuqVDmE2EOmPeJ+JRtsJEOS8XUNHNj3dYo7OUSjpKb9yP
oaJc4NXWGzyNgW+CcbEWJKbXm1gxaCRE4QCU9DJA5gXE75jyvPPO5/Cto/yNJQ7i
BB5dNPflM6Q44fgSYa2/OEyBsMifx1eU+uuXZM3hPBg7qRKstMDIfFw1LO0wCK3Q
FTyvKkEiCS94o4GYsYjAXf6MMASItP8mX8/uAiGW6ZAVW1oQWnkMDrlToJ1Ps0Ea
m3SuWVCZtM79iw==
-----END CERTIFICATE-----