Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/45b225-64e3-4d34-80d9-21c815a6eb9e/1/aQqw79d1diHIbXtpx29gssP6w1Y.mft
File:                     aQqw79d1diHIbXtpx29gssP6w1Y.mft (raw, json)
Hash identifier:          gBASw6sUmz2ol9X/9iZW13yCfyZiDdH+uIXWl6wMeY4=
Subject key identifier:   D6:28:86:42:94:40:F2:9E:63:59:42:8E:86:17:C6:C1:CD:10:1B:2C
Authority key identifier: 69:0A:B0:EF:D7:75:76:21:C8:6D:7B:69:C7:6F:60:B2:C3:FA:C3:56
Certificate issuer:       /CN=690ab0efd7757621c86d7b69c76f60b2c3fac356
Certificate serial:       0194BABBBC7EB20ABEA718A31B734B616D15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aQqw79d1diHIbXtpx29gssP6w1Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6e/45b225-64e3-4d34-80d9-21c815a6eb9e/1/aQqw79d1diHIbXtpx29gssP6w1Y.mft
Manifest number:          0178
Signing time:             Fri 31 Jan 2025 05:00:53 +0000
Manifest this update:     Fri 31 Jan 2025 05:00:53 +0000
Manifest next update:     Sat 01 Feb 2025 05:00:53 +0000
Files and hashes:         1: aQqw79d1diHIbXtpx29gssP6w1Y.crl (hash: aewcv0rnLH3j3G9gVzUKqx4gjh/OjyZ/MRF5J/jixOY=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6e/45b225-64e3-4d34-80d9-21c815a6eb9e/1/aQqw79d1diHIbXtpx29gssP6w1Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6e/45b225-64e3-4d34-80d9-21c815a6eb9e/1/aQqw79d1diHIbXtpx29gssP6w1Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aQqw79d1diHIbXtpx29gssP6w1Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 05:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:ba:bb:bc:7e:b2:0a:be:a7:18:a3:1b:73:4b:61:6d:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=690ab0efd7757621c86d7b69c76f60b2c3fac356
        Validity
            Not Before: Jan 31 05:00:53 2025 GMT
            Not After : Feb  1 05:00:53 2025 GMT
        Subject: CN=d62886429440f29e6359428e8617c6c1cd101b2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:09:72:6f:f1:58:b6:f1:57:71:2e:4e:c5:bd:
                    c1:ff:8e:45:88:24:40:0c:24:0a:22:e9:bf:0c:68:
                    5f:69:a7:23:da:16:dd:61:e8:9f:64:aa:d6:11:96:
                    50:50:46:f7:05:81:3d:e6:0b:95:ef:16:d8:4e:a0:
                    21:7e:0c:15:30:44:3b:ae:b0:ac:8b:93:83:6f:ef:
                    f1:e1:0e:bd:f3:0b:31:87:a0:95:a2:45:86:80:74:
                    e4:74:26:6e:4d:d0:21:07:18:d3:36:77:48:4a:d6:
                    4d:ec:3a:8d:29:ee:8b:56:61:36:bf:d7:a1:f3:fd:
                    52:66:f9:1c:f0:c1:c7:1c:c5:73:3c:d0:4a:30:c2:
                    47:62:4e:bc:a2:ec:56:95:2d:c2:56:9d:0f:87:ec:
                    3f:35:cb:67:ac:47:de:f4:9b:42:19:99:82:3e:0d:
                    18:5e:b1:b7:3e:ab:35:ae:bb:30:20:69:91:d7:fe:
                    a7:81:80:73:4c:d7:f1:9d:3f:ad:7a:f8:89:a1:7f:
                    63:f3:65:29:d7:f6:95:a4:bb:89:34:cc:d8:4b:8e:
                    43:0f:ec:fe:9e:51:4d:dd:85:bd:8d:31:7f:85:7e:
                    78:d5:f3:f5:27:a2:4e:5d:54:19:ae:cd:3c:c4:9c:
                    b5:b2:95:22:e6:e0:c4:04:3b:27:aa:41:d3:bd:f4:
                    70:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:28:86:42:94:40:F2:9E:63:59:42:8E:86:17:C6:C1:CD:10:1B:2C
            X509v3 Authority Key Identifier:
                keyid:69:0A:B0:EF:D7:75:76:21:C8:6D:7B:69:C7:6F:60:B2:C3:FA:C3:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aQqw79d1diHIbXtpx29gssP6w1Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/45b225-64e3-4d34-80d9-21c815a6eb9e/1/aQqw79d1diHIbXtpx29gssP6w1Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/45b225-64e3-4d34-80d9-21c815a6eb9e/1/aQqw79d1diHIbXtpx29gssP6w1Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:b8:ab:b6:bd:41:d6:2b:a9:5f:ae:8d:17:c3:7f:25:26:75:
         65:93:5e:42:b5:63:8d:6c:d3:58:a1:6d:fc:b2:6a:94:04:b5:
         07:0c:a6:37:79:3d:68:39:6e:dc:0b:9c:fa:a4:e1:4b:a6:f5:
         16:cb:8e:7e:0d:ec:e9:df:82:16:0b:c3:57:ca:32:ab:b2:57:
         29:56:84:98:8a:28:05:2c:66:87:36:d9:1c:fd:5b:68:06:93:
         02:19:71:25:29:e1:51:64:c3:9c:9f:5a:d6:94:8f:8b:d9:32:
         77:b2:e5:df:b3:82:15:e7:9b:24:fa:12:c1:51:6e:71:5c:2a:
         7e:50:ab:de:77:67:6a:49:67:ed:da:31:22:d9:90:61:dd:88:
         cf:23:af:84:df:45:f3:73:da:48:2f:05:3c:01:fa:fe:ea:1a:
         39:71:cb:a4:f2:12:bc:f5:72:c5:17:88:71:08:3b:c1:d2:fb:
         a7:a6:9f:e8:fa:bd:ee:67:db:ee:f9:b1:3b:07:2b:eb:48:67:
         d7:11:2f:a4:3b:b3:92:3f:3e:2a:7b:d3:6d:4d:f2:38:94:12:
         bf:9b:a1:f6:01:6e:e9:12:58:1d:d7:ac:cd:69:39:c1:bd:a6:
         ad:d7:f2:25:f8:fb:02:fb:c9:86:d1:b5:28:f3:f2:6e:ff:67:
         f7:18:ab:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS6u7x+sgq+pxijG3NLYW0VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MGFiMGVmZDc3NTc2MjFjODZkN2I2OWM3NmY2MGIyYzNm
YWMzNTYwHhcNMjUwMTMxMDUwMDUzWhcNMjUwMjAxMDUwMDUzWjAzMTEwLwYDVQQD
EyhkNjI4ODY0Mjk0NDBmMjllNjM1OTQyOGU4NjE3YzZjMWNkMTAxYjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAlyb/FYtvFXcS5Oxb3B/45FiCRA
DCQKIum/DGhfaacj2hbdYeifZKrWEZZQUEb3BYE95guV7xbYTqAhfgwVMEQ7rrCs
i5ODb+/x4Q698wsxh6CVokWGgHTkdCZuTdAhBxjTNndIStZN7DqNKe6LVmE2v9eh
8/1SZvkc8MHHHMVzPNBKMMJHYk68ouxWlS3CVp0Ph+w/NctnrEfe9JtCGZmCPg0Y
XrG3Pqs1rrswIGmR1/6ngYBzTNfxnT+teviJoX9j82Up1/aVpLuJNMzYS45DD+z+
nlFN3YW9jTF/hX541fP1J6JOXVQZrs08xJy1spUi5uDEBDsnqkHTvfRwfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNYohkKUQPKeY1lCjoYXxsHNEBssMB8GA1UdIwQY
MBaAFGkKsO/XdXYhyG17acdvYLLD+sNWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVFxdzc5ZDFkaUhJYlh0cHgyOWdzc1A2dzFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS80NWIyMjUtNjRlMy00ZDM0LTgwZDkt
MjFjODE1YTZlYjllLzEvYVFxdzc5ZDFkaUhJYlh0cHgyOWdzc1A2dzFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS80NWIyMjUtNjRlMy00ZDM0LTgwZDktMjFjODE1YTZlYjll
LzEvYVFxdzc5ZDFkaUhJYlh0cHgyOWdzc1A2dzFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJbirtr1B
1iupX66NF8N/JSZ1ZZNeQrVjjWzTWKFt/LJqlAS1BwymN3k9aDlu3Auc+qThS6b1
FsuOfg3s6d+CFgvDV8oyq7JXKVaEmIooBSxmhzbZHP1baAaTAhlxJSnhUWTDnJ9a
1pSPi9kyd7Ll37OCFeebJPoSwVFucVwqflCr3ndnakln7doxItmQYd2IzyOvhN9F
83PaSC8FPAH6/uoaOXHLpPISvPVyxReIcQg7wdL7p6af6Pq97mfb7vmxOwcr60hn
1xEvpDuzkj8+KnvTbU3yOJQSv5uh9gFu6RJYHdeszWk5wb2mrdfyJfj7AvvJhtG1
KPPybv9n9xirWg==
-----END CERTIFICATE-----