Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
File:                     WnMRox5rU6F10ZE1sryZOh-5hLE.mft (raw, json)
Hash identifier:          Xby2Emyq3Nx0JPQJdg+T7CkOIsGxOkNmINFru2dvfVI=
Subject key identifier:   95:EE:A6:67:39:47:C0:81:07:FF:21:1A:97:F9:8E:5A:FA:DD:AF:96
Authority key identifier: 5A:73:11:A3:1E:6B:53:A1:75:D1:91:35:B2:BC:99:3A:1F:B9:84:B1
Certificate issuer:       /CN=5a7311a31e6b53a175d19135b2bc993a1fb984b1
Certificate serial:       019512103EA88DF646438075A03D6DC2CEC4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
Manifest number:          127C
Signing time:             Mon 17 Feb 2025 04:00:09 +0000
Manifest this update:     Mon 17 Feb 2025 04:00:09 +0000
Manifest next update:     Tue 18 Feb 2025 04:00:09 +0000
Files and hashes:         1: WnMRox5rU6F10ZE1sryZOh-5hLE.crl (hash: nonsP/5sPioitFLPSNXMvaLI+llC4Ti2Avwwwv/Dx/k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:12:10:3e:a8:8d:f6:46:43:80:75:a0:3d:6d:c2:ce:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5a7311a31e6b53a175d19135b2bc993a1fb984b1
        Validity
            Not Before: Feb 17 04:00:09 2025 GMT
            Not After : Feb 18 04:00:09 2025 GMT
        Subject: CN=95eea6673947c08107ff211a97f98e5afaddaf96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:d2:af:e9:98:7c:5d:38:54:91:d5:0a:1f:60:
                    12:50:fb:91:5f:18:3b:b4:fe:89:59:7f:02:ff:7d:
                    0f:74:71:ef:c2:14:e2:72:22:0a:d5:4d:38:4f:9f:
                    67:24:a6:9c:7d:75:be:b3:99:e7:6f:3d:32:fa:48:
                    2f:bf:cc:60:2e:78:7e:ee:1c:07:99:74:ae:b9:6c:
                    86:98:e8:5c:5d:4f:bc:99:62:95:87:61:c2:38:33:
                    ba:2a:11:14:54:55:84:20:de:ac:17:d1:8a:df:75:
                    29:62:c3:01:85:d0:f0:4e:fd:4c:70:d0:6e:d9:15:
                    61:5e:3a:82:23:3c:1f:fd:d2:32:ab:28:a2:f6:b8:
                    7c:41:54:6f:a7:cf:3c:92:05:18:71:12:d0:86:1e:
                    08:bc:63:c5:37:bd:88:e8:eb:1e:42:81:d7:9b:94:
                    d5:b6:ae:b4:37:94:68:48:b5:a2:9a:0d:ff:1a:a0:
                    58:66:00:39:18:38:17:59:26:39:52:43:8d:e1:81:
                    61:3f:2f:bf:9a:6c:f7:81:75:db:6d:25:ab:dc:6a:
                    0b:cf:28:c6:dc:7a:b0:ac:be:93:20:41:89:fa:34:
                    db:50:ba:84:b5:f9:c3:75:9b:80:c4:12:e0:ad:34:
                    aa:cf:d1:0d:b9:57:c9:35:2f:f6:be:dc:84:24:d5:
                    f9:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:EE:A6:67:39:47:C0:81:07:FF:21:1A:97:F9:8E:5A:FA:DD:AF:96
            X509v3 Authority Key Identifier:
                keyid:5A:73:11:A3:1E:6B:53:A1:75:D1:91:35:B2:BC:99:3A:1F:B9:84:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:3a:ca:75:36:88:86:53:28:22:15:c8:18:14:c8:1e:24:13:
         58:db:3e:06:c7:31:a1:f9:ee:19:3e:fd:78:79:8b:75:30:5a:
         d7:8f:08:da:f9:49:c5:7c:0d:19:5e:e8:b1:90:b4:00:f6:8e:
         cd:db:b0:cd:26:82:a3:ec:bf:21:60:92:b4:8e:40:40:c1:bd:
         31:c4:b9:20:20:bd:c4:62:e0:c8:07:03:3e:5e:e4:6b:e0:27:
         ee:84:17:c7:09:85:99:5d:98:e8:92:2a:2c:70:3f:0c:b3:77:
         5b:5d:c8:45:54:9c:87:a3:49:1e:28:5d:ce:87:90:31:ee:94:
         8e:fb:a0:c9:b5:72:48:e6:c3:3c:42:f3:dd:64:74:a8:ba:19:
         59:15:75:1a:ff:6e:ff:39:78:38:e9:99:90:fa:ab:0b:bd:26:
         92:f4:51:d2:f4:2c:6c:1b:92:c0:12:f2:ad:20:5e:2d:3e:e1:
         08:e6:64:72:65:8a:59:d8:d4:72:6c:18:a1:14:22:b5:5d:c6:
         d5:37:4e:21:a4:ca:b7:4b:25:d0:a2:24:66:97:f7:38:bf:2b:
         ec:47:e3:8b:d7:c6:8c:61:44:c5:a4:b3:09:31:f6:f8:af:a7:
         29:98:36:37:23:04:24:b1:fa:fd:9f:38:39:89:6d:b2:49:88:
         64:db:ba:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSED6ojfZGQ4B1oD1tws7EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNzMxMWEzMWU2YjUzYTE3NWQxOTEzNWIyYmM5OTNhMWZi
OTg0YjEwHhcNMjUwMjE3MDQwMDA5WhcNMjUwMjE4MDQwMDA5WjAzMTEwLwYDVQQD
Eyg5NWVlYTY2NzM5NDdjMDgxMDdmZjIxMWE5N2Y5OGU1YWZhZGRhZjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4NKv6Zh8XThUkdUKH2ASUPuRXxg7
tP6JWX8C/30PdHHvwhTiciIK1U04T59nJKacfXW+s5nnbz0y+kgvv8xgLnh+7hwH
mXSuuWyGmOhcXU+8mWKVh2HCODO6KhEUVFWEIN6sF9GK33UpYsMBhdDwTv1McNBu
2RVhXjqCIzwf/dIyqyii9rh8QVRvp888kgUYcRLQhh4IvGPFN72I6OseQoHXm5TV
tq60N5RoSLWimg3/GqBYZgA5GDgXWSY5UkON4YFhPy+/mmz3gXXbbSWr3GoLzyjG
3HqwrL6TIEGJ+jTbULqEtfnDdZuAxBLgrTSqz9ENuVfJNS/2vtyEJNX5JwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJXupmc5R8CBB/8hGpf5jlr63a+WMB8GA1UdIwQY
MBaAFFpzEaMea1OhddGRNbK8mTofuYSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9lNjc3ODEtMTcxZC00MGQ3LTkwMzct
MWJhYTgzYzhhMDM2LzEvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9lNjc3ODEtMTcxZC00MGQ3LTkwMzctMWJhYTgzYzhhMDM2
LzEvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgjrKdTaI
hlMoIhXIGBTIHiQTWNs+BscxofnuGT79eHmLdTBa148I2vlJxXwNGV7osZC0APaO
zduwzSaCo+y/IWCStI5AQMG9McS5ICC9xGLgyAcDPl7ka+An7oQXxwmFmV2Y6JIq
LHA/DLN3W13IRVSch6NJHihdzoeQMe6UjvugybVySObDPELz3WR0qLoZWRV1Gv9u
/zl4OOmZkPqrC70mkvRR0vQsbBuSwBLyrSBeLT7hCOZkcmWKWdjUcmwYoRQitV3G
1TdOIaTKt0sl0KIkZpf3OL8r7Efji9fGjGFExaSzCTH2+K+nKZg2NyMEJLH6/Z84
OYltskmIZNu6Tg==
-----END CERTIFICATE-----