Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
File:                     352lG6cnhKBORBIPne1HhWd5TBs.mft (raw, json)
Hash identifier:          uZj7DOnD0klvM6+K9++axfT+XVRY+7HoHOSLYzqcVds=
Subject key identifier:   B6:A6:4A:FF:B7:82:CC:85:C0:29:E5:3D:70:DA:23:3F:BA:7A:30:22
Authority key identifier: DF:9D:A5:1B:A7:27:84:A0:4E:44:12:0F:9D:ED:47:85:67:79:4C:1B
Certificate issuer:       /CN=df9da51ba72784a04e44120f9ded478567794c1b
Certificate serial:       0194BB28F36344487DDCEBFF5CFD900899AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
Manifest number:          0812
Signing time:             Fri 31 Jan 2025 07:00:10 +0000
Manifest this update:     Fri 31 Jan 2025 07:00:10 +0000
Manifest next update:     Sat 01 Feb 2025 07:00:10 +0000
Files and hashes:         1: 352lG6cnhKBORBIPne1HhWd5TBs.crl (hash: 51FTrIGrB5fIbbEG/uv8nfQpS1yuEoRXwyvOyqb82P8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:bb:28:f3:63:44:48:7d:dc:eb:ff:5c:fd:90:08:99:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df9da51ba72784a04e44120f9ded478567794c1b
        Validity
            Not Before: Jan 31 07:00:10 2025 GMT
            Not After : Feb  1 07:00:10 2025 GMT
        Subject: CN=b6a64affb782cc85c029e53d70da233fba7a3022
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:08:06:94:38:3e:00:e9:d1:0a:49:14:8d:95:
                    ed:28:41:00:8f:27:bb:35:89:f9:84:60:33:4e:c3:
                    b3:e2:73:d2:78:16:de:7e:bd:53:9b:9c:b3:be:c8:
                    f7:29:81:43:93:60:45:d2:54:4a:ba:78:6f:93:26:
                    c9:b6:cd:83:4c:5c:7c:8f:6c:6e:81:fe:10:76:2f:
                    15:dd:3f:bb:e1:af:3b:53:24:dd:37:4b:bd:a4:ae:
                    1c:66:31:8c:60:38:72:37:0c:a8:ac:ef:7a:ea:15:
                    3f:d9:a3:fc:01:01:73:52:1d:67:cf:ea:bc:ee:ec:
                    47:64:00:04:53:bf:1e:f8:08:40:08:5a:0b:53:7d:
                    c5:ca:fa:67:f0:ce:20:2d:02:63:d3:4d:9a:35:8e:
                    d5:e7:d9:27:df:f9:24:7f:cc:75:4a:dd:53:f5:8f:
                    cb:07:6d:b9:22:2e:44:b9:9d:4d:2a:23:20:56:7f:
                    36:9f:0e:be:aa:31:77:1f:b7:fd:86:65:99:10:bd:
                    15:e3:49:13:cf:16:44:a0:d6:e5:f6:b3:31:d8:b0:
                    2d:19:cb:a3:bb:69:87:6f:82:e5:bd:9e:51:3f:93:
                    06:86:2f:71:15:fa:d7:33:7d:df:6e:6a:ae:23:ad:
                    58:1c:9b:12:a9:ae:b4:06:5d:b9:64:bf:1e:bb:58:
                    67:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:A6:4A:FF:B7:82:CC:85:C0:29:E5:3D:70:DA:23:3F:BA:7A:30:22
            X509v3 Authority Key Identifier:
                keyid:DF:9D:A5:1B:A7:27:84:A0:4E:44:12:0F:9D:ED:47:85:67:79:4C:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:8d:99:31:30:a6:a4:d6:64:c6:6c:64:a6:51:c4:9d:f6:ad:
         cc:6f:09:b8:4c:89:37:b0:01:7c:4c:d5:19:06:2c:68:3d:ef:
         84:7f:b6:ea:8b:7e:4d:55:22:ef:2a:f9:7e:f2:af:a9:07:49:
         8e:88:37:a6:f3:48:c5:1b:26:61:3b:09:cd:21:f5:db:c5:d5:
         c3:74:45:80:a5:f9:f1:c8:d7:ae:ab:ca:7b:05:a5:4d:b7:5e:
         e3:85:bb:63:1d:87:d5:66:bb:7f:35:5d:6c:8b:44:94:4f:9e:
         2c:d8:ef:8e:40:ef:d2:45:08:b6:54:d7:e0:d0:52:9e:e2:86:
         2d:73:b4:de:0d:dc:53:8b:08:8f:74:3f:ed:e1:dd:09:93:35:
         ed:82:a3:d0:c1:71:69:fc:bc:d9:78:4c:82:9f:73:d9:a8:03:
         25:f0:81:24:d7:85:f3:99:84:9f:a1:ac:9d:ea:5e:72:97:d8:
         47:80:e3:8b:38:6b:53:03:52:d1:05:8e:c9:37:c1:c8:67:9f:
         4d:d6:14:09:68:3d:76:76:45:bf:d9:4b:18:63:63:85:38:37:
         82:5c:5f:1a:ad:fd:d1:23:e7:20:2b:2a:97:ad:32:7b:c2:9d:
         7b:a7:d4:e0:6a:47:a3:b9:1f:5e:ac:2d:d9:db:e5:ac:a3:69:
         41:e9:03:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS7KPNjREh93Ov/XP2QCJmsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmOWRhNTFiYTcyNzg0YTA0ZTQ0MTIwZjlkZWQ0Nzg1Njc3
OTRjMWIwHhcNMjUwMTMxMDcwMDEwWhcNMjUwMjAxMDcwMDEwWjAzMTEwLwYDVQQD
EyhiNmE2NGFmZmI3ODJjYzg1YzAyOWU1M2Q3MGRhMjMzZmJhN2EzMDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQgGlDg+AOnRCkkUjZXtKEEAjye7
NYn5hGAzTsOz4nPSeBbefr1Tm5yzvsj3KYFDk2BF0lRKunhvkybJts2DTFx8j2xu
gf4Qdi8V3T+74a87UyTdN0u9pK4cZjGMYDhyNwyorO966hU/2aP8AQFzUh1nz+q8
7uxHZAAEU78e+AhACFoLU33Fyvpn8M4gLQJj002aNY7V59kn3/kkf8x1St1T9Y/L
B225Ii5EuZ1NKiMgVn82nw6+qjF3H7f9hmWZEL0V40kTzxZEoNbl9rMx2LAtGcuj
u2mHb4LlvZ5RP5MGhi9xFfrXM33fbmquI61YHJsSqa60Bl25ZL8eu1hnewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLamSv+3gsyFwCnlPXDaIz+6ejAiMB8GA1UdIwQY
MBaAFN+dpRunJ4SgTkQSD53tR4VneUwbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iZjhlY2EtYmNmOS00NTM2LTg4YmYt
YmM2OTc1NTYxMDc4LzEvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9iZjhlY2EtYmNmOS00NTM2LTg4YmYtYmM2OTc1NTYxMDc4
LzEvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEo2ZMTCm
pNZkxmxkplHEnfatzG8JuEyJN7ABfEzVGQYsaD3vhH+26ot+TVUi7yr5fvKvqQdJ
jog3pvNIxRsmYTsJzSH128XVw3RFgKX58cjXrqvKewWlTbde44W7Yx2H1Wa7fzVd
bItElE+eLNjvjkDv0kUItlTX4NBSnuKGLXO03g3cU4sIj3Q/7eHdCZM17YKj0MFx
afy82XhMgp9z2agDJfCBJNeF85mEn6GsnepecpfYR4DjizhrUwNS0QWOyTfByGef
TdYUCWg9dnZFv9lLGGNjhTg3glxfGq390SPnICsql60ye8Kde6fU4GpHo7kfXqwt
2dvlrKNpQekDWw==
-----END CERTIFICATE-----