Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft
File:                     yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft (raw, json)
Hash identifier:          Z/HyPtaw8n14i+8RgOQHE4beVXE7lOqS0GN0vgAeP+k=
Subject key identifier:   BF:1B:42:4E:03:41:8C:86:C4:B4:BF:B8:3D:10:F0:F0:80:5B:8F:6E
Authority key identifier: CA:1A:1A:62:C8:0B:0F:33:34:C5:DC:18:DC:64:B7:BF:97:88:90:13
Certificate issuer:       /CN=ca1a1a62c80b0f3334c5dc18dc64b7bf97889013
Certificate serial:       01935764FF5572F4E03CAD94E4A0823DDE3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yhoaYsgLDzM0xdwY3GS3v5eIkBM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft
Manifest number:          0689
Signing time:             Sat 23 Nov 2024 05:00:56 +0000
Manifest this update:     Sat 23 Nov 2024 05:00:56 +0000
Manifest next update:     Sun 24 Nov 2024 05:00:56 +0000
Files and hashes:         1: yhoaYsgLDzM0xdwY3GS3v5eIkBM.crl (hash: m/MW1Lo/F2VBsYWUVf5zr4AS/3g4sHFU6sBA7ZDfs/U=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yhoaYsgLDzM0xdwY3GS3v5eIkBM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:64:ff:55:72:f4:e0:3c:ad:94:e4:a0:82:3d:de:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca1a1a62c80b0f3334c5dc18dc64b7bf97889013
        Validity
            Not Before: Nov 23 05:00:56 2024 GMT
            Not After : Nov 24 05:00:56 2024 GMT
        Subject: CN=bf1b424e03418c86c4b4bfb83d10f0f0805b8f6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:f3:e1:17:1e:3e:14:0f:ad:a8:30:8c:f3:1b:
                    35:3f:37:8e:11:87:4d:a4:db:9a:bc:b1:85:7a:ce:
                    e6:4c:09:9e:d9:ba:87:5c:50:29:f5:de:6c:e6:d8:
                    0b:ff:1d:74:db:bd:b9:56:1f:53:75:e6:71:f3:5f:
                    f0:af:e7:07:48:f7:fc:ea:f6:e1:2a:1b:ae:0c:d5:
                    ba:9a:1e:60:1d:eb:9c:97:8b:a4:64:9b:b4:03:30:
                    78:10:06:db:fb:57:78:d6:a6:24:fe:80:f9:f9:aa:
                    7d:53:8c:94:3b:1f:0a:28:8b:08:67:61:36:76:54:
                    ff:3e:60:f5:5f:fa:75:20:33:2d:b2:dd:56:21:2f:
                    f3:9b:0f:51:24:2f:8b:38:2a:1a:ea:79:9f:6d:9f:
                    74:9b:c9:90:66:30:97:a3:20:28:8e:38:57:0c:75:
                    3a:c2:89:37:60:99:ee:08:b6:d7:c0:bb:65:b2:84:
                    09:a3:d1:ba:cf:ab:05:3d:9a:96:33:5a:21:33:92:
                    c5:d5:67:7a:7e:cc:49:c2:0e:6e:01:99:71:c1:ee:
                    8f:46:e8:cf:71:ae:0d:13:ad:fa:4e:71:5d:f4:e7:
                    f6:29:36:05:d0:45:36:bf:4c:01:14:95:7d:66:40:
                    e0:03:1c:e3:f4:82:9b:88:e4:68:a5:2b:9f:12:37:
                    86:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:1B:42:4E:03:41:8C:86:C4:B4:BF:B8:3D:10:F0:F0:80:5B:8F:6E
            X509v3 Authority Key Identifier:
                keyid:CA:1A:1A:62:C8:0B:0F:33:34:C5:DC:18:DC:64:B7:BF:97:88:90:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yhoaYsgLDzM0xdwY3GS3v5eIkBM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:0a:0d:72:f3:b9:7b:45:9f:1a:cf:c3:fd:b4:61:9c:2d:8a:
         ce:01:87:75:88:a8:5c:54:1f:14:ce:bb:3a:7e:00:ee:6a:9f:
         61:e6:d1:76:da:3b:76:f1:c2:f7:da:46:14:ba:a0:0d:98:c9:
         dc:ec:dc:e8:0d:f5:26:75:75:4e:22:b6:3c:e0:3b:af:00:7d:
         36:d0:06:8d:0a:48:e3:a9:e4:40:ab:a2:48:01:15:f5:d9:03:
         95:43:30:a2:f2:7e:60:78:65:7f:67:ed:90:df:14:8e:42:43:
         d3:fa:52:e4:bb:04:c4:bc:83:c1:f8:49:1b:df:66:da:bc:81:
         a4:c7:e4:f7:7f:ea:42:1a:41:8a:53:41:7c:8b:fd:8d:8e:4a:
         1f:5d:9c:0a:b9:9b:5d:04:1a:9e:eb:a9:18:fc:19:1b:1d:44:
         aa:5f:82:6a:87:84:f6:f2:54:c7:e8:d2:38:75:dc:7e:ee:9c:
         d5:3f:d5:2b:1f:41:db:97:1a:8b:d8:d8:58:73:4f:33:48:e1:
         ae:95:b5:d9:1b:f7:78:60:db:80:46:4c:d2:c2:5c:6f:ba:93:
         9d:60:9a:67:6f:c1:f9:9c:b5:0a:d5:8a:39:30:2f:b0:e6:aa:
         80:fd:63:a5:a0:18:fa:7d:4e:b5:56:42:5f:36:c4:61:bb:15:
         bd:de:95:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXZP9VcvTgPK2U5KCCPd4+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMWExYTYyYzgwYjBmMzMzNGM1ZGMxOGRjNjRiN2JmOTc4
ODkwMTMwHhcNMjQxMTIzMDUwMDU2WhcNMjQxMTI0MDUwMDU2WjAzMTEwLwYDVQQD
EyhiZjFiNDI0ZTAzNDE4Yzg2YzRiNGJmYjgzZDEwZjBmMDgwNWI4ZjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvPhFx4+FA+tqDCM8xs1PzeOEYdN
pNuavLGFes7mTAme2bqHXFAp9d5s5tgL/x102725Vh9TdeZx81/wr+cHSPf86vbh
KhuuDNW6mh5gHeucl4ukZJu0AzB4EAbb+1d41qYk/oD5+ap9U4yUOx8KKIsIZ2E2
dlT/PmD1X/p1IDMtst1WIS/zmw9RJC+LOCoa6nmfbZ90m8mQZjCXoyAojjhXDHU6
wok3YJnuCLbXwLtlsoQJo9G6z6sFPZqWM1ohM5LF1Wd6fsxJwg5uAZlxwe6PRujP
ca4NE636TnFd9Of2KTYF0EU2v0wBFJV9ZkDgAxzj9IKbiORopSufEjeGWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL8bQk4DQYyGxLS/uD0Q8PCAW49uMB8GA1UdIwQY
MBaAFMoaGmLICw8zNMXcGNxkt7+XiJATMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWhvYVlzZ0xEek0weGR3WTNHUzN2NWVJa0JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wZGRiZGMtNWUyMi00OTQ1LWJkY2Qt
YTA5ODU0YWI2NWEyLzEveWhvYVlzZ0xEek0weGR3WTNHUzN2NWVJa0JNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wZGRiZGMtNWUyMi00OTQ1LWJkY2QtYTA5ODU0YWI2NWEy
LzEveWhvYVlzZ0xEek0weGR3WTNHUzN2NWVJa0JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHQoNcvO5
e0WfGs/D/bRhnC2KzgGHdYioXFQfFM67On4A7mqfYebRdto7dvHC99pGFLqgDZjJ
3Ozc6A31JnV1TiK2POA7rwB9NtAGjQpI46nkQKuiSAEV9dkDlUMwovJ+YHhlf2ft
kN8UjkJD0/pS5LsExLyDwfhJG99m2ryBpMfk93/qQhpBilNBfIv9jY5KH12cCrmb
XQQanuupGPwZGx1Eql+CaoeE9vJUx+jSOHXcfu6c1T/VKx9B25cai9jYWHNPM0jh
rpW12Rv3eGDbgEZM0sJcb7qTnWCaZ2/B+Zy1CtWKOTAvsOaqgP1jpaAY+n1OtVZC
XzbEYbsVvd6Vag==
-----END CERTIFICATE-----