Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
File:                     2axioKJWftFz3CqtN25FXIW8trs.mft (raw, json)
Hash identifier:          fdruA0MLkmexQmKJCgvDKah914kVXV1BPosO4CgyEBY=
Subject key identifier:   DB:09:A7:C8:7B:11:01:3A:32:5F:02:53:94:A3:B2:60:D4:DC:9F:3A
Authority key identifier: D9:AC:62:A0:A2:56:7E:D1:73:DC:2A:AD:37:6E:45:5C:85:BC:B6:BB
Certificate issuer:       /CN=d9ac62a0a2567ed173dc2aad376e455c85bcb6bb
Certificate serial:       019406464F3CB6E03A0C84DB95F990C17BB0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
Manifest number:          13C8
Signing time:             Fri 27 Dec 2024 04:00:58 +0000
Manifest this update:     Fri 27 Dec 2024 04:00:58 +0000
Manifest next update:     Sat 28 Dec 2024 04:00:58 +0000
Files and hashes:         1: 2axioKJWftFz3CqtN25FXIW8trs.crl (hash: 32U0fKBh+rbpyhFugjGV83FofVcnF3wWKL30zBJbN3c=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 28 Dec 2024 04:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:06:46:4f:3c:b6:e0:3a:0c:84:db:95:f9:90:c1:7b:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9ac62a0a2567ed173dc2aad376e455c85bcb6bb
        Validity
            Not Before: Dec 27 04:00:58 2024 GMT
            Not After : Dec 28 04:00:58 2024 GMT
        Subject: CN=db09a7c87b11013a325f025394a3b260d4dc9f3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:91:f5:ae:6d:d1:a8:bf:dc:73:9e:6b:10:ef:
                    fd:ce:76:ab:d8:11:e7:6d:a1:cf:0a:17:6a:c0:e8:
                    d7:8f:6e:aa:fc:32:34:95:bf:23:53:18:f3:56:f8:
                    bd:e7:1f:55:1b:a7:c9:a9:bd:31:93:d7:a1:d4:27:
                    1f:52:73:2b:62:06:2b:fd:36:91:17:9b:0a:a2:2d:
                    a2:84:a9:98:fc:9c:a5:9d:bf:bf:11:3a:af:f7:29:
                    e7:a0:6d:01:a9:3c:c4:ff:89:6c:78:49:4d:92:bb:
                    83:3b:9c:4e:7a:24:57:35:ca:2b:ff:cf:0a:fb:18:
                    65:00:3e:4e:c4:f0:8c:5a:ca:97:d1:50:6b:03:63:
                    e6:6b:9e:90:e4:f8:13:e0:17:50:75:c8:5a:cc:4d:
                    d4:6e:6c:76:41:84:a2:6b:be:e9:87:df:8f:f2:77:
                    a6:7e:7e:8c:7f:ae:75:13:af:67:0e:4b:58:6b:3e:
                    d3:ed:5f:f5:bc:9c:5b:6f:db:9d:b4:12:b8:2b:94:
                    54:d9:9b:72:b4:a2:f0:f7:3e:14:a9:8f:1e:b4:e3:
                    50:04:10:c4:cc:12:84:a7:f4:fa:f6:37:3d:e4:49:
                    db:0f:2f:a8:bf:bc:ca:db:99:3e:4e:1c:5a:ba:2f:
                    1e:c8:68:ac:c8:05:20:7e:59:9f:f0:65:c4:83:d5:
                    48:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:09:A7:C8:7B:11:01:3A:32:5F:02:53:94:A3:B2:60:D4:DC:9F:3A
            X509v3 Authority Key Identifier:
                keyid:D9:AC:62:A0:A2:56:7E:D1:73:DC:2A:AD:37:6E:45:5C:85:BC:B6:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:a1:87:c6:bf:43:36:0d:2b:8f:48:5c:71:0c:79:ae:37:45:
         94:2d:6b:62:d5:fe:88:a2:24:22:b3:d3:99:c4:10:94:95:99:
         c9:20:78:71:ef:50:6c:24:b9:27:c7:b6:85:2c:f3:73:dd:0f:
         de:54:5c:47:b5:01:2d:01:4d:53:5c:90:33:bd:dc:4e:7b:bc:
         c7:b1:2c:9d:1b:4d:39:5f:ae:63:7d:b5:2e:23:2e:3b:f1:a6:
         84:51:b0:4f:0f:f1:5e:5a:54:14:f7:fe:12:0b:3b:74:ea:e1:
         93:62:45:f2:77:63:50:43:eb:33:51:a5:aa:27:84:09:18:59:
         de:ec:85:95:4d:1e:b5:9d:85:84:8a:b6:f7:d7:5d:ef:24:b4:
         83:25:86:bc:3d:73:b9:6a:76:08:3e:ab:dd:b0:a0:4d:29:5d:
         71:81:63:61:c4:4e:e0:15:df:40:fc:ea:c8:83:95:a0:74:c9:
         12:9a:ea:5c:78:3a:25:ec:24:29:5f:f3:d3:f0:c2:bd:1a:b4:
         0a:9d:f4:58:1d:27:bb:03:aa:95:a8:2c:d2:cd:ac:83:0d:d5:
         21:84:dd:99:e6:a7:62:e3:3b:0e:4c:7a:19:5f:51:9d:79:9d:
         85:43:f2:d9:3a:9e:94:48:5e:93:c5:82:56:a7:70:56:e8:1a:
         9b:40:9f:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQGRk88tuA6DITblfmQwXuwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YWM2MmEwYTI1NjdlZDE3M2RjMmFhZDM3NmU0NTVjODVi
Y2I2YmIwHhcNMjQxMjI3MDQwMDU4WhcNMjQxMjI4MDQwMDU4WjAzMTEwLwYDVQQD
EyhkYjA5YTdjODdiMTEwMTNhMzI1ZjAyNTM5NGEzYjI2MGQ0ZGM5ZjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJH1rm3RqL/cc55rEO/9znar2BHn
baHPChdqwOjXj26q/DI0lb8jUxjzVvi95x9VG6fJqb0xk9eh1CcfUnMrYgYr/TaR
F5sKoi2ihKmY/Jylnb+/ETqv9ynnoG0BqTzE/4lseElNkruDO5xOeiRXNcor/88K
+xhlAD5OxPCMWsqX0VBrA2Pma56Q5PgT4BdQdchazE3Ubmx2QYSia77ph9+P8nem
fn6Mf651E69nDktYaz7T7V/1vJxbb9udtBK4K5RU2ZtytKLw9z4UqY8etONQBBDE
zBKEp/T69jc95EnbDy+ov7zK25k+Thxaui8eyGisyAUgflmf8GXEg9VIlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNsJp8h7EQE6Ml8CU5SjsmDU3J86MB8GA1UdIwQY
MBaAFNmsYqCiVn7Rc9wqrTduRVyFvLa7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81Y2U4NmUtMjdkMi00OGMyLTg4YjUt
ZjE4MWI2ZTgwYTYyLzEvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81Y2U4NmUtMjdkMi00OGMyLTg4YjUtZjE4MWI2ZTgwYTYy
LzEvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPaGHxr9D
Ng0rj0hccQx5rjdFlC1rYtX+iKIkIrPTmcQQlJWZySB4ce9QbCS5J8e2hSzzc90P
3lRcR7UBLQFNU1yQM73cTnu8x7EsnRtNOV+uY321LiMuO/GmhFGwTw/xXlpUFPf+
Egs7dOrhk2JF8ndjUEPrM1GlqieECRhZ3uyFlU0etZ2FhIq299dd7yS0gyWGvD1z
uWp2CD6r3bCgTSldcYFjYcRO4BXfQPzqyIOVoHTJEprqXHg6JewkKV/z0/DCvRq0
Cp30WB0nuwOqlags0s2sgw3VIYTdmeanYuM7Dkx6GV9RnXmdhUPy2TqelEhek8WC
VqdwVugam0Cfww==
-----END CERTIFICATE-----