Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/f62552-14f1-499c-af78-7f6a655fd788/1/BkwamGxZM6O5EIToo_8IBm05jhk.mft
File:                     BkwamGxZM6O5EIToo_8IBm05jhk.mft (raw, json)
Hash identifier:          nrhwCsR6F954IZ7c2Q5BwaVMNcrqOs4/NgbjTJfcxEE=
Subject key identifier:   55:5D:1C:D5:53:88:E4:A9:1E:A5:63:F8:46:F4:84:1B:D2:5F:64:2E
Authority key identifier: 06:4C:1A:98:6C:59:33:A3:B9:10:84:E8:A3:FF:08:06:6D:39:8E:19
Certificate issuer:       /CN=064c1a986c5933a3b91084e8a3ff08066d398e19
Certificate serial:       0194064652DA70A8A937AB905A4DFBDA4BAC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BkwamGxZM6O5EIToo_8IBm05jhk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/f62552-14f1-499c-af78-7f6a655fd788/1/BkwamGxZM6O5EIToo_8IBm05jhk.mft
Manifest number:          07DC
Signing time:             Fri 27 Dec 2024 04:00:59 +0000
Manifest this update:     Fri 27 Dec 2024 04:00:59 +0000
Manifest next update:     Sat 28 Dec 2024 04:00:59 +0000
Files and hashes:         1: BkwamGxZM6O5EIToo_8IBm05jhk.crl (hash: pXz2QqR9GC/PNfla7GqGhDJytQ2WqZV+nJ0FoNbqWfU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d6/f62552-14f1-499c-af78-7f6a655fd788/1/BkwamGxZM6O5EIToo_8IBm05jhk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d6/f62552-14f1-499c-af78-7f6a655fd788/1/BkwamGxZM6O5EIToo_8IBm05jhk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BkwamGxZM6O5EIToo_8IBm05jhk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 28 Dec 2024 04:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:06:46:52:da:70:a8:a9:37:ab:90:5a:4d:fb:da:4b:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=064c1a986c5933a3b91084e8a3ff08066d398e19
        Validity
            Not Before: Dec 27 04:00:59 2024 GMT
            Not After : Dec 28 04:00:59 2024 GMT
        Subject: CN=555d1cd55388e4a91ea563f846f4841bd25f642e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:14:89:89:0f:ad:0b:40:df:89:d8:ce:8e:2f:
                    d3:34:24:ea:4c:69:1c:4c:a4:78:d9:28:c9:26:5a:
                    86:26:a3:a0:5d:ae:f7:2f:c5:6b:ff:4c:db:f2:ae:
                    34:bf:a0:13:55:df:80:70:ef:3e:f8:f2:ef:dd:76:
                    9e:65:f2:f1:b5:23:0e:69:e1:91:2d:ab:ac:26:49:
                    3e:f3:42:1d:83:3b:34:62:94:83:41:27:e5:58:d7:
                    8c:45:9e:f8:a4:29:bf:35:8d:13:74:2d:b9:9d:5b:
                    2d:bb:75:4b:73:2a:08:cb:fd:31:32:37:c3:6d:cd:
                    89:16:cd:5e:fb:69:4e:77:ee:da:25:83:16:e5:43:
                    b9:4a:e7:da:7f:c5:50:a7:18:13:c8:42:ed:8a:69:
                    1f:eb:90:07:f0:30:e5:24:81:d6:d1:00:df:6a:06:
                    67:e9:c1:87:f1:e4:ea:64:90:78:99:ff:70:b7:87:
                    b2:1c:44:df:f7:a1:c3:26:c3:7e:d6:80:9a:49:70:
                    71:81:ac:9b:19:c5:88:78:cd:39:8f:11:73:73:03:
                    aa:64:e8:65:cf:43:b9:ad:91:a2:59:33:7e:1a:dd:
                    c4:6b:2d:75:ae:6f:bf:7f:ee:71:fa:f2:06:7f:cc:
                    48:e5:03:2f:c0:6c:22:30:fc:20:b6:9e:76:e5:9e:
                    d5:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:5D:1C:D5:53:88:E4:A9:1E:A5:63:F8:46:F4:84:1B:D2:5F:64:2E
            X509v3 Authority Key Identifier:
                keyid:06:4C:1A:98:6C:59:33:A3:B9:10:84:E8:A3:FF:08:06:6D:39:8E:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BkwamGxZM6O5EIToo_8IBm05jhk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/f62552-14f1-499c-af78-7f6a655fd788/1/BkwamGxZM6O5EIToo_8IBm05jhk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/f62552-14f1-499c-af78-7f6a655fd788/1/BkwamGxZM6O5EIToo_8IBm05jhk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:8d:6e:ff:f2:f0:c5:ea:7c:84:b8:fd:f0:30:d3:70:b8:19:
         f1:40:02:08:2f:90:f8:32:b2:41:cb:3c:8e:a0:9f:4b:86:aa:
         24:1b:d7:c4:4e:b8:61:e8:c2:52:be:90:97:25:4f:20:b9:d4:
         ea:86:50:14:76:89:e0:97:8d:54:9a:e2:0e:d3:e2:84:f7:4a:
         ff:05:93:d5:fd:75:94:11:b8:95:5a:46:83:69:52:f8:b9:41:
         94:22:e2:aa:c5:31:95:d6:96:b8:26:ac:ba:a3:a4:b7:61:7e:
         cf:e6:7e:c1:72:5a:90:7a:79:7b:c6:87:cd:4f:df:96:d1:17:
         0d:2c:9a:a2:ea:f3:bc:9d:fa:ae:fe:35:59:75:7e:30:bd:56:
         ed:7c:85:fd:03:83:96:a2:6f:94:34:85:29:be:95:82:9d:38:
         44:28:02:79:55:71:0c:fd:53:76:ec:dd:f7:04:f9:ea:7e:ec:
         86:5a:dc:1b:a2:bf:21:74:b9:7c:ab:85:ff:eb:3a:53:5f:5c:
         7b:b3:64:10:19:14:48:e2:ea:a5:5f:55:06:6a:a6:2d:df:ed:
         f8:4b:c9:df:74:3d:ce:8e:1c:78:51:63:8e:47:64:9d:e7:8e:
         3d:67:8f:8c:26:d8:1f:77:12:72:b2:fa:ee:18:81:b4:32:38:
         12:14:a5:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQGRlLacKipN6uQWk372kusMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NGMxYTk4NmM1OTMzYTNiOTEwODRlOGEzZmYwODA2NmQz
OThlMTkwHhcNMjQxMjI3MDQwMDU5WhcNMjQxMjI4MDQwMDU5WjAzMTEwLwYDVQQD
Eyg1NTVkMWNkNTUzODhlNGE5MWVhNTYzZjg0NmY0ODQxYmQyNWY2NDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhSJiQ+tC0DfidjOji/TNCTqTGkc
TKR42SjJJlqGJqOgXa73L8Vr/0zb8q40v6ATVd+AcO8++PLv3XaeZfLxtSMOaeGR
LausJkk+80Idgzs0YpSDQSflWNeMRZ74pCm/NY0TdC25nVstu3VLcyoIy/0xMjfD
bc2JFs1e+2lOd+7aJYMW5UO5Sufaf8VQpxgTyELtimkf65AH8DDlJIHW0QDfagZn
6cGH8eTqZJB4mf9wt4eyHETf96HDJsN+1oCaSXBxgaybGcWIeM05jxFzcwOqZOhl
z0O5rZGiWTN+Gt3Eay11rm+/f+5x+vIGf8xI5QMvwGwiMPwgtp525Z7VpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFVdHNVTiOSpHqVj+Eb0hBvSX2QuMB8GA1UdIwQY
MBaAFAZMGphsWTOjuRCE6KP/CAZtOY4ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmt3YW1HeFpNNk81RUlUb29fOElCbTA1amhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9mNjI1NTItMTRmMS00OTljLWFmNzgt
N2Y2YTY1NWZkNzg4LzEvQmt3YW1HeFpNNk81RUlUb29fOElCbTA1amhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9mNjI1NTItMTRmMS00OTljLWFmNzgtN2Y2YTY1NWZkNzg4
LzEvQmt3YW1HeFpNNk81RUlUb29fOElCbTA1amhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkY1u//Lw
xep8hLj98DDTcLgZ8UACCC+Q+DKyQcs8jqCfS4aqJBvXxE64YejCUr6QlyVPILnU
6oZQFHaJ4JeNVJriDtPihPdK/wWT1f11lBG4lVpGg2lS+LlBlCLiqsUxldaWuCas
uqOkt2F+z+Z+wXJakHp5e8aHzU/fltEXDSyaourzvJ36rv41WXV+ML1W7XyF/QOD
lqJvlDSFKb6Vgp04RCgCeVVxDP1Tduzd9wT56n7shlrcG6K/IXS5fKuF/+s6U19c
e7NkEBkUSOLqpV9VBmqmLd/t+EvJ33Q9zo4ceFFjjkdkneeOPWePjCbYH3cScrL6
7hiBtDI4EhSlFg==
-----END CERTIFICATE-----