Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/d3ab28-7f47-41f3-b231-78844e101133/1/UfSwsEaesNBxmUzYI480vvAMb74.mft
File:                     UfSwsEaesNBxmUzYI480vvAMb74.mft (raw, json)
Hash identifier:          wnlQulc0xhyUbrB1u3V6FgCfTXANLC6ugqg552NN5dg=
Subject key identifier:   80:12:DB:F6:B3:5F:37:F5:21:74:9E:44:B1:FA:55:8B:50:FB:38:F8
Authority key identifier: 51:F4:B0:B0:46:9E:B0:D0:71:99:4C:D8:23:8F:34:BE:F0:0C:6F:BE
Certificate issuer:       /CN=51f4b0b0469eb0d071994cd8238f34bef00c6fbe
Certificate serial:       0194C3BE6601F9B16D2B9FC76C8A7C3430BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UfSwsEaesNBxmUzYI480vvAMb74.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/d3ab28-7f47-41f3-b231-78844e101133/1/UfSwsEaesNBxmUzYI480vvAMb74.mft
Manifest number:          03A2
Signing time:             Sat 01 Feb 2025 23:00:22 +0000
Manifest this update:     Sat 01 Feb 2025 23:00:22 +0000
Manifest next update:     Sun 02 Feb 2025 23:00:22 +0000
Files and hashes:         1: UfSwsEaesNBxmUzYI480vvAMb74.crl (hash: HA3hZPxk4nj2XSNGtd8t6FadjOfgQ0Pg5wy/KKVTq5Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d6/d3ab28-7f47-41f3-b231-78844e101133/1/UfSwsEaesNBxmUzYI480vvAMb74.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d6/d3ab28-7f47-41f3-b231-78844e101133/1/UfSwsEaesNBxmUzYI480vvAMb74.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UfSwsEaesNBxmUzYI480vvAMb74.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 23:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:be:66:01:f9:b1:6d:2b:9f:c7:6c:8a:7c:34:30:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51f4b0b0469eb0d071994cd8238f34bef00c6fbe
        Validity
            Not Before: Feb  1 23:00:22 2025 GMT
            Not After : Feb  2 23:00:22 2025 GMT
        Subject: CN=8012dbf6b35f37f521749e44b1fa558b50fb38f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:36:03:92:34:83:14:77:e6:a7:09:a6:d5:ff:
                    eb:dc:7b:5a:58:b3:99:a1:da:c4:a1:73:a0:fb:ff:
                    b2:06:e4:86:99:97:b4:63:c9:c9:e2:a6:2a:e2:22:
                    48:a9:d5:9c:43:a2:34:0c:a2:44:bd:34:4d:1a:dc:
                    c0:92:c1:3f:e0:5b:0c:7b:89:86:63:e6:13:63:71:
                    60:4c:5a:7e:c3:e7:b2:f4:70:ad:d9:95:16:b7:7a:
                    55:f3:d3:91:c1:0f:f1:31:ed:91:52:34:9a:6d:1e:
                    fd:80:26:9d:83:42:42:1a:2e:14:12:fa:3c:b9:9e:
                    4b:0b:9d:25:50:cb:a5:af:9a:b8:36:63:01:5e:08:
                    f2:eb:38:8c:f8:cc:06:85:4d:70:85:01:3f:6c:5e:
                    8c:80:4a:0d:87:be:29:da:d5:f5:a2:97:6d:9d:bc:
                    32:e2:71:7b:c1:55:a8:f9:03:f8:28:9b:b8:ed:c8:
                    52:c8:d1:08:ce:8d:0d:e9:56:b0:98:e2:80:3b:f3:
                    c6:12:df:85:8b:5f:c6:21:29:b0:9b:ec:dd:5b:cf:
                    80:fd:05:ef:ce:5f:1d:63:a7:d3:50:69:75:d7:c1:
                    fb:35:a5:47:3a:b0:17:c3:f8:67:64:70:a7:ec:37:
                    5c:e3:97:28:6b:88:9d:56:f7:56:aa:0c:f5:aa:db:
                    77:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:12:DB:F6:B3:5F:37:F5:21:74:9E:44:B1:FA:55:8B:50:FB:38:F8
            X509v3 Authority Key Identifier:
                keyid:51:F4:B0:B0:46:9E:B0:D0:71:99:4C:D8:23:8F:34:BE:F0:0C:6F:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UfSwsEaesNBxmUzYI480vvAMb74.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/d3ab28-7f47-41f3-b231-78844e101133/1/UfSwsEaesNBxmUzYI480vvAMb74.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/d3ab28-7f47-41f3-b231-78844e101133/1/UfSwsEaesNBxmUzYI480vvAMb74.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:e0:83:f1:36:21:18:fb:e6:ea:e9:89:2c:06:95:e5:b5:34:
         3d:4a:47:ca:0d:3b:f2:45:18:f0:4d:cc:c6:00:5a:b1:52:81:
         5b:b5:09:b3:30:aa:af:99:af:a1:62:55:b6:22:9c:28:fe:75:
         e4:ea:31:05:a3:54:29:7e:62:3a:db:91:eb:15:26:b0:7b:35:
         5a:12:e5:97:9a:93:ec:08:c4:54:d3:3e:4c:92:18:e5:ef:dd:
         ff:62:72:9b:19:22:09:04:21:3f:76:6c:79:c6:39:bf:c2:90:
         44:c4:97:76:10:14:c7:28:86:f5:28:5e:ca:9f:6d:dc:b5:ed:
         3c:24:d7:0c:8a:ab:c0:eb:54:b9:43:68:de:a6:84:27:5f:f8:
         a3:f4:c6:95:2f:7e:1a:6d:38:b5:4a:64:7f:25:9f:a6:44:67:
         a0:d8:35:63:ba:13:ab:f1:51:d7:51:dd:13:ef:b2:4d:c2:cc:
         d0:45:82:73:4e:26:12:a7:a2:99:96:53:27:e8:c3:ca:ca:8f:
         fa:6a:a7:e6:59:7e:c6:c0:a2:19:11:53:7e:b5:d0:8c:8d:30:
         22:9e:1c:77:6a:9b:f9:a3:fb:b8:12:96:a6:e1:bc:8a:1d:3b:
         e6:a6:08:c8:28:f7:72:e5:a7:06:f8:51:da:1c:f8:a5:15:60:
         f3:fc:73:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDvmYB+bFtK5/HbIp8NDC6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxZjRiMGIwNDY5ZWIwZDA3MTk5NGNkODIzOGYzNGJlZjAw
YzZmYmUwHhcNMjUwMjAxMjMwMDIyWhcNMjUwMjAyMjMwMDIyWjAzMTEwLwYDVQQD
Eyg4MDEyZGJmNmIzNWYzN2Y1MjE3NDllNDRiMWZhNTU4YjUwZmIzOGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzYDkjSDFHfmpwmm1f/r3HtaWLOZ
odrEoXOg+/+yBuSGmZe0Y8nJ4qYq4iJIqdWcQ6I0DKJEvTRNGtzAksE/4FsMe4mG
Y+YTY3FgTFp+w+ey9HCt2ZUWt3pV89ORwQ/xMe2RUjSabR79gCadg0JCGi4UEvo8
uZ5LC50lUMulr5q4NmMBXgjy6ziM+MwGhU1whQE/bF6MgEoNh74p2tX1opdtnbwy
4nF7wVWo+QP4KJu47chSyNEIzo0N6VawmOKAO/PGEt+Fi1/GISmwm+zdW8+A/QXv
zl8dY6fTUGl118H7NaVHOrAXw/hnZHCn7Ddc45coa4idVvdWqgz1qtt3sQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIAS2/azXzf1IXSeRLH6VYtQ+zj4MB8GA1UdIwQY
MBaAFFH0sLBGnrDQcZlM2COPNL7wDG++MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWZTd3NFYWVzTkJ4bVV6WUk0ODB2dkFNYjc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9kM2FiMjgtN2Y0Ny00MWYzLWIyMzEt
Nzg4NDRlMTAxMTMzLzEvVWZTd3NFYWVzTkJ4bVV6WUk0ODB2dkFNYjc0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9kM2FiMjgtN2Y0Ny00MWYzLWIyMzEtNzg4NDRlMTAxMTMz
LzEvVWZTd3NFYWVzTkJ4bVV6WUk0ODB2dkFNYjc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKeCD8TYh
GPvm6umJLAaV5bU0PUpHyg078kUY8E3MxgBasVKBW7UJszCqr5mvoWJVtiKcKP51
5OoxBaNUKX5iOtuR6xUmsHs1WhLll5qT7AjEVNM+TJIY5e/d/2JymxkiCQQhP3Zs
ecY5v8KQRMSXdhAUxyiG9Sheyp9t3LXtPCTXDIqrwOtUuUNo3qaEJ1/4o/TGlS9+
Gm04tUpkfyWfpkRnoNg1Y7oTq/FR11HdE++yTcLM0EWCc04mEqeimZZTJ+jDysqP
+mqn5ll+xsCiGRFTfrXQjI0wIp4cd2qb+aP7uBKWpuG8ih075qYIyCj3cuWnBvhR
2hz4pRVg8/xzZw==
-----END CERTIFICATE-----