Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/1426a1-b553-4da5-a6d9-ac0102793c5a/1/dt0D59chnX68HyMPcGMtyRNvNBM.mft
File:                     dt0D59chnX68HyMPcGMtyRNvNBM.mft (raw, json)
Hash identifier:          sbi1d6WjRvhmLNWFJHEqfYoiUoCrYWdFtSUHVRK52QY=
Subject key identifier:   64:43:B8:84:AD:2A:AB:A2:8D:FC:D3:3B:74:C4:74:ED:34:7B:EC:02
Authority key identifier: 76:DD:03:E7:D7:21:9D:7E:BC:1F:23:0F:70:63:2D:C9:13:6F:34:13
Certificate issuer:       /CN=76dd03e7d7219d7ebc1f230f70632dc9136f3413
Certificate serial:       0194BA847DC24768BDBD9DF29A55BFFE31F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dt0D59chnX68HyMPcGMtyRNvNBM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/1426a1-b553-4da5-a6d9-ac0102793c5a/1/dt0D59chnX68HyMPcGMtyRNvNBM.mft
Manifest number:          0335
Signing time:             Fri 31 Jan 2025 04:00:32 +0000
Manifest this update:     Fri 31 Jan 2025 04:00:32 +0000
Manifest next update:     Sat 01 Feb 2025 04:00:32 +0000
Files and hashes:         1: dt0D59chnX68HyMPcGMtyRNvNBM.crl (hash: 5/pyoM2yHSBGq9ocqEybuXB56/BijcVT/8qR8WhFpn4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6d/1426a1-b553-4da5-a6d9-ac0102793c5a/1/dt0D59chnX68HyMPcGMtyRNvNBM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6d/1426a1-b553-4da5-a6d9-ac0102793c5a/1/dt0D59chnX68HyMPcGMtyRNvNBM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dt0D59chnX68HyMPcGMtyRNvNBM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 04:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:ba:84:7d:c2:47:68:bd:bd:9d:f2:9a:55:bf:fe:31:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76dd03e7d7219d7ebc1f230f70632dc9136f3413
        Validity
            Not Before: Jan 31 04:00:32 2025 GMT
            Not After : Feb  1 04:00:32 2025 GMT
        Subject: CN=6443b884ad2aaba28dfcd33b74c474ed347bec02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:a1:7c:d5:96:55:66:7c:63:82:4e:28:0f:e5:
                    df:24:28:6c:04:80:49:8d:0d:7d:ff:1b:18:86:4b:
                    c8:51:9a:7b:47:38:0a:9b:e5:80:a6:7c:9e:7a:a6:
                    bb:03:a5:ab:ea:3c:87:ef:75:63:64:a6:98:80:8c:
                    dc:9f:de:0d:44:58:0d:b1:a3:89:72:ea:ae:46:47:
                    80:70:29:88:75:fd:19:c2:30:62:68:41:37:f5:07:
                    c7:db:96:07:d6:d5:82:17:e3:20:26:3c:0f:61:68:
                    2d:db:24:72:0a:0b:0b:b7:a7:64:48:54:ee:c7:73:
                    7a:2a:86:bb:4d:41:98:c7:86:59:dc:27:92:0d:5e:
                    10:d3:e7:61:91:61:19:83:73:f9:75:1a:d1:96:94:
                    4e:13:c0:49:86:13:22:ad:7f:4f:df:70:62:9b:5f:
                    39:ec:1e:00:a4:c8:ce:44:85:1c:00:02:fc:79:74:
                    78:37:f6:d3:bd:d9:7c:05:32:75:ae:32:d3:74:27:
                    30:51:c4:18:2f:44:ec:9b:01:48:76:41:10:d2:41:
                    57:11:b6:5d:64:e0:a7:4c:b9:e1:c0:d8:b0:39:da:
                    ea:ab:24:53:71:80:d8:2b:01:30:1f:f6:c1:02:83:
                    f8:bd:ea:ef:0a:fc:04:95:37:47:7b:77:0f:c1:9d:
                    65:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:43:B8:84:AD:2A:AB:A2:8D:FC:D3:3B:74:C4:74:ED:34:7B:EC:02
            X509v3 Authority Key Identifier:
                keyid:76:DD:03:E7:D7:21:9D:7E:BC:1F:23:0F:70:63:2D:C9:13:6F:34:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dt0D59chnX68HyMPcGMtyRNvNBM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/1426a1-b553-4da5-a6d9-ac0102793c5a/1/dt0D59chnX68HyMPcGMtyRNvNBM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/1426a1-b553-4da5-a6d9-ac0102793c5a/1/dt0D59chnX68HyMPcGMtyRNvNBM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:b0:62:25:f9:a6:03:ac:a5:4e:16:3a:2c:0f:5c:fa:73:c0:
         d4:fa:96:45:a2:0a:1c:fa:90:26:dd:d9:21:91:3c:de:03:c9:
         9e:7b:e7:9e:54:77:eb:80:da:79:9b:77:6b:34:d4:aa:4a:79:
         0b:10:d6:c6:2d:fc:1b:a7:5f:d0:b1:a2:94:3b:37:14:4e:86:
         70:7a:4d:2a:8b:bb:2d:43:fa:bc:4d:e0:ff:27:f9:e9:5d:8b:
         9b:1c:d6:2f:be:d7:20:7c:23:37:33:14:20:81:71:e4:14:77:
         d2:58:f7:c0:87:7d:75:ae:25:20:39:aa:8f:c7:f4:71:5a:91:
         6f:4b:01:1a:3c:c8:c2:7d:f3:c3:f9:6c:8f:77:a5:f0:e1:4c:
         a0:86:c8:b7:e9:7f:86:43:b7:28:29:da:88:46:d1:8a:00:d7:
         1a:a5:3b:f6:6f:64:d6:e8:5d:30:75:f9:74:1a:c3:16:bd:9e:
         6f:c8:d7:15:12:ab:4e:ec:03:42:4c:d5:7b:9f:af:ee:d1:84:
         26:a9:3b:8e:61:80:be:1e:ef:3d:4c:a7:f4:62:c1:25:12:f7:
         65:4d:20:75:59:c4:46:71:ad:6c:52:f2:dc:6f:6e:08:d5:72:
         62:fa:cb:53:9b:91:a6:ae:cd:cd:8c:be:db:b9:d8:e7:3e:c2:
         db:fe:6c:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS6hH3CR2i9vZ3ymlW//jH5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZGQwM2U3ZDcyMTlkN2ViYzFmMjMwZjcwNjMyZGM5MTM2
ZjM0MTMwHhcNMjUwMTMxMDQwMDMyWhcNMjUwMjAxMDQwMDMyWjAzMTEwLwYDVQQD
Eyg2NDQzYjg4NGFkMmFhYmEyOGRmY2QzM2I3NGM0NzRlZDM0N2JlYzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6F81ZZVZnxjgk4oD+XfJChsBIBJ
jQ19/xsYhkvIUZp7RzgKm+WApnyeeqa7A6Wr6jyH73VjZKaYgIzcn94NRFgNsaOJ
cuquRkeAcCmIdf0ZwjBiaEE39QfH25YH1tWCF+MgJjwPYWgt2yRyCgsLt6dkSFTu
x3N6Koa7TUGYx4ZZ3CeSDV4Q0+dhkWEZg3P5dRrRlpROE8BJhhMirX9P33Bim185
7B4ApMjORIUcAAL8eXR4N/bTvdl8BTJ1rjLTdCcwUcQYL0TsmwFIdkEQ0kFXEbZd
ZOCnTLnhwNiwOdrqqyRTcYDYKwEwH/bBAoP4vervCvwElTdHe3cPwZ1lHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGRDuIStKquijfzTO3TEdO00e+wCMB8GA1UdIwQY
MBaAFHbdA+fXIZ1+vB8jD3BjLckTbzQTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHQwRDU5Y2huWDY4SHlNUGNHTXR5Uk52TkJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8xNDI2YTEtYjU1My00ZGE1LWE2ZDkt
YWMwMTAyNzkzYzVhLzEvZHQwRDU5Y2huWDY4SHlNUGNHTXR5Uk52TkJNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8xNDI2YTEtYjU1My00ZGE1LWE2ZDktYWMwMTAyNzkzYzVh
LzEvZHQwRDU5Y2huWDY4SHlNUGNHTXR5Uk52TkJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAobBiJfmm
A6ylThY6LA9c+nPA1PqWRaIKHPqQJt3ZIZE83gPJnnvnnlR364DaeZt3azTUqkp5
CxDWxi38G6df0LGilDs3FE6GcHpNKou7LUP6vE3g/yf56V2LmxzWL77XIHwjNzMU
IIFx5BR30lj3wId9da4lIDmqj8f0cVqRb0sBGjzIwn3zw/lsj3el8OFMoIbIt+l/
hkO3KCnaiEbRigDXGqU79m9k1uhdMHX5dBrDFr2eb8jXFRKrTuwDQkzVe5+v7tGE
Jqk7jmGAvh7vPUyn9GLBJRL3ZU0gdVnERnGtbFLy3G9uCNVyYvrLU5uRpq7NzYy+
27nY5z7C2/5slQ==
-----END CERTIFICATE-----