Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
File:                     3Rc4MRWBIorSh1OUS-i88hafq6k.mft (raw, json)
Hash identifier:          Rlkf+e92qCWB+AZ2sSHI24qleab1Xc8tbr2pZb7oMJA=
Subject key identifier:   E4:02:31:65:5A:5A:E5:CC:44:C5:1E:F5:E5:55:2B:2A:AC:FD:DF:8E
Authority key identifier: DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9
Certificate issuer:       /CN=dd1738311581228ad28753944be8bcf2169faba9
Certificate serial:       0193568AD8C7B39FB10878B74854FE3BC2AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
Manifest number:          0B12
Signing time:             Sat 23 Nov 2024 01:02:40 +0000
Manifest this update:     Sat 23 Nov 2024 01:02:40 +0000
Manifest next update:     Sun 24 Nov 2024 01:02:40 +0000
Files and hashes:         1: 3Rc4MRWBIorSh1OUS-i88hafq6k.crl (hash: PgJp06iovD8tXpC/AlqgtktzIDykZGPU6JLW6lMCl8w=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:02:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:8a:d8:c7:b3:9f:b1:08:78:b7:48:54:fe:3b:c2:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd1738311581228ad28753944be8bcf2169faba9
        Validity
            Not Before: Nov 23 01:02:40 2024 GMT
            Not After : Nov 24 01:02:40 2024 GMT
        Subject: CN=e40231655a5ae5cc44c51ef5e5552b2aacfddf8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:98:52:92:15:39:1e:ae:79:76:e3:74:39:75:
                    85:af:b8:f7:3a:71:1e:13:d2:d9:1f:22:af:ab:fb:
                    5a:a3:f3:6c:b5:84:1a:dd:f9:c4:d1:b8:e6:3c:8a:
                    0e:81:d4:48:b5:e3:e2:9d:e9:17:2e:f5:3a:1d:8a:
                    43:32:ce:19:1a:45:ab:15:66:f4:51:a0:77:a9:69:
                    44:1d:9e:d7:c9:a0:d9:7c:ed:5d:8c:4b:4a:4e:5c:
                    8f:f6:9c:87:07:7a:70:d8:c2:8e:1c:37:f0:e6:d0:
                    f5:59:d1:08:05:58:6c:ab:27:56:80:ee:c5:5c:04:
                    79:a0:f8:03:81:b3:ec:57:36:49:04:d5:d5:f3:ad:
                    f8:81:69:c2:8f:aa:ff:e5:88:06:6c:07:3d:b1:a2:
                    05:da:9b:55:b4:67:6b:c9:4b:99:32:ef:e2:1d:ba:
                    32:97:94:19:a2:39:cb:4b:87:75:45:46:d0:9b:ee:
                    66:4b:34:f1:fa:9d:ae:6a:32:f9:99:6c:db:f8:45:
                    f5:a7:95:e4:11:78:87:94:5a:7c:c3:73:3c:7c:01:
                    11:fc:e3:b2:03:7c:90:03:c6:5f:23:5e:a4:10:a3:
                    60:4d:82:43:7d:08:32:db:c1:b5:12:f7:d3:55:8c:
                    7c:0a:e8:c4:03:92:89:10:ed:86:f9:1f:8e:7b:2d:
                    28:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:02:31:65:5A:5A:E5:CC:44:C5:1E:F5:E5:55:2B:2A:AC:FD:DF:8E
            X509v3 Authority Key Identifier:
                keyid:DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:f6:f0:25:31:88:41:9e:13:79:f1:b8:f1:75:c1:e9:0f:f9:
         5d:43:7d:19:13:1e:64:c1:7c:51:45:39:5c:de:aa:8c:18:90:
         e7:40:c5:09:c1:0f:f1:14:bf:93:1e:d4:30:db:35:31:97:e9:
         2b:73:3b:10:cc:e5:37:05:22:54:95:3b:6c:9e:92:0f:fe:0b:
         16:2b:45:8f:6d:4a:c5:11:a0:64:f1:ed:81:78:3f:56:a4:e0:
         60:55:d5:29:3e:6d:ed:73:30:dd:db:f1:bc:b9:37:11:4d:24:
         21:4d:01:63:f4:37:4f:1f:45:5e:c1:b9:3c:d9:9f:86:d7:ba:
         f2:02:eb:4e:98:e0:af:23:ae:23:fa:3b:0d:43:87:01:f3:c5:
         d8:6e:54:c6:d8:12:3f:c7:0b:7b:52:9e:e2:21:ff:61:b7:19:
         19:0d:f8:60:ec:a8:51:f2:b9:2c:e3:ab:8f:85:b7:95:7e:04:
         d5:83:14:85:e5:fa:d1:12:2e:9b:da:91:7a:5a:c2:a9:19:c9:
         fa:bf:53:84:d7:17:58:b0:12:5d:a4:8d:b1:76:a8:e2:a3:18:
         28:3a:71:ec:a5:42:4a:5a:90:88:28:41:c0:fa:d7:66:a7:a8:
         26:2c:75:14:cf:d7:fb:2d:a2:83:38:ee:9c:61:ed:01:dc:96:
         77:95:c7:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWitjHs5+xCHi3SFT+O8KqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMTczODMxMTU4MTIyOGFkMjg3NTM5NDRiZThiY2YyMTY5
ZmFiYTkwHhcNMjQxMTIzMDEwMjQwWhcNMjQxMTI0MDEwMjQwWjAzMTEwLwYDVQQD
EyhlNDAyMzE2NTVhNWFlNWNjNDRjNTFlZjVlNTU1MmIyYWFjZmRkZjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZhSkhU5Hq55duN0OXWFr7j3OnEe
E9LZHyKvq/tao/NstYQa3fnE0bjmPIoOgdRItePinekXLvU6HYpDMs4ZGkWrFWb0
UaB3qWlEHZ7XyaDZfO1djEtKTlyP9pyHB3pw2MKOHDfw5tD1WdEIBVhsqydWgO7F
XAR5oPgDgbPsVzZJBNXV8634gWnCj6r/5YgGbAc9saIF2ptVtGdryUuZMu/iHboy
l5QZojnLS4d1RUbQm+5mSzTx+p2uajL5mWzb+EX1p5XkEXiHlFp8w3M8fAER/OOy
A3yQA8ZfI16kEKNgTYJDfQgy28G1EvfTVYx8CujEA5KJEO2G+R+Oey0ogwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOQCMWVaWuXMRMUe9eVVKyqs/d+OMB8GA1UdIwQY
MBaAFN0XODEVgSKK0odTlEvovPIWn6upMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWIt
YmViZmEyZmNhNDZmLzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWItYmViZmEyZmNhNDZm
LzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFvbwJTGI
QZ4TefG48XXB6Q/5XUN9GRMeZMF8UUU5XN6qjBiQ50DFCcEP8RS/kx7UMNs1MZfp
K3M7EMzlNwUiVJU7bJ6SD/4LFitFj21KxRGgZPHtgXg/VqTgYFXVKT5t7XMw3dvx
vLk3EU0kIU0BY/Q3Tx9FXsG5PNmfhte68gLrTpjgryOuI/o7DUOHAfPF2G5UxtgS
P8cLe1Ke4iH/YbcZGQ34YOyoUfK5LOOrj4W3lX4E1YMUheX60RIum9qRelrCqRnJ
+r9ThNcXWLASXaSNsXao4qMYKDpx7KVCSlqQiChBwPrXZqeoJix1FM/X+y2igzju
nGHtAdyWd5XHow==
-----END CERTIFICATE-----