Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft
File:                     dZxU7z8HSxxmiPmXVM2KONmfbKw.mft (raw, json)
Hash identifier:          GKlpkfyPQ3A8ccMiTTsf0iA+O4y0W2UYLuHQbm1usUk=
Subject key identifier:   78:12:56:08:61:55:20:D1:B7:D3:88:54:76:37:54:1A:1C:DB:12:CE
Authority key identifier: 75:9C:54:EF:3F:07:4B:1C:66:88:F9:97:54:CD:8A:38:D9:9F:6C:AC
Certificate issuer:       /CN=759c54ef3f074b1c6688f99754cd8a38d99f6cac
Certificate serial:       0194BA845CFE1C46CF9B3B858E30169B9991
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dZxU7z8HSxxmiPmXVM2KONmfbKw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft
Manifest number:          07C9
Signing time:             Fri 31 Jan 2025 04:00:24 +0000
Manifest this update:     Fri 31 Jan 2025 04:00:24 +0000
Manifest next update:     Sat 01 Feb 2025 04:00:24 +0000
Files and hashes:         1: dZxU7z8HSxxmiPmXVM2KONmfbKw.crl (hash: 2/HBl+6wqiKkdpTAojkzf+XQUVdadePdy9N2oqL+eo0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dZxU7z8HSxxmiPmXVM2KONmfbKw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 04:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:ba:84:5c:fe:1c:46:cf:9b:3b:85:8e:30:16:9b:99:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=759c54ef3f074b1c6688f99754cd8a38d99f6cac
        Validity
            Not Before: Jan 31 04:00:24 2025 GMT
            Not After : Feb  1 04:00:24 2025 GMT
        Subject: CN=78125608615520d1b7d388547637541a1cdb12ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:51:7e:7a:d8:45:ad:40:fc:e2:5d:ed:a9:4e:
                    d4:36:16:63:4b:aa:49:34:60:68:b0:31:b9:7a:21:
                    7e:db:2d:c7:28:56:09:8d:75:a0:fc:f3:7b:90:fa:
                    47:5c:8d:ca:01:65:4a:54:2c:30:ab:bd:42:60:f1:
                    37:74:70:3d:cd:8b:1b:c7:cb:ec:96:23:fb:34:7f:
                    42:1a:40:63:b4:d9:00:dc:30:15:8f:bb:32:93:9b:
                    7a:7d:32:c0:60:ea:83:23:16:6e:4d:7b:1c:ad:b6:
                    5f:b0:9d:a7:0d:52:6c:a0:05:fb:5f:be:8c:d0:3c:
                    65:cd:93:5a:d6:6b:a0:20:7f:e1:84:a6:b2:db:a5:
                    b9:24:41:e4:45:c2:76:bb:ab:9b:f4:5d:93:88:61:
                    b0:89:d7:45:8a:6f:ea:b2:cc:89:55:3a:12:42:df:
                    3b:c2:00:97:c5:b2:01:83:fa:39:85:1a:3d:19:ad:
                    68:c7:6a:9c:8c:87:81:ee:0e:c4:18:c7:16:58:3b:
                    1e:6c:99:bd:03:18:db:f1:b1:54:ff:ee:eb:c4:ff:
                    40:20:7f:38:08:ae:d9:cd:a6:48:7e:f7:e8:98:9f:
                    d5:5c:93:5f:54:a9:25:3e:1c:d1:bc:67:36:99:e5:
                    e3:96:8c:87:43:2d:e8:67:7d:a2:02:9f:d5:51:c8:
                    ed:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:12:56:08:61:55:20:D1:B7:D3:88:54:76:37:54:1A:1C:DB:12:CE
            X509v3 Authority Key Identifier:
                keyid:75:9C:54:EF:3F:07:4B:1C:66:88:F9:97:54:CD:8A:38:D9:9F:6C:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dZxU7z8HSxxmiPmXVM2KONmfbKw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:47:95:d0:8a:c0:da:db:93:1c:f6:34:24:73:ca:8f:7a:dd:
         84:4f:7a:44:4b:4c:95:57:2b:60:26:ff:83:0b:d4:80:a0:8a:
         45:7a:fa:5a:68:7c:cb:d3:a2:74:87:94:7c:e1:0d:41:7c:00:
         03:1e:54:ac:28:a4:1a:b4:94:77:f7:ae:42:7c:8c:b0:ea:63:
         40:d4:52:c0:dc:46:62:d1:aa:a4:f3:0a:bb:20:e6:d6:15:34:
         6e:f1:17:3a:ee:a6:ad:db:c9:14:f4:a0:d5:d7:32:b7:6a:fb:
         a1:15:c8:55:6d:61:28:0d:ed:e6:0f:13:28:6f:05:7a:d5:f0:
         e1:55:ab:3e:bb:e6:4d:ce:a6:c2:bb:97:e2:ab:5f:98:af:7f:
         fe:6b:95:8a:27:45:a1:46:32:8f:6c:42:fd:21:26:4c:89:a1:
         33:ee:7a:ed:08:f5:0b:1f:14:b6:c2:50:25:c3:1c:00:e4:15:
         75:42:54:4d:d3:d0:e3:88:60:7f:95:6f:ed:45:cc:0d:0a:ed:
         73:0f:f6:66:cf:d0:2e:f7:46:a6:a9:07:5a:ca:83:13:40:34:
         ab:bd:6c:2a:c4:ba:71:d2:13:bd:df:0c:ff:ae:f1:03:dc:55:
         4c:c4:2f:e0:a4:4e:11:29:3e:73:06:34:6a:15:32:4f:fd:86:
         54:c5:6b:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS6hFz+HEbPmzuFjjAWm5mRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1OWM1NGVmM2YwNzRiMWM2Njg4Zjk5NzU0Y2Q4YTM4ZDk5
ZjZjYWMwHhcNMjUwMTMxMDQwMDI0WhcNMjUwMjAxMDQwMDI0WjAzMTEwLwYDVQQD
Eyg3ODEyNTYwODYxNTUyMGQxYjdkMzg4NTQ3NjM3NTQxYTFjZGIxMmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1F+ethFrUD84l3tqU7UNhZjS6pJ
NGBosDG5eiF+2y3HKFYJjXWg/PN7kPpHXI3KAWVKVCwwq71CYPE3dHA9zYsbx8vs
liP7NH9CGkBjtNkA3DAVj7syk5t6fTLAYOqDIxZuTXscrbZfsJ2nDVJsoAX7X76M
0DxlzZNa1mugIH/hhKay26W5JEHkRcJ2u6ub9F2TiGGwiddFim/qssyJVToSQt87
wgCXxbIBg/o5hRo9Ga1ox2qcjIeB7g7EGMcWWDsebJm9Axjb8bFU/+7rxP9AIH84
CK7ZzaZIfvfomJ/VXJNfVKklPhzRvGc2meXjloyHQy3oZ32iAp/VUcjt7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHgSVghhVSDRt9OIVHY3VBoc2xLOMB8GA1UdIwQY
MBaAFHWcVO8/B0scZoj5l1TNijjZn2ysMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFp4VTd6OEhTeHhtaVBtWFZNMktPTm1mYkt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi81YmVhYTAtNGEzMS00MTY4LTk5YjQt
NDRkMjk2NTdiYWI3LzEvZFp4VTd6OEhTeHhtaVBtWFZNMktPTm1mYkt3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi81YmVhYTAtNGEzMS00MTY4LTk5YjQtNDRkMjk2NTdiYWI3
LzEvZFp4VTd6OEhTeHhtaVBtWFZNMktPTm1mYkt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXEeV0IrA
2tuTHPY0JHPKj3rdhE96REtMlVcrYCb/gwvUgKCKRXr6Wmh8y9OidIeUfOENQXwA
Ax5UrCikGrSUd/euQnyMsOpjQNRSwNxGYtGqpPMKuyDm1hU0bvEXOu6mrdvJFPSg
1dcyt2r7oRXIVW1hKA3t5g8TKG8FetXw4VWrPrvmTc6mwruX4qtfmK9//muViidF
oUYyj2xC/SEmTImhM+567Qj1Cx8UtsJQJcMcAOQVdUJUTdPQ44hgf5Vv7UXMDQrt
cw/2Zs/QLvdGpqkHWsqDE0A0q71sKsS6cdITvd8M/67xA9xVTMQv4KROESk+cwY0
ahUyT/2GVMVrGg==
-----END CERTIFICATE-----