Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/50f64d-2be9-4289-a48e-409bd4aa162b/1/BkAThp4LzSd4EEBTjflc-mfhFy4.mft
File:                     BkAThp4LzSd4EEBTjflc-mfhFy4.mft (raw, json)
Hash identifier:          QnWyeE3l4lalH/Pa4id+ULS8+nRfdS1jdQlnAzatN0w=
Subject key identifier:   20:36:2A:C6:D4:85:C9:A2:75:77:30:64:D6:1D:F8:85:73:78:50:F3
Authority key identifier: 06:40:13:86:9E:0B:CD:27:78:10:40:53:8D:F9:5C:FA:67:E1:17:2E
Certificate issuer:       /CN=064013869e0bcd27781040538df95cfa67e1172e
Certificate serial:       0194BABBBE3AF94863DCAAC35CE62DF906BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BkAThp4LzSd4EEBTjflc-mfhFy4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/50f64d-2be9-4289-a48e-409bd4aa162b/1/BkAThp4LzSd4EEBTjflc-mfhFy4.mft
Manifest number:          01B1
Signing time:             Fri 31 Jan 2025 05:00:53 +0000
Manifest this update:     Fri 31 Jan 2025 05:00:53 +0000
Manifest next update:     Sat 01 Feb 2025 05:00:53 +0000
Files and hashes:         1: BkAThp4LzSd4EEBTjflc-mfhFy4.crl (hash: mXFucPTdE/O6YUfnpojdxqsPnMEhTaGQ/zQm/ev3Ii8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/50f64d-2be9-4289-a48e-409bd4aa162b/1/BkAThp4LzSd4EEBTjflc-mfhFy4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/50f64d-2be9-4289-a48e-409bd4aa162b/1/BkAThp4LzSd4EEBTjflc-mfhFy4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BkAThp4LzSd4EEBTjflc-mfhFy4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 05:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:ba:bb:be:3a:f9:48:63:dc:aa:c3:5c:e6:2d:f9:06:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=064013869e0bcd27781040538df95cfa67e1172e
        Validity
            Not Before: Jan 31 05:00:53 2025 GMT
            Not After : Feb  1 05:00:53 2025 GMT
        Subject: CN=20362ac6d485c9a275773064d61df885737850f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:0c:32:3b:e1:bd:fe:bd:7b:a2:20:a8:b5:99:
                    db:ad:b3:cc:64:2d:18:4a:16:98:7d:a3:db:14:b1:
                    18:6b:95:67:66:1b:2b:9a:6c:c0:17:f1:1c:36:a9:
                    1a:30:98:07:ea:32:a1:a5:d9:be:82:39:60:78:86:
                    f0:85:f9:f4:5d:6d:78:a4:ea:e8:24:50:dd:e2:f2:
                    ab:bb:63:bd:8e:51:8c:b1:ca:5a:b9:97:0e:1f:26:
                    1b:0e:99:50:a6:7e:5e:76:b9:69:a3:7e:11:d9:bd:
                    85:92:ff:55:5c:b8:a8:8a:4d:95:35:f1:e1:be:96:
                    83:a3:7b:23:bd:9c:52:8d:3f:57:81:a9:1f:62:0b:
                    f6:67:44:0f:aa:de:e9:5b:47:0e:9b:8f:73:d3:3b:
                    e6:03:5a:29:ac:6b:fb:92:94:2a:b0:f0:a2:c1:ff:
                    5b:3d:69:bf:cb:e0:f7:61:06:4d:77:f2:9a:9b:f8:
                    61:d5:9d:cf:e7:b0:55:61:23:db:aa:ac:95:87:d9:
                    6b:1d:28:63:de:db:d0:72:68:0e:f7:8b:78:ea:71:
                    b3:b4:30:05:26:5f:a2:7a:9c:dd:22:59:52:61:bc:
                    b3:1a:f8:26:bb:49:21:c1:b9:00:de:ec:02:bc:e7:
                    32:6b:0f:0b:0f:0f:fb:46:05:e3:60:32:a7:94:ff:
                    c0:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:36:2A:C6:D4:85:C9:A2:75:77:30:64:D6:1D:F8:85:73:78:50:F3
            X509v3 Authority Key Identifier:
                keyid:06:40:13:86:9E:0B:CD:27:78:10:40:53:8D:F9:5C:FA:67:E1:17:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BkAThp4LzSd4EEBTjflc-mfhFy4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/50f64d-2be9-4289-a48e-409bd4aa162b/1/BkAThp4LzSd4EEBTjflc-mfhFy4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/50f64d-2be9-4289-a48e-409bd4aa162b/1/BkAThp4LzSd4EEBTjflc-mfhFy4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:a4:ba:09:9a:d8:d5:f4:12:59:6d:39:a0:ce:a1:03:00:16:
         20:d5:05:e3:6c:97:00:0a:44:76:d6:a0:1a:50:c0:64:ea:27:
         71:9e:3a:22:bc:c7:35:ce:80:ab:ca:4b:50:d5:db:9c:ad:fc:
         b2:57:4b:ae:35:72:7d:2a:ee:54:3a:a2:7a:06:65:f4:1d:e6:
         b5:7f:01:a7:e8:b3:cb:0d:5a:64:aa:bb:bb:85:42:c2:43:02:
         73:4e:ac:7e:f9:52:75:a9:84:c4:96:04:3c:57:ac:ea:50:f0:
         07:53:6c:ce:53:64:5e:6f:ff:f6:4e:de:52:a2:e8:5c:93:87:
         71:50:86:df:66:74:47:ed:65:a5:11:65:0f:6b:5d:da:67:1a:
         29:69:4f:ff:ea:0e:0c:bd:bf:58:13:2b:22:83:ad:59:3f:f5:
         21:11:7d:da:3f:c5:69:2b:0f:20:ec:78:45:d4:ab:9e:a8:c2:
         fc:a1:ed:cb:d3:e7:88:70:01:02:31:8e:3d:eb:92:89:9a:46:
         15:23:53:49:20:03:75:ee:b1:aa:2e:72:fe:a7:fb:40:b7:93:
         1f:56:8f:50:f2:09:da:3d:e3:26:c0:2b:d8:31:71:82:50:81:
         e4:a9:dc:e0:b2:8d:86:e0:03:ad:a0:c3:f0:76:9d:b6:61:c3:
         89:c9:8f:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS6u746+Uhj3KrDXOYt+Qa7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NDAxMzg2OWUwYmNkMjc3ODEwNDA1MzhkZjk1Y2ZhNjdl
MTE3MmUwHhcNMjUwMTMxMDUwMDUzWhcNMjUwMjAxMDUwMDUzWjAzMTEwLwYDVQQD
EygyMDM2MmFjNmQ0ODVjOWEyNzU3NzMwNjRkNjFkZjg4NTczNzg1MGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAwyO+G9/r17oiCotZnbrbPMZC0Y
ShaYfaPbFLEYa5VnZhsrmmzAF/EcNqkaMJgH6jKhpdm+gjlgeIbwhfn0XW14pOro
JFDd4vKru2O9jlGMscpauZcOHyYbDplQpn5edrlpo34R2b2Fkv9VXLioik2VNfHh
vpaDo3sjvZxSjT9XgakfYgv2Z0QPqt7pW0cOm49z0zvmA1oprGv7kpQqsPCiwf9b
PWm/y+D3YQZNd/Kam/hh1Z3P57BVYSPbqqyVh9lrHShj3tvQcmgO94t46nGztDAF
Jl+iepzdIllSYbyzGvgmu0khwbkA3uwCvOcyaw8LDw/7RgXjYDKnlP/AfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCA2KsbUhcmidXcwZNYd+IVzeFDzMB8GA1UdIwQY
MBaAFAZAE4aeC80neBBAU435XPpn4RcuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmtBVGhwNEx6U2Q0RUVCVGpmbGMtbWZoRnk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC81MGY2NGQtMmJlOS00Mjg5LWE0OGUt
NDA5YmQ0YWExNjJiLzEvQmtBVGhwNEx6U2Q0RUVCVGpmbGMtbWZoRnk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC81MGY2NGQtMmJlOS00Mjg5LWE0OGUtNDA5YmQ0YWExNjJi
LzEvQmtBVGhwNEx6U2Q0RUVCVGpmbGMtbWZoRnk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFKS6CZrY
1fQSWW05oM6hAwAWINUF42yXAApEdtagGlDAZOoncZ46IrzHNc6Aq8pLUNXbnK38
sldLrjVyfSruVDqiegZl9B3mtX8Bp+izyw1aZKq7u4VCwkMCc06sfvlSdamExJYE
PFes6lDwB1NszlNkXm//9k7eUqLoXJOHcVCG32Z0R+1lpRFlD2td2mcaKWlP/+oO
DL2/WBMrIoOtWT/1IRF92j/FaSsPIOx4RdSrnqjC/KHty9PniHABAjGOPeuSiZpG
FSNTSSADde6xqi5y/qf7QLeTH1aPUPIJ2j3jJsAr2DFxglCB5Knc4LKNhuADraDD
8HadtmHDicmP3w==
-----END CERTIFICATE-----