Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.mft
File:                     bn-6EaMdOqkN48e7i1bTzQbmvnU.mft (raw, json)
Hash identifier:          uc30TLuZ2P+xXXZ2UZpwavsqHciCK1WKnt1i7ZecdVw=
Subject key identifier:   6D:2C:61:A2:BA:45:78:5E:6A:FB:7A:22:96:45:F6:85:F5:B6:50:47
Authority key identifier: 6E:7F:BA:11:A3:1D:3A:A9:0D:E3:C7:BB:8B:56:D3:CD:06:E6:BE:75
Certificate issuer:       /CN=6e7fba11a31d3aa90de3c7bb8b56d3cd06e6be75
Certificate serial:       0194C38825B10A90A1C33B6BAB7DDCA6CF60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bn-6EaMdOqkN48e7i1bTzQbmvnU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.mft
Manifest number:          1414
Signing time:             Sat 01 Feb 2025 22:01:07 +0000
Manifest this update:     Sat 01 Feb 2025 22:01:07 +0000
Manifest next update:     Sun 02 Feb 2025 22:01:07 +0000
Files and hashes:         1: bn-6EaMdOqkN48e7i1bTzQbmvnU.crl (hash: mRzF4Yr+C89KxdcQnVli50xTLJmZDWg/4vfqgqtoWIc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bn-6EaMdOqkN48e7i1bTzQbmvnU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:88:25:b1:0a:90:a1:c3:3b:6b:ab:7d:dc:a6:cf:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e7fba11a31d3aa90de3c7bb8b56d3cd06e6be75
        Validity
            Not Before: Feb  1 22:01:07 2025 GMT
            Not After : Feb  2 22:01:07 2025 GMT
        Subject: CN=6d2c61a2ba45785e6afb7a229645f685f5b65047
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:b1:49:68:dc:8c:ab:34:93:5f:ce:b9:f1:4b:
                    05:f8:04:df:3a:f6:eb:d1:db:6b:4a:51:2e:c6:57:
                    47:b7:8e:f0:74:c6:d4:5b:14:96:46:1e:60:a5:86:
                    be:0b:f5:82:ea:12:31:75:26:48:bf:a3:23:d9:eb:
                    9f:3f:48:12:b8:02:dc:53:fb:b8:79:59:72:46:67:
                    b1:6f:b9:c5:32:50:ec:57:16:f6:da:eb:76:7c:64:
                    6d:33:d0:d3:d2:c3:db:3c:86:33:75:ef:8a:83:e2:
                    0c:e1:cf:27:e2:77:be:fb:73:43:5d:91:e2:d5:f2:
                    01:81:3f:a4:a2:f3:c7:ef:3c:3d:27:07:e6:d1:1d:
                    66:28:26:81:a1:58:19:a2:18:f4:14:22:37:9f:46:
                    e2:1e:17:d8:67:d5:d6:b9:a6:4a:16:3c:16:a1:04:
                    1a:97:d3:95:5e:97:95:2c:19:e3:5f:aa:18:f2:3f:
                    ce:15:68:96:fd:96:e0:3c:30:42:47:cc:6e:4c:a5:
                    4d:b9:04:12:96:fe:08:b7:83:ac:82:9c:e6:8b:1d:
                    71:96:ba:33:cd:25:5b:fb:0e:4f:c9:9e:8a:82:c9:
                    ca:a4:94:71:3f:c4:fe:e8:a9:5e:39:62:25:ef:52:
                    aa:65:94:50:b1:4f:a1:7a:7d:2b:fb:be:fb:81:d3:
                    b8:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:2C:61:A2:BA:45:78:5E:6A:FB:7A:22:96:45:F6:85:F5:B6:50:47
            X509v3 Authority Key Identifier:
                keyid:6E:7F:BA:11:A3:1D:3A:A9:0D:E3:C7:BB:8B:56:D3:CD:06:E6:BE:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bn-6EaMdOqkN48e7i1bTzQbmvnU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c8:78:e5:6b:f4:9f:0f:1e:3f:35:f6:77:ff:86:91:53:30:e1:
         f2:77:d0:6f:b0:0a:7a:6b:9c:30:4f:35:6d:08:f7:ee:70:1a:
         4d:0a:1c:1f:f4:93:e8:cf:c1:ad:67:28:33:e9:fa:25:c0:65:
         b7:11:e8:fa:9d:12:b7:4d:e3:2e:05:a0:98:1a:84:e1:42:90:
         ea:b6:2d:70:f9:59:38:49:1d:10:cd:44:49:d7:32:1a:c9:61:
         92:a4:be:94:f7:d2:e9:ad:7b:11:93:b3:01:34:85:7c:e5:5d:
         3b:95:82:2d:24:9a:fd:eb:05:51:54:da:7c:21:81:dd:98:ad:
         d3:f5:bc:b8:28:ff:57:eb:c4:da:3f:07:46:d9:6c:78:a1:7a:
         6d:cf:07:ce:ff:05:98:76:e6:fe:bc:01:44:97:11:60:79:75:
         42:7e:c2:a9:d0:2e:38:dd:26:6e:15:29:f8:85:bd:5e:22:06:
         24:dc:05:aa:96:37:7d:fa:9e:7f:23:d6:b0:7c:de:d5:28:68:
         be:23:cf:d7:de:b4:41:c0:56:d5:b0:1d:7c:16:1e:29:f8:24:
         93:40:83:5b:25:4a:13:32:6a:46:75:51:05:c3:46:27:49:9a:
         0e:e7:f0:f8:d3:e3:c6:6b:3e:02:1d:4c:a9:7c:ad:2a:b0:06:
         89:ae:ab:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDiCWxCpChwztrq33cps9gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlN2ZiYTExYTMxZDNhYTkwZGUzYzdiYjhiNTZkM2NkMDZl
NmJlNzUwHhcNMjUwMjAxMjIwMTA3WhcNMjUwMjAyMjIwMTA3WjAzMTEwLwYDVQQD
Eyg2ZDJjNjFhMmJhNDU3ODVlNmFmYjdhMjI5NjQ1ZjY4NWY1YjY1MDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLFJaNyMqzSTX8658UsF+ATfOvbr
0dtrSlEuxldHt47wdMbUWxSWRh5gpYa+C/WC6hIxdSZIv6Mj2eufP0gSuALcU/u4
eVlyRmexb7nFMlDsVxb22ut2fGRtM9DT0sPbPIYzde+Kg+IM4c8n4ne++3NDXZHi
1fIBgT+kovPH7zw9Jwfm0R1mKCaBoVgZohj0FCI3n0biHhfYZ9XWuaZKFjwWoQQa
l9OVXpeVLBnjX6oY8j/OFWiW/ZbgPDBCR8xuTKVNuQQSlv4It4Osgpzmix1xlroz
zSVb+w5PyZ6KgsnKpJRxP8T+6KleOWIl71KqZZRQsU+hen0r+777gdO4PwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG0sYaK6RXheavt6IpZF9oX1tlBHMB8GA1UdIwQY
MBaAFG5/uhGjHTqpDePHu4tW080G5r51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm4tNkVhTWRPcWtONDhlN2kxYlR6UWJtdm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi81MmVmN2MtOWEzNi00MzYyLThlN2Yt
NjM5NDIxNGExMjJjLzEvYm4tNkVhTWRPcWtONDhlN2kxYlR6UWJtdm5VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi81MmVmN2MtOWEzNi00MzYyLThlN2YtNjM5NDIxNGExMjJj
LzEvYm4tNkVhTWRPcWtONDhlN2kxYlR6UWJtdm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyHjla/Sf
Dx4/NfZ3/4aRUzDh8nfQb7AKemucME81bQj37nAaTQocH/ST6M/BrWcoM+n6JcBl
txHo+p0St03jLgWgmBqE4UKQ6rYtcPlZOEkdEM1ESdcyGslhkqS+lPfS6a17EZOz
ATSFfOVdO5WCLSSa/esFUVTafCGB3Zit0/W8uCj/V+vE2j8HRtlseKF6bc8Hzv8F
mHbm/rwBRJcRYHl1Qn7CqdAuON0mbhUp+IW9XiIGJNwFqpY3ffqefyPWsHze1Sho
viPP1960QcBW1bAdfBYeKfgkk0CDWyVKEzJqRnVRBcNGJ0maDufw+NPjxms+Ah1M
qXytKrAGia6rUQ==
-----END CERTIFICATE-----