Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/5e8e04-e6ea-4d59-b2f7-df0a6dc282a0/1/O5pBDtUm-GwybZG2KApEGhbAxnY.mft
File:                     O5pBDtUm-GwybZG2KApEGhbAxnY.mft (raw, json)
Hash identifier:          JX2QKkPVQWSh8GHhRG3HFC3325fDyyuQtW/TVCd0T+M=
Subject key identifier:   A4:51:65:46:8F:11:B0:DB:DF:E3:6F:3E:0D:FD:B1:06:17:EA:B8:0B
Authority key identifier: 3B:9A:41:0E:D5:26:F8:6C:32:6D:91:B6:28:0A:44:1A:16:C0:C6:76
Certificate issuer:       /CN=3b9a410ed526f86c326d91b6280a441a16c0c676
Certificate serial:       0194C3F62E78028BC181EC4EADD029AFC8C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O5pBDtUm-GwybZG2KApEGhbAxnY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/5e8e04-e6ea-4d59-b2f7-df0a6dc282a0/1/O5pBDtUm-GwybZG2KApEGhbAxnY.mft
Manifest number:          0598
Signing time:             Sun 02 Feb 2025 00:01:18 +0000
Manifest this update:     Sun 02 Feb 2025 00:01:18 +0000
Manifest next update:     Mon 03 Feb 2025 00:01:18 +0000
Files and hashes:         1: O5pBDtUm-GwybZG2KApEGhbAxnY.crl (hash: HxUTWyk3OUYqUPaWB9Hac/WbFMFeKDs/3vRaI1YcUDg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/5e8e04-e6ea-4d59-b2f7-df0a6dc282a0/1/O5pBDtUm-GwybZG2KApEGhbAxnY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/5e8e04-e6ea-4d59-b2f7-df0a6dc282a0/1/O5pBDtUm-GwybZG2KApEGhbAxnY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O5pBDtUm-GwybZG2KApEGhbAxnY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:f6:2e:78:02:8b:c1:81:ec:4e:ad:d0:29:af:c8:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b9a410ed526f86c326d91b6280a441a16c0c676
        Validity
            Not Before: Feb  2 00:01:18 2025 GMT
            Not After : Feb  3 00:01:18 2025 GMT
        Subject: CN=a45165468f11b0dbdfe36f3e0dfdb10617eab80b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:cb:0d:0b:08:a1:b7:97:2a:d3:b3:bf:e7:db:
                    08:d4:ed:da:5a:ab:70:9c:c6:37:15:50:f2:36:cd:
                    e6:4f:2f:bc:bf:27:d0:e0:97:81:9c:3a:ae:fd:86:
                    d5:06:57:76:6e:16:3d:0f:0a:49:cf:ef:ab:71:2e:
                    bf:4d:cc:fc:68:20:f3:4d:79:c2:7d:c2:42:9e:ec:
                    0c:4f:f3:78:19:69:10:b6:fc:6b:05:51:69:81:40:
                    1a:cb:c4:be:01:69:74:d6:2f:4d:63:51:dd:05:8f:
                    c0:49:e5:69:b2:10:68:1b:f7:18:24:59:da:b6:63:
                    0f:ca:9c:15:90:69:7f:74:43:23:8b:46:eb:11:6f:
                    88:05:7b:46:55:37:f3:b7:13:a0:d0:07:6c:c0:73:
                    ce:ac:db:59:c7:72:fc:ea:03:92:2d:e6:d5:b1:93:
                    d7:f9:2f:f0:87:1f:01:ad:f3:11:14:9e:49:95:ec:
                    7a:aa:c2:e3:e3:12:2d:71:b3:1d:50:e6:86:4b:5c:
                    10:b1:24:d7:81:e3:d3:71:65:a3:1d:f6:7d:18:11:
                    04:d3:c1:d8:64:80:13:0a:83:6c:d6:52:80:6c:2e:
                    e7:9d:00:5d:b6:fb:19:1e:19:46:87:e2:1c:eb:48:
                    f4:61:0b:f3:05:15:4a:80:52:0b:c9:16:82:8d:ae:
                    be:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:51:65:46:8F:11:B0:DB:DF:E3:6F:3E:0D:FD:B1:06:17:EA:B8:0B
            X509v3 Authority Key Identifier:
                keyid:3B:9A:41:0E:D5:26:F8:6C:32:6D:91:B6:28:0A:44:1A:16:C0:C6:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O5pBDtUm-GwybZG2KApEGhbAxnY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/5e8e04-e6ea-4d59-b2f7-df0a6dc282a0/1/O5pBDtUm-GwybZG2KApEGhbAxnY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/5e8e04-e6ea-4d59-b2f7-df0a6dc282a0/1/O5pBDtUm-GwybZG2KApEGhbAxnY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:47:ca:27:e1:30:ec:52:8d:56:17:ad:79:e9:96:df:08:e6:
         65:5b:29:75:e6:97:3c:d8:1e:34:cd:7f:62:43:e6:16:34:c4:
         66:65:e4:c4:48:fe:5a:ca:ac:33:1a:dc:e1:57:31:4f:4a:5f:
         3d:df:76:3b:b0:a0:2b:86:f3:7b:4b:85:e3:ee:6b:0d:1f:1e:
         d2:f5:09:1a:33:44:ab:d5:d9:c8:87:a4:dc:09:8e:ae:e1:09:
         d9:64:1a:34:8c:cf:76:48:5b:2a:f1:62:3e:63:11:a3:b9:f5:
         98:86:86:f8:59:d3:a8:ae:31:52:28:71:3b:5b:47:0d:86:dc:
         c4:db:a3:60:26:c8:9b:c8:86:5d:29:32:f4:1a:a4:7e:8e:59:
         b3:7c:a6:00:86:01:6a:19:1f:38:c8:3f:c3:61:31:e1:38:dd:
         b8:f6:f6:45:26:df:7b:c5:89:fc:01:7f:00:3b:fe:53:62:f2:
         ca:1e:4a:ea:95:2f:20:87:e8:d2:52:1a:5f:e6:04:78:34:4b:
         10:c3:91:79:40:94:61:00:09:6c:e2:1b:ac:e4:dc:8d:90:87:
         aa:98:7f:39:76:e0:c6:c2:3b:0a:3f:60:f6:6e:23:31:56:03:
         73:81:0c:cb:4b:46:78:4c:6c:c4:ef:17:3f:c1:0a:21:25:62:
         2f:dc:f3:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTD9i54AovBgexOrdApr8jJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiOWE0MTBlZDUyNmY4NmMzMjZkOTFiNjI4MGE0NDFhMTZj
MGM2NzYwHhcNMjUwMjAyMDAwMTE4WhcNMjUwMjAzMDAwMTE4WjAzMTEwLwYDVQQD
EyhhNDUxNjU0NjhmMTFiMGRiZGZlMzZmM2UwZGZkYjEwNjE3ZWFiODBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnssNCwiht5cq07O/59sI1O3aWqtw
nMY3FVDyNs3mTy+8vyfQ4JeBnDqu/YbVBld2bhY9DwpJz++rcS6/Tcz8aCDzTXnC
fcJCnuwMT/N4GWkQtvxrBVFpgUAay8S+AWl01i9NY1HdBY/ASeVpshBoG/cYJFna
tmMPypwVkGl/dEMji0brEW+IBXtGVTfztxOg0AdswHPOrNtZx3L86gOSLebVsZPX
+S/whx8BrfMRFJ5Jlex6qsLj4xItcbMdUOaGS1wQsSTXgePTcWWjHfZ9GBEE08HY
ZIATCoNs1lKAbC7nnQBdtvsZHhlGh+Ic60j0YQvzBRVKgFILyRaCja6+2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKRRZUaPEbDb3+NvPg39sQYX6rgLMB8GA1UdIwQY
MBaAFDuaQQ7VJvhsMm2RtigKRBoWwMZ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzVwQkR0VW0tR3d5YlpHMktBcEVHaGJBeG5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC81ZThlMDQtZTZlYS00ZDU5LWIyZjct
ZGYwYTZkYzI4MmEwLzEvTzVwQkR0VW0tR3d5YlpHMktBcEVHaGJBeG5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC81ZThlMDQtZTZlYS00ZDU5LWIyZjctZGYwYTZkYzI4MmEw
LzEvTzVwQkR0VW0tR3d5YlpHMktBcEVHaGJBeG5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcUfKJ+Ew
7FKNVheteemW3wjmZVspdeaXPNgeNM1/YkPmFjTEZmXkxEj+WsqsMxrc4VcxT0pf
Pd92O7CgK4bze0uF4+5rDR8e0vUJGjNEq9XZyIek3AmOruEJ2WQaNIzPdkhbKvFi
PmMRo7n1mIaG+FnTqK4xUihxO1tHDYbcxNujYCbIm8iGXSky9Bqkfo5Zs3ymAIYB
ahkfOMg/w2Ex4TjduPb2RSbfe8WJ/AF/ADv+U2Lyyh5K6pUvIIfo0lIaX+YEeDRL
EMOReUCUYQAJbOIbrOTcjZCHqph/OXbgxsI7Cj9g9m4jMVYDc4EMy0tGeExsxO8X
P8EKISViL9zzkw==
-----END CERTIFICATE-----