Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/074aad-c947-4311-aff1-ae92b6ae1bfe/1/KAYV5gBqhh9mz3MH0w_JNQx2994.mft
File:                     KAYV5gBqhh9mz3MH0w_JNQx2994.mft (raw, json)
Hash identifier:          NcFD9JNycvsQnIV+SKhIMdZnWN6MRevb/XEFU4FXlqs=
Subject key identifier:   B7:F3:3A:39:93:AB:AD:11:6F:5F:AF:85:51:45:D4:BE:02:CE:87:6C
Authority key identifier: 28:06:15:E6:00:6A:86:1F:66:CF:73:07:D3:0F:C9:35:0C:76:F7:DE
Certificate issuer:       /CN=280615e6006a861f66cf7307d30fc9350c76f7de
Certificate serial:       0194C3F5D0973BA2E3E5D147225304D9DC5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KAYV5gBqhh9mz3MH0w_JNQx2994.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/074aad-c947-4311-aff1-ae92b6ae1bfe/1/KAYV5gBqhh9mz3MH0w_JNQx2994.mft
Manifest number:          142B
Signing time:             Sun 02 Feb 2025 00:00:54 +0000
Manifest this update:     Sun 02 Feb 2025 00:00:54 +0000
Manifest next update:     Mon 03 Feb 2025 00:00:54 +0000
Files and hashes:         1: KAYV5gBqhh9mz3MH0w_JNQx2994.crl (hash: GV83Pz3tQGvKDsBeclI5RhK2afJaBqnynm3g8bZifog=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/074aad-c947-4311-aff1-ae92b6ae1bfe/1/KAYV5gBqhh9mz3MH0w_JNQx2994.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/074aad-c947-4311-aff1-ae92b6ae1bfe/1/KAYV5gBqhh9mz3MH0w_JNQx2994.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KAYV5gBqhh9mz3MH0w_JNQx2994.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:f5:d0:97:3b:a2:e3:e5:d1:47:22:53:04:d9:dc:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=280615e6006a861f66cf7307d30fc9350c76f7de
        Validity
            Not Before: Feb  2 00:00:54 2025 GMT
            Not After : Feb  3 00:00:54 2025 GMT
        Subject: CN=b7f33a3993abad116f5faf855145d4be02ce876c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:89:5d:79:b9:fd:9d:36:59:4a:7d:e1:20:1b:
                    e3:05:95:e4:c8:14:c1:69:8f:64:27:4a:24:50:39:
                    24:d7:b8:20:c2:c5:ec:89:15:f3:8b:48:c2:b3:5b:
                    80:b8:fd:30:20:77:09:a4:c0:46:28:42:8f:63:48:
                    34:ed:02:2d:e9:9a:e9:71:45:6d:aa:aa:65:f1:0a:
                    12:1e:36:89:cd:59:f9:57:07:fc:6b:04:a1:c1:af:
                    f7:aa:79:a3:8c:d4:5b:da:cc:5a:56:ae:aa:bb:67:
                    f0:fb:ed:a6:5e:b0:8c:40:1a:aa:86:12:78:23:a2:
                    bc:b7:05:c1:2a:8b:31:a4:0e:e1:e5:7a:13:c6:c1:
                    75:9c:2c:be:dc:e4:b1:b9:c0:79:3c:1b:da:05:0d:
                    a9:0e:1c:c3:ce:7c:4f:e0:73:5c:2b:0f:27:d8:2c:
                    a0:e9:be:d6:e5:9d:3b:b1:1f:35:20:7e:1b:e2:aa:
                    96:44:6e:31:c2:e3:4d:d1:ab:ff:29:e0:ce:49:e2:
                    30:1f:2c:be:b0:67:78:52:82:93:74:6b:d3:46:3e:
                    e8:4c:58:ea:be:ba:a3:f2:2b:ad:8e:af:4a:ee:8c:
                    00:0c:f2:de:3a:bd:30:a2:c2:2f:4d:e6:72:18:65:
                    33:86:c8:17:5b:f9:6d:c0:8f:08:27:36:b5:ad:2e:
                    3f:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:F3:3A:39:93:AB:AD:11:6F:5F:AF:85:51:45:D4:BE:02:CE:87:6C
            X509v3 Authority Key Identifier:
                keyid:28:06:15:E6:00:6A:86:1F:66:CF:73:07:D3:0F:C9:35:0C:76:F7:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KAYV5gBqhh9mz3MH0w_JNQx2994.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/074aad-c947-4311-aff1-ae92b6ae1bfe/1/KAYV5gBqhh9mz3MH0w_JNQx2994.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/074aad-c947-4311-aff1-ae92b6ae1bfe/1/KAYV5gBqhh9mz3MH0w_JNQx2994.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cf:36:62:3b:97:6a:df:6e:b1:6b:cb:66:62:4f:79:be:51:c8:
         c3:75:a6:09:80:ff:75:ba:08:70:1b:4b:26:63:3d:2f:66:f6:
         6f:2b:5c:2e:fa:2c:0a:72:9d:ed:ba:90:e4:c8:e2:b5:c4:47:
         49:1c:7a:47:38:a7:ed:3d:b7:69:58:06:e5:3e:5a:a0:3a:41:
         d2:39:52:0f:cb:0f:82:66:7c:09:bf:45:92:61:e5:b4:5c:82:
         d6:1a:65:2a:13:67:dd:1c:2f:93:e8:5d:e5:04:dc:32:fe:c3:
         b4:3c:e0:27:83:fa:be:d3:9d:12:18:12:75:7e:30:c6:5d:07:
         8c:98:87:dc:d0:62:4c:b8:8e:73:eb:e2:1b:d9:f7:68:bd:fa:
         52:f9:f5:af:dd:53:cd:3f:76:bb:56:f3:42:c9:b6:b7:7b:ee:
         fc:85:f4:3d:28:0f:a4:c8:fb:ee:85:c0:ce:8b:43:6f:26:0d:
         90:52:d0:62:b1:32:0e:5b:eb:bf:38:e8:7b:a6:4d:c6:76:2b:
         33:d7:ed:e2:8d:8b:9a:2e:13:6b:98:c5:bc:1f:20:72:54:ad:
         58:61:f4:65:d9:09:ce:97:8c:5d:9e:c1:4f:bf:15:db:0a:09:
         a0:38:f8:d0:42:c1:49:fa:4f:15:7d:cb:e7:5a:a8:aa:86:eb:
         23:ec:a8:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTD9dCXO6Lj5dFHIlME2dxfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MDYxNWU2MDA2YTg2MWY2NmNmNzMwN2QzMGZjOTM1MGM3
NmY3ZGUwHhcNMjUwMjAyMDAwMDU0WhcNMjUwMjAzMDAwMDU0WjAzMTEwLwYDVQQD
EyhiN2YzM2EzOTkzYWJhZDExNmY1ZmFmODU1MTQ1ZDRiZTAyY2U4NzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIldebn9nTZZSn3hIBvjBZXkyBTB
aY9kJ0okUDkk17ggwsXsiRXzi0jCs1uAuP0wIHcJpMBGKEKPY0g07QIt6ZrpcUVt
qqpl8QoSHjaJzVn5Vwf8awShwa/3qnmjjNRb2sxaVq6qu2fw++2mXrCMQBqqhhJ4
I6K8twXBKosxpA7h5XoTxsF1nCy+3OSxucB5PBvaBQ2pDhzDznxP4HNcKw8n2Cyg
6b7W5Z07sR81IH4b4qqWRG4xwuNN0av/KeDOSeIwHyy+sGd4UoKTdGvTRj7oTFjq
vrqj8iutjq9K7owADPLeOr0wosIvTeZyGGUzhsgXW/ltwI8IJza1rS4/VQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLfzOjmTq60Rb1+vhVFF1L4CzodsMB8GA1UdIwQY
MBaAFCgGFeYAaoYfZs9zB9MPyTUMdvfeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0FZVjVnQnFoaDltejNNSDB3X0pOUXgyOTk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wNzRhYWQtYzk0Ny00MzExLWFmZjEt
YWU5MmI2YWUxYmZlLzEvS0FZVjVnQnFoaDltejNNSDB3X0pOUXgyOTk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wNzRhYWQtYzk0Ny00MzExLWFmZjEtYWU5MmI2YWUxYmZl
LzEvS0FZVjVnQnFoaDltejNNSDB3X0pOUXgyOTk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzzZiO5dq
326xa8tmYk95vlHIw3WmCYD/dboIcBtLJmM9L2b2bytcLvosCnKd7bqQ5MjitcRH
SRx6Rzin7T23aVgG5T5aoDpB0jlSD8sPgmZ8Cb9FkmHltFyC1hplKhNn3Rwvk+hd
5QTcMv7DtDzgJ4P6vtOdEhgSdX4wxl0HjJiH3NBiTLiOc+viG9n3aL36Uvn1r91T
zT92u1bzQsm2t3vu/IX0PSgPpMj77oXAzotDbyYNkFLQYrEyDlvrvzjoe6ZNxnYr
M9ft4o2Lmi4Ta5jFvB8gclStWGH0ZdkJzpeMXZ7BT78V2woJoDj40ELBSfpPFX3L
51qoqobrI+yoyA==
-----END CERTIFICATE-----