Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft
File:                     6kHoOY_3zvtSIWNusighJuv-O3g.mft (raw, json)
Hash identifier:          420T+QY00EHBgDHpidg+Y4WX1PnQFtxtzvE607FGdPU=
Subject key identifier:   3E:D2:C9:70:07:B4:C2:B5:30:85:B1:D4:CB:0F:91:4D:8F:90:F3:63
Authority key identifier: EA:41:E8:39:8F:F7:CE:FB:52:21:63:6E:B2:28:21:26:EB:FE:3B:78
Certificate issuer:       /CN=ea41e8398ff7cefb5221636eb2282126ebfe3b78
Certificate serial:       0194C3886D72FFC4121AAD137420C8492453
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6kHoOY_3zvtSIWNusighJuv-O3g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft
Manifest number:          7D
Signing time:             Sat 01 Feb 2025 22:01:25 +0000
Manifest this update:     Sat 01 Feb 2025 22:01:25 +0000
Manifest next update:     Sun 02 Feb 2025 22:01:25 +0000
Files and hashes:         1: 6kHoOY_3zvtSIWNusighJuv-O3g.crl (hash: K5qQdpoISPu3q1qYpiy/8Fm3SZj8tRg8v9owhSfjrsI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6kHoOY_3zvtSIWNusighJuv-O3g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:88:6d:72:ff:c4:12:1a:ad:13:74:20:c8:49:24:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ea41e8398ff7cefb5221636eb2282126ebfe3b78
        Validity
            Not Before: Feb  1 22:01:25 2025 GMT
            Not After : Feb  2 22:01:25 2025 GMT
        Subject: CN=3ed2c97007b4c2b53085b1d4cb0f914d8f90f363
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:f1:91:f7:35:84:c3:bb:04:e3:c7:9b:44:25:
                    7c:58:be:c9:0b:41:c5:1d:0b:77:d6:06:ff:d2:92:
                    bd:f6:03:42:61:13:b4:0c:24:48:85:f7:f5:a3:7f:
                    89:60:23:3d:1c:3a:37:17:f7:81:69:e5:fc:a0:b2:
                    ae:e5:c8:a0:4e:94:50:7d:ca:4b:e4:39:33:24:af:
                    e1:db:f0:b5:74:71:c6:a6:4a:a7:3b:43:d9:0e:a3:
                    2d:17:79:6c:e9:ca:50:a5:86:92:cf:3b:b6:c8:f8:
                    e6:a9:b3:2a:cd:8c:a8:18:5f:b4:25:09:22:42:35:
                    c4:f8:40:1d:a6:13:59:c3:17:f1:c0:9d:1f:8b:c3:
                    0c:02:1f:fe:7a:b2:02:20:dc:c6:54:fa:4d:8c:3b:
                    b6:a6:42:d4:cc:58:28:8d:06:43:d8:a2:21:41:80:
                    ff:4e:6e:ed:33:8e:20:6f:5e:fb:f5:a4:38:7d:2e:
                    e5:7b:54:f5:ec:37:ce:0e:dc:82:fd:f1:6d:bd:37:
                    7a:82:37:ef:49:3d:cb:d0:1b:e0:7d:3b:2d:0c:35:
                    c2:96:d2:c2:40:20:2c:f6:64:4c:03:ca:38:2d:ec:
                    58:35:dd:14:5c:19:a8:41:b7:96:08:b7:da:9c:b2:
                    d8:fb:97:7a:f7:d8:ed:ea:c3:be:0b:b8:bf:88:c9:
                    f5:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:D2:C9:70:07:B4:C2:B5:30:85:B1:D4:CB:0F:91:4D:8F:90:F3:63
            X509v3 Authority Key Identifier:
                keyid:EA:41:E8:39:8F:F7:CE:FB:52:21:63:6E:B2:28:21:26:EB:FE:3B:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6kHoOY_3zvtSIWNusighJuv-O3g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:07:b2:a2:f6:e2:2a:01:96:42:ac:1c:73:36:3a:48:94:52:
         39:5c:35:47:30:63:c9:46:e7:70:df:9d:d4:83:a7:b3:18:c5:
         eb:5a:32:d9:8a:25:9e:73:ca:13:c6:08:b7:c0:ff:25:c1:f2:
         41:1f:29:d5:ee:49:19:f4:0e:99:0e:4b:41:56:be:c3:97:a0:
         33:09:9c:32:2f:ca:7d:bb:02:aa:26:81:29:6b:4c:34:03:34:
         fb:e6:0a:5e:db:a1:6b:58:a2:68:59:24:9e:3b:cf:f2:01:73:
         16:fa:98:12:cb:aa:73:83:3d:54:54:a6:18:8d:84:93:82:a4:
         17:6b:3b:8d:f0:49:83:d2:14:48:25:3a:f3:4e:7a:99:5f:48:
         9b:c3:5d:f4:60:02:2d:93:20:fb:ff:a2:4d:52:97:02:d1:da:
         81:13:de:a1:a5:02:59:4e:2f:a6:e6:c8:b0:1a:16:48:20:af:
         e6:df:3d:72:bd:4f:0b:0f:d4:4f:6f:39:a7:4a:58:67:80:96:
         50:4a:67:e2:89:07:e0:95:68:13:d4:3e:8e:45:0f:63:12:5f:
         5f:5d:94:a1:44:0c:fc:c5:45:61:f6:f6:8a:ee:0b:f7:26:49:
         c7:f1:ad:3a:5a:f4:b5:27:a8:b6:d9:9f:2e:9e:26:f0:d4:5f:
         5e:d9:d8:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDiG1y/8QSGq0TdCDISSRTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhNDFlODM5OGZmN2NlZmI1MjIxNjM2ZWIyMjgyMTI2ZWJm
ZTNiNzgwHhcNMjUwMjAxMjIwMTI1WhcNMjUwMjAyMjIwMTI1WjAzMTEwLwYDVQQD
EygzZWQyYzk3MDA3YjRjMmI1MzA4NWIxZDRjYjBmOTE0ZDhmOTBmMzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvGR9zWEw7sE48ebRCV8WL7JC0HF
HQt31gb/0pK99gNCYRO0DCRIhff1o3+JYCM9HDo3F/eBaeX8oLKu5cigTpRQfcpL
5DkzJK/h2/C1dHHGpkqnO0PZDqMtF3ls6cpQpYaSzzu2yPjmqbMqzYyoGF+0JQki
QjXE+EAdphNZwxfxwJ0fi8MMAh/+erICINzGVPpNjDu2pkLUzFgojQZD2KIhQYD/
Tm7tM44gb1779aQ4fS7le1T17DfODtyC/fFtvTd6gjfvST3L0BvgfTstDDXCltLC
QCAs9mRMA8o4LexYNd0UXBmoQbeWCLfanLLY+5d699jt6sO+C7i/iMn1dQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD7SyXAHtMK1MIWx1MsPkU2PkPNjMB8GA1UdIwQY
MBaAFOpB6DmP9877UiFjbrIoISbr/jt4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmtIb09ZXzN6dnRTSVdOdXNpZ2hKdXYtTzNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy81M2NiZTgtZjVhNy00MDdkLTg0Y2Ut
NjI4YjQzOTRiODIyLzEvNmtIb09ZXzN6dnRTSVdOdXNpZ2hKdXYtTzNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy81M2NiZTgtZjVhNy00MDdkLTg0Y2UtNjI4YjQzOTRiODIy
LzEvNmtIb09ZXzN6dnRTSVdOdXNpZ2hKdXYtTzNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIQeyovbi
KgGWQqwcczY6SJRSOVw1RzBjyUbncN+d1IOnsxjF61oy2YolnnPKE8YIt8D/JcHy
QR8p1e5JGfQOmQ5LQVa+w5egMwmcMi/KfbsCqiaBKWtMNAM0++YKXtuha1iiaFkk
njvP8gFzFvqYEsuqc4M9VFSmGI2Ek4KkF2s7jfBJg9IUSCU68056mV9Im8Nd9GAC
LZMg+/+iTVKXAtHagRPeoaUCWU4vpubIsBoWSCCv5t89cr1PCw/UT285p0pYZ4CW
UEpn4okH4JVoE9Q+jkUPYxJfX12UoUQM/MVFYfb2iu4L9yZJx/GtOlr0tSeottmf
Lp4m8NRfXtnYfw==
-----END CERTIFICATE-----