Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/6c9722-2608-44af-8c79-66b2f99c0b45/1/oMWM0HH3gLesNAwBROsE-1DMu_E.mft
File:                     oMWM0HH3gLesNAwBROsE-1DMu_E.mft (raw, json)
Hash identifier:          DJUjGL16BBRqnqnZpznkvwx0AoOSTg0YeYZQpg/i9xA=
Subject key identifier:   96:8D:77:D2:B5:6F:BC:C4:AE:D7:98:AA:9F:D0:CE:4F:AE:FE:E1:08
Authority key identifier: A0:C5:8C:D0:71:F7:80:B7:AC:34:0C:01:44:EB:04:FB:50:CC:BB:F1
Certificate issuer:       /CN=a0c58cd071f780b7ac340c0144eb04fb50ccbbf1
Certificate serial:       0194BABB703402B30799910533940A5858F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oMWM0HH3gLesNAwBROsE-1DMu_E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/6c9722-2608-44af-8c79-66b2f99c0b45/1/oMWM0HH3gLesNAwBROsE-1DMu_E.mft
Manifest number:          141A
Signing time:             Fri 31 Jan 2025 05:00:33 +0000
Manifest this update:     Fri 31 Jan 2025 05:00:33 +0000
Manifest next update:     Sat 01 Feb 2025 05:00:33 +0000
Files and hashes:         1: oMWM0HH3gLesNAwBROsE-1DMu_E.crl (hash: 5o4cqOPvlF6kKPDjgWfg1zKvZWdYirWTlXjVcQv7saU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/6c9722-2608-44af-8c79-66b2f99c0b45/1/oMWM0HH3gLesNAwBROsE-1DMu_E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/6c9722-2608-44af-8c79-66b2f99c0b45/1/oMWM0HH3gLesNAwBROsE-1DMu_E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oMWM0HH3gLesNAwBROsE-1DMu_E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 05:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:ba:bb:70:34:02:b3:07:99:91:05:33:94:0a:58:58:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0c58cd071f780b7ac340c0144eb04fb50ccbbf1
        Validity
            Not Before: Jan 31 05:00:33 2025 GMT
            Not After : Feb  1 05:00:33 2025 GMT
        Subject: CN=968d77d2b56fbcc4aed798aa9fd0ce4faefee108
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:40:24:6f:04:f8:07:87:39:96:47:17:8e:27:
                    ea:57:12:7d:82:40:7f:98:28:ca:b4:fe:6a:23:fc:
                    69:4e:53:0c:d5:29:ff:b0:a7:24:c5:a5:9e:ef:a2:
                    17:1f:54:09:0e:b6:19:fa:80:24:19:37:20:8c:cb:
                    d5:de:0c:8e:9d:8f:76:58:11:d9:04:f9:06:2b:e7:
                    e9:22:33:ee:f6:ab:5b:38:0b:9e:07:64:2d:eb:2d:
                    87:61:0d:34:3f:51:a7:90:0d:26:b9:4c:a9:de:c3:
                    45:47:f6:6c:77:ae:b6:57:92:3c:c4:61:08:eb:8b:
                    4f:33:1c:73:69:8a:a6:cf:2f:d9:20:1c:f5:bd:65:
                    86:f9:9f:ad:52:3b:45:bc:63:35:e6:2c:3f:d3:74:
                    e3:2f:8f:eb:08:25:bd:87:53:0a:95:64:21:24:5a:
                    00:f3:33:65:5a:ee:68:36:77:e4:04:7a:22:f7:e1:
                    80:e2:49:98:6d:52:a5:c5:c8:09:67:cf:d1:fe:7c:
                    cc:4b:6d:d5:3e:61:99:16:0e:73:71:a0:b3:5d:b2:
                    3f:9a:2f:4f:49:97:9b:6c:49:2d:50:9a:93:38:9e:
                    b2:bd:37:e3:28:26:63:e4:74:79:a6:3d:5b:bf:5f:
                    59:ab:e2:83:df:27:e4:b4:2f:85:2d:fa:89:05:b1:
                    68:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:8D:77:D2:B5:6F:BC:C4:AE:D7:98:AA:9F:D0:CE:4F:AE:FE:E1:08
            X509v3 Authority Key Identifier:
                keyid:A0:C5:8C:D0:71:F7:80:B7:AC:34:0C:01:44:EB:04:FB:50:CC:BB:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oMWM0HH3gLesNAwBROsE-1DMu_E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6c9722-2608-44af-8c79-66b2f99c0b45/1/oMWM0HH3gLesNAwBROsE-1DMu_E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6c9722-2608-44af-8c79-66b2f99c0b45/1/oMWM0HH3gLesNAwBROsE-1DMu_E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:3d:8b:54:21:ef:44:13:9f:7b:4b:7f:4e:ed:b7:6a:c3:9b:
         94:49:77:7f:63:f1:b8:90:8f:6b:31:ae:c9:80:f9:1f:3a:02:
         71:f4:36:9b:d6:1b:52:ac:3c:a9:43:cd:e0:ca:5b:3d:07:45:
         b6:b0:19:b9:42:37:fc:97:c2:93:b5:c9:d8:fa:f0:43:69:a7:
         f5:ba:8e:63:a1:37:3c:71:f8:9d:42:45:6a:a6:54:4d:d0:df:
         2b:8a:8a:a6:5f:54:30:4c:8e:78:fa:69:a0:cf:0b:07:0a:3f:
         da:68:07:67:a7:b1:9d:44:9e:4d:ce:3a:37:4e:0a:a7:29:cf:
         e4:78:40:3f:a6:cd:e7:6a:ab:ea:39:10:68:ab:94:cb:00:09:
         14:36:a0:f2:73:27:bd:6f:c3:34:e0:8f:e2:48:1a:8e:72:4b:
         bf:05:14:5a:b3:54:06:3a:78:0f:68:f8:f0:f6:3f:a2:f3:29:
         7f:dd:f7:8b:6d:9e:fc:90:6a:07:34:f0:28:c8:84:f2:33:eb:
         dd:fa:8c:69:c1:93:d1:9b:a8:13:49:6c:c8:0e:bf:d3:cf:9e:
         0f:f3:98:d2:eb:0c:0d:13:26:aa:e9:39:aa:82:a5:47:86:9e:
         dc:ac:2e:c3:2d:2a:ea:4c:23:f7:f7:bc:50:c5:a7:eb:49:d4:
         a5:5e:49:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS6u3A0ArMHmZEFM5QKWFjzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYzU4Y2QwNzFmNzgwYjdhYzM0MGMwMTQ0ZWIwNGZiNTBj
Y2JiZjEwHhcNMjUwMTMxMDUwMDMzWhcNMjUwMjAxMDUwMDMzWjAzMTEwLwYDVQQD
Eyg5NjhkNzdkMmI1NmZiY2M0YWVkNzk4YWE5ZmQwY2U0ZmFlZmVlMTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUAkbwT4B4c5lkcXjifqVxJ9gkB/
mCjKtP5qI/xpTlMM1Sn/sKckxaWe76IXH1QJDrYZ+oAkGTcgjMvV3gyOnY92WBHZ
BPkGK+fpIjPu9qtbOAueB2Qt6y2HYQ00P1GnkA0muUyp3sNFR/Zsd662V5I8xGEI
64tPMxxzaYqmzy/ZIBz1vWWG+Z+tUjtFvGM15iw/03TjL4/rCCW9h1MKlWQhJFoA
8zNlWu5oNnfkBHoi9+GA4kmYbVKlxcgJZ8/R/nzMS23VPmGZFg5zcaCzXbI/mi9P
SZebbEktUJqTOJ6yvTfjKCZj5HR5pj1bv19Zq+KD3yfktC+FLfqJBbFoKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJaNd9K1b7zErteYqp/Qzk+u/uEIMB8GA1UdIwQY
MBaAFKDFjNBx94C3rDQMAUTrBPtQzLvxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb01XTTBISDNnTGVzTkF3QlJPc0UtMURNdV9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC82Yzk3MjItMjYwOC00NGFmLThjNzkt
NjZiMmY5OWMwYjQ1LzEvb01XTTBISDNnTGVzTkF3QlJPc0UtMURNdV9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC82Yzk3MjItMjYwOC00NGFmLThjNzktNjZiMmY5OWMwYjQ1
LzEvb01XTTBISDNnTGVzTkF3QlJPc0UtMURNdV9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgj2LVCHv
RBOfe0t/Tu23asOblEl3f2PxuJCPazGuyYD5HzoCcfQ2m9YbUqw8qUPN4MpbPQdF
trAZuUI3/JfCk7XJ2PrwQ2mn9bqOY6E3PHH4nUJFaqZUTdDfK4qKpl9UMEyOePpp
oM8LBwo/2mgHZ6exnUSeTc46N04KpynP5HhAP6bN52qr6jkQaKuUywAJFDag8nMn
vW/DNOCP4kgajnJLvwUUWrNUBjp4D2j48PY/ovMpf933i22e/JBqBzTwKMiE8jPr
3fqMacGT0ZuoE0lsyA6/08+eD/OY0usMDRMmquk5qoKlR4ae3Kwuwy0q6kwj9/e8
UMWn60nUpV5JMA==
-----END CERTIFICATE-----