Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
File:                     KY2bT7TP4nih65-iA1oInEwlaFg.mft (raw, json)
Hash identifier:          GxcVXG6i+3ZdxSwv9qIJiCX2kQTPBmAvHIUqWcL4LKc=
Subject key identifier:   5C:5C:66:13:E7:4B:A4:A5:E0:39:28:91:C2:91:B4:0D:A3:5A:B0:6E
Authority key identifier: 29:8D:9B:4F:B4:CF:E2:78:A1:EB:9F:A2:03:5A:08:9C:4C:25:68:58
Certificate issuer:       /CN=298d9b4fb4cfe278a1eb9fa2035a089c4c256858
Certificate serial:       0194BB28F1BDA231F23D85D5295805469C3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
Manifest number:          09AF
Signing time:             Fri 31 Jan 2025 07:00:10 +0000
Manifest this update:     Fri 31 Jan 2025 07:00:10 +0000
Manifest next update:     Sat 01 Feb 2025 07:00:10 +0000
Files and hashes:         1: KY2bT7TP4nih65-iA1oInEwlaFg.crl (hash: NHWTKhSZFt601QB6tG2EXV067oldMh+h+vZTUlB3VMw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:bb:28:f1:bd:a2:31:f2:3d:85:d5:29:58:05:46:9c:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=298d9b4fb4cfe278a1eb9fa2035a089c4c256858
        Validity
            Not Before: Jan 31 07:00:10 2025 GMT
            Not After : Feb  1 07:00:10 2025 GMT
        Subject: CN=5c5c6613e74ba4a5e0392891c291b40da35ab06e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:e3:12:56:8f:d3:52:70:67:cc:dc:ba:ff:9c:
                    b9:ac:bf:d4:7f:53:c4:92:5f:c7:17:1d:ad:44:e8:
                    ac:61:4f:9f:db:9f:69:10:dd:ee:17:f1:44:24:fd:
                    50:68:f7:e3:85:d3:7e:e7:92:ca:58:3d:fc:e0:a3:
                    c8:dd:09:cd:c5:71:7c:3f:1e:92:ae:37:69:af:16:
                    82:b9:1f:d5:70:66:42:b7:f1:3d:2b:85:bf:b1:29:
                    82:e1:c0:ee:a8:4d:e9:40:ab:14:5d:77:95:ca:26:
                    91:d6:c2:26:75:4e:19:dd:af:93:3b:cc:8b:2c:4c:
                    41:df:1d:39:36:6d:8f:12:2a:02:75:73:b5:9d:c2:
                    22:da:0d:79:2a:12:18:d3:8b:3e:6b:db:3c:e3:63:
                    7b:f9:75:75:6d:c7:6b:2e:9b:ee:20:8a:18:5c:4e:
                    47:27:08:d8:58:da:b2:ad:d9:27:a2:be:63:a1:d4:
                    4d:d9:43:ea:f9:f5:65:b7:0f:bb:fc:64:9f:33:76:
                    55:29:da:12:00:6e:02:74:1a:87:58:3e:0c:7d:6a:
                    09:1a:a2:3f:60:7c:50:0b:3d:d6:0c:11:79:f7:c3:
                    0f:5f:0a:ec:38:a3:2c:e7:34:ec:21:6d:b0:01:af:
                    ae:3c:59:53:9f:30:4d:e9:e8:a2:13:f8:c9:d2:a6:
                    91:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:5C:66:13:E7:4B:A4:A5:E0:39:28:91:C2:91:B4:0D:A3:5A:B0:6E
            X509v3 Authority Key Identifier:
                keyid:29:8D:9B:4F:B4:CF:E2:78:A1:EB:9F:A2:03:5A:08:9C:4C:25:68:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:1e:8b:8c:07:47:38:7e:6f:0d:d4:3f:05:8f:d6:73:71:21:
         20:1e:52:ce:07:43:16:74:83:9b:48:da:e2:a3:d3:53:c4:4f:
         be:57:1e:50:f4:ad:c8:5e:fb:d4:25:ea:1d:07:40:57:d9:24:
         dd:fd:d3:af:8d:bc:00:6f:60:f4:44:29:4f:a8:cd:cd:7c:cb:
         dd:9e:a9:7a:bd:09:80:4d:17:4f:60:d4:47:84:c4:23:8d:bc:
         8c:0f:38:d0:fa:83:05:a9:f7:db:4c:39:d8:25:a3:eb:66:47:
         7f:ce:48:de:ec:4f:ce:d6:48:10:f8:ec:84:32:a8:bc:99:d1:
         83:ee:22:a3:21:f7:08:6f:18:44:30:3f:85:7e:0b:66:b0:47:
         ef:67:d9:d8:cb:da:8b:9c:07:ed:7a:e5:c5:f5:cb:32:6c:0e:
         ac:87:3a:b9:3f:7a:37:a3:fa:68:6f:fe:06:82:7e:ed:11:28:
         59:e8:20:04:2c:b9:e0:c3:8f:fd:8b:87:a7:68:69:a8:bd:98:
         3a:46:38:68:94:a1:9c:b8:ac:e8:c9:ff:87:49:05:06:4d:a2:
         9b:e3:05:c7:09:41:60:1f:0c:35:cc:9a:1e:0f:9e:ed:76:b4:
         c2:94:fe:d0:85:2f:42:c6:d6:03:9d:4d:c9:4b:00:6c:aa:79:
         f4:41:d6:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS7KPG9ojHyPYXVKVgFRpw7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OGQ5YjRmYjRjZmUyNzhhMWViOWZhMjAzNWEwODljNGMy
NTY4NTgwHhcNMjUwMTMxMDcwMDEwWhcNMjUwMjAxMDcwMDEwWjAzMTEwLwYDVQQD
Eyg1YzVjNjYxM2U3NGJhNGE1ZTAzOTI4OTFjMjkxYjQwZGEzNWFiMDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApeMSVo/TUnBnzNy6/5y5rL/Uf1PE
kl/HFx2tROisYU+f259pEN3uF/FEJP1QaPfjhdN+55LKWD384KPI3QnNxXF8Px6S
rjdprxaCuR/VcGZCt/E9K4W/sSmC4cDuqE3pQKsUXXeVyiaR1sImdU4Z3a+TO8yL
LExB3x05Nm2PEioCdXO1ncIi2g15KhIY04s+a9s842N7+XV1bcdrLpvuIIoYXE5H
JwjYWNqyrdknor5jodRN2UPq+fVltw+7/GSfM3ZVKdoSAG4CdBqHWD4MfWoJGqI/
YHxQCz3WDBF598MPXwrsOKMs5zTsIW2wAa+uPFlTnzBN6eiiE/jJ0qaRFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFxcZhPnS6Sl4DkokcKRtA2jWrBuMB8GA1UdIwQY
MBaAFCmNm0+0z+J4oeufogNaCJxMJWhYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83Mzc3MDMtYzhjMS00NjgyLWJiMDIt
ZDgwMGJkZDY4NmUzLzEvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83Mzc3MDMtYzhjMS00NjgyLWJiMDItZDgwMGJkZDY4NmUz
LzEvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOR6LjAdH
OH5vDdQ/BY/Wc3EhIB5SzgdDFnSDm0ja4qPTU8RPvlceUPStyF771CXqHQdAV9kk
3f3Tr428AG9g9EQpT6jNzXzL3Z6per0JgE0XT2DUR4TEI428jA840PqDBan320w5
2CWj62ZHf85I3uxPztZIEPjshDKovJnRg+4ioyH3CG8YRDA/hX4LZrBH72fZ2Mva
i5wH7XrlxfXLMmwOrIc6uT96N6P6aG/+BoJ+7REoWeggBCy54MOP/YuHp2hpqL2Y
OkY4aJShnLis6Mn/h0kFBk2im+MFxwlBYB8MNcyaHg+e7Xa0wpT+0IUvQsbWA51N
yUsAbKp59EHWbQ==
-----END CERTIFICATE-----