Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
File:                     xAqOocjcM7gpD-vTTkU4vZWXROg.mft (raw, json)
Hash identifier:          a6qZ+poGV5lvElb/UCJXq3997sfXvn+Jml1pVAt5xA8=
Subject key identifier:   FE:D4:86:56:81:A2:BF:C0:32:7C:E1:99:DF:51:BD:DA:B0:DE:B8:62
Authority key identifier: C4:0A:8E:A1:C8:DC:33:B8:29:0F:EB:D3:4E:45:38:BD:95:97:44:E8
Certificate issuer:       /CN=c40a8ea1c8dc33b8290febd34e4538bd959744e8
Certificate serial:       0194C3F6208565D9695C8E5FFB1AD942E759
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
Manifest number:          13BE
Signing time:             Sun 02 Feb 2025 00:01:14 +0000
Manifest this update:     Sun 02 Feb 2025 00:01:14 +0000
Manifest next update:     Mon 03 Feb 2025 00:01:14 +0000
Files and hashes:         1: xAqOocjcM7gpD-vTTkU4vZWXROg.crl (hash: XBbWzkMVNUjphTsr+KSZRySuB6vCLxnd5YRLriyqW4I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:f6:20:85:65:d9:69:5c:8e:5f:fb:1a:d9:42:e7:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c40a8ea1c8dc33b8290febd34e4538bd959744e8
        Validity
            Not Before: Feb  2 00:01:14 2025 GMT
            Not After : Feb  3 00:01:14 2025 GMT
        Subject: CN=fed4865681a2bfc0327ce199df51bddab0deb862
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:88:a3:dd:85:e0:2c:14:2b:8f:ef:c3:e8:ab:
                    7b:21:b6:5b:74:7e:af:b7:a6:61:7d:01:d4:43:a2:
                    1a:92:42:73:c3:a3:12:76:e5:4f:fd:64:6c:b5:ae:
                    3a:ec:fd:f8:ac:83:b4:be:1d:a9:1c:05:c0:2b:50:
                    3c:da:0d:ed:2a:d8:f6:e7:5d:27:5a:56:7e:7f:17:
                    dd:ee:e3:6b:cc:15:7c:27:fd:06:9a:8b:ed:15:95:
                    9c:0c:25:ef:3a:42:a2:c0:06:57:8a:84:21:9d:61:
                    1b:51:b2:e4:0a:38:da:dc:aa:58:46:6f:a1:2b:74:
                    26:b8:60:6f:05:d0:76:37:69:61:d0:52:5b:2a:f0:
                    ec:73:28:bb:05:06:df:eb:0e:2e:f8:87:52:b7:d1:
                    13:30:b9:54:1c:2f:b9:82:43:5b:28:7f:87:03:34:
                    79:0d:53:00:be:47:cd:02:6d:a4:38:33:0c:6e:a1:
                    68:8f:08:bb:24:f0:8b:04:ba:78:ec:84:2a:67:6f:
                    97:bb:a3:8b:96:6f:d5:bb:b5:31:d1:02:6c:6d:13:
                    91:84:97:64:63:54:c0:9d:da:f7:ea:4f:2a:76:58:
                    79:e8:a6:ff:09:09:b0:3d:4c:19:27:8f:4e:a3:8f:
                    9c:b0:0f:c3:db:be:60:d2:68:28:32:ff:b0:f6:80:
                    5b:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:D4:86:56:81:A2:BF:C0:32:7C:E1:99:DF:51:BD:DA:B0:DE:B8:62
            X509v3 Authority Key Identifier:
                keyid:C4:0A:8E:A1:C8:DC:33:B8:29:0F:EB:D3:4E:45:38:BD:95:97:44:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:f1:56:b5:5f:d6:f6:7b:f4:4d:d3:2b:86:c7:c6:5d:40:4b:
         13:eb:a0:ca:93:30:76:7f:17:09:96:44:a6:65:76:53:5f:be:
         22:84:c8:1b:d3:c7:26:d8:61:00:ed:39:20:b0:b8:c5:e3:be:
         59:84:f5:66:b0:d9:c0:67:95:58:33:4d:a7:1a:04:92:b4:37:
         a9:e9:08:fc:41:ad:12:11:c2:4a:5d:b0:e3:f2:88:e0:0d:11:
         2a:96:5a:11:0b:7e:d7:51:82:8c:67:04:18:ce:11:fa:bd:1c:
         f5:ca:e8:ee:0d:dc:b4:87:bd:fe:bc:6d:fc:de:e9:78:71:e0:
         26:60:b6:85:70:8f:28:53:58:d3:81:c7:aa:c1:5c:04:0b:03:
         00:06:b3:19:a3:d0:f0:95:c6:67:bf:ab:e6:10:b8:35:d1:df:
         ea:06:a5:09:ca:69:b5:0d:b0:99:2d:5c:5e:b6:79:61:ef:07:
         5e:af:e2:3f:9c:15:c6:ba:a5:b3:9a:ae:d0:c9:d9:9f:13:35:
         c0:91:22:8b:4e:ad:ff:b3:72:ba:52:90:cd:0f:2d:c5:8f:31:
         6b:b2:4e:5e:67:0c:41:12:d1:99:19:58:9e:b7:9c:ab:2c:ae:
         4a:05:2e:7d:97:fe:d2:74:c7:cd:c1:ec:6e:1d:0d:56:81:09:
         0f:f5:c2:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTD9iCFZdlpXI5f+xrZQudZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MGE4ZWExYzhkYzMzYjgyOTBmZWJkMzRlNDUzOGJkOTU5
NzQ0ZTgwHhcNMjUwMjAyMDAwMTE0WhcNMjUwMjAzMDAwMTE0WjAzMTEwLwYDVQQD
EyhmZWQ0ODY1NjgxYTJiZmMwMzI3Y2UxOTlkZjUxYmRkYWIwZGViODYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2oij3YXgLBQrj+/D6Kt7IbZbdH6v
t6ZhfQHUQ6IakkJzw6MSduVP/WRsta467P34rIO0vh2pHAXAK1A82g3tKtj2510n
WlZ+fxfd7uNrzBV8J/0GmovtFZWcDCXvOkKiwAZXioQhnWEbUbLkCjja3KpYRm+h
K3QmuGBvBdB2N2lh0FJbKvDscyi7BQbf6w4u+IdSt9ETMLlUHC+5gkNbKH+HAzR5
DVMAvkfNAm2kODMMbqFojwi7JPCLBLp47IQqZ2+Xu6OLlm/Vu7Ux0QJsbRORhJdk
Y1TAndr36k8qdlh56Kb/CQmwPUwZJ49Oo4+csA/D275g0mgoMv+w9oBbaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP7UhlaBor/AMnzhmd9Rvdqw3rhiMB8GA1UdIwQY
MBaAFMQKjqHI3DO4KQ/r005FOL2Vl0ToMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9lOThiZjctYzVjOC00NTYxLTk3ZTgt
ZTEzMTYwYWMzZTIzLzEveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9lOThiZjctYzVjOC00NTYxLTk3ZTgtZTEzMTYwYWMzZTIz
LzEveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIvFWtV/W
9nv0TdMrhsfGXUBLE+ugypMwdn8XCZZEpmV2U1++IoTIG9PHJthhAO05ILC4xeO+
WYT1ZrDZwGeVWDNNpxoEkrQ3qekI/EGtEhHCSl2w4/KI4A0RKpZaEQt+11GCjGcE
GM4R+r0c9cro7g3ctIe9/rxt/N7peHHgJmC2hXCPKFNY04HHqsFcBAsDAAazGaPQ
8JXGZ7+r5hC4NdHf6galCcpptQ2wmS1cXrZ5Ye8HXq/iP5wVxrqls5qu0MnZnxM1
wJEii06t/7NyulKQzQ8txY8xa7JOXmcMQRLRmRlYnrecqyyuSgUufZf+0nTHzcHs
bh0NVoEJD/XCYQ==
-----END CERTIFICATE-----