Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/bf9999-2341-4acf-84e9-b8866e941963/1/frYDcECoYM2RunejcY7VgMrfXdg.mft
File:                     frYDcECoYM2RunejcY7VgMrfXdg.mft (raw, json)
Hash identifier:          8aq3dqdAV3NwRjfS6oWn1GWnNJYcC5c3PmjD50G7jhE=
Subject key identifier:   5C:6B:A5:43:85:44:9D:60:20:45:A0:62:1F:51:ED:AB:79:52:D5:0A
Authority key identifier: 7E:B6:03:70:40:A8:60:CD:91:BA:77:A3:71:8E:D5:80:CA:DF:5D:D8
Certificate issuer:       /CN=7eb6037040a860cd91ba77a3718ed580cadf5dd8
Certificate serial:       0194BABBD42D1BAFE6FBD4AFA2C6032C27A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/frYDcECoYM2RunejcY7VgMrfXdg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/bf9999-2341-4acf-84e9-b8866e941963/1/frYDcECoYM2RunejcY7VgMrfXdg.mft
Manifest number:          040B
Signing time:             Fri 31 Jan 2025 05:00:59 +0000
Manifest this update:     Fri 31 Jan 2025 05:00:59 +0000
Manifest next update:     Sat 01 Feb 2025 05:00:59 +0000
Files and hashes:         1: frYDcECoYM2RunejcY7VgMrfXdg.crl (hash: 22VhGdkSBgtFnD9OPR4CpXq6Vm4K0u+dco1EkMNiri8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/bf9999-2341-4acf-84e9-b8866e941963/1/frYDcECoYM2RunejcY7VgMrfXdg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/bf9999-2341-4acf-84e9-b8866e941963/1/frYDcECoYM2RunejcY7VgMrfXdg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/frYDcECoYM2RunejcY7VgMrfXdg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 05:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:ba:bb:d4:2d:1b:af:e6:fb:d4:af:a2:c6:03:2c:27:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7eb6037040a860cd91ba77a3718ed580cadf5dd8
        Validity
            Not Before: Jan 31 05:00:59 2025 GMT
            Not After : Feb  1 05:00:59 2025 GMT
        Subject: CN=5c6ba54385449d602045a0621f51edab7952d50a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:cf:7b:39:5a:ae:9d:b8:2d:32:80:51:50:31:
                    83:4d:5e:8c:30:bd:68:2b:ef:dd:1d:72:8d:2b:b7:
                    de:7f:24:d0:eb:0e:2a:76:fe:a3:6c:2f:de:98:ab:
                    20:68:fd:e8:a9:62:6e:e9:0d:8a:20:06:20:5d:d2:
                    65:1d:27:83:98:82:45:72:55:e5:3f:8a:4c:7e:93:
                    81:f2:4f:f8:47:90:f4:c0:cf:5f:27:1f:59:53:c3:
                    dc:52:ee:9b:95:0d:0a:51:7c:d4:fb:5e:5d:fd:ba:
                    f2:d9:17:ae:22:38:0a:a2:77:23:3c:0b:bf:39:22:
                    3b:d5:d2:9d:75:52:da:31:82:49:16:14:2f:7d:ae:
                    50:91:71:7e:64:00:6e:28:da:c5:d5:b3:60:55:7a:
                    94:09:6e:90:80:5b:50:97:a0:24:0f:ca:62:6d:1b:
                    09:38:e9:ba:d4:d4:c5:3d:8d:c6:63:1e:08:34:ce:
                    15:d9:09:bd:4a:b3:59:e0:ef:b4:28:32:df:e4:14:
                    0f:61:78:ae:47:38:f1:e0:bd:40:70:b3:81:ad:21:
                    18:a6:ca:5c:c1:36:20:d2:4d:ca:de:a3:f5:42:e4:
                    ec:4b:ac:a2:63:35:03:14:64:11:e5:e7:ec:13:e5:
                    f3:ba:05:2c:3c:0a:19:0e:09:57:a4:3e:61:23:d1:
                    89:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:6B:A5:43:85:44:9D:60:20:45:A0:62:1F:51:ED:AB:79:52:D5:0A
            X509v3 Authority Key Identifier:
                keyid:7E:B6:03:70:40:A8:60:CD:91:BA:77:A3:71:8E:D5:80:CA:DF:5D:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/frYDcECoYM2RunejcY7VgMrfXdg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/bf9999-2341-4acf-84e9-b8866e941963/1/frYDcECoYM2RunejcY7VgMrfXdg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/bf9999-2341-4acf-84e9-b8866e941963/1/frYDcECoYM2RunejcY7VgMrfXdg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:1f:42:96:d6:9a:61:f9:5b:24:e3:4a:50:40:a6:2b:90:29:
         6e:a3:34:47:62:29:d9:80:df:06:8a:95:07:28:b0:9b:5f:04:
         9b:3f:94:fc:aa:96:d8:b2:62:dd:85:f4:1d:0b:b0:96:56:a6:
         c6:f1:b1:3d:c5:6f:e6:fa:2d:30:9e:27:a6:bd:d5:07:91:58:
         91:5e:19:f3:3f:4f:05:2d:a0:2e:d1:0c:87:40:ef:38:f2:e7:
         ce:49:5e:d7:33:4b:63:1c:19:8f:9a:34:9a:72:04:19:3e:e1:
         8b:f5:3d:52:d6:9a:63:b0:d4:c8:d3:2d:43:f2:be:34:c0:64:
         26:c4:3f:a8:23:fd:07:b7:07:2e:8f:1c:2c:d3:b7:26:65:2b:
         01:40:3f:94:ff:7f:e3:d5:99:14:f2:e2:a0:9f:f6:d5:63:b2:
         1b:b5:6b:a6:ac:a8:a7:85:a7:88:c2:39:a6:f3:e0:1f:c8:f8:
         f0:84:1e:47:5f:8d:17:2b:89:4f:ed:a4:25:3f:dd:e3:15:e8:
         df:5e:ff:dc:aa:c6:f0:96:64:5e:f4:77:12:82:1f:19:59:84:
         af:ca:62:32:e8:c0:1c:a2:68:09:3b:d5:4c:d1:c3:86:b1:88:
         3e:b0:e1:b9:5c:53:3c:ed:c7:7a:35:02:1e:06:57:58:60:f1:
         62:a0:bb:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS6u9QtG6/m+9SvosYDLCeoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlYjYwMzcwNDBhODYwY2Q5MWJhNzdhMzcxOGVkNTgwY2Fk
ZjVkZDgwHhcNMjUwMTMxMDUwMDU5WhcNMjUwMjAxMDUwMDU5WjAzMTEwLwYDVQQD
Eyg1YzZiYTU0Mzg1NDQ5ZDYwMjA0NWEwNjIxZjUxZWRhYjc5NTJkNTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6s97OVqunbgtMoBRUDGDTV6MML1o
K+/dHXKNK7fefyTQ6w4qdv6jbC/emKsgaP3oqWJu6Q2KIAYgXdJlHSeDmIJFclXl
P4pMfpOB8k/4R5D0wM9fJx9ZU8PcUu6blQ0KUXzU+15d/bry2ReuIjgKoncjPAu/
OSI71dKddVLaMYJJFhQvfa5QkXF+ZABuKNrF1bNgVXqUCW6QgFtQl6AkD8pibRsJ
OOm61NTFPY3GYx4INM4V2Qm9SrNZ4O+0KDLf5BQPYXiuRzjx4L1AcLOBrSEYpspc
wTYg0k3K3qP1QuTsS6yiYzUDFGQR5efsE+XzugUsPAoZDglXpD5hI9GJFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFxrpUOFRJ1gIEWgYh9R7at5UtUKMB8GA1UdIwQY
MBaAFH62A3BAqGDNkbp3o3GO1YDK313YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnJZRGNFQ29ZTTJSdW5lamNZN1ZnTXJmWGRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9iZjk5OTktMjM0MS00YWNmLTg0ZTkt
Yjg4NjZlOTQxOTYzLzEvZnJZRGNFQ29ZTTJSdW5lamNZN1ZnTXJmWGRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9iZjk5OTktMjM0MS00YWNmLTg0ZTktYjg4NjZlOTQxOTYz
LzEvZnJZRGNFQ29ZTTJSdW5lamNZN1ZnTXJmWGRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIB9Cltaa
YflbJONKUECmK5ApbqM0R2Ip2YDfBoqVByiwm18Emz+U/KqW2LJi3YX0HQuwllam
xvGxPcVv5votMJ4npr3VB5FYkV4Z8z9PBS2gLtEMh0DvOPLnzkle1zNLYxwZj5o0
mnIEGT7hi/U9UtaaY7DUyNMtQ/K+NMBkJsQ/qCP9B7cHLo8cLNO3JmUrAUA/lP9/
49WZFPLioJ/21WOyG7Vrpqyop4WniMI5pvPgH8j48IQeR1+NFyuJT+2kJT/d4xXo
317/3KrG8JZkXvR3EoIfGVmEr8piMujAHKJoCTvVTNHDhrGIPrDhuVxTPO3HejUC
HgZXWGDxYqC7Wg==
-----END CERTIFICATE-----